objdump

#1

O objdump é um programa simples que te remonta o código assembly, assim você pode fazer uma análise pratica pra uma engenharia reversa ou até mesmo pra estudar um pouco mais de assembly.
Por padrão já vem no kali.

Fonte:

Code: Select all

#include <stdio.h>

int main (int argc, char **argv){
	printf("The Cybers!");
	return 0;
}

Code: Select all

[email protected] ~/c $ objdump -d main

main:     file format elf64-x86-64


Disassembly of section .init:

0000000000001000 <_init>:
    1000:	f3 0f 1e fa          	endbr64 
    1004:	48 83 ec 08          	sub    $0x8,%rsp
    1008:	48 8b 05 d9 2f 00 00 	mov    0x2fd9(%rip),%rax        # 3fe8 <__gmon_start__>
    100f:	48 85 c0             	test   %rax,%rax
    1012:	74 02                	je     1016 <_init+0x16>
    1014:	ff d0                	callq  *%rax
    1016:	48 83 c4 08          	add    $0x8,%rsp
    101a:	c3                   	retq   

Disassembly of section .plt:

0000000000001020 <.plt>:
    1020:	ff 35 e2 2f 00 00    	pushq  0x2fe2(%rip)        # 4008 <_GLOBAL_OFFSET_TABLE_+0x8>
    1026:	ff 25 e4 2f 00 00    	jmpq   *0x2fe4(%rip)        # 4010 <_GLOBAL_OFFSET_TABLE_+0x10>
    102c:	0f 1f 40 00          	nopl   0x0(%rax)

0000000000001030 <[email protected]>:
    1030:	ff 25 e2 2f 00 00    	jmpq   *0x2fe2(%rip)        # 4018 <[email protected]_2.2.5>
    1036:	68 00 00 00 00       	pushq  $0x0
    103b:	e9 e0 ff ff ff       	jmpq   1020 <.plt>

Disassembly of section .text:

0000000000001040 <_start>:
    1040:	f3 0f 1e fa          	endbr64 
    1044:	31 ed                	xor    %ebp,%ebp
    1046:	49 89 d1             	mov    %rdx,%r9
    1049:	5e                   	pop    %rsi
    104a:	48 89 e2             	mov    %rsp,%rdx
    104d:	48 83 e4 f0          	and    $0xfffffffffffffff0,%rsp
    1051:	50                   	push   %rax
    1052:	54                   	push   %rsp
    1053:	4c 8d 05 76 01 00 00 	lea    0x176(%rip),%r8        # 11d0 <__libc_csu_fini>
    105a:	48 8d 0d ff 00 00 00 	lea    0xff(%rip),%rcx        # 1160 <__libc_csu_init>
    1061:	48 8d 3d d1 00 00 00 	lea    0xd1(%rip),%rdi        # 1139 <main>
    1068:	ff 15 72 2f 00 00    	callq  *0x2f72(%rip)        # 3fe0 <[email protected]_2.2.5>
    106e:	f4                   	hlt    
    106f:	90                   	nop

0000000000001070 <deregister_tm_clones>:
    1070:	48 8d 3d b9 2f 00 00 	lea    0x2fb9(%rip),%rdi        # 4030 <__TMC_END__>
    1077:	48 8d 05 b2 2f 00 00 	lea    0x2fb2(%rip),%rax        # 4030 <__TMC_END__>
    107e:	48 39 f8             	cmp    %rdi,%rax
    1081:	74 15                	je     1098 <deregister_tm_clones+0x28>
    1083:	48 8b 05 4e 2f 00 00 	mov    0x2f4e(%rip),%rax        # 3fd8 <_ITM_deregisterTMCloneTable>
    108a:	48 85 c0             	test   %rax,%rax
    108d:	74 09                	je     1098 <deregister_tm_clones+0x28>
    108f:	ff e0                	jmpq   *%rax
    1091:	0f 1f 80 00 00 00 00 	nopl   0x0(%rax)
    1098:	c3                   	retq   
    1099:	0f 1f 80 00 00 00 00 	nopl   0x0(%rax)

00000000000010a0 <register_tm_clones>:
    10a0:	48 8d 3d 89 2f 00 00 	lea    0x2f89(%rip),%rdi        # 4030 <__TMC_END__>
    10a7:	48 8d 35 82 2f 00 00 	lea    0x2f82(%rip),%rsi        # 4030 <__TMC_END__>
    10ae:	48 29 fe             	sub    %rdi,%rsi
    10b1:	48 c1 fe 03          	sar    $0x3,%rsi
    10b5:	48 89 f0             	mov    %rsi,%rax
    10b8:	48 c1 e8 3f          	shr    $0x3f,%rax
    10bc:	48 01 c6             	add    %rax,%rsi
    10bf:	48 d1 fe             	sar    %rsi
    10c2:	74 14                	je     10d8 <register_tm_clones+0x38>
    10c4:	48 8b 05 25 2f 00 00 	mov    0x2f25(%rip),%rax        # 3ff0 <_ITM_registerTMCloneTable>
    10cb:	48 85 c0             	test   %rax,%rax
    10ce:	74 08                	je     10d8 <register_tm_clones+0x38>
    10d0:	ff e0                	jmpq   *%rax
    10d2:	66 0f 1f 44 00 00    	nopw   0x0(%rax,%rax,1)
    10d8:	c3                   	retq   
    10d9:	0f 1f 80 00 00 00 00 	nopl   0x0(%rax)

00000000000010e0 <__do_global_dtors_aux>:
    10e0:	f3 0f 1e fa          	endbr64 
    10e4:	80 3d 45 2f 00 00 00 	cmpb   $0x0,0x2f45(%rip)        # 4030 <__TMC_END__>
    10eb:	75 33                	jne    1120 <__do_global_dtors_aux+0x40>
    10ed:	55                   	push   %rbp
    10ee:	48 83 3d 02 2f 00 00 	cmpq   $0x0,0x2f02(%rip)        # 3ff8 <[email protected]_2.2.5>
    10f5:	00 
    10f6:	48 89 e5             	mov    %rsp,%rbp
    10f9:	74 0d                	je     1108 <__do_global_dtors_aux+0x28>
    10fb:	48 8b 3d 26 2f 00 00 	mov    0x2f26(%rip),%rdi        # 4028 <__dso_handle>
    1102:	ff 15 f0 2e 00 00    	callq  *0x2ef0(%rip)        # 3ff8 <[email protected]_2.2.5>
    1108:	e8 63 ff ff ff       	callq  1070 <deregister_tm_clones>
    110d:	c6 05 1c 2f 00 00 01 	movb   $0x1,0x2f1c(%rip)        # 4030 <__TMC_END__>
    1114:	5d                   	pop    %rbp
    1115:	c3                   	retq   
    1116:	66 2e 0f 1f 84 00 00 	nopw   %cs:0x0(%rax,%rax,1)
    111d:	00 00 00 
    1120:	c3                   	retq   
    1121:	66 66 2e 0f 1f 84 00 	data16 nopw %cs:0x0(%rax,%rax,1)
    1128:	00 00 00 00 
    112c:	0f 1f 40 00          	nopl   0x0(%rax)

0000000000001130 <frame_dummy>:
    1130:	f3 0f 1e fa          	endbr64 
    1134:	e9 67 ff ff ff       	jmpq   10a0 <register_tm_clones>

0000000000001139 <main>:
    1139:	55                   	push   %rbp
    113a:	48 89 e5             	mov    %rsp,%rbp
    113d:	48 83 ec 10          	sub    $0x10,%rsp
    1141:	89 7d fc             	mov    %edi,-0x4(%rbp)
    1144:	48 89 75 f0          	mov    %rsi,-0x10(%rbp)
    1148:	48 8d 3d b5 0e 00 00 	lea    0xeb5(%rip),%rdi        # 2004 <_IO_stdin_used+0x4>
    114f:	b8 00 00 00 00       	mov    $0x0,%eax
    1154:	e8 d7 fe ff ff       	callq  1030 <[email protected]>
    1159:	b8 00 00 00 00       	mov    $0x0,%eax
    115e:	c9                   	leaveq 
    115f:	c3                   	retq   

0000000000001160 <__libc_csu_init>:
    1160:	f3 0f 1e fa          	endbr64 
    1164:	41 57                	push   %r15
    1166:	49 89 d7             	mov    %rdx,%r15
    1169:	41 56                	push   %r14
    116b:	49 89 f6             	mov    %rsi,%r14
    116e:	41 55                	push   %r13
    1170:	41 89 fd             	mov    %edi,%r13d
    1173:	41 54                	push   %r12
    1175:	4c 8d 25 6c 2c 00 00 	lea    0x2c6c(%rip),%r12        # 3de8 <__frame_dummy_init_array_entry>
    117c:	55                   	push   %rbp
    117d:	48 8d 2d 6c 2c 00 00 	lea    0x2c6c(%rip),%rbp        # 3df0 <__init_array_end>
    1184:	53                   	push   %rbx
    1185:	4c 29 e5             	sub    %r12,%rbp
    1188:	48 83 ec 08          	sub    $0x8,%rsp
    118c:	67 e8 6e fe ff ff    	addr32 callq 1000 <_init>
    1192:	48 c1 fd 03          	sar    $0x3,%rbp
    1196:	74 1e                	je     11b6 <__libc_csu_init+0x56>
    1198:	31 db                	xor    %ebx,%ebx
    119a:	66 0f 1f 44 00 00    	nopw   0x0(%rax,%rax,1)
    11a0:	4c 89 fa             	mov    %r15,%rdx
    11a3:	4c 89 f6             	mov    %r14,%rsi
    11a6:	44 89 ef             	mov    %r13d,%edi
    11a9:	41 ff 14 dc          	callq  *(%r12,%rbx,8)
    11ad:	48 83 c3 01          	add    $0x1,%rbx
    11b1:	48 39 dd             	cmp    %rbx,%rbp
    11b4:	75 ea                	jne    11a0 <__libc_csu_init+0x40>
    11b6:	48 83 c4 08          	add    $0x8,%rsp
    11ba:	5b                   	pop    %rbx
    11bb:	5d                   	pop    %rbp
    11bc:	41 5c                	pop    %r12
    11be:	41 5d                	pop    %r13
    11c0:	41 5e                	pop    %r14
    11c2:	41 5f                	pop    %r15
    11c4:	c3                   	retq   
    11c5:	66 66 2e 0f 1f 84 00 	data16 nopw %cs:0x0(%rax,%rax,1)
    11cc:	00 00 00 00 

00000000000011d0 <__libc_csu_fini>:
    11d0:	f3 0f 1e fa          	endbr64 
    11d4:	c3                   	retq   

Disassembly of section .fini:

00000000000011d8 <_fini>:
    11d8:	f3 0f 1e fa          	endbr64 
    11dc:	48 83 ec 08          	sub    $0x8,%rsp
    11e0:	48 83 c4 08          	add    $0x8,%rsp
    11e4:	c3                   	retq   
[email protected] ~/c $ 
[email protected] ~/c $ gcc main.c -o main
[email protected] ~/c $ objdump -d main

main:     file format elf64-x86-64


Disassembly of section .init:

0000000000001000 <_init>:
    1000:	f3 0f 1e fa          	endbr64 
    1004:	48 83 ec 08          	sub    $0x8,%rsp
    1008:	48 8b 05 d9 2f 00 00 	mov    0x2fd9(%rip),%rax        # 3fe8 <__gmon_start__>
    100f:	48 85 c0             	test   %rax,%rax
    1012:	74 02                	je     1016 <_init+0x16>
    1014:	ff d0                	callq  *%rax
    1016:	48 83 c4 08          	add    $0x8,%rsp
    101a:	c3                   	retq   

Disassembly of section .plt:

0000000000001020 <.plt>:
    1020:	ff 35 e2 2f 00 00    	pushq  0x2fe2(%rip)        # 4008 <_GLOBAL_OFFSET_TABLE_+0x8>
    1026:	ff 25 e4 2f 00 00    	jmpq   *0x2fe4(%rip)        # 4010 <_GLOBAL_OFFSET_TABLE_+0x10>
    102c:	0f 1f 40 00          	nopl   0x0(%rax)

0000000000001030 <[email protected]>:
    1030:	ff 25 e2 2f 00 00    	jmpq   *0x2fe2(%rip)        # 4018 <[email protected]_2.2.5>
    1036:	68 00 00 00 00       	pushq  $0x0
    103b:	e9 e0 ff ff ff       	jmpq   1020 <.plt>

Disassembly of section .text:

0000000000001040 <_start>:
    1040:	f3 0f 1e fa          	endbr64 
    1044:	31 ed                	xor    %ebp,%ebp
    1046:	49 89 d1             	mov    %rdx,%r9
    1049:	5e                   	pop    %rsi
    104a:	48 89 e2             	mov    %rsp,%rdx
    104d:	48 83 e4 f0          	and    $0xfffffffffffffff0,%rsp
    1051:	50                   	push   %rax
    1052:	54                   	push   %rsp
    1053:	4c 8d 05 76 01 00 00 	lea    0x176(%rip),%r8        # 11d0 <__libc_csu_fini>
    105a:	48 8d 0d ff 00 00 00 	lea    0xff(%rip),%rcx        # 1160 <__libc_csu_init>
    1061:	48 8d 3d d1 00 00 00 	lea    0xd1(%rip),%rdi        # 1139 <main>
    1068:	ff 15 72 2f 00 00    	callq  *0x2f72(%rip)        # 3fe0 <[email protected]_2.2.5>
    106e:	f4                   	hlt    
    106f:	90                   	nop

0000000000001070 <deregister_tm_clones>:
    1070:	48 8d 3d b9 2f 00 00 	lea    0x2fb9(%rip),%rdi        # 4030 <__TMC_END__>
    1077:	48 8d 05 b2 2f 00 00 	lea    0x2fb2(%rip),%rax        # 4030 <__TMC_END__>
    107e:	48 39 f8             	cmp    %rdi,%rax
    1081:	74 15                	je     1098 <deregister_tm_clones+0x28>
    1083:	48 8b 05 4e 2f 00 00 	mov    0x2f4e(%rip),%rax        # 3fd8 <_ITM_deregisterTMCloneTable>
    108a:	48 85 c0             	test   %rax,%rax
    108d:	74 09                	je     1098 <deregister_tm_clones+0x28>
    108f:	ff e0                	jmpq   *%rax
    1091:	0f 1f 80 00 00 00 00 	nopl   0x0(%rax)
    1098:	c3                   	retq   
    1099:	0f 1f 80 00 00 00 00 	nopl   0x0(%rax)

00000000000010a0 <register_tm_clones>:
    10a0:	48 8d 3d 89 2f 00 00 	lea    0x2f89(%rip),%rdi        # 4030 <__TMC_END__>
    10a7:	48 8d 35 82 2f 00 00 	lea    0x2f82(%rip),%rsi        # 4030 <__TMC_END__>
    10ae:	48 29 fe             	sub    %rdi,%rsi
    10b1:	48 c1 fe 03          	sar    $0x3,%rsi
    10b5:	48 89 f0             	mov    %rsi,%rax
    10b8:	48 c1 e8 3f          	shr    $0x3f,%rax
    10bc:	48 01 c6             	add    %rax,%rsi
    10bf:	48 d1 fe             	sar    %rsi
    10c2:	74 14                	je     10d8 <register_tm_clones+0x38>
    10c4:	48 8b 05 25 2f 00 00 	mov    0x2f25(%rip),%rax        # 3ff0 <_ITM_registerTMCloneTable>
    10cb:	48 85 c0             	test   %rax,%rax
    10ce:	74 08                	je     10d8 <register_tm_clones+0x38>
    10d0:	ff e0                	jmpq   *%rax
    10d2:	66 0f 1f 44 00 00    	nopw   0x0(%rax,%rax,1)
    10d8:	c3                   	retq   
    10d9:	0f 1f 80 00 00 00 00 	nopl   0x0(%rax)

00000000000010e0 <__do_global_dtors_aux>:
    10e0:	f3 0f 1e fa          	endbr64 
    10e4:	80 3d 45 2f 00 00 00 	cmpb   $0x0,0x2f45(%rip)        # 4030 <__TMC_END__>
    10eb:	75 33                	jne    1120 <__do_global_dtors_aux+0x40>
    10ed:	55                   	push   %rbp
    10ee:	48 83 3d 02 2f 00 00 	cmpq   $0x0,0x2f02(%rip)        # 3ff8 <[email protected]_2.2.5>
    10f5:	00 
    10f6:	48 89 e5             	mov    %rsp,%rbp
    10f9:	74 0d                	je     1108 <__do_global_dtors_aux+0x28>
    10fb:	48 8b 3d 26 2f 00 00 	mov    0x2f26(%rip),%rdi        # 4028 <__dso_handle>
    1102:	ff 15 f0 2e 00 00    	callq  *0x2ef0(%rip)        # 3ff8 <[email protected]_2.2.5>
    1108:	e8 63 ff ff ff       	callq  1070 <deregister_tm_clones>
    110d:	c6 05 1c 2f 00 00 01 	movb   $0x1,0x2f1c(%rip)        # 4030 <__TMC_END__>
    1114:	5d                   	pop    %rbp
    1115:	c3                   	retq   
    1116:	66 2e 0f 1f 84 00 00 	nopw   %cs:0x0(%rax,%rax,1)
    111d:	00 00 00 
    1120:	c3                   	retq   
    1121:	66 66 2e 0f 1f 84 00 	data16 nopw %cs:0x0(%rax,%rax,1)
    1128:	00 00 00 00 
    112c:	0f 1f 40 00          	nopl   0x0(%rax)

0000000000001130 <frame_dummy>:
    1130:	f3 0f 1e fa          	endbr64 
    1134:	e9 67 ff ff ff       	jmpq   10a0 <register_tm_clones>

0000000000001139 <main>:
    1139:	55                   	push   %rbp
    113a:	48 89 e5             	mov    %rsp,%rbp
    113d:	48 83 ec 10          	sub    $0x10,%rsp
    1141:	89 7d fc             	mov    %edi,-0x4(%rbp)
    1144:	48 89 75 f0          	mov    %rsi,-0x10(%rbp)
    1148:	48 8d 3d b5 0e 00 00 	lea    0xeb5(%rip),%rdi        # 2004 <_IO_stdin_used+0x4>
    114f:	b8 00 00 00 00       	mov    $0x0,%eax
    1154:	e8 d7 fe ff ff       	callq  1030 <[email protected]>
    1159:	b8 00 00 00 00       	mov    $0x0,%eax
    115e:	c9                   	leaveq 
    115f:	c3                   	retq   

0000000000001160 <__libc_csu_init>:
    1160:	f3 0f 1e fa          	endbr64 
    1164:	41 57                	push   %r15
    1166:	49 89 d7             	mov    %rdx,%r15
    1169:	41 56                	push   %r14
    116b:	49 89 f6             	mov    %rsi,%r14
    116e:	41 55                	push   %r13
    1170:	41 89 fd             	mov    %edi,%r13d
    1173:	41 54                	push   %r12
    1175:	4c 8d 25 6c 2c 00 00 	lea    0x2c6c(%rip),%r12        # 3de8 <__frame_dummy_init_array_entry>
    117c:	55                   	push   %rbp
    117d:	48 8d 2d 6c 2c 00 00 	lea    0x2c6c(%rip),%rbp        # 3df0 <__init_array_end>
    1184:	53                   	push   %rbx
    1185:	4c 29 e5             	sub    %r12,%rbp
    1188:	48 83 ec 08          	sub    $0x8,%rsp
    118c:	67 e8 6e fe ff ff    	addr32 callq 1000 <_init>
    1192:	48 c1 fd 03          	sar    $0x3,%rbp
    1196:	74 1e                	je     11b6 <__libc_csu_init+0x56>
    1198:	31 db                	xor    %ebx,%ebx
    119a:	66 0f 1f 44 00 00    	nopw   0x0(%rax,%rax,1)
    11a0:	4c 89 fa             	mov    %r15,%rdx
    11a3:	4c 89 f6             	mov    %r14,%rsi
    11a6:	44 89 ef             	mov    %r13d,%edi
    11a9:	41 ff 14 dc          	callq  *(%r12,%rbx,8)
    11ad:	48 83 c3 01          	add    $0x1,%rbx
    11b1:	48 39 dd             	cmp    %rbx,%rbp
    11b4:	75 ea                	jne    11a0 <__libc_csu_init+0x40>
    11b6:	48 83 c4 08          	add    $0x8,%rsp
    11ba:	5b                   	pop    %rbx
    11bb:	5d                   	pop    %rbp
    11bc:	41 5c                	pop    %r12
    11be:	41 5d                	pop    %r13
    11c0:	41 5e                	pop    %r14
    11c2:	41 5f                	pop    %r15
    11c4:	c3                   	retq   
    11c5:	66 66 2e 0f 1f 84 00 	data16 nopw %cs:0x0(%rax,%rax,1)
    11cc:	00 00 00 00 

00000000000011d0 <__libc_csu_fini>:
    11d0:	f3 0f 1e fa          	endbr64 
    11d4:	c3                   	retq   

Disassembly of section .fini:

00000000000011d8 <_fini>:
    11d8:	f3 0f 1e fa          	endbr64 
    11dc:	48 83 ec 08          	sub    $0x8,%rsp
    11e0:	48 83 c4 08          	add    $0x8,%rsp
    11e4:	c3                   	retq   
[email protected] ~/c $ 

Caso queira ler o conteúdo apenas da função main ou de alguma outra que você quiser poderá usar este comando:
objdump -d teste | awk -F"\n" -v RS="\n\n" '$1 ~ /main/'

Code: Select all

0000000000001139 <main>:
    1139:	55                   	push   %rbp
    113a:	48 89 e5             	mov    %rsp,%rbp
    113d:	48 83 ec 10          	sub    $0x10,%rsp
    1141:	89 7d fc             	mov    %edi,-0x4(%rbp)
    1144:	48 89 75 f0          	mov    %rsi,-0x10(%rbp)
    1148:	48 8d 3d b5 0e 00 00 	lea    0xeb5(%rip),%rdi        # 2004 <_IO_stdin_used+0x4>
    114f:	b8 00 00 00 00       	mov    $0x0,%eax
    1154:	e8 d7 fe ff ff       	callq  1030 <[email protected]>
    1159:	b8 00 00 00 00       	mov    $0x0,%eax
    115e:	c9                   	leaveq 
    115f:	c3                   	retq   

1 x
Image