Find out what functions a static C library has
On Windows you can use dumpbin. On Linux and friends you can use nm.
On Windows you can use dumpbin. On Linux and friends you can use nm.
Recent GAS in binutils has a .nops N pseudo-instruction that expands to the requested number of bytes for the target: .nops size[, control]
Both the FS and GS registers can be used as base-pointer addresses in order to access special operating system data-structures. So what you’re seeing is a value loaded at an offset from the value held in the FS register, and not bit manipulation of the contents of the FS register. Specifically what’s taking place, is … Read more
I found the solution to my own question on a different forum. It looks something like this: objdump -b binary –adjust-vma=0xabcd1000 -D file.bin I’ve tested this and it works.
You might want to try Hopper Disassembler, osxdbg, Machoview, otx (otool GUI) and Affinic Debugger GUI.
The compiler is even smarter than that. 🙂 In fact, it realizes that you aren’t using the result of the loop. So it took out the entire loop completely! This is called Dead Code Elimination. A better test is to print the result: #include <stdio.h> int main(void) { int i; int count = 0; for(i … Read more
I don’t think there is any reliable way to do this. Machine code formats are very complicated, more complicated than assembly files. It isn’t really possible to take a compiled binary (say, in ELF format) and produce a source assembly program which will compile to the same (or similar-enough) binary. To gain an understanding of … Read more
Yeah, disassemble is not the best command to use here. The command you want is “x/i” (examine as instructions): (gdb) x/i 0xdeadbeef
Take a look at section 17.2 of the 80386 Programmer’s Reference Manual. A disassembler is really just a glorified finite-state machine. The steps in disassembly are: Check if the current byte is an instruction prefix byte (F3, F2, or F0); if so, then you’ve got a REP/REPE/REPNE/LOCK prefix. Advance to the next byte. Check to … Read more
It’s a way to get code fix-ups (adjusting addresses based on where code sits in virtual memory, which may be different across different processes) without having to maintain a separate copy of the code for each process. The PLT, or procedure linkage table, is one of the structures which makes dynamic loading and linking easier … Read more