monkeyking
monkeyking

Reputation: 6958

How to determine which compiler has been used to compile an executable?

From a compiled file, can I see which compiler has been used to generate the file?

Upvotes: 42

Views: 31056

Answers (5)

Yuri Aps
Yuri Aps

Reputation: 1109

I was answering a quiz in a Blue Team website, and this was a question. I found the solution using a tool called PE Detective, he looks for signatures on the EXE, works really fine

https://www.softpedia.com/get/System/File-Management/PE-Detective.shtml

Upvotes: 0

R.. GitHub STOP HELPING ICE
R.. GitHub STOP HELPING ICE

Reputation: 215517

Many compilers/linkers insert a .comment section in the output file which identifies them. There are also a number of more subtle behaviors you could create compiler fingerprints off of, but I know of no existing tools for this.

If you have the source, the easiest solution would be to try compiling with each compiler in question until you get a binary that matches byte-for-byte (or even closely).

Upvotes: 5

cpx
cpx

Reputation: 17577

Try, IDA Pro which identifies the libraries and tools used to build up executable file.

Upvotes: 3

JustJeff
JustJeff

Reputation: 12980

There's also the good old 'strings' utility. Dumps all ascii-ish looking strings it finds in the binary. Different compilers embed different amounts of information in the binaries they produce, but many will actually include obviously identifying strings.

Upvotes: 14

Mark B
Mark B

Reputation: 96301

In some cases you can run ldd on the binary and find out which standard library it's linked against. For example on Solaris gcc vs Sun CC vs whatever.

For C++ code, you can also dump some of the symbols, find a mangled function name, and then figure out which demangler generates the correct original name.

Upvotes: 4

Related Questions