Reverse Engineering for hexadecimal machine code

Question

I'm working on reverse engineering for a homework. The instructor provides some object files(.o) and an executable file. It seems like that those files are all in hexadecimal machine codes. The goal is to write the c code that would compile to this machine code.

The code looks like this (an excerpt from the file):

7f45 4c46 0201 0100 0000 0000 0000 0000
0200 3e00 0100 0000 3004 4000 0000 0000
4000 0000 0000 0000 7819 0000 0000 0000
0000 0000 4000 3800 0900 4000 1f00 1e00
0600 0000 0500 0000 4000 0000 0000 0000
4000 4000 0000 0000 4000 4000 0000 0000
f801 0000 0000 0000 f801 0000 0000 0000
0800 0000 0000 0000 0300 0000 0400 0000
3802 0000 0000 0000 3802 4000 0000 0000
3802 4000 0000 0000 1c00 0000 0000 0000
1c00 0000 0000 0000 0100 0000 0000 0000
0100 0000 0500 0000 0000 0000 0000 0000
0000 4000 0000 0000 0000 4000 0000 0000
d407 0000 0000 0000 d407 0000 0000 0000
0000 2000 0000 0000 0100 0000 0600 0000
100e 0000 0000 0000 100e 6000 0000 0000
100e 6000 0000 0000 1c02 0000 0000 0000

I was only taught to read and do reverse engineering for assembly code. How could I deal with these hex codes? (PS. I'm on a windows laptop) Is there any method that could turn it into assembly codes? Or is there any ways that I could run it, so I can see the input and output?

Thank you so much for your help!

Answer 1

Your file looks like an executable 64bit ELF for Linux. In order to use Linux tools on your Windows laptop you might need to install the emulator WSL first. Then inspect the format of your file in the WSL console with readelf:

$ readelf Vicky -aW --hex-dump=.text
ELF Header:
  Magic:   7f 45 4c 46 02 01 01 00 00 00 00 00 00 00 00 00
  Class:                             ELF64
  Data:                              2's complement, little endian
  Version:                           1 (current)
  OS/ABI:                            UNIX - System V
  ABI Version:                       0
  Type:                              EXEC (Executable file)
  Machine:                           Advanced Micro Devices X86-64
  Version:                           0x1
  Entry point address:               0x400430
  Start of program headers:          64 (bytes into file)
  Start of section headers:          6520 (bytes into file)
  Flags:                             0x0
  Size of this header:               64 (bytes)
  Size of program headers:           56 (bytes)
  Number of program headers:         9
  Size of section headers:           64 (bytes)
  Number of section headers:         31
  Section header string table index: 30
readelf: Error: Reading 1984 bytes extends past end of file for section headers
readelf: Error: Section headers are not available!
readelf: Error: Too many program headers - 0x9 - the file is not that big

It reports Error because the provided code is incomplete. Try file Vicky with your complete assignment file and if it says that the program is ELF64 executable, disassemble it with objdump -drwC -Mintel Vicky, as @Peter Cordes suggested.

The more difficult part of your homework will be then to comprehend meaning of disassembled instructions and formulate an equivalent C code.