way to disassemble windows exe files in linux

4
votes

Is there any way to disassemble windows exe files in linux?

Would this involve Wine? If so, is there any windows debug/disassembly program available for linux?

And can this be done with gdb?

Thnx.

2
disassembly

2 Answers

2
votes

objdump -d works for me (I have version 2.24):

$ objdump -d ~/.wine/drive_c/Program\ Files\ \(x86\)/Internet\ Explorer/iexplore.exe |head

/home/user/.wine/drive_c/Program Files (x86)/Internet Explorer/iexplore.exe:     file format pei-i386

Note that I tried other binaries, including ntoskrnl.exe and Steam.exe and they also work with objdump

Disassembly of section .text:

10001000 <.text>:
10001000:   b8 01 00 00 00          mov    $0x1,%eax
10001005:   c2 04 00                ret    $0x4

For me, gdb didn't work, even when running with wine:

/home/user/.wine/drive_c/Program Files (x86)/Internet Explorer/iexplore.exe: not an ELF binary... don't know how to load it
1
votes

Check out IDA Debugger Used it in the past with success.