Domanda
What is the right architecture to get objdump to disassemble raw x64 code? You would think -m x86-64 should work from reading the help, but it doesn't. I tried with both the cygwin64 version:
https://stackoverflow.com/questions/19071461
italiano
english
français
española
中国
日本の
العربية
Deutsch
한국어
Português
Russian$ objdump --version
GNU objdump (GNU Binutils) 2.23.52.20130604
as well as the version in my Fedora 18 x64 install (2.23.51.0.1-3.fc18 20120806) but I only get can't use supplied machine x86-64. Also tried with amd64 and x64 but that didn't work either.
The command is basically objdump -b binary -D -m ??? file
Soluzione
And as usual writing down the question already gives you some rather good ideas what else to try..
Anyhow the right machine architecture is: i386:x86-64.
The full command is:
objdump -b binary -D -m i386:x86-64 <file>
If you want to disassemble code that expects to be loaded at a specific address, you can add the --adjust-vma <load-address> flag.
Altri suggerimenti
Many years has past and now it works as such:
$ objdump -b elf64-x86-64 -M "intel" -d 27.exe
The field "-b" can be determined with the help of objdump:
$ objdump -f 27.exe
27.exe: file format elf64-x86-64
using objdump from gcc as shown below.
objdump -z -M intel -d test.o
