How to use the command 'xxd' (with examples)

How to use the command 'xxd' (with examples)

The xxd command is a powerful utility available on Unix-like systems, primarily used for creating hexadecimal representations (hexdumps) from binary files and for reversing hexdumps back into their original binary form. This tool is invaluable for software developers, system administrators, and cybersecurity professionals who need to inspect binary data in a readable format or convert hexadecimal files back to binary for further processing. xxd provides extensive options to customize the hexdump output, making it a versatile tool for various scenarios.

Use case 1: Generate a hexdump from a binary file and display the output

Code:

xxd input_file

Motivation: The first use case of generating a hexdump from a binary file and displaying the output is particularly useful for analyzing binary data in a human-readable format. This is essential for debugging or examining file headers, data structures, and encodings, which are otherwise not easily interpreted in their raw binary form.

Explanation:

  • xxd: This is the command itself calling the hexdump tool.
  • input_file: This argument specifies the path to the binary file you want to convert into a hexdump. ‘xxd’ reads this file and processes its binary content into a hexadecimal format.

Example output:

00000000: 5468 6973 2069 7320 6120 7465 7374 2066  This is a test f
00000010: 696c 652e 2054 6865 2069 6e70 7574 2066  ile. The input f
00000020: 696c 6520 636f 6e74 656e 7420 6973 2063  ile content is c
...

Use case 2: Generate a hexdump from a binary file and save it as a text file

Code:

xxd input_file output_file

Motivation: Saving a hexdump to a text file allows for documentation, sharing, and further analysis. When working in teams or needing to include hexadecimal data in reports, exporting the hexdump output is essential. This also permits comparison with other files using diff tools.

Explanation:

  • xxd: Initiates the hexdump conversion process.
  • input_file: Represents the binary source file that is being converted.
  • output_file: Specifies the destination path where the text representation of the hexdump will be saved.

Example output: Upon completion, the output_file contains something like:

00000000: 5468 6973 2069 7320 6120 7465 7374 2066  This is a test f
00000010: 696c 652e 2054 6865 2069 6e70 7574 2066  ile. The input f
00000020: 696c 6520 636f 6e74 656e 7420 6973 2063  ile content is c
...

Use case 3: Display a more compact output, replacing consecutive zeros (if any) with a star

Code:

xxd -a input_file

Motivation: When analyzing files with large blocks of null bytes, a compact view saves time by reducing clutter and focusing on meaningful data. It is particularly beneficial when inspecting memory dumps or databases with padding, as it visually marks sections with redundant information.

Explanation:

  • xxd: The command to execute the hexdump utility.
  • -a: The flag used to enable auto-detection of grouped zero bytes and replaces them with an asterisk (*).
  • input_file: Indicates the binary file to process.

Example output:

00000000: 5468 6973 2069 7320 6120 7465 7374 2066  This is a test f
*
00000040: 6865 2069 6e70 7574 2066 696c 6520 636f  he input file con
...

Use case 4: Display the output with 10 columns of one octet (byte) each

Code:

xxd -c 10 input_file

Motivation: Altering the column width is helpful for aligning hexdump output with specific data structures or protocols. By setting distinct column widths, users can compare and contrast byte sequences in line with custom-designed packet formats or other specifications.

Explanation:

  • xxd: Invokes the hex reader tool.
  • -c 10: Defines the column width to be 10 bytes.
  • input_file: Specifies the targeted binary file for hex conversion.

Example output:

00000000: 5468 6973 2069 7320 6120 74  This is a t
0000000a: 6573 7420 6669 6c65 2e20 54  est file. T
...

Use case 5: Display output only up to a length of 32 bytes

Code:

xxd -l 32 input_file

Motivation: This use case is particularly useful for inspecting only the start of a file, which often contains important metadata or headers. It’s advantageous when the objective is to verify file formats or versions quickly, without processing the entire content.

Explanation:

  • xxd: Denotes the hexdump execution.
  • -l 32: Imposes a limit on the output, displaying only the first 32 bytes.
  • input_file: The binary file to convert limited to the set byte range.

Example output:

00000000: 5468 6973 2069 7320 6120 7465 7374 2066  This is a test f
00000010: 696c 652e 2054 6865 2069 6e70 7574 2066  ile. The input f

Use case 6: Display the output in plain mode, without any gaps between the columns

Code:

xxd -p input_file

Motivation: Displaying the hexdump in plain mode is useful for obtaining a contiguous stream of hexadecimal bytes, ideal for scripts or where formatting needs to be stripped. This mode assists in situations like checksum verification, when inputting hex into web forms, or preparing data for specific processors that expect unsegmented input.

Explanation:

  • xxd: Calls the hexadecimal converter.
  • -p: Switches to plain mode to remove space between hex values.
  • input_file: The original binary source.

Example output:

54686973206973206120746573742066696c652e2054686520696e7075742066696c6520636f6e74656e742069732063

Use case 7: Revert a plaintext hexdump back into binary, and save it as a binary file

Code:

xxd -r -p input_file output_file

Motivation: Reverting a hexdump back into a binary is crucial for restoring usable data from standard hexadecimal expressions. This is often needed when transferring binary data over channels where only text data is permitted, enabling participants to convert back to the original binary form without loss.

Explanation:

  • xxd: Execution of the hex tool.
  • -r: The revert mode, signaling to convert the hex back to binary.
  • -p: Specifies the plaintext mode, ensuring the input is read correctly.
  • input_file: The file containing hexadecimal data to be reverted.
  • output_file: The resultant binary storage location.

Example output: The output_file becomes a binary file identical to the original pre-hexdump version.

Conclusion:

The xxd command functions as a bidirectional converter between binary and hexadecimal formats, offering comprehensive customizations suited for various needs. Understanding these diverse use cases can enhance data management, improve debugging, and facilitate easier analysis in technical domains where binary data manipulation is frequent.

Related Posts

Understanding the 'lsmod' Command (with examples)

Understanding the 'lsmod' Command (with examples)

The lsmod command in Linux is a vital utility that provides information about the status of the kernel modules currently loaded in the Linux system.

Read More
Using PSWindowsUpdate to Manage Windows Updates (with examples)

Using PSWindowsUpdate to Manage Windows Updates (with examples)

PSWindowsUpdate is a powerful PowerShell module that allows users to manage Windows updates directly from the command line.

Read More
Efficiently Managing Git with Custom Aliases (with examples)

Efficiently Managing Git with Custom Aliases (with examples)

Git is a powerful version control system used widely among software developers.

Read More