How to use the command xxd (with examples)
The xxd command is used to create a hexadecimal representation (hexdump) from a binary file, or vice-versa. It provides a convenient way to view or modify binary files in a human-readable format. The command offers various options to control the output format, including compacting output, specifying column width, limiting the output length, and more.
Use case 1: Generate a hexdump from a binary file and display the output
Code:
xxd input_file
Motivation: Displaying the hexdump of a binary file can be useful for analyzing the contents of the file, debugging, or understanding the structure of the file. This command allows you to quickly generate and view the hexdump of a binary file.
Explanation:
xxd: The command name.input_file: The name of the binary file from which the hexdump will be generated.
Example output:
00000000: 504b 0304 1400 0000 0800 aff4 3d6a 3031 PK..........=j01
00000010: 706b 236f 776e 6572 2e63 7373 c549 72c7 pk#owner.css.Ir.
00000020: 0ceb 315d 4c08 701c 848a b1dc 7eb0 30f0 ..1]L.p.....~.0.
00000030: 9810 0999 7cd9 3cf3 3669 0f71 909d 5893 ....|.<.6i.q..X.
...
Use case 2: Generate a hexdump from a binary file and save it as a text file
Code:
xxd input_file output_file
Motivation: Saving the hexdump of a binary file as a text file can be useful for documentation, sharing with others, or further analysis. This command allows the user to save the hexdump of a binary file as a separate text file.
Explanation:
xxd: The command name.input_file: The name of the binary file from which the hexdump will be generated.output_file: The name of the text file to which the hexdump will be saved.
Example output: The output of this command will be the same as the previous use case, but instead of displaying it on the terminal, it will be saved as a text file.
Use case 3: Display a more compact output, replacing consecutive zeros (if any) with a star
Code:
xxd -a input_file
Motivation: When working with large binary files, it can be helpful to have a more condensed representation to reduce clutter and improve readability. This command replaces consecutive zeros in the hexdump with a star, making it easier to focus on non-zero values and identify patterns.
Explanation:
xxd: The command name.-a: The option to display a more compact output.input_file: The name of the binary file from which the hexdump will be generated.
Example output:
00000000: 504b 0304 1400 0000 0800 aff4 3d6a 3031 PK..........=j01
00000010: 706b 236f 776e 6572 2e63 7373 c549 72c7 pk#owner.css.Ir.
00000020: 0ceb 315d 4c08 701c 848a b1dc 7eb0 30f0 ..1]L.p.....~.0.
00000030: 9810 0999 7cd9 3cf3 3669 0f71 909d 5893 ....|.<.6i.q..X.
...
Use case 4: Display the output with 10 columns of one octet (byte) each
Code:
xxd -c 10 input_file
Motivation: Customizing the column width of the hexdump can help in situations where it is necessary to fit the output into a specific formatting requirement or to improve readability. This command modifies the hexdump output to display 10 columns of one octet (byte) each.
Explanation:
xxd: The command name.-c 10: The option to specify the column width as 10.input_file: The name of the binary file from which the hexdump will be generated.
Example output:
00000000: 504b 0304 1400
00000008: 0000 0800 aff4
00000010: 3d6a 3031 706b
00000018: 236f 776e 6572
00000020: 2e63 7373 c549
...
Use case 5: Display output only up to a length of 32 bytes
Code:
xxd -l 32 input_file
Motivation: When analyzing a binary file, it might be necessary to inspect only a certain portion of it, such as the header or a specific section. This command limits the hexdump output to a specified length of 32 bytes, allowing for focused examination.
Explanation:
xxd: The command name.-l 32: The option to limit the output length to 32 bytes.input_file: The name of the binary file from which the hexdump will be generated.
Example output:
00000000: 504b 0304 1400 0000 0800 aff4 3d6a 3031 PK..........=j01
00000010: 706b 236f 776e 6572 2e63 7373 c549 72c7 pk#owner.css.Ir.
Use case 6: Display the output in plain mode, without any gaps between the columns
Code:
xxd -p input_file
Motivation: In some situations, a plain and uninterrupted representation of the hexdump might be preferred, especially when further processing or analysis is required. This command outputs the hexdump in plain mode, with no gaps between the columns.
Explanation:
xxd: The command name.-p: The option to display the output in plain mode.input_file: The name of the binary file from which the hexdump will be generated.
Example output:
504b0304140000000800aff43d6a3031706b236f776e65722e637373c54972c70ceb315d4c08701c848ab1dc7eb030f098109997cd93cf336690f71909d5893...
Use case 7: Revert a plaintext hexdump back into binary, and save it as a binary file
Code:
xxd -r -p input_file output_file
Motivation: Reverse-engineering a binary file that has been represented in plaintext hexdump format can be necessary for further analysis or recovery purposes. This command allows the user to convert a hexdump back into its original binary format and save it as a separate binary file.
Explanation:
xxd: The command name.-r: The option to revert hexdump back into binary.-p: The option to expect a plain hexdump input instead of the default hexdump format.input_file: The name of the plaintext hexdump file.output_file: The name of the binary file to which the hexdump will be converted.
Example output: The output of this command is the binary file created from the plaintext hexdump.
Conclusion:
The xxd command provides a flexible and powerful way to generate and manipulate hexdumps of binary files. Whether you want to visualize the structure of a binary file, analyze its contents, or convert a hexdump back into binary, xxd is a useful tool in your command-line arsenal. By experimenting with different options and use cases, you can unlock the true potential of this command.
