How it works...

This recipe is fairly straightforward; however, our analysis task for this phase is less tool heavy but requires more time and care when it comes to manually reviewing the output. So, let's do that now. First things first, in step 1, we use objdump to disassemble everything and output this using the Intel syntax format. In step 2, we open a new Terminal tab and use the less command to navigate the system call numbers for our 32-bit Ubuntu virtual machine. This is just a good step to incorporate in the event your static analysis turns up system calls. Step 3 through step 6 give us an additional Terminal tab, which we use for the Python prompt, giving us the full benefit of Python scripting to convert any hexadecimal into a ...

Get Binary Analysis Cookbook now with O’Reilly online learning.

O’Reilly members experience live online training, plus books, videos, and digital content from 200+ publishers.