Tuesday, 21 August 2007
Disassembling number 7
Well, disassembling doesn't scare me as much as it did. Which is obviously a good thing. I used the free version of IDA, and it looked like I could get some good stuff out of it (bit tired tonight though). The only thing is that it won't look at the dos executable (i.e. the original), because it's only a demo (the full versioin will hack into any executable you care to throw it at, by all accounts). Thankfully there is a windows executable (available from the links on the left), but I can't help feeling that I should be using the DOS one. I imagine it to be simpler, but maybe I'm making that up.
Subscribe to:
Post Comments (Atom)
5 comments:
Hi, the VDX RE-er here ... ;-)
Which version of IDA are you using exactly? My copy of "IDA Pro Freeware Version 4.3" happily disassembles the DOS-based .exe.
Personally, I found the DOS program easier to analyze -- much less distracting code.
Hmmm... using the one I downloaded off the website, let me check. It seems it's version 5.1: they must have brought that restriction in recently. I'll have to see if I can grab a copy of 4.3 from somewhere.
One comment on #scummvm said I'd be better off using the Windows .exe, but either way it would be better to have the choice of both!
Well, the choice of the .exe surely depends on personal taste. Anyway, some IDA 4.3 downloads on the web actually contain the DOS version, whichis powerful as well, but a bit wasteful in terms of today's screen real estate. This http://www.programmersheaven.com/download/37637/download.aspx should be the Windows version.
Double bonus, not only does 4.3 load the DOS exe, but it also doesn't crash under wine like 5.1 did!
Good to hear! Happy disassembling then.
Post a Comment