objdump Command Linux: Complete Guide to Display Object File Information

Development ToolsLinuxSystem Administration

August 25, 2025

The objdump command is a powerful utility in Linux systems that allows developers and system administrators to examine the contents of object files, executables, and shared libraries. As part of the GNU Binutils package, objdump provides detailed information about binary files, including assembly code, headers, symbols, and relocation data.

What is objdump?

objdump is a disassembler that displays information about object files. It can show the assembly language equivalent of machine code, examine file headers, display symbol tables, and provide insights into the structure of compiled programs. This makes it invaluable for debugging, reverse engineering, and understanding how programs are organized at the binary level.

Basic Syntax

objdump [options] [files...]

The command takes various options to specify what information to display and accepts one or more file arguments to analyze.

Installation

On most Linux distributions, objdump comes pre-installed as part of the binutils package. If it’s not available, you can install it:

Ubuntu/Debian:

sudo apt update
sudo apt install binutils

CentOS/RHEL/Fedora:

sudo yum install binutils
# or for newer versions
sudo dnf install binutils

Common Options and Examples

1. Disassemble Code (-d)

The -d option disassembles executable sections of the file, showing assembly code:

objdump -d program

Example Output:

program:     file format elf64-x86-64

Disassembly of section .text:

0000000000001040 <main>:
    1040:	55                   	push   %rbp
    1041:	48 89 e5             	mov    %rsp,%rbp
    1044:	48 83 ec 10          	sub    $0x10,%rsp
    1048:	c7 45 fc 00 00 00 00 	movl   $0x0,-0x4(%rbp)
    104f:	bf 00 20 00 00       	mov    $0x2000,%edi
    1054:	e8 d7 ff ff ff       	callq  1030 <puts@plt>

2. Display All Headers (-x)

Use -x to display all available header information:

objdump -x program

Example Output:

program:     file format elf64-x86-64
program
architecture: i386:x86-64, flags 0x00000112:
EXEC_P, HAS_SYMS, D_PAGED
start address 0x0000000000001040

Program Header:
    PHDR off    0x0000000000000040 vaddr 0x0000000000000040 paddr 0x0000000000000040 align 2**3
         filesz 0x00000000000001f8 memsz 0x00000000000001f8 flags r-x
    INTERP off    0x0000000000000238 vaddr 0x0000000000000238 paddr 0x0000000000000238 align 2**0

3. Display File Header (-f)

The -f option shows the file header information:

objdump -f program

Example Output:

program:     file format elf64-x86-64
architecture: i386:x86-64, flags 0x00000112:
EXEC_P, HAS_SYMS, D_PAGED
start address 0x0000000000001040

4. Display Symbol Table (-t)

View the symbol table with the -t option:

objdump -t program

Example Output:

program:     file format elf64-x86-64

SYMBOL TABLE:
0000000000000238 l    d  .interp	0000000000000000              .interp
0000000000000254 l    d  .note.ABI-tag	0000000000000000              .note.ABI-tag
0000000000000274 l    d  .note.gnu.build-id	0000000000000000              .note.gnu.build-id
0000000000001040 g     F .text	000000000000001b              main
0000000000000000  w      *UND*	0000000000000000              puts@@GLIBC_2.2.5

5. Display Dynamic Symbol Table (-T)

For dynamic symbols in shared libraries and executables:

objdump -T program

Example Output:

program:     file format elf64-x86-64

DYNAMIC SYMBOL TABLE:
0000000000000000  w   D  *UND*	0000000000000000  GLIBC_2.2.5 __gmon_start__
0000000000000000      DF *UND*	0000000000000000  GLIBC_2.2.5 puts

6. Display Section Headers (-h)

Show section header information:

objdump -h program

Example Output:

program:     file format elf64-x86-64

Sections:
Idx Name          Size      VMA               LMA               File off  Algn
  0 .interp       0000001c  0000000000000238  0000000000000238  00000238  2**0
                  CONTENTS, ALLOC, LOAD, READONLY, DATA
  1 .note.ABI-tag 00000020  0000000000000254  0000000000000254  00000254  2**2
                  CONTENTS, ALLOC, LOAD, READONLY, DATA
  2 .text         000000f4  0000000000001040  0000000000001040  00001040  2**4
                  CONTENTS, ALLOC, LOAD, READONLY, CODE

7. Display Source Code Mixed with Assembly (-S)

When debug information is available, you can see source code alongside assembly:

objdump -S program

Note: This requires the program to be compiled with debug information (-g flag).

Advanced Usage Examples

Analyzing Shared Libraries

Examine shared libraries to understand their exports and structure:

objdump -T /lib/x86_64-linux-gnu/libc.so.6 | head -20

This displays the dynamic symbols exported by the C library.

Disassembling Specific Sections

Target specific sections for analysis:

objdump -d -j .text program

The -j option specifies which section to disassemble.

Displaying Raw Data

View raw section contents in hexadecimal:

objdump -s -j .data program

Example Output:

Contents of section .data:
 2000 00000000 00000000 00000000 00000000  ................
 2010 48656c6c 6f20576f 726c6421 00        Hello World!.

Relocation Information

Display relocation entries:

objdump -r program.o

Example Output:

RELOCATION RECORDS FOR [.text]:
OFFSET           TYPE              VALUE 
0000000000000005 R_X86_64_32       .rodata
000000000000000a R_X86_64_PC32     puts-0x0000000000000004

Practical Use Cases

1. Debugging Segmentation Faults

When a program crashes, you can use objdump to examine the assembly code around the crash address:

objdump -d program | grep -A 10 -B 10 "1040"

2. Reverse Engineering

Analyze unknown binaries to understand their functionality:

objdump -d -M intel unknown_program

The -M intel option uses Intel assembly syntax instead of AT&T syntax.

3. Library Analysis

Check what functions a library provides:

objdump -T libexample.so | grep -E "FUNC.*GLOBAL"

4. Security Analysis

Examine executable sections for security features:

objdump -p program | grep STACK

Output Format Options

Intel vs AT&T Syntax

By default, objdump uses AT&T assembly syntax. Switch to Intel syntax:

objdump -d -M intel program

AT&T Syntax:

mov    %rsp,%rbp

Intel Syntax:

mov    rbp,rsp

Address Display Options

Show addresses in different formats:

objdump -d --prefix-addresses program

Working with Different File Formats

objdump supports various object file formats:

  • ELF (Executable and Linkable Format) – Linux standard
  • PE (Portable Executable) – Windows format
  • Mach-O – macOS format
  • COFF (Common Object File Format)

Specify the target format if needed:

objdump -b binary -m i386 -D firmware.bin

Performance Considerations

When working with large binaries:

  • Use specific section options (-j) to limit output
  • Redirect output to files for analysis: objdump -d program > output.txt
  • Use grep to filter relevant information

Common Error Messages and Solutions

File Format Not Recognized

objdump: file.bin: file format not recognized

Solution: Specify the correct file format or ensure the file is a valid object file.

No Symbols

objdump: program: no symbols

Solution: The binary was stripped of symbols. Use -T for dynamic symbols or analyze without symbol information.

Integration with Other Tools

With GDB

Use objdump alongside GDB for comprehensive debugging:

objdump -d program > disassembly.txt
gdb program

With nm

Combine with nm for symbol analysis:

nm program | sort
objdump -t program

With readelf

Use readelf for detailed ELF information:

readelf -h program
objdump -f program

Best Practices

  1. Start with file headers (-f) to understand the basic file structure
  2. Use section headers (-h) to identify interesting sections
  3. Filter output with grep and other tools for specific information
  4. Save output to files when analyzing large binaries
  5. Combine multiple options for comprehensive analysis

Security Applications

objdump is valuable for security analysis:

Buffer Overflow Analysis

objdump -d program | grep -E "(call|jmp).*%"

ROP Chain Detection

Search for useful gadgets in binaries:

objdump -d program | grep -E "ret$" -B 5

Troubleshooting Tips

  • Missing debug information: Recompile with -g flag for source-level debugging
  • Stripped binaries: Focus on dynamic symbols and section analysis
  • Large output: Use pagination with less or redirect to files
  • Cross-platform analysis: Use appropriate cross-compilation tools

Conclusion

The objdump command is an essential tool for anyone working with compiled code in Linux environments. Whether you’re debugging applications, analyzing malware, reverse engineering binaries, or simply trying to understand how your programs work at the assembly level, objdump provides the detailed insights you need.

By mastering its various options and understanding how to interpret its output, you’ll gain valuable skills for system-level programming, debugging, and security analysis. Remember to combine objdump with other tools like gdb, nm, and readelf for comprehensive binary analysis workflows.

Practice with different types of binaries and explore the many options available to become proficient with this powerful utility. The investment in learning objdump will pay dividends in your understanding of how software works at the lowest levels.

Continue Reading

Understanding the Pipeline: Passing Objects Between Cmdlets in PowerShell

October 31, 2025

Managing Files and Folders with PowerShell: Complete Guide to Get-ChildItem, Copy-Item, and Remove-Item

October 31, 2025

Using PowerShell Providers: FileSystem, Registry, Environment & More – Complete Guide

October 31, 2025

Understanding and Using PowerShell Providers for Different Data Stores: Complete Guide with Examples

October 31, 2025

Using PowerShell ISE, VS Code and Profiles for Scripting: Complete Development Environment Guide

October 31, 2025

Using Remoting in PowerShell: Complete Guide to Enable-PSRemoting, Invoke-Command & Remote Sessions

October 31, 2025

Innovative IT and Ed-Tech Solutions to Empower Your Business and Shape the Future.

Overview

Contact Us

© 2025 • CodeLucky IT Services

Back to top