disassembly | 易学教程

What does @plt mean here?

阅读更多关于 What does @plt mean here?

0x00000000004004b6 <main+30>: callq 0x400398 <printf@plt> Anyone knows? UPDATE Why two disas printf give me different result? (gdb) disas printf Dump of assembler code for function printf@plt: 0x0000000000400398 <printf@plt+0>: jmpq *0x2004c2(%rip) # 0x600860 <_GLOBAL_OFFSET_TABLE_+24> 0x000000000040039e <printf@plt+6>: pushq $0x0 0x00000000004003a3 <printf@plt+11>: jmpq 0x400388 (gdb) disas printf Dump of assembler code for function printf: 0x00000037aa44d360 <printf+0>: sub $0xd8,%rsp 0x00000037aa44d367 <printf+7>: mov %rdx,0x30(%rsp) 0x00000037aa44d36c <printf+12>: movzbl %al,%edx

Determine source language from a binary?

阅读更多关于 Determine source language from a binary?

问题 I responded to another question about developing for the iPhone in non-Objective-C languages, and I made the assertion that using, say, C# to write for the iPhone would strike an Apple reviewer wrong. I was speaking largely about UI elements differing between the ObjC and C# libraries in question, but a commenter made an interesting point, leading me to this question: Is it possible to determine the language a program is written in, solely from its binary? If there are such methods, what are

How can I understand a .pyc file content

阅读更多关于 How can I understand a .pyc file content

问题 I have a .pyc file. I need to understand the content of that file to know how the disassembler works of python, i.e. how can I generate a output like dis.dis(function) from .pyc file content. for e.g. >>> def sqr(x): ... return x*x ... >>> import dis >>> dis.dis(sqr) 2 0 LOAD_FAST 0 (x) 3 LOAD_FAST 0 (x) 6 BINARY_MULTIPLY 7 RETURN_VALUE I need to get a output like this using the .pyc file. 回答1: .pyc files contain some metadata and a marshaled code object; to load the code object and

How to disassemble a memory range with GDB?

阅读更多关于 How to disassemble a memory range with GDB?

问题 I'm trying to disassemble a program to see a syscall assembly instruction (the INT instruction, I believe) and the handler with GDB and have written a little program (see below) for it that opens and closes a file. I was able to follow the call to fopen with GDB until it executed a call. When I tried to tell GDB "disassemble 0x...." (address of call) it responded with 'No function contains specified address.' Is it possible to force GDB to disassemble (or display it in assembler as good as

How to disassemble one single function using objdump?

阅读更多关于 How to disassemble one single function using objdump?

问题 I've got a binary installed on my system, and would like to look at the disassembly of a given function. Preferrably using objdump , but other solutions would be acceptable as well. From this questions I've learned that I might be able to disassemble part of the code if I only know the boundary addresses. From this answer I've learned how to turn my split debug symbols back into a single file. But even operating on that single file, and even disassembling all the code (i.e. without start or

Get size of assembly instructions

阅读更多关于 Get size of assembly instructions

问题 I need to read instructions one-by-one from a small code segment in memory and I have to find out the size of the instructions which I have in memory. The following is just a example of raw disassembled code to explain my problem: (gdb) disas /r 0x400281,+8 Dump of assembler code from 0x400281 to 0x400289: 0x0000000000400281: 48 89 c7 movq %rax, %rdi 0x0000000000400284: b0 00 movb $0, %al 0x0000000000400286: e8 f2 48 00 00 callq 0x10001f30a End of assembler dump. I know the memory address of

What is the meaning of “static synthetic”?

阅读更多关于 What is the meaning of “static synthetic”?

问题 I am looking at some disassembled code obtained from Java bytecode. I see some declaration as follows: .method static synthetic access$0()Lcom/package/Sample; I am not able to figure out what the synthetic or access$0 mean. Can someone please help me understand this part? 回答1: Synthetic field, (2) A compiler-created field that links a local inner class to a block's local variable or reference type parameter. See also The JavaTM Virtual Machine Specification (§4.7.6) or Synthetic Class in Java

Modify Emdeded String in C# compiled exe

阅读更多关于 Modify Emdeded String in C# compiled exe

问题 I have an issue where I need to be able to have a compiled exe ( .net 3.5 c# ) that I will make copies of to distribute that will need to change a key for example before the exe is sent out. I cannot compile each time a new exe is needed. This is a thin client that will be used as part of a registration process. Is it possible to add a entry to a resource file with a blank value then when a request comes in have another application grab the blank default thin client, copy it, populate the

Linux Mach-O Disassembler

阅读更多关于 Linux Mach-O Disassembler

问题 Are there any Linux programs that can disassemble an OSX universal x86/x86_64 fat Mach-O binary like objdump? GNU binutils' objdump supports ELF and Windows PE files but not Mach-O. 回答1: AFAIK, the native Darwin binary tools are part of the cctools package. They don't have the same command line syntax or output as the GNU binutils. Later binutils (i.e., 2.22) supports the Mach-O format however. You can get these prebuilt, with the ' g ' prefix to the tool names, as mentioned here.

How to decompile an APK or DEX file on Android platform? [closed]

阅读更多关于 How to decompile an APK or DEX file on Android platform? [closed]

问题 Closed. This question is off-topic. It is not currently accepting answers. Want to improve this question? Update the question so it's on-topic for Stack Overflow. Closed 4 years ago . Is it possible to decompile an APK or DEX file file on Android platform? Are there any tools that can decompile an APK file? 回答1: You need Three Tools to decompile an APK file. Dex2jar - Tools to work with android .dex and java .class files ApkTool - A tool for reverse engineering Android apk files JD-GUI - Java