Listen to this Post
GitHub – maximilianfeldthusen/DisasmWinExe: Disassembly of EXE files using the libdasm library.
GitHub Link
You Should Know:
Here are some practical commands and code snippets related to disassembling and analyzing executable files:
1. Installing Libdasm on Linux:
sudo apt-get update sudo apt-get install libdasm-dev
2. Basic Disassembly with Libdasm in C:
#include <libdasm.h>
#include <stdio.h>
#include <stdlib.h>
int main() {
FILE *file = fopen("example.exe", "rb");
if (!file) {
perror("Failed to open file");
return 1;
}
fseek(file, 0, SEEK_END);
long file_size = ftell(file);
fseek(file, 0, SEEK_SET);
unsigned char *buffer = (unsigned char *)malloc(file_size);
fread(buffer, 1, file_size, file);
fclose(file);
INSTRUCTION inst;
int offset = 0;
while (offset < file_size) {
offset += get_instruction(&inst, buffer + offset, MODE_32);
print_instruction(&inst);
}
free(buffer);
return 0;
}
3. Using objdump for Disassembly:
objdump -d example.exe
4. Analyzing PE Files with PE Tools:
sudo apt-get install pev pedump example.exe
5. Extracting Sections from an EXE File:
readelf -S example.exe
6. Using Radare2 for Advanced Disassembly:
sudo apt-get install radare2 r2 -A example.exe
7. Disassembling with Ghidra:
- Download Ghidra from Ghidra’s Official Site.
- Import the EXE file and analyze it using the built-in disassembler.
8. Extracting Strings from an EXE File:
strings example.exe
9. Using IDA Pro for Disassembly:
- IDA Pro is a powerful disassembler. Load the EXE file and analyze it interactively.
10. Checking for Dependencies:
ldd example.exe
What Undercode Say:
Disassembling executable files is a critical skill in cybersecurity, especially for reverse engineering and malware analysis. Tools like Libdasm, objdump, and Radare2 provide powerful capabilities to analyze binary files. Understanding the structure of PE files and using disassemblers effectively can help uncover vulnerabilities, analyze malicious software, and understand proprietary software behavior. Always ensure you have the right permissions before disassembling any executable file, as unauthorized analysis can lead to legal consequences. For further learning, explore advanced tools like Ghidra and IDA Pro, and practice on open-source or legally obtained binaries.
References:
Reported By: Maximilianfeldthusen Github – Hackers Feeds
Extra Hub: Undercode MoN
Basic Verification: Pass ✅


