easy way to get opcodes
Question
I know how to get the opcodes and the corresponding assembly syntax from an executable; however is there an easy way to get the opcodes of a particular assembly instruction alone, without writing a program using the same and then, manually linking and loading it and doing an objdump on the executable?
Is there a simple way to find the corresponding opcodes of a particular instruction?
5 answers
solution1
4 ACCPTED 2011-01-23 16:22:25
You can use gdb's (GNU Debugger's) x/bx command.
I made a tutorial here:
solution2
4 2011-01-25 20:58:48
I asked a similar question a while back ( DOS debug like program for 32-bit x86 assembly ).
Someone was kind enough to provide me with an automated script to do this. You can follow the link to question, or refer to the script they provided to me below ...
opcode() {
echo $* > tmp.S && nasm tmp.S -o tmp.o && od -x tmp.o
rm -f tmp.o tmp.S
}
Hope this helps.
solution3
3 2011-01-23 16:13:45
X86操作码和指令参考包含32位和64位x86处理器上的一组指令参考表及其相应的操作码。
solution4
3 2011-01-23 16:17:01
For x86, you can just look them up in the Intel Manual ( Part 1 (AM) , Part 2 (NZ) ). And no, I don't know why the manual is split in 2 parts.
solution5
0 2014-08-18 16:51:15
I'm not sure why you want opcodes. But if its for exploit development you probably already have metasploit which comes with a really useful ruby script called nasm_shell.rb (in the tools directory).
Each line you type comes out as an ascii hex representation of the correct opcodes.
If its for some other purpose or you don't want some heavyweight toolkit like metasploit hanging around for whatever reason, you can just pull out the script and install its dependencies. It uses Rex and assumes nasm is installed.
If you want to adapt it the actual code you need is just a few lines in the function shell.run
The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.