Hexdump 输出某些标签

tag-icon tag-icon command-line binary objdump
Hexdump 输出某些标签

我只想输出startstart、、loop1loop2)之后标签中的代码。

$ objdump -d quasilog.o 

00000000 <main>:
   0:   b9 64 00 00 00          mov    $0x64,%ecx

00000005 <start>:
   5:   31 ff                   xor    %edi,%edi

00000007 <loop1>:
   7:   89 cb                   mov    %ecx,%ebx

00000009 <loop2>:
   9:   4b                      dec    %ebx
   a:   31 d2                   xor    %edx,%edx
   c:   89 c8                   mov    %ecx,%eax
   e:   f7 f3                   div    %ebx
  10:   85 d2                   test   %edx,%edx
  12:   75 f5                   jne    9 <loop2>
  14:   47                      inc    %edi
  15:   29 d9                   sub    %ebx,%ecx
  17:   83 f9 01                cmp    $0x1,%ecx
  1a:   77 eb                   ja     7 <loop1>
  1c:   c3                      ret

所以我看到标签中的代码长 24 个字节(0x1c - 0x5 + 1)。

$ hd quasilog.o
00000000  7f 45 4c 46 01 01 01 00  00 00 00 00 00 00 00 00  |.ELF............|
00000010  01 00 03 00 01 00 00 00  00 00 00 00 00 00 00 00  |................|
00000020  18 01 00 00 00 00 00 00  34 00 00 00 00 00 28 00  |........4.....(.|
00000030  07 00 04 00 b9 64 00 00  00 31 ff 89 cb 4b 31 d2  |.....d...1...K1.|
00000040  89 c8 f7 f3 85 d2 75 f5  47 29 d9 83 f9 01 77 eb  |......u.G)....w.|
00000050  c3 00 00 00 00 00 00 00  00 00 00 00 00 00 00 00  |................|
00000060  00 00 00 00 00 00 00 00  00 00 00 00 00 00 00 00  |................|
00000070  03 00 01 00 00 00 00 00  00 00 00 00 00 00 00 00  |................|
00000080  03 00 02 00 00 00 00 00  00 00 00 00 00 00 00 00  |................|
00000090  03 00 03 00 01 00 00 00  05 00 00 00 00 00 00 00  |................|
000000a0  00 00 01 00 07 00 00 00  07 00 00 00 00 00 00 00  |................|
000000b0  00 00 01 00 0d 00 00 00  09 00 00 00 00 00 00 00  |................|
000000c0  00 00 01 00 13 00 00 00  00 00 00 00 00 00 00 00  |................|
000000d0  10 00 01 00 00 73 74 61  72 74 00 6c 6f 6f 70 31  |.....start.loop1|
000000e0  00 6c 6f 6f 70 32 00 6d  61 69 6e 00 00 2e 73 79  |.loop2.main...sy|
000000f0  6d 74 61 62 00 2e 73 74  72 74 61 62 00 2e 73 68  |mtab..strtab..sh|
00000100  73 74 72 74 61 62 00 2e  74 65 78 74 00 2e 64 61  |strtab..text..da|
00000110  74 61 00 2e 62 73 73 00  00 00 00 00 00 00 00 00  |ta..bss.........|
00000120  00 00 00 00 00 00 00 00  00 00 00 00 00 00 00 00  |................|
*

ETC。

我注意到我的代码以 开头31 FF,我在字节 0x39 处找到了它。因此,这给了我想要的输出:

$ hd -s 0x39 -n 24 quasilog.o
00000039  31 ff 89 cb 4b 31 d2 89  c8 f7 f3 85 d2 75 f5 47  |1...K1.......u.G|
00000049  29 d9 83 f9 01 77 eb c3                           |)....w..|

有没有办法让这个过程自动化?明确地说,我想要的输出hd,即为我提供-s-n值。我也愿意使用 xxd。

通常我的main从 0x34 开始,但我不知道为什么。

这是我的尝试: objdump -d quasilog.o | grep start | grep -P -o "[0-9a-f]+" | head -1获取开始的地址。

objdump -d quasilog.o | tail -1 | grep -P -o "[0-9a-f]+" | head -1获取最后一个地址。

相关内容