macOS Mac OS X x86 Disassembler

[satans_banjo]

Hi

I'm trying my hand at a bit of reverse engineering (purely for the challenge of it all) and I was wondering if there was a reliable x86 disassembler for Mac OS X (command line or otherwise, preferably free)

Thanks

 

[caveman_uk]

You could try using gdb (only if you really want to become a gibbering wreck). I did read IDA Pro now ran on the mac but there's not much sign of it on their website (and it's not free). I guess you could check out fink for anything useful?

 

[savar]

Hi

I'm trying my hand at a bit of reverse engineering (purely for the challenge of it all) and I was wondering if there was a reliable x86 disassembler for Mac OS X (command line or otherwise, preferably free)

Thanks

gdb, definitely

 

[satans_banjo]

Thanks - I've got GDB installed, but how do I create a text output file with the assembly code? I can only seem to find out how to use it as a debugger

 

[savar]

Thanks - I've got GDB installed, but how do I create a text output file with the assembly code? I can only seem to find out how to use it as a debugger

i dont think you can disassemable the entire executable, but you can disassemble ranges of memory. i forget the exact command, i think "disassemble" works but so does "d" or "da" or something like that. gdb probably has help to teach you the mnemonics.

if you're interested in reverse engineering, it probably makes more sense to reverse engineer from gdb than to just dump an entire .asm file, because you can disassemble a particular function that you're interested in or even disassemble the instructions about to execute "disassemble pc pc+10" i think.

its been a while since i used gdb..there's a learning curve but its quite powerful. you can set actions to execute whenever a particular breakpoint is hit. this is real handy for "stubbing out" function calls. set a breakpoint on that function and then set the action to return to pc.

hope this helps

 

[demallien]

Try XCode!

This may help...
http://lists.apple.com/archives/xcode-users/2005/Sep/msg00794.html

 

[pip11]

There aren't many options for disassemblers:

1) use otool, included with the dev tools. otool -tV will give you a pretty standard disassembly

2) ht editor--open source and supports OS X and mach-o. you have to compile and install it manually. Its interface can be confusing--use function keys to get to the main features, like F6 to change into the disassembly mode or hex editor.

3) IDA Pro--should work under wine/crossover, although maybe not perfectly. definitely not free, but it is the best. it supports x86 mach-o, and its graphing features are great, especially if you aren't too familiar with disassembly/x86 assembly (like me).

 

[harlock59]

i am also looking for a disassembler (or debugging) program but not for x86, for powerpc under panther. thanks for any reply. or send me a message at: harlock59[at]gmail[dot]com .thanx a lot.

ps: if possible, not a line-command-only software, but with a graphical user interface (GUI).

 

[Vanya]

Not sure if this will help, but I wrote a "GDB Tutorial for Beginners" awhile back if you're interested-very beginner stuff but lots of information. I wrote it when I used a PowerPC Mac, so the code listings are for PowerPC primarily (with some intel bits thrown in). I'm updating it to reflect the intel cpu of my MacBook Pro.

Here it is.
Cheers!
John