Skip to content

The BELLE disassembler - bdump

Quickstart

If the build and install scripts have not been run, run make in the bdump/ directory to build the disassembler. Then, the diassembler can be executed by calling it with ./bdump, or can be moved to the PATH of the machine so it can be executed without the need to directly call the binary located in the source code directory.

Different flags can be passed to make the disassembler emit different output, but none will affect how it assembles code.

FieldCLIVariable typeDefault valueExample
BinaryfileString""main
Output original binary-b or --binaryBooleanfalse-b
Verbose output-v or --verboseBooleanfalse-v
Debug output-d or --debugBooleanfalse-d
Display colors-c or --colorsBooleanfalse-c
Display help-h or --helpBooleanfalse-h

Use cases

The BELLE disassembler can be used to easily and quickly disassemble binaries back into their original source code.

Subroutines, however, are not preserved, as they are an abstraction at assembly level and will only appear in binary as a location that is jumped to.

The BELLE disassembler can be utilized to verify that the assembler has worked properly, and prove that it is possible to extract the original assembly back out of the binary.

Re-assembling

As the disassembler produces the same code that is assembled, just without labels or directives, the diassembled code can be re-assembled into a binary by invoking the assembler.

The output of the disassembler can be piped to a file with the > operator on most systems.

bdump main > main.asm

After piping the disassembled code to a file, the file can then be re-assembled to produce the original binary once again, and can be disassembled once more to verify that the assembler has functioned.

The colored output may not emit properly if the terminal being used does not support ANSI escape codes.