stackoom
  简体   繁体   中英

Checking up Intel assembly opcodes easily in Linux

 原文  2012-09-18 11:56:11       linux/ assembly/ x86/ x86-64/ opcode

Question

I have been looking for an practical tool that would print the opcodes of any Intel 64-bit or 32-bit instruction in Linux, eg. something like Hiew's assembler in DOS. A web-based service would be one option too.

As I wasn't able to find any, I made my own bash script, that creates an assembly source file from command line parameters (instruction[s] and <32/64>), compiles, links and disassembles it and shows the correct rows of disassembly. But is there already some program that would show all the possible encodings for any given instruction, eg. for mov eax,ebx ? My approach using nasm , ld and ndisasm obviously only gives one possible encoding for each instruction.

With this script I can get the encodings used by nasm for 64 and 32-bit code, eg:

/home/user/code/asm$ showop 'nop;add eax,ebx;cpuid' 64

00000000  90                nop
00000001  01D8              add eax,ebx
00000003  0FA2              cpuid

But how could I get easily all the possible opcode encodings? Is there already some program available for that?

Here's the code:

#!/bin/bash

# usage: showop instructions bits

asminstr=$1
bits=$2

# asminstr="nop;nop;nop;nop;add eax,ebx;nop;nop;nop"
# bits=64

numberofinstr=`echo $asminstr | grep -o ";" | wc -l`
((numberofinstr++))

if [ -f tempasmfile.asm ]
    then
    rm tempasmfile.asm
fi
if [ -f tempobjfile.o ]
    then
    rm tempobjfile.o
fi
if [ -f tempexefile ]
    then
    rm tempexefile
fi

printf "[bits $bits]\nsection .text\nglobal _start\n\n_start:\n`echo $asminstr | sed 's/;/\\n/g'`\n" >tempasmfile.asm

nasm -f elf$bits tempasmfile.asm -o tempobjfile.o
ld tempobjfile.o -o tempexefile

if [ $bits -eq 32 ]
then
    ndisasm -b $bits -e 0x60 tempexefile | head -n $numberofinstr
elif [ $bits -eq 64 ]
then
    ndisasm -b $bits -e 0x80 tempexefile | head -n $numberofinstr
fi
rm tempasmfile.asm
rm tempobjfile.o
rm tempexefile

2 answers

solution1
 3 ACCPTED  2012-09-18 11:58:35

Disassemblers, like libdisasm and udis86 usually come with a lookup table for opcodes.

udis86 also comes with a command line tool (udcli), which you feed hex bytes and it gives you the decoded version.

solution2
 0  2021-05-03 18:37:11

radare2 and the its fork rizin provide some cmdline tools exactly for that: 

    $ rasm2 -a x86 nop
    90
    $ rasm2 -d -a x86 90
    nop

If using rizin, replace rasm2 with rz-asm .

source

Another alternative is cstool from the capstone-tool package.

暂无
暂无

The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.

Related Question Linux Intel 64bit Assembly Division Does linux “as” assembler support intel format assembly language? Perl checking if network interface is up (linux) x86 Intel Assembly Linux sys_write + sys_read C++ inline assembly (Intel compiler): LEA and MOV behaving differently in Windows and Linux How to avoid stdin input that does not fit in buffer be sent to the shell in Linux 64-bit Intel (x86-64) assembly Matlab text on Linux with Intel graphics Intel Pin Tool on Linux 4.0 Source the Intel 2017 compiler on linux JVM + Linux + Intel's Hyperthreading =
Related Tags
 
粤ICP备18138465号  © 2020-2024 STACKOOM.COM