<返回更多

xxd命令修改和查看二进制文件

2022-01-04    铁锈笔记
加入收藏

1linux环境xxd命令如何编辑/修改二进制文件

xxd工具虽然不能直接修改二进制文件,但xxd -r参数可把Hexdump文本转成二进制内容。convert (or patch) hexdump into binary.

因此,对于要修改的二进制文件,可以先转为Hexdump文本,再通过xxd -r命令把Hexdump文本转为二进制文件。

[mycc@wen*z:~]$ xxd file1.binary
0000000: 1234 0001 0000 0000 2022 0103 9900 000c  .4...... "......
0000010: 22f9 0100 0041 3106 1992 6741 3106 1992  "....A1...gA1...
0000020: 6700 00f7 0100 001f 0933 0900 0000 0310  g........3......
0000030: 4800 0000 7156 0559 71fb 0102 2c01 0130  H...qV.Yq...,..0
[mycc@wen*z:~]$ xxd file1.binary > file1.txt 
[mycc@wen*z:~]$ vi file1.txt 
[mycc@wen*z:~]$ cat file1.txt 
0000000: abcd 0001 0000 0000 2022 0103 9900 000c  .4...... "......
0000010: 22f9 0100 0041 3106 1992 6741 3106 1992  "....A1...gA1...
0000020: 6700 00f7 0100 001f 0933 0900 0000 0310  g........3......
0000030: 4800 0000 7156 0559 71fb 0102 2c01 0130  H...qV.Yq...,..0
[mycc@wen*z:~]$ xxd -r file1.txt  file1.binary
[mycc@wen*z:~]$ xxd file1.binary
0000000: abcd 0001 0000 0000 2022 0103 9900 000c  ........ "......
0000010: 22f9 0100 0041 3106 1992 6741 3106 1992  "....A1...gA1...
0000020: 6700 00f7 0100 001f 0933 0900 0000 0310  g........3......
0000030: 4800 0000 7156 0559 71fb 0102 2c01 0130  H...qV.Yq...,..0
xxd命令修改和查看二进制文件

xxd修改二进制文件示例

2用xxd查看二进制文件

2.1查看二进制文件

[mycc@wen*z:~]$ xxd file1.binary
0000000: 1234 0001 0000 0000 2022 0103 9900 000c  .4...... "......
0000010: 22f9 0100 0041 3106 1992 6741 3106 1992  "....A1...gA1...
0000020: 6700 00f7 0100 001f 0933 0900 0000 0310  g........3......
0000030: 4800 0000 7156 0559 71fb 0102 2c01 0130  H...qV.Yq...,..0

2.2.查看指定字节数量内容:-l参数表示长度

xxd -l 32 file1.binary 查看前32个字节

[mycc@wen*z:~]$ xxd -l 32 file1.binary 
0000000: 1234 0001 0000 0000 2022 0103 9900 000c  .4...... "......
0000010: 22f9 0100 0041 3106 1992 6741 3106 1992  "....A1...gA1...

2.3查看指定偏移位置后的内容:-s参数表示偏移位置(从0开始),当值为负数时为从尾向前数偏移

xxd -s 16 file1.binary 查看从16字节开始的内容

[mycc@wen*z:~]$ xxd -s 16  file1.binary 
0000010: 22f9 0100 0041 3106 1992 6741 3106 1992  "....A1...gA1...
0000020: 6700 00f7 0100 001f 0933 0900 0000 0310  g........3......
0000030: 4800 0000 7156 0559 71fb 0102 2c01 0130  H...qV.Yq...,..0

xxd -s -16查看最后16字节内容

[mycc@wen*z:~]$ xxd -s -16 file1.binary 
0000030: 4800 0000 7156 0559 71fb 0102 2c01 0130  H...qV.Yq...,..0

2.4 限定每行输出的字节数:-c 参数,限定每行字节数量

xxd -c 8 file1.binary查看内容,每行8字节

[mycc@wen*z:~]$ xxd -c 8 file1.binary 
0000000: 1234 0001 0000 0000  .4......
0000008: 2022 0103 9900 000c   "......
0000010: 22f9 0100 0041 3106  "....A1.
0000018: 1992 6741 3106 1992  ..gA1...
0000020: 6700 00f7 0100 001f  g.......
0000028: 0933 0900 0000 0310  .3......
0000030: 4800 0000 7156 0559  H...qV.Y
0000038: 71fb 0102 2c01 0130  q...,..0

2.5以纯Hex字符输出:-p参数表示无空格,无序号,无ascii格式部分

xxd -p file.binary

[mycc@wen*z:~]$ xxd -p file1.binary 
1234000100000000202201039900000c22f9010000413106199267413106
1992670000f70100001f0933090000000310480000007156055971fb0102
2c010130

 

2.6将二进制文件内容转为C语言内容:-i参数

xxd -i file1.binary将二进制文件内容转为c数组,这在某些测试过程中是有用的

[mycc@wen*z:~]$ xxd -i file1.binary
unsigned char file1_binary[] = {
  0x12, 0x34, 0x00, 0x01, 0x00, 0x00, 0x00, 0x00, 0x20, 0x22, 0x01, 0x03,
  0x99, 0x00, 0x00, 0x0c, 0x22, 0xf9, 0x01, 0x00, 0x00, 0x41, 0x31, 0x06,
  0x19, 0x92, 0x67, 0x41, 0x31, 0x06, 0x19, 0x92, 0x67, 0x00, 0x00, 0xf7,
  0x01, 0x00, 0x00, 0x1f, 0x09, 0x33, 0x09, 0x00, 0x00, 0x00, 0x03, 0x10,
  0x48, 0x00, 0x00, 0x00, 0x71, 0x56, 0x05, 0x59, 0x71, 0xfb, 0x01, 0x02,
  0x2c, 0x01, 0x01, 0x30
};
unsigned int file1_binary_len = 64;

2.7综合利用上面参数示例

xxd -p -s 16 -l 32 -c 8 file1.binary 偏移16字节,输出32个字节内容,每行输出8字节,以纯Hex方式显示

[mycc@wen*z:~]$ xxd -p -s 16 -l 32 -c 8 file1.binary
22f9010000413106
1992674131061992
670000f70100001f
0933090000000310

xxd --help
[mycc@wen*z:~]$ xxd --help
Usage:
       xxd [options] [infile [outfile]]
    or
       xxd -r [-s [-]offset] [-c cols] [-ps] [infile [outfile]]
Options:
    -a          toggle autoskip: A single '*' replaces nul-lines. Default off.
    -b          binary digit dump (incompatible with -ps,-i,-r). Default hex.
    -c cols     format <cols> octets per line. Default 16 (-i: 12, -ps: 30).
    -E          show characters in EBCDIC. Default ASCII.
    -g          number of octets per group in normal output. Default 2.
    -h          print this summary.
    -i          output in C include file style.
    -l len      stop after <len> octets.
    -ps         output in postscript plain hexdump style.
    -r          reverse operation: convert (or patch) hexdump into binary.
    -r -s off   revert with <off> added to file positions found in hexdump.
    -s [+][-]seek  start at <seek> bytes abs. (or +: rel.) infile offset.
    -u          use upper case hex letters.
    -v          show version: "xxd V1.10 27oct98 by Juergen Weigert".
声明:本站部分内容来自互联网,如有版权侵犯或其他问题请与我们联系,我们将立即删除或处理。
▍相关推荐
更多资讯 >>>