3

I would like to view the source code for a Linux command to see what is actually going on inside each command. When I attempt to open the commands in /bin in a text/hex editor, I get a bunch of garbage. What is the proper way to view the source on these commands?

Thanks in advance, Geoff

EDIT: I should have been more specific. Basically I have a command set that was written by someone who I can no longer reach. I would like to see what his command was actually doing, but without a way to 'disassemble' the command, I am dead in the water. I was hoping for a way to do this within the OS.

Improve this question

5 Answers 5

Reset to default
6

Many of the core Linux commands are part of the GNU core utils. The source can be found online here

The file you are opening is the binary executables which are the stuff the kernel passes to the CPU. These files are made using a compiler that takes in the source code you and I understand and turns it via a number of stages into this CPU friendly format.

Improve this answer
Sign up to request clarification or add additional context in comments.

4 Comments

Hi Andy, I should have been more specific. Basically I have a command set that was written by someone who I can no longer reach. I would like to see what his command was actually doing, but without a way to 'disassemble' the command, I am dead in the water. I was hoping for a way to do this within the OS.
that's much harder. Native code is hard to dissemble into c or c++ source code. You can turn the binary into assembler using something like 'objdump -d mycommand'. Then you'll need to understand assembler to understand what it's doing.
Updated my comment above. Not really is the answer, not to the c code, if you knew the compiler (specific version), the compiler options and how it was doing to conversion it is theoretically possible (although there still might be ambiguity in the reversal).
That worked and now I have the assembly, now I just need to get the assembly code disassembled into C. Thanks for getting me this far. If you have any suggestions for getting the assembly into C code, please let me know!
3

You can find out the system calls that are being made using strace

strace your_command
Improve this answer

Comments

1

Most likely you can download the source code with your distribution's package manager. For example, on Debian and related distros (Ubuntu included), first find which package the command belongs to:

$ dpkg -S /bin/cat 
coreutils: /bin/cat

The output tells you that /bin/cat is in the coreutils package. Now you can download the source code:

apt-get source coreutils
Improve this answer

Comments

1

This question is related to reverse engineering.

Some keyword is static analysis and dynamic analysis

  1. use gdb to check that the binary file have symbol table inside or not. (if binary compile with debugging flag, you can get the source code and skip below step)
  2. observe program behavior by strace/ltrace.
  3. write seudo-code by use objdump/ida-pro or other disassembler.
  4. run it by gdb to dynamic analysis and correct the seudo-code.

A normal binary file can be reverted back to source code if you want and have time. Conversely, an abnormal program is not easy to do this, but it only appear on specific ctf competition. (Some special skill like strip/objcopy/packer ... etc)

Improve this answer

Comments

0

You can see assembly code of /bin/cat with: objdump -d /bin/cat

Then analyze it and see what command can be launch.

Another way of approaching is strings /bin/cat, it is usefull make a initial idea and then reverse it.

You can get the source code of every linux command online anyway :D

Improve this answer

Comments

Your Answer

By clicking “Post Your Answer”, you agree to our terms of service and acknowledge you have read our privacy policy.

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.