Reputation: 6958
From a compiled file, can I see which compiler has been used to generate the file?
Upvotes: 42
Views: 31056
Reputation: 1109
I was answering a quiz in a Blue Team website, and this was a question. I found the solution using a tool called PE Detective
, he looks for signatures on the EXE, works really fine
https://www.softpedia.com/get/System/File-Management/PE-Detective.shtml
Upvotes: 0
Reputation: 215517
Many compilers/linkers insert a .comment
section in the output file which identifies them. There are also a number of more subtle behaviors you could create compiler fingerprints off of, but I know of no existing tools for this.
If you have the source, the easiest solution would be to try compiling with each compiler in question until you get a binary that matches byte-for-byte (or even closely).
Upvotes: 5
Reputation: 17577
Try, IDA Pro which identifies the libraries and tools used to build up executable file.
Upvotes: 3
Reputation: 12980
There's also the good old 'strings' utility. Dumps all ascii-ish looking strings it finds in the binary. Different compilers embed different amounts of information in the binaries they produce, but many will actually include obviously identifying strings.
Upvotes: 14
Reputation: 96301
In some cases you can run ldd
on the binary and find out which standard library it's linked against. For example on Solaris gcc vs Sun CC vs whatever.
For C++ code, you can also dump some of the symbols, find a mangled function name, and then figure out which demangler generates the correct original name.
Upvotes: 4