[SOLVED] Disassemble opcode snippets directly in a shell?

Issue

I got a small byte-string, with a hex-representation like:

6631C08A2500000000

Is there a disassembler, which accepts opcodes as a direct input parameter, without the need of a compiled file?

e.g.:

$ disassembler -directOpcode 6631C08A2500000000      

0:  66 31 c0                xor    ax,ax
3:  8a 25 00 00 00 00       mov    ah,BYTE PTR ds:0x0 

Solution

Because of Peter's helpful comment I found a solution utilizing python2 and some shell pipes:

$ python -c "print '6631C08A2500000000'.decode('hex')" | head -c -1 | ndisasm -b32 -

00000000  6631C0            xor ax,ax
00000003  8A2500000000      mov ah,[dword 0x0]

I used head -c -1 to get rid of the trailing newline char, otherwise I get:

00000000  6631C0            xor ax,ax
00000003  8A2500000000      mov ah,[dword 0x0]
00000009  0A                db 0x0a

Answered By - Don Question

Answer Checked By - Terry (WPSolving Volunteer)