A look at the objdump command. A very useful Linux utility indeed. As well as some other useful commands.

Posted: January 9, 2013. At: 2:17 PM. This was 5 years ago. Post ID: 5162

The best thing that is happening with the Linux kernel and the associated software that builds a distribution is that the software is getting easier to use than ever. But the Linux command-line is still the best and easiest way to get some things done.

For example; getting information about an executable file. This is using the objdump command to list the section headers in a Linux executable.

~$ objdump -h /bin/cat
/bin/cat:     file format elf32-i386

Sections:
Idx Name          Size      VMA       LMA       File off  Algn
  0 .interp       00000013  08048134  08048134  00000134  2**0
                  CONTENTS, ALLOC, LOAD, READONLY, DATA
  1 .note.ABI-tag 00000020  08048148  08048148  00000148  2**2
                  CONTENTS, ALLOC, LOAD, READONLY, DATA
  2 .note.gnu.build-id 00000024  08048168  08048168  00000168  2**2
                  CONTENTS, ALLOC, LOAD, READONLY, DATA
  3 .hash         0000022c  0804818c  0804818c  0000018c  2**2
                  CONTENTS, ALLOC, LOAD, READONLY, DATA
  4 .gnu.hash     00000044  080483b8  080483b8  000003b8  2**2
                  CONTENTS, ALLOC, LOAD, READONLY, DATA
  5 .dynsym       00000460  080483fc  080483fc  000003fc  2**2
                  CONTENTS, ALLOC, LOAD, READONLY, DATA
  6 .dynstr       000002f4  0804885c  0804885c  0000085c  2**0
                  CONTENTS, ALLOC, LOAD, READONLY, DATA
  7 .gnu.version  0000008c  08048b50  08048b50  00000b50  2**1
                  CONTENTS, ALLOC, LOAD, READONLY, DATA
  8 .gnu.version_r 00000080  08048bdc  08048bdc  00000bdc  2**2
                  CONTENTS, ALLOC, LOAD, READONLY, DATA
  9 .rel.dyn      00000030  08048c5c  08048c5c  00000c5c  2**2
                  CONTENTS, ALLOC, LOAD, READONLY, DATA
 10 .rel.plt      000001e8  08048c8c  08048c8c  00000c8c  2**2
                  CONTENTS, ALLOC, LOAD, READONLY, DATA
 11 .init         00000030  08048e74  08048e74  00000e74  2**2
                  CONTENTS, ALLOC, LOAD, READONLY, CODE
 12 .plt          000003e0  08048ea4  08048ea4  00000ea4  2**2
                  CONTENTS, ALLOC, LOAD, READONLY, CODE
 13 .text         000069dc  08049290  08049290  00001290  2**4
                  CONTENTS, ALLOC, LOAD, READONLY, CODE
 14 .fini         0000001c  0804fc6c  0804fc6c  00007c6c  2**2
                  CONTENTS, ALLOC, LOAD, READONLY, CODE
 15 .rodata       00000ec6  0804fca0  0804fca0  00007ca0  2**5
                  CONTENTS, ALLOC, LOAD, READONLY, DATA
 16 .eh_frame     00000004  08050b68  08050b68  00008b68  2**2
                  CONTENTS, ALLOC, LOAD, READONLY, DATA
 17 .ctors        00000008  08051f08  08051f08  00008f08  2**2
                  CONTENTS, ALLOC, LOAD, DATA
 18 .dtors        00000008  08051f10  08051f10  00008f10  2**2
                  CONTENTS, ALLOC, LOAD, DATA
 19 .jcr          00000004  08051f18  08051f18  00008f18  2**2
                  CONTENTS, ALLOC, LOAD, DATA
 20 .dynamic      000000d0  08051f1c  08051f1c  00008f1c  2**2
                  CONTENTS, ALLOC, LOAD, DATA
 21 .got          00000008  08051fec  08051fec  00008fec  2**2
                  CONTENTS, ALLOC, LOAD, DATA
 22 .got.plt      00000100  08051ff4  08051ff4  00008ff4  2**2
                  CONTENTS, ALLOC, LOAD, DATA
 23 .data         0000003c  080520f4  080520f4  000090f4  2**2
                  CONTENTS, ALLOC, LOAD, DATA
 24 .bss          000005e4  08052140  08052140  00009130  2**5
                  ALLOC
 25 .gnu_debuglink 00000008  00000000  00000000  00009130  2**0
                  CONTENTS, READONLY

And this command to show the file header information in the Linux executable.

~$ objdump -f /bin/cat
/bin/cat:     file format elf32-i386
architecture: i386, flags 0x00000112:
EXEC_P, HAS_SYMS, D_PAGED
start address 0x08049290

The objdump command may be used to disassemble a Linux executable into assembler source code; it would be an interesting exercise to attempt to compile that code again and build a working executable again from the source. That may not work; but imagine if you could disassemble a closed source program and get a good idea of what the source code is and you were able to reverse engineer an open-source alternative. But that is what that command could do for you. The Stuxnet virus was disassembled and the source code was uploaded onto the Internet. But it is for Windows and not Linux. That code was targeting specific hardware though. But the intent was to carry out damage with this malware and compromise nuclear hardware.

Getting back to the objdump command, here is a sample of the output when disassembling the /bin/cat executable.

[email protected] ~ $ objdump -d /bin/cat
/bin/cat:     file format elf64-x86-64


Disassembly of section .init:

0000000000401508 <.init>:
  401508:	48 83 ec 08          	sub    $0x8,%rsp
  40150c:	e8 57 10 00 00       	callq  402568 <[email protected]+0xc08>
  401511:	48 83 c4 08          	add    $0x8,%rsp
  401515:	c3                   	retq   

Disassembly of section .plt:

0000000000401520 <[email protected]>:
  401520:	ff 35 e2 9a 20 00    	pushq  0x209ae2(%rip)        # 60b008 <[email protected]+0x2096a8>
  401526:	ff 25 e4 9a 20 00    	jmpq   *0x209ae4(%rip)        # 60b010 <[email protected]+0x2096b0>
  40152c:	0f 1f 40 00          	nopl   0x0(%rax)

0000000000401530 <[email protected]>:
  401530:	ff 25 e2 9a 20 00    	jmpq   *0x209ae2(%rip)        # 60b018 <[email protected]+0x2096b8>
  401536:	68 00 00 00 00       	pushq  $0x0
  40153b:	e9 e0 ff ff ff       	jmpq   401520 <[email protected]>

0000000000401540 <[email protected]>:
  401540:	ff 25 da 9a 20 00    	jmpq   *0x209ada(%rip)        # 60b020 <[email protected]+0x2096c0>
  401546:	68 01 00 00 00       	pushq  $0x1
  40154b:	e9 d0 ff ff ff       	jmpq   401520 <[email protected]>

0000000000401550 <[email protected]>:
  401550:	ff 25 d2 9a 20 00    	jmpq   *0x209ad2(%rip)        # 60b028 <[email protected]+0x2096c8>
  401556:	68 02 00 00 00       	pushq  $0x2
  40155b:	e9 c0 ff ff ff       	jmpq   401520 <[email protected]>

The full output is far too long to post in it`s entirety; but this sample gives you an idea of what the disassembled output looks like. More information about this useful command may be found here: http://sourceware.org/binutils/docs/binutils/objdump.html.

There is also the objcopy command that will copy the contents of one object file from one to the other. This is the simplest example. This command can also translate an object file from one format to another.

[email protected] ~/Documents $ objcopy my.o my2.o

If you use the obcopy command with the -g argument; it will strip out the debugging symbols.

[email protected] ~/Documents $ objcopy my.o my2.o
[email protected] ~/Documents $ man objcopy 
[email protected] ~/Documents $ objcopy -g my.o my2.o
[email protected] ~/Documents $ ls -hula *.o
-rw-rw-r-- 1 john john 1.7K Jan  9 13:20 my2.o
-rw-r--r-- 1 john john  13K Dec 17 19:41 mynew.o
-rw-rw-r-- 1 john john 1.7K Jan  9 13:10 my.o
-rw-rw-r-- 1 john john 1.5K Jan  6 18:15 time.o

it is better to use this command on an actual executable though; this output shows the difference in size after using this command on an executable binary.

[email protected] ~/Documents $ gcc my.c -o 11myexe
[email protected] ~/Documents $ objcopy -S 11myexe 11my2exe
[email protected] ~/Documents $ ls -hula 11my*
-rwxrwxr-x 1 john john 6.2K Jan  9 13:32 11my2exe
-rwxrwxr-x 1 john john 8.6K Jan  9 13:32 11myexe

The strip command does the same thing though. It is very good for reducing the size of an executable after compilation; but it will strip out the debugging symbols.

[email protected] ~/Documents $ strip 11myexe 
[email protected] ~/Documents $ ls -hula 11myexe 
-rwxrwxr-x 1 john john 6.2K Jan  9 13:34 11myexe

Here is a useful command that will list all of the USB devices connected to your system.

[email protected] /boot $ lsusb 
Bus 002 Device 002: ID 058f:6362 Alcor Micro Corp. Flash Card Reader/Writer
Bus 002 Device 004: ID 054c:05ba Sony Corp. 
Bus 005 Device 002: ID 049f:000e Compaq Computer Corp. Internet Keyboard
Bus 007 Device 002: ID 046d:c52f Logitech, Inc. Wireless Mouse M305
Bus 001 Device 001: ID 1d6b:0002 Linux Foundation 2.0 root hub
Bus 002 Device 001: ID 1d6b:0002 Linux Foundation 2.0 root hub
Bus 003 Device 001: ID 1d6b:0001 Linux Foundation 1.1 root hub
Bus 004 Device 001: ID 1d6b:0001 Linux Foundation 1.1 root hub
Bus 005 Device 001: ID 1d6b:0001 Linux Foundation 1.1 root hub
Bus 006 Device 001: ID 1d6b:0001 Linux Foundation 1.1 root hub
Bus 007 Device 001: ID 1d6b:0001 Linux Foundation 1.1 root hub
Bus 008 Device 001: ID 1d6b:0001 Linux Foundation 1.1 root hub
Bus 009 Device 001: ID 1d6b:0002 Linux Foundation 2.0 root hub
Bus 010 Device 001: ID 1d6b:0003 Linux Foundation 3.0 root hub

Here is an interesting command that I found. This will download printer driver firmware files for you with a simple command. This could be useful if you are trying to get a printer working with Linux and you are not having much luck.

[email protected] /boot $ sudo getweb
$Id: getweb.in,v 1.103 2011/05/17 09:44:16 rick Exp $

Usage:
    ./getweb something

    Convenience script to get extra somethings from the web,
    such as ICC color profiles, firmware, PPD files, etc.

    $ ./getweb 1025     # Get HP LaserJet Pro CP1025nw .ICM files
    $ ./getweb 1215	# Get HP Color LaserJet CP1215 .ICM files
    $ ./getweb 1500	# Get HP Color LaserJet 1500 .ICM files
    $ ./getweb 1600	# Get HP Color LaserJet 1600 .ICM files
    $ ./getweb 2600n	# Get HP Color LaserJet 2600n .ICM files

    $ ./getweb 1600w	# Get Konica Minolta 1600W .ICM files
    $ ./getweb 1680	# Get Konica Minolta 1680MF .ICM files
    $ ./getweb 1690	# Get Konica Minolta 1690MF .ICM files
    $ ./getweb 2480	# Get Konica Minolta 2480 MF .ICM files
    $ ./getweb 2490	# Get Konica Minolta 2490 MF .ICM files
    $ ./getweb 2530	# Get Konica Minolta 2530 DL .ICM files
    $ ./getweb 4690	# Get Konica Minolta 4690MF .ICM files
    $ ./getweb 6115	# Get Xerox Phaser 6115MFP .ICM files
    $ ./getweb 110	# Get Oki C110 .ICM files
    $ ./getweb 6121	# Get Xerox Phaser 6121MFP .ICM files

    $ ./getweb 2200	# Get Minolta 2200 DL .ICM files
    $ ./getweb 2300	# Get Minolta 2300 DL .ICM files
    $ ./getweb 2430	# Get Konica Minolta 2430 DL .ICM files
    $ ./getweb cpwl	# Get Minolta Color PageWorks/Pro L .ICM files

    $ ./getweb 300	# Get Samsung CLP-300 .ICM files
    $ ./getweb 310	# Get Samsung CLP-310 .ICM files
    $ ./getweb 315	# Get Samsung CLP-315 .ICM files
    $ ./getweb 325	# Get Samsung CLP-325 .ICM files
    $ ./getweb 600	# Get Samsung CLP-600 .ICM files
    $ ./getweb 610	# Get Samsung CLP-610 .ICM files
    $ ./getweb 2160	# Get Samsung CLX-2160 .ICM files
    $ ./getweb 3160	# Get Samsung CLX-3160 .ICM files
    $ ./getweb 3175	# Get Samsung CLX-3175 .ICM files
    $ ./getweb 6110	# Get Xerox Phaser 6110 and 6110MFP .ICM files

    $ ./getweb 500	# Get Lexmark C500 .ICM files

    $ ./getweb c310	# Get Oki C310dn .ICM files
    $ ./getweb 3100	# Get Oki C3100 .ICM files
    $ ./getweb 3200	# Get Oki C3200 .ICM files
    $ ./getweb 3300	# Get Oki C3300 .ICM files
    $ ./getweb 3400	# Get Oki C3400 .ICM files
    $ ./getweb 3530	# Get Oki C3530 MFP .ICM files
    $ ./getweb 5100	# Get Oki C5100 / C5150n .ICM files
    $ ./getweb 5200	# Get Oki C5200 .ICM files
    $ ./getweb 5500	# Get Oki C5500 .ICM files
    $ ./getweb 5600	# Get Oki C5600 .ICM files
    $ ./getweb 5800	# Get Oki C5800 .ICM files

    $ ./getweb 160	# Get Olivetti d-Color P160W .ICM files

    $ ./getweb 1000	# Get HP LJ 1000 firmware file
    $ ./getweb 1005	# Get HP LJ 1005 firmware file
    $ ./getweb 1018	# Get HP LJ 1018 firmware file
    $ ./getweb 1020	# Get HP LJ 1020 firmware file

    $ ./getweb p1005	# Get HP LJ P1005 firmware file
    $ ./getweb p1006	# Get HP LJ P1006 firmware file
    $ ./getweb p1007	# Get HP LJ P1007 firmware file
    $ ./getweb p1008	# Get HP LJ P1008 firmware file
    $ ./getweb p1505	# Get HP LJ P1505 firmware file

    $ ./getweb all	# Get everything above

    $ ./getweb 2300dl_fw # Get Minolta 2300DL v2.55 firmware (experts only)

And on this page there is a useful guide on how to create an ISO image of a folder and then burn it to a disk in Linux.

http://www.securitronlinux.com/debian-testing/burning-iso-images-to-cddvd-on-debian-gnulinux/.

No comments have been made. Use this form to start the conversation :)

Leave a Reply