Skip to main content

c disassembly linux

 filename::text.c
 
#include<stdio.h>
int main(){
printf("hello world");
}

 

>> gcc test.c -o test && test
hello world
[Done] exited with code=0 in 0.044 seconds

 

decompile this test binary:

objdump  -d test
 
test: file format elf64-x86-64


Disassembly of section .init:

0000000000001000 <_init>:
1000: f3 0f 1e fa endbr64
1004: 48 83 ec 08 sub $0x8,%rsp
1008: 48 8b 05 d9 2f 00 00 mov 0x2fd9(%rip),%rax # 3fe8 <__gmon_start__>
100f: 48 85 c0 test %rax,%rax
1012: 74 02 je 1016 <_init+0x16>
1014: ff d0 call *%rax
1016: 48 83 c4 08 add $0x8,%rsp
101a: c3 ret

Disassembly of section .plt:

0000000000001020 <[email protected]>:
1020: ff 35 e2 2f 00 00 push 0x2fe2(%rip) # 4008 <_GLOBAL_OFFSET_TABLE_+0x8>
1026: ff 25 e4 2f 00 00 jmp *0x2fe4(%rip) # 4010 <_GLOBAL_OFFSET_TABLE_+0x10>
102c: 0f 1f 40 00 nopl 0x0(%rax)

0000000000001030 <[email protected]>:
1030: ff 25 e2 2f 00 00 jmp *0x2fe2(%rip) # 4018 <[email protected]_2.2.5>
1036: 68 00 00 00 00 push $0x0
103b: e9 e0 ff ff ff jmp 1020 <_init+0x20>

Disassembly of section .text:

0000000000001040 <_start>:
1040: f3 0f 1e fa endbr64
1044: 31 ed xor %ebp,%ebp
1046: 49 89 d1 mov %rdx,%r9
1049: 5e pop %rsi
104a: 48 89 e2 mov %rsp,%rdx
104d: 48 83 e4 f0 and $0xfffffffffffffff0,%rsp
1051: 50 push %rax
1052: 54 push %rsp
1053: 4c 8d 05 76 01 00 00 lea 0x176(%rip),%r8 # 11d0 <__libc_csu_fini>
105a: 48 8d 0d ff 00 00 00 lea 0xff(%rip),%rcx # 1160 <__libc_csu_init>
1061: 48 8d 3d d1 00 00 00 lea 0xd1(%rip),%rdi # 1139 <main>
1068: ff 15 72 2f 00 00 call *0x2f72(%rip) # 3fe0 <[email protected]_2.2.5>
106e: f4 hlt
106f: 90 nop

0000000000001070 <deregister_tm_clones>:
1070: 48 8d 3d b9 2f 00 00 lea 0x2fb9(%rip),%rdi # 4030 <__TMC_END__>
1077: 48 8d 05 b2 2f 00 00 lea 0x2fb2(%rip),%rax # 4030 <__TMC_END__>
107e: 48 39 f8 cmp %rdi,%rax
1081: 74 15 je 1098 <deregister_tm_clones+0x28>
1083: 48 8b 05 4e 2f 00 00 mov 0x2f4e(%rip),%rax # 3fd8 <_ITM_deregisterTMCloneTable>
108a: 48 85 c0 test %rax,%rax
108d: 74 09 je 1098 <deregister_tm_clones+0x28>
108f: ff e0 jmp *%rax
1091: 0f 1f 80 00 00 00 00 nopl 0x0(%rax)
1098: c3 ret
1099: 0f 1f 80 00 00 00 00 nopl 0x0(%rax)

00000000000010a0 <register_tm_clones>:
10a0: 48 8d 3d 89 2f 00 00 lea 0x2f89(%rip),%rdi # 4030 <__TMC_END__>
10a7: 48 8d 35 82 2f 00 00 lea 0x2f82(%rip),%rsi # 4030 <__TMC_END__>
10ae: 48 29 fe sub %rdi,%rsi
10b1: 48 89 f0 mov %rsi,%rax
10b4: 48 c1 ee 3f shr $0x3f,%rsi
10b8: 48 c1 f8 03 sar $0x3,%rax
10bc: 48 01 c6 add %rax,%rsi
10bf: 48 d1 fe sar %rsi
10c2: 74 14 je 10d8 <register_tm_clones+0x38>
10c4: 48 8b 05 25 2f 00 00 mov 0x2f25(%rip),%rax # 3ff0 <_ITM_registerTMCloneTable>
10cb: 48 85 c0 test %rax,%rax
10ce: 74 08 je 10d8 <register_tm_clones+0x38>
10d0: ff e0 jmp *%rax
10d2: 66 0f 1f 44 00 00 nopw 0x0(%rax,%rax,1)
10d8: c3 ret
10d9: 0f 1f 80 00 00 00 00 nopl 0x0(%rax)

00000000000010e0 <__do_global_dtors_aux>:
10e0: f3 0f 1e fa endbr64
10e4: 80 3d 45 2f 00 00 00 cmpb $0x0,0x2f45(%rip) # 4030 <__TMC_END__>
10eb: 75 33 jne 1120 <__do_global_dtors_aux+0x40>
10ed: 55 push %rbp
10ee: 48 83 3d 02 2f 00 00 cmpq $0x0,0x2f02(%rip) # 3ff8 <[email protected]_2.2.5>
10f5: 00
10f6: 48 89 e5 mov %rsp,%rbp
10f9: 74 0d je 1108 <__do_global_dtors_aux+0x28>
10fb: 48 8b 3d 26 2f 00 00 mov 0x2f26(%rip),%rdi # 4028 <__dso_handle>
1102: ff 15 f0 2e 00 00 call *0x2ef0(%rip) # 3ff8 <[email protected]_2.2.5>
1108: e8 63 ff ff ff call 1070 <deregister_tm_clones>
110d: c6 05 1c 2f 00 00 01 movb $0x1,0x2f1c(%rip) # 4030 <__TMC_END__>
1114: 5d pop %rbp
1115: c3 ret
1116: 66 2e 0f 1f 84 00 00 cs nopw 0x0(%rax,%rax,1)
111d: 00 00 00
1120: c3 ret
1121: 66 66 2e 0f 1f 84 00 data16 cs nopw 0x0(%rax,%rax,1)
1128: 00 00 00 00
112c: 0f 1f 40 00 nopl 0x0(%rax)

0000000000001130 <frame_dummy>:
1130: f3 0f 1e fa endbr64
1134: e9 67 ff ff ff jmp 10a0 <register_tm_clones>

0000000000001139 <main>:
1139: 55 push %rbp
113a: 48 89 e5 mov %rsp,%rbp
113d: 48 8d 05 c0 0e 00 00 lea 0xec0(%rip),%rax # 2004 <_IO_stdin_used+0x4>
1144: 48 89 c7 mov %rax,%rdi
1147: b8 00 00 00 00 mov $0x0,%eax
114c: e8 df fe ff ff call 1030 <[email protected]>
1151: b8 00 00 00 00 mov $0x0,%eax
1156: 5d pop %rbp
1157: c3 ret
1158: 0f 1f 84 00 00 00 00 nopl 0x0(%rax,%rax,1)
115f: 00

0000000000001160 <__libc_csu_init>:
1160: f3 0f 1e fa endbr64
1164: 41 57 push %r15
1166: 4c 8d 3d 7b 2c 00 00 lea 0x2c7b(%rip),%r15 # 3de8 <__frame_dummy_init_array_entry>
116d: 41 56 push %r14
116f: 49 89 d6 mov %rdx,%r14
1172: 41 55 push %r13
1174: 49 89 f5 mov %rsi,%r13
1177: 41 54 push %r12
1179: 41 89 fc mov %edi,%r12d
117c: 55 push %rbp
117d: 48 8d 2d 6c 2c 00 00 lea 0x2c6c(%rip),%rbp # 3df0 <__do_global_dtors_aux_fini_array_entry>
1184: 53 push %rbx
1185: 4c 29 fd sub %r15,%rbp
1188: 48 83 ec 08 sub $0x8,%rsp
118c: e8 6f fe ff ff call 1000 <_init>
1191: 48 c1 fd 03 sar $0x3,%rbp
1195: 74 1f je 11b6 <__libc_csu_init+0x56>
1197: 31 db xor %ebx,%ebx
1199: 0f 1f 80 00 00 00 00 nopl 0x0(%rax)
11a0: 4c 89 f2 mov %r14,%rdx
11a3: 4c 89 ee mov %r13,%rsi
11a6: 44 89 e7 mov %r12d,%edi
11a9: 41 ff 14 df call *(%r15,%rbx,8)
11ad: 48 83 c3 01 add $0x1,%rbx
11b1: 48 39 dd cmp %rbx,%rbp
11b4: 75 ea jne 11a0 <__libc_csu_init+0x40>
11b6: 48 83 c4 08 add $0x8,%rsp
11ba: 5b pop %rbx
11bb: 5d pop %rbp
11bc: 41 5c pop %r12
11be: 41 5d pop %r13
11c0: 41 5e pop %r14
11c2: 41 5f pop %r15
11c4: c3 ret
11c5: 66 66 2e 0f 1f 84 00 data16 cs nopw 0x0(%rax,%rax,1)
11cc: 00 00 00 00

00000000000011d0 <__libc_csu_fini>:
11d0: f3 0f 1e fa endbr64
11d4: c3 ret

Disassembly of section .fini:

00000000000011d8 <_fini>:
11d8: f3 0f 1e fa endbr64
11dc: 48 83 ec 08 sub $0x8,%rsp
11e0: 48 83 c4 08 add $0x8,%rsp
11e4: c3 ret
 

 


 src::https://unix.stackexchange.com/questions/418354/understanding-what-a-linux-binary-is-doing

 

 

 

Comments

Post a Comment

Popular posts from this blog

sxhkd volume andbrightness config for dwm on void

xbps-install  sxhkd ------------ mkdir .config/sxhkd cd .config/sxhkd nano/vim sxhkdrc -------------------------------- XF86AudioRaiseVolume         amixer -c 1 -- sset Master 2db+ XF86AudioLowerVolume         amixer -c 1 -- sset Master 2db- XF86AudioMute         amixer -c 1 -- sset Master toggle alt + shift + Escape         pkill -USR1 -x sxhkd XF86MonBrightnessUp          xbacklight -inc 20 XF86MonBrightnessDown          xbacklight -dec 20 ------------------------------------------------------------- amixer -c card_no -- sset Interface volume run alsamixer to find card no and interface names xbps-install -S git git clone https://git.suckless.org/dwm xbps-install -S base-devel libX11-devel libXft-devel libXinerama-devel  vim config.mk # FREETYPEINC = ${X11INC}/freetype2 #comment for non-bsd make clean install   cp config.def.h config.h vim config.h xbps-install -S font-symbola #for emoji on statusbar support     void audio config xbps-i
2 comments
Read more

download office 2021 and activate

get office from here  https://tb.rg-adguard.net/public.php open powershell as admin (win+x and a ) type cmd  goto insall dir 1.         cd /d %ProgramFiles(x86)%\Microsoft Office\Office16 2.           cd /d %ProgramFiles%\Microsoft Office\Office16 try 1 or 2 depending on installation  install volume license  for /f %x in ('dir /b ..\root\Licenses16\ProPlus2021VL_KMS*.xrm-ms') do cscript ospp.vbs /inslic:"..\root\Licenses16\%x" activate using kms cscript ospp.vbs /setprt:1688 cscript ospp.vbs /unpkey:6F7TH >nul cscript ospp.vbs /inpkey:FXYTK-NJJ8C-GB6DW-3DYQT-6F7TH cscript ospp.vbs /sethst:s8.uk.to cscript ospp.vbs /act Automatic script (windefender may block it) ------------------------------------------------------------------------------------------------------------------- @echo off title Activate Microsoft Office 2021 (ALL versions) for FREE - MSGuides.com&cls&echo =====================================================================================&
Post a Comment
Read more

Hidden Wiki

Welcome to The Hidden Wiki New hidden wiki url 2015 http://zqktlwi4fecvo6ri.onion Add it to bookmarks and spread it!!! Editor's picks Bored? Pick a random page from the article index and replace one of these slots with it. The Matrix - Very nice to read. How to Exit the Matrix - Learn how to Protect yourself and your rights, online and off. Verifying PGP signatures - A short and simple how-to guide. In Praise Of Hawala - Anonymous informal value transfer system. Volunteer Here are five different things that you can help us out with. Plunder other hidden service lists for links and place them here! File the SnapBBSIndex links wherever they go. Set external links to HTTPS where available, good certificate, and same content. Care to start recording onionland's history? Check out Onionland's Museum Perform Dead Services Duties. Introduction Points Ahmia.fi - Clearnet search engine for Tor Hidden Services (allows you
7 comments
Read more