Mac的反编译工具一:otool (objdump工具的OSX对应工具)。
来源:互联网 发布:梦貂蝉11神兽进阶数据 编辑:程序博客网 时间:2024/05/29 09:53
objdump的选项-S、-l十分方便。如果二进制文件中带有调试信息,可以将源代码、文件名和行号与汇编代码对应显示。
在OSX上,对应的工具是otool。与“objdump -Sl”能力接近的命令是otool -tV。
看一看insert sort算法的反编译。插入排序的一种实现:
这个实现中没有全局变量,数据段(Data Section)应该没有内容。我们用"otool -dV insertsort"这个命令,只显示Data Section, 验证一下:
oliverluan@localhost:~/Documents/Opt/insertsort$ otool -dV insertsortinsertsort:
如果把L数据和size变量改写成全局变量:
oliverluan@localhost:~/Documents/Opt/insertsort$ gcc -g insertsort_global.c -o insertsort_globaloliverluan@localhost:~/Documents/Opt/insertsort$ otool -dV insertsort_globalinsertsort_global:(__DATA,__data) section000000010000102012 00 00 00 07 00 00 00 05 00 00 00 08 00 00 00000000010000103063 00 00 00 05 00 00 00
看一看Text Section: otool -tV insertsort:
oliverluan@localhost:~/Documents/Opt/insertsort$ otool -tV insertsortinsertsort:(__TEXT,__text) section_insert_sort:0000000100000dd0pushq%rbp0000000100000dd1movq%rsp, %rbp0000000100000dd4movq%rdi, 0xfffffffffffffff8(%rbp)0000000100000dd8movl%esi, 0xfffffffffffffff4(%rbp)0000000100000ddbmovl$0x1, 0xffffffffffffffec(%rbp)0000000100000de2movl0xffffffffffffffec(%rbp), %eax0000000100000de5cmpl0xfffffffffffffff4(%rbp), %eax0000000100000de8jge0x100000e940000000100000deemovslq0xffffffffffffffec(%rbp), %rax0000000100000df2movq0xfffffffffffffff8(%rbp), %rcx0000000100000df6movl(%rcx,%rax,4), %edx0000000100000df9movl%edx, 0xfffffffffffffff0(%rbp)0000000100000dfcmovl0xffffffffffffffec(%rbp), %edx0000000100000dffsubl$0x1, %edx0000000100000e05movl%edx, 0xffffffffffffffe8(%rbp)0000000100000e08movb$0x0, %al0000000100000e0acmpl$0x0, 0xffffffffffffffe8(%rbp)0000000100000e11movb%al, 0xffffffffffffffe7(%rbp)0000000100000e14jl0x100000e300000000100000e1amovslq0xffffffffffffffe8(%rbp), %rax0000000100000e1emovq0xfffffffffffffff8(%rbp), %rcx0000000100000e22movl(%rcx,%rax,4), %edx0000000100000e25cmpl0xfffffffffffffff0(%rbp), %edx0000000100000e28setg%sil0000000100000e2cmovb%sil, 0xffffffffffffffe7(%rbp)0000000100000e30movb0xffffffffffffffe7(%rbp), %al0000000100000e33testb$0x1, %al0000000100000e35jne0x100000e400000000100000e3bjmpq0x100000e6e0000000100000e40movslq0xffffffffffffffe8(%rbp), %rax0000000100000e44movq0xfffffffffffffff8(%rbp), %rcx0000000100000e48movl(%rcx,%rax,4), %edx0000000100000e4bmovl0xffffffffffffffe8(%rbp), %esi0000000100000e4eaddl$0x1, %esi0000000100000e54movslq%esi, %rax0000000100000e57movq0xfffffffffffffff8(%rbp), %rcx0000000100000e5bmovl%edx, (%rcx,%rax,4)0000000100000e5emovl0xffffffffffffffe8(%rbp), %eax0000000100000e61addl$0xffffffff, %eax0000000100000e66movl%eax, 0xffffffffffffffe8(%rbp)0000000100000e69jmpq0x100000e080000000100000e6emovl0xfffffffffffffff0(%rbp), %eax0000000100000e71movl0xffffffffffffffe8(%rbp), %ecx0000000100000e74addl$0x1, %ecx0000000100000e7amovslq%ecx, %rdx0000000100000e7dmovq0xfffffffffffffff8(%rbp), %rsi0000000100000e81movl%eax, (%rsi,%rdx,4)0000000100000e84movl0xffffffffffffffec(%rbp), %eax0000000100000e87addl$0x1, %eax0000000100000e8cmovl%eax, 0xffffffffffffffec(%rbp)0000000100000e8fjmpq0x100000de20000000100000e94popq%rbp0000000100000e95ret0000000100000e96nopw%cs:(%rax,%rax)_print_array:0000000100000ea0pushq%rbp0000000100000ea1movq%rsp, %rbp0000000100000ea4subq$0x20, %rsp0000000100000ea8leaq0xdb(%rip), %rax ## literal pool for: array:0000000100000eafmovq%rdi, 0xfffffffffffffff8(%rbp)0000000100000eb3movl%esi, 0xfffffffffffffff4(%rbp)0000000100000eb6movq%rax, %rdi0000000100000eb9movb$0x0, %al0000000100000ebbcallq0x100000f68 ## symbol stub for: _printf0000000100000ec0movl$0x0, 0xfffffffffffffff0(%rbp)0000000100000ec7movl%eax, 0xffffffffffffffec(%rbp)0000000100000ecamovl0xfffffffffffffff0(%rbp), %eax0000000100000ecdcmpl0xfffffffffffffff4(%rbp), %eax0000000100000ed0jge0x100000f020000000100000ed6leaq0xb5(%rip), %rdi ## literal pool for: %d0000000100000eddmovslq0xfffffffffffffff0(%rbp), %rax0000000100000ee1movq0xfffffffffffffff8(%rbp), %rcx0000000100000ee5movl(%rcx,%rax,4), %esi0000000100000ee8movb$0x0, %al0000000100000eeacallq0x100000f68 ## symbol stub for: _printf0000000100000eefmovl%eax, 0xffffffffffffffe8(%rbp)0000000100000ef2movl0xfffffffffffffff0(%rbp), %eax0000000100000ef5addl$0x1, %eax0000000100000efamovl%eax, 0xfffffffffffffff0(%rbp)0000000100000efdjmpq0x100000eca0000000100000f02leaq0x8d(%rip), %rdi ## literal pool for:0000000100000f09movb$0x0, %al0000000100000f0bcallq0x100000f68 ## symbol stub for: _printf0000000100000f10movl%eax, 0xffffffffffffffe4(%rbp)0000000100000f13addq$0x20, %rsp0000000100000f17popq%rbp0000000100000f18ret0000000100000f19nopl(%rax)_main:0000000100000f20pushq%rbp0000000100000f21movq%rsp, %rbp0000000100000f24subq$0x10, %rsp0000000100000f28leaq_L(%rip), %rax0000000100000f2fmovl$0x0, 0xfffffffffffffffc(%rbp)0000000100000f36movl%edi, 0xfffffffffffffff8(%rbp)0000000100000f39movq%rsi, 0xfffffffffffffff0(%rbp)0000000100000f3dmovl_size(%rip), %esi0000000100000f43movq%rax, %rdi0000000100000f46callq_insert_sort0000000100000f4bleaq_L(%rip), %rdi0000000100000f52movl_size(%rip), %esi0000000100000f58callq_print_array0000000100000f5dmovl$0x0, %eax0000000100000f62addq$0x10, %rsp0000000100000f66popq%rbp0000000100000f67ret
另外,可以用-l选项查看load commands:
oliverluan@localhost:~/Documents/Opt/insertsort$ otool -l insertsort_globalinsertsort_global:Load command 0 cmd LC_SEGMENT_64 cmdsize 72 segname __PAGEZERO vmaddr 0x0000000000000000 vmsize 0x0000000100000000 fileoff 0 filesize 0 maxprot 0x00000000 initprot 0x00000000 nsects 0 flags 0x0Load command 1 cmd LC_SEGMENT_64 cmdsize 632 segname __TEXT vmaddr 0x0000000100000000 vmsize 0x0000000000001000 fileoff 0 filesize 4096 maxprot 0x00000007 initprot 0x00000005 nsects 7 flags 0x0Section sectname __text segname __TEXT addr 0x0000000100000d60 size 0x00000000000001d9 offset 3424 align 2^4 (16) reloff 0 nreloc 0 flags 0x80000400 reserved1 0 reserved2 0Section sectname __stubs segname __TEXT addr 0x0000000100000f3a size 0x000000000000000c offset 3898 align 2^1 (2) reloff 0 nreloc 0 flags 0x80000408 reserved1 0 (index into indirect symbol table) reserved2 6 (size of stubs)Section sectname __stub_helper segname __TEXT addr 0x0000000100000f48 size 0x0000000000000024 offset 3912 align 2^2 (4) reloff 0 nreloc 0 flags 0x80000400 reserved1 0 reserved2 0Section sectname __cstring segname __TEXT addr 0x0000000100000f6c size 0x000000000000000e offset 3948 align 2^0 (1) reloff 0 nreloc 0 flags 0x00000002 reserved1 0 reserved2 0Section sectname __const segname __TEXT addr 0x0000000100000f80 size 0x0000000000000014 offset 3968 align 2^4 (16) reloff 0 nreloc 0 flags 0x00000000 reserved1 0 reserved2 0Section sectname __unwind_info segname __TEXT addr 0x0000000100000f94 size 0x0000000000000048 offset 3988 align 2^0 (1) reloff 0 nreloc 0 flags 0x00000000 reserved1 0 reserved2 0Section sectname __eh_frame segname __TEXT addr 0x0000000100000fe0 size 0x0000000000000018 offset 4064 align 2^3 (8) reloff 0 nreloc 0 flags 0x00000000 reserved1 0 reserved2 0Load command 2 cmd LC_SEGMENT_64 cmdsize 312 segname __DATA vmaddr 0x0000000100001000 vmsize 0x0000000000001000 fileoff 4096 filesize 4096 maxprot 0x00000007 initprot 0x00000003 nsects 3 flags 0x0Section sectname __nl_symbol_ptr segname __DATA addr 0x0000000100001000 size 0x0000000000000010 offset 4096 align 2^3 (8) reloff 0 nreloc 0 flags 0x00000006 reserved1 2 (index into indirect symbol table) reserved2 0Section sectname __got segname __DATA addr 0x0000000100001010 size 0x0000000000000008 offset 4112 align 2^3 (8) reloff 0 nreloc 0 flags 0x00000006 reserved1 4 (index into indirect symbol table) reserved2 0Section sectname __la_symbol_ptr segname __DATA addr 0x0000000100001018 size 0x0000000000000010 offset 4120 align 2^3 (8) reloff 0 nreloc 0 flags 0x00000007 reserved1 5 (index into indirect symbol table) reserved2 0Load command 3 cmd LC_SEGMENT_64 cmdsize 72 segname __LINKEDIT vmaddr 0x0000000100002000 vmsize 0x0000000000001000 fileoff 8192 filesize 916 maxprot 0x00000007 initprot 0x00000001 nsects 0 flags 0x0Load command 4 cmd LC_DYLD_INFO_ONLY cmdsize 48 rebase_off 8192 rebase_size 8 bind_off 8200 bind_size 56 weak_bind_off 0 weak_bind_size 0 lazy_bind_off 8256 lazy_bind_size 40 export_off 8296 export_size 80Load command 5 cmd LC_SYMTAB cmdsize 24 symoff 8408 nsyms 24 stroff 8820 strsize 288Load command 6 cmd LC_DYSYMTAB cmdsize 80 ilocalsym 0 nlocalsym 16 iextdefsym 16 nextdefsym 4 iundefsym 20 nundefsym 4 tocoff 0 ntoc 0 modtaboff 0 nmodtab 0 extrefsymoff 0 nextrefsyms 0 indirectsymoff 8792 nindirectsyms 7 extreloff 0 nextrel 0 locreloff 0 nlocrel 0Load command 7 cmd LC_LOAD_DYLINKER cmdsize 32 name /usr/lib/dyld (offset 12)Load command 8 cmd LC_UUID cmdsize 24 uuid F88FCA7D-3FE0-3556-96A4-4F29B7812D93Load command 9 cmd LC_VERSION_MIN_MACOSX cmdsize 16 version 10.9 sdk 10.9Load command 10 cmd LC_SOURCE_VERSION cmdsize 16 version 0.0Load command 11 cmd LC_MAIN cmdsize 24 entryoff 3760 stacksize 0Load command 12 cmd LC_LOAD_DYLIB cmdsize 56 name /usr/lib/libSystem.B.dylib (offset 24) time stamp 2 Thu Jan 1 08:30:02 1970 current version 1197.1.1compatibility version 1.0.0Load command 13 cmd LC_FUNCTION_STARTS cmdsize 16 dataoff 8376 datasize 8Load command 14 cmd LC_DATA_IN_CODE cmdsize 16 dataoff 8384 datasize 0Load command 15 cmd LC_DYLIB_CODE_SIGN_DRS cmdsize 16 dataoff 8384 datasize 24
符号表的查看使用nm -px insertsort。-p 原始顺序,不做symbol字母或者数字排序。-x 16进制表示
oliverluan@localhost:~/Documents/Opt/insertsort$ nm -px insertsort0000000100001020 0f 09 0000 00000000000000a9 _L0000000100000000 0f 01 0010 00000000000000ac __mh_execute_header0000000100000dd0 0f 01 0000 00000000000000c0 _insert_sort0000000100000f20 0f 01 0000 00000000000000cd _main0000000100000ea0 0f 01 0000 00000000000000d3 _print_array0000000100001034 0f 09 0000 00000000000000e0 _size0000000000000000 01 00 0100 00000000000000e6 _printf0000000000000000 01 00 0100 00000000000000ee dyld_stub_binder
0 0
- Mac的反编译工具一:otool (objdump工具的OSX对应工具)。
- Mac的反编译工具一:otool (objdump工具的OSX对应工具)。
- Mac OS X下的ldd工具——otool
- Mac OS X下的ldd工具——otool
- mac osx上有趣的工具
- mac环境的apk反编译工具使用
- 介绍个好用的mac osx下的打包工具
- RVM-----Mac OSX下 Ruby的版本控制工具
- 反编译工具的使用
- 反编译工具的使用
- esclipse的反编译工具
- 反编译的工具
- 反编译工具的使用
- 反编译工具的使用
- 反编译工具的使用
- android APK反编译工具的使用及工具下载(mac)
- 研究ELF文件的工具objdump&readelf
- Linux下的objdump反汇编工具
- 7144. Different Triangles 回校第一天 来个水题
- 3Sum -- LeetCode
- 394高校毕业设计选题
- Ubuntu设置软件源
- 最短路径Dijkstar算法和Floyd算法详解(c语言版)
- Mac的反编译工具一:otool (objdump工具的OSX对应工具)。
- Transport Stream(1) Beginning
- 黑马程序员_内部类
- 安装 gcc-4.1.2
- ubuntu共享android蓝牙热点
- 3Sum Closest -- LeetCode
- 影响力 读后感
- 397高校毕业设计选题
- 支持向量机推导
