DISSY(1) General Commands Manual DISSY(1)NAME
dissy - graphical frontend for objdump
DESCRIPTION
Dissy is a disassembler for Linux and UNIX which supports multiple architectures and allows easy navigation through the code. Dissy is
implemented in Python and uses objdump for disassembling files. Dissy can be used for debugging, reverse engineering and checking compiler-
generated code.
-t BASE_ADDRESS
Use BASE_ADDRESS as the start address of the disassembled code
-h Display usage
Features and usage
* Dissy shows jumps with red links to the destination address
* A label is used to show call destinations
* Clicking (or pressing enter) on calls or jumps will take you to the destination function / address
* Dissy supports interactive searching for labels and addresses both for functions and instructions
* Browser-like history navigation (back/forward) is available, which is useful for example to lookup callchains. Alt-Left and Alt-Right are
used to navigate back and forward
* The lookup (use Ctrl-l to access) feature allows for looking up pasted addresses or labels. The lookup is intelligent in that it tries to
convert common patterns into numbers before reverting to label lookup. Pasting multiple addresses or names will lookup each in turn and
stop at the last (access the earlier in the history)
* The highlight field (ues Ctrl-k to access) allows the disassembled text to be highlighted for example to show all accesses to a certain
register. Regular expressions are allowed in this field
* The preferences window can be used to select which objdump to use (which can also be controlled by the OBJDUMP environment variable).
Colors can also be selected in this window.
HOMEPAGE
http://rtlab.tekproj.bth.se/wiki/index.php/Dissy
AUTHOR
This manual page was written by Varun Hiremath <varunhiremath@gmail.com>, for the Debian project (but may be used by others).
October 20, 2006 DISSY(1)
Check Out this Related Man Page
NDISASM(1) General Commands Manual NDISASM(1)NAME
ndisasm - the Netwide Disassembler, an 80x86 binary file disassembler
SYNOPSIS
ndisasm [ -o origin ] [ -s sync-point [...]] [ -a | -i ] [ -b bits ] [ -u ] [ -e hdrlen ] [ -k offset,length [...]] infile
ndisasm -h
ndisasm -r
DESCRIPTION
The ndisasm command generates a disassembly listing of the binary file infile and directs it to stdout.
OPTIONS
-h Causes ndisasm to exit immediately, after giving a summary of its invocation options.
-r Causes ndisasm to exit immediately, after displaying its version number.
-o origin
Specifies the notional load address for the file. This option causes ndisasm to get the addresses it lists down the left hand mar-
gin, and the target addresses of PC-relative jumps and calls, right.
-s sync-point
Manually specifies a synchronisation address, such that ndisasm will not output any machine instruction which encompasses bytes on
both sides of the address. Hence the instruction which starts at that address will be correctly disassembled.
-e hdrlen
Specifies a number of bytes to discard from the beginning of the file before starting disassembly. This does not count towards the
calculation of the disassembly offset: the first disassembled instruction will be shown starting at the given load address.
-k offset,length
Specifies that length bytes, starting from disassembly offset offset, should be skipped over without generating any output. The
skipped bytes still count towards the calculation of the disassembly offset.
-a or -i
Enables automatic (or intelligent) sync mode, in which ndisasm will attempt to guess where synchronisation should be performed, by
means of examining the target addresses of the relative jumps and calls it disassembles.
-b bits
Specifies 16-, 32- or 64-bit mode. The default is 16-bit mode.
-u Specifies 32-bit mode, more compactly than using `-b 32'.
-p vendor
Prefers instructions as defined by vendor in case of a conflict. Known vendor names include intel, amd, cyrix, and idt. The
default is intel.
RESTRICTIONS
ndisasm only disassembles binary files: it has no understanding of the header information present in object or executable files. If you
want to disassemble an object file, you should probably be using objdump(1).
Auto-sync mode won't necessarily cure all your synchronisation problems: a sync marker can only be placed automatically if a jump or call
instruction is found to refer to it before ndisasm actually disassembles that part of the code. Also, if spurious jumps or calls result
from disassembling non-machine-code data, sync markers may get placed in strange places. Feel free to turn auto-sync off and go back to
doing it manually if necessary.
SEE ALSO objdump(1).
The Netwide Assembler Project NDISASM(1)