I've opened up a program I wrote with ImageHlp.dll to play around with it a little, and I noticed that there seem to be large gaps in the file. As I understand it, for each PE section, the section header gives its offset in the file as PhysicalAddress, and its size as SizeOfRawData, and thus everything from PhysicalAddress to PhysicalAd...
Im currently trying to write a disassembler. I found the following list of opcodes and their meanings, so i decided to parse it at runtime: http://mprolab.teipir.gr/vivlio80X86/pentium.txt But i am stuck at the opcode 0x00: It is followed by a reg/modbyte. Parsing it was not much of a problem for me. But i'm having trouble with the Scal...
I need to compare few function calls and signature between my application and an working application. Here I don't mean any way to reverse engineer or access the source code of the other application , but truly need to know what are the methods , Interfaces used by the working application. I tried attaching my application to Visual Stud...
I am trying to understand the assembly level code for a simple C program by inspecting it with gdb's disassembler. Following is the C code: #include <stdio.h> void function(int a, int b, int c) { char buffer1[5]; char buffer2[10]; } void main() { function(1,2,3); } Following is the disassembly code for both main and functio...
DLL contains partial class DisPart defined in two places: public partial class DisPart { public static string s; } public partial class DisPart { public static int i; } Disassembling the DLL in Reflector results in: public class DisPart { public static int i; public static string s; } Is there any possibility to r...
Hello, I must intercept execution in very big application in many places. What programs I can use to do this? What techniques exists for this problems? Manually reverse engineering and adding hooks is maybe not optimal solution for this problem, because application is very big and some part of application can be updated in some time,...
I'm a professional C++ programmer and I'm pretty OK with the Visual Studio debugger (currently using 2005). I halfway know what a processor register is supposed to be, I can make something of a disassembly view (mostly guessing at what individual asm instructions might do). I know about symbol files -- that is their existence and how to ...
In Python you have the ability to view the compiled bytecode of a user-defined function using dis. Is there a builtin equivalent to this for Lua? It would really useful! ...
Which tool is the best for disassembling C++ executables? I'm looking for something like OllyDbg but for Linux. EDIT: Sorry, forgot to tell that I want to be able to debug, too, not just to see the asm code. EDIT2: By "best" I mean something like - "the best for windows is OllyDbg - can see the asm code and can debug, it's user friendl...
I am looking at the assembly language code of a switch statement. I understand how the code works and what the cases are. My question is how do I decide on the case names? Below is the assembly language code, which will be followed with my interpretation of it. I basically just need to use the jump table and fill in the case names. ...