Quiz Entry - updated: 2026.07.10
How do you disassemble a binary to view its assembly code?
Use objdump -d or a debugger like GDB to translate the machine-code bytes back into readable assembly.
Disassembly is the reverse of assembly: a tool reads the instruction bytes and reconstructs the mnemonics. It's the starting point of nearly all binary reverse engineering, and it works on both finished executables and .o object files.
objdump -d program # disassemble an executable
objdump -d -M intel program # use Intel syntax instead of AT&T
gdb ./program
(gdb) disas main # disassemble one function
(gdb) x/20i $rip # show 20 instructions at the current PC
Typical objdump output lines up three columns — address, raw bytes, and the decoded instruction:
1149: 55 push %rbp
114a: 48 89 e5 mov %rsp,%rbp
114d: b8 00 00 00 00 mov $0x0,%eax
Note: a disassembler produces an approximate rendition — because x86 instructions are variable-length, the tool has to guess where each one starts, and data mixed into code can be mis-decoded.
Go deeper:
Disassembler (Wikipedia) — the inverse of assembly and the variable-length ambiguity.
objdump manual (GNU binutils) — documents the -d disassembly flag used on the card.