CommandsLinux

Xxd Command in Linux with Examples

r00t

Xxd Command in Linux

The world of Linux command-line utilities offers powerful tools for manipulating and analyzing data at a binary level. Among these utilities, the xxd command stands out as an essential tool for developers, system administrators, and security professionals. This comprehensive guide explores the xxd command in Linux, providing detailed explanations, practical examples, and advanced use cases to help you master this versatile utility.

What is the xxd Command in Linux?

The xxd command is a powerful utility that creates hexadecimal dumps of files or standard input. Unlike traditional text editors that display only human-readable content, xxd allows you to view the raw binary data of any file in a formatted hexadecimal representation. This capability is invaluable when working with binary files, analyzing file formats, or debugging applications.

At its core, xxd translates binary data into hexadecimal format, displaying both the hex values and their ASCII representation side by side. This dual view provides insights into the file’s structure that would otherwise remain hidden.

Hexadecimal representation is fundamental in computing because it offers a more human-friendly way to represent binary data. Each hexadecimal digit represents exactly four binary digits (bits), making it a compact and efficient notation for working with binary information. The xxd command leverages this relationship to provide a clear view of file contents at the byte level.

The true power of xxd lies not just in its ability to create hex dumps but also in its capability to reverse the process. You can convert a hex dump back to its original binary form, enabling you to edit binary files using text-based tools. This bidirectional conversion makes xxd an invaluable tool for binary file patching and forensic analysis.

Installing xxd Across Linux Distributions

Before diving into xxd’s functionality, you need to ensure it’s installed on your system. The availability and installation method vary across Linux distributions.

Debian/Ubuntu-based Systems

On Debian-based distributions like Ubuntu, Linux Mint, and Pop!_OS, xxd is typically included in the vim-common package. Install it using apt:

sudo apt update
sudo apt install xxd

If xxd is already installed as part of vim-common, this command will simply confirm the installation.

RHEL/Fedora-based Systems

For Red Hat Enterprise Linux, Fedora, CentOS, and AlmaLinux, use the dnf package manager:

sudo dnf install xxd

Arch Linux and Derivatives

On Arch Linux, Manjaro, and other Arch-based distributions, install xxd using pacman:

sudo pacman -S xxd

Note that on Arch Linux, xxd is often bundled with the vim package.

Alpine Linux

Alpine Linux users might encounter a different implementation of xxd through BusyBox. For the full-featured version, install it explicitly:

apk add xxd

This installation provides the standard xxd with all its options, rather than the limited BusyBox version.

After installation, verify that xxd is correctly installed by checking its version:

xxd -v

A successful installation will display the version information of the xxd utility.

Basic Syntax and Command Structure

The xxd command follows a straightforward syntax that makes it accessible even to Linux beginners:

xxd [options] [infile [outfile]]

Let’s break down this syntax:

  • xxd: The command itself.
  • options: Various flags that modify xxd’s behavior.
  • infile: The input file to be processed. If omitted, xxd reads from standard input.
  • outfile: The file where output will be written. If omitted, xxd writes to standard output.

When executed without options, xxd produces a hexadecimal dump with the following format:

  1. An offset column showing the position within the file
  2. A hexadecimal representation of the bytes
  3. An ASCII representation of the bytes (where printable)

For example, running xxd on a text file produces output similar to:

0000000: 5768 6963 6820 4c69 6e75 7820 6469 7374  Which Linux dist
0000010: 726f 2069 7320 796f 7572 2064 6169 6c79  ro is your daily
0000020: 2064 7269 7665 723f 0a31 2e20 5562 756e   driver?.1. Ubun

Each line shows 16 bytes of data (by default), with the offset at the start of the line, the hexadecimal values in the middle, and the ASCII representation on the right.

Essential Command Options

The xxd command offers numerous options to customize its output and behavior. Understanding these options is key to leveraging xxd’s full potential.

Viewing Options

-b, -bits: Displays output in binary (bits) format instead of hexadecimal.

xxd -b filename

-u: Displays hexadecimal output using uppercase letters instead of lowercase.

xxd -u filename

-c cols, -cols cols: Specifies the number of bytes to display per line (default is 16).

xxd -c 8 filename

-g bytes, -groupsize bytes: Controls the spacing between byte groups in the output.

xxd -g 4 filename

Format Conversion Options

-p, -ps, -postscript, -plain: Produces a plain hexadecimal dump without line numbers or ASCII representation.

xxd -p filename

-r, -revert: Converts a hexadecimal dump back to binary format.

xxd -r hexdump > binaryfile

Data Selection Options

-s [+][-]seek: Starts at the specified offset in the input file.

xxd -s 0x100 filename

-l len, -len len: Limits the output to the specified number of bytes.

xxd -l 256 filename

These options can be combined to achieve precise control over xxd’s output format and the portion of data being examined. For instance, to display 64 bytes starting at offset 256 in uppercase hexadecimal:

xxd -s 0x100 -l 64 -u filename

Basic xxd Examples with Output

Let’s explore practical examples of xxd usage with detailed output explanations.

Creating a Basic Hex Dump

The most straightforward application of xxd is creating a hexadecimal dump of a text file:

echo "Hello, Linux world!" > sample.txt
xxd sample.txt

This produces output similar to:

0000000: 4865 6c6c 6f2c 204c 696e 7578 2077 6f72  Hello, Linux wor
0000010: 6c64 210a                                ld!.

In this output:

  • 0000000: and 0000010: represent byte offsets in hexadecimal
  • The middle section shows the hexadecimal representation of each byte
  • The right section shows the ASCII interpretation, with non-printable characters (like newline) shown as dots

Customizing the Output Format

You can adjust the display format to suit your analysis needs:

# Display 8 bytes per line
xxd -c 8 sample.txt

# Group bytes in pairs
xxd -g 2 sample.txt

# Display in binary format
xxd -b sample.txt

# Display in uppercase hexadecimal
xxd -u sample.txt

Creating a Plain Hexadecimal Dump

For a cleaner, compact output without offsets or ASCII representation:

xxd -p sample.txt

Output:

48656c6c6f2c204c696e75782077f726c64210a

This plain format is particularly useful when piping xxd output to other commands or when preparing hex data for conversion back to binary.

Converting Hex Back to Binary

One of xxd’s most powerful features is its ability to reverse the process, converting hexadecimal data back to binary:

# Create a hex dump
xxd -p sample.txt > hexdump.txt

# Edit the hex dump if needed, then convert back to binary
xxd -r -p hexdump.txt > restored.txt

This bidirectional conversion enables you to use text editors to modify binary files indirectly—a feature that’s extremely valuable for binary patching.

Advanced Usage Examples

Beyond basic hex dumping, xxd offers sophisticated capabilities for binary analysis and manipulation.

Binary File Patching

One of the most powerful applications of xxd is binary file patching:

# Create a hex dump with offsets
xxd binary_file.bin > binary_file.hex

# Edit the hex dump using a text editor

# Convert back to binary, preserving the original file structure
xxd -r binary_file.hex > patched_binary.bin

This technique allows you to make precise modifications to binary files without specialized hex editors.

Using xxd with vim for Binary Editing

The xxd command integrates seamlessly with the vim text editor for binary editing:

# Open a binary file in vim
vim -b binary_file.bin

# In vim, convert to hex view
:%!xxd

# Edit as needed

# Before saving, convert back to binary
:%!xxd -r

This vim integration provides a powerful environment for binary file editing directly from the terminal.

Analyzing File Headers

File format headers often contain critical information about the file’s structure and content. xxd excels at exposing this information:

# View the first 64 bytes of a PNG image
xxd -l 64 image.png

For a PNG file, this would reveal the signature bytes (89 50 4E 47 0D 0A 1A 0A) and header chunks that identify it as a valid PNG image.

Working with Large Files

When analyzing large files, you can use offset and length options to focus on specific sections:

# View 256 bytes starting at offset 1MB
xxd -s 0x100000 -l 256 large_file.bin

This targeted approach makes xxd effective even with very large binary files.

Practical Applications in System Administration

System administrators find xxd invaluable for numerous tasks related to system maintenance and troubleshooting.

Debugging Binary Files and Executables

When executable files behave unexpectedly, xxd can help examine their binary content:

xxd /usr/bin/program | grep -i "string"

This command searches for specific byte patterns within the executable, which can reveal hardcoded paths, configuration values, or other embedded information.

Examining File Formats and Headers

File format verification is simplified with xxd:

# Check if a file is a valid JPEG
xxd -l 10 image.jpg | grep -q "JFIF" && echo "Valid JPEG" || echo "Not a JPEG"

This technique works for various file formats including PDFs, ZIP archives, and executables, where specific byte sequences identify the file type.

Network Packet Analysis

For network administrators, xxd can help analyze packet captures or network payload data:

# Extract and examine a TCP payload from a dumped packet
xxd network_packet.bin

The hexadecimal view reveals protocol headers, payload content, and binary communication patterns that might be invisible in text-only analysis.

Combining xxd with Other Linux Commands

The power of xxd multiplies when combined with other Linux commands through pipelines.

Searching Binary Patterns with grep

To find specific byte patterns in binary files:

# Search for the string "password" in a binary file
xxd binary_file | grep "password"

This approach can locate embedded strings, configuration data, or specific binary patterns.

Processing with sed or awk

For more complex transformations:

# Extract only the hexadecimal values from a dump
xxd -p file.bin | sed 's/.\{2\}/& /g'

This pipeline creates a space-separated list of byte values, useful for further processing or analysis.

Creating Powerful Command Combinations

Complex file analysis can be performed with command chains:

# Find all null bytes in the first 1KB of a file
xxd -l 1024 file.bin | grep "0000 0000"

Such combinations allow for targeted analysis of specific patterns or anomalies within binary data.

Tips, Best Practices and Troubleshooting

Mastering xxd involves understanding both its capabilities and limitations.

Efficiency Tips for Large Files

When working with large files:

  1. Always use the -s and -l options to limit processing to relevant sections
  2. Consider using the plain format (-p) when piping to other commands for faster processing
  3. For very large files, consider splitting the analysis into multiple commands focused on different sections

Common Mistakes and Solutions

Issue: xxd’s output looks garbled or incomplete.
Solution: Check if you’re viewing a binary file with non-standard encoding. Try different grouping options (-g) or columns per line (-c) for better visualization.

Issue: When converting back to binary, the file size or content doesn’t match the original.
Solution: Ensure you’re using the correct options. For plain hex dumps, include the -p flag during both dump creation and reversion.

Issue: On Alpine Linux, xxd shows help text instead of processing the file.
Solution: Install the full xxd package with apk add xxd instead of using the BusyBox version, which has limited functionality.

When to Use xxd vs. Alternatives

  • xxd is ideal for general-purpose hex dumping and binary editing
  • hexdump offers more formatting options but lacks the reversion capability
  • od (octal dump) is useful when octal representation is preferred
  • bvi provides a more interactive binary editing environment

Choose xxd when you need a balance of simplicity, versatility, and the ability to convert back to binary.

Advanced xxd Features for Developers

Developers can leverage xxd’s specialized features to streamline their workflows.

Generating C Include Files

The -i option generates C include files from binary data:

xxd -i datafile.bin > datafile.h

This creates a C array containing the binary data, which can be directly included in C/C++ programs—perfect for embedding resource files, firmware images, or configuration data.

Binary File Comparisons

For comparing binary files, xxd can normalize the representation:

xxd -p file1 > file1.hex
xxd -p file2 > file2.hex
diff file1.hex file2.hex

This technique highlights differences that might be invisible in binary comparison tools.

Working with Custom File Formats

When developing applications that use custom binary formats, xxd helps verify the structure:

# Generate a binary file from a custom format
custom_generator > custom.bin

# Examine the format with xxd
xxd -g 1 custom.bin

This process ensures that your custom format generator produces the expected binary structure.

Nginx Manage Service Offer
If you don’t have time to do all of this stuff, or if this is not your area of expertise, we offer a service to do “Nginx Manage Service Offer”, starting from $10 (Paypal payment). Please contact us to get the best deal!
r00t
Photo of r00t

r00t

r00t is an experienced Linux enthusiast and technical writer with a passion for open-source software. With years of hands-on experience in various Linux distributions, r00t has developed a deep understanding of the Linux ecosystem and its powerful tools. He holds certifications in SCE and has contributed to several open-source projects. r00t is dedicated to sharing her knowledge and expertise through well-researched and informative articles, helping others navigate the world of Linux with confidence.
Copyright © 2025 idroot.us | All Rights Reserved | Follow us for more Linux tutorials!
Back to top button