bimbo36 Posted September 3, 2017 Posted September 3, 2017 I am looking for some software to reverse engineer some math exe files . I simply want to see the source code in assembly language for a start . What sort of software should i be looking for ?
Strange Posted September 4, 2017 Posted September 4, 2017 On Linux systems you can use the program objdump to view the disassembled code. I'm not sure what the equivalent would be for Windows, if there is one. The best bet might be to run the code using a debugger (e.g. the one provided in Visual Studio). You can then view the disassembled code and also step through it and see the effect on registers, etc. 1
bimbo36 Posted September 4, 2017 Author Posted September 4, 2017 Thanks for the reply . This looks like a good place to start for Linux because i don't have Linux installed right now . https://www.tutorialspoint.com/unix_terminal_online.php As for windows , i guess these are all the options . i found this list from some other site . I am not sure what is missing from this list .But looks like a nice list . Quote Hopper Hopper is a reverse engineering tool for OS X, Linux and Windows, that lets you disassemble, decompile and debug (OS X only) your 32/64bits Intel Mac, Windows and iOS (ARM) executables. x64dbg An open-source x64/x32 debugger for windows. Visual DuxDebugger Visual DuxDebugger is a 64-bit debugger disassembler for Windows, especially useful when the source code is unavailable. ImmunityDbg Immunity Debugger is a branch of OllyDbg v1.10, with built-in support for Python scripting and much more. PE Explorer's disassembler The PE Explorer Disassembler is designed to be easy to use compared with other disassemblers. To that end, some of the functionality found in other products has been left out in order to keep the process simple and fast. While as powerful as the more expensive, dedicated disassemblers, PE Explorer focuses on ease of use, clarity and navigation. Hiew Hiew is a great disassembler designed for hackers, as the name suggests. It supports three modes - Text, Hexadecimal and Decode (Dis-assembly) mode. radare2 Radare2 is an open source tool to disassemble, debug, analyze and manipulate binary files. It actually supports many architectures (x86{16,32,64}, Dalvik, avr, ARM, java, PowerPC, Sparc, MIPS) and several binary formats (pe{32,64}, [fat]mach0{32,64}, ELF{32,64}, dex and Java classes), apart from support for filesystem images and many more features. It runs on the command line, but it has a graphical interface in PyGTK called Bokken that has support for some of its features already. ODA The Online Disassembler is a free web-based, reverse engineering platform that supports over 60 architectures and object file formats from all the major operating systems, including Windows, Mac OS X, Linux, and mobile platforms. W32Dasm W32DASM was an excellent 16/32 bit disassembler for Windows, it seems it is no longer developed. the latest version available is from 200 Capstone Capstone is a lightweight multi-platform, multi-architecture disassembly framework. Some of ts features are multi-architectures: Arm, Arm64 (Armv8), Mips, PowerPC, Sparc, SystemZ, XCore & Intel Clean/simple/lightweight/intuitive architecture-neutral API. Provide details on disassembled instruction (called “decomposer” by some others). Provide some semantics of the disassembled instruction, such as list of implicit registers read & written. Implemented in pure C language, with bindings for Python, Ruby, C#, NodeJS, Java, GO, OCaml & Vala available. Native support for Windows & *nix (with Mac OSX, iOS, Android, Linux, *BSD & Solaris confirmed). Thread-safe by design. Special support for embedding into firmware or OS kernel. Distributed under the open source BSD license. BORG Disassembler BORG is an excellent Win32 Disassembler with GUI. DSM Studio Disassembler DSM Studio is an easy-to-use yet comprehensive application that can aid you in the disassembly and inspection of executables built for the Intel x86 architecture. Decompiler Decompiler is an easy to use and simply application designed to read program binaries and decompile executable or DLL files. The application is designed to decompile executables for any processor architecture and not be tied to a particular instruction set. Although currently only a x86 front end is implemented, there is nothing preventing you from implementing a 68K, Sparc, or VAX front end if you need one. Lida - linux interactive disassembler lida is a fast feature packed interactive ELF disassembler / code-/cryptoanalyzer based on bastards libdisasm BugDbg x64 v0.7.5 BugDbg x64 is a user-land debugger designed to debug native 64-bit applications. BugDbg is released as Freeware. distorm3 A lightweight, Easy-to-Use and Fast Disassembler/Decomposer Library for x86/AMD64 Udis86 Udis86 is an easy-to-use, minimalistic disassembler library (libudis86) for the x86 class of instruction set architectures. It has a convenient interface for use in the analysis and instrumentation of binary code. BeaEngine This project is a package with a multi-platform x86 and x64 disassembler library (Solaris, MAC OSX, AIX, Irix, OS/2, Linux, Windows) C4 Decompiler General Machine Code to C Decompiler Free Windows I64 target edition Interactive Windows GUI REC Studio 4 - Reverse Engineering Compiler REC Studio is an interactive decompiler. It reads a Windows, Linux, Mac OS X or raw executable file, and attempts to produce a C-like representation of the code and data used to build the executable file. It has been designed to read files produced for many different targets, and it has been compiled on several host systems. Retargetable Decompiler A retargetable decompiler that can be utilized for source code recovery, static malware analysis, etc. The decompiler is supposed to be not bounded to any particular target architecture, operating system, or executable file format. miasm Miasm is a a free and open source (GPLv2) reverse engineering framework written in python. Miasm aims at analyzing/modifying/generating binary programs. Free Code Manipulation Library This is a general purpose machine code manipulation library for IA-32 and Intel 64 architectures. The library supports UNIX-like systems as well as Windows and is highly portable. The FCML library is free for commercial and non-commercial use as long as the terms of the LGPL license are met. Currently it supports such features as: A one-line disassembler A one-line assembler An experimental multi-pass load-and-go assembler (Multi line!) Support for the Intel and AT&T syntax An instruction renderer An instruction parser Instructions represented as generic models UNIX/GNU/Linux and Windows support Portable - written entirely in C (no external dependencies) Supported instruction sets: MMX, 3D-Now!, SSE, SSE2, SSE3, SSSE3, SSE4.1, SSE4.2, SSE4A, AVX, AVX2, AES, TBM, BMI1, BMI2, HLE, ADX, CLMUL, RDRAND, RDSEED, FMA, FMA4, LWP, SVM, XOP, VMX, SMX Intel® X86 Encoder Decoder Software Library Intel® XED is a software library (and associated headers) for encoding and decoding X86 (IA32 and Intel64) instructions. angr angr is a framework for analyzing binaries. It focuses on both static and dynamic symbolic ("concolic") analysis, making it applicable to a variety of tasks.
Strange Posted September 4, 2017 Posted September 4, 2017 Looks like you should try a few of those and see which you are comfortable using and that give you the results you need.
bimbo36 Posted September 4, 2017 Author Posted September 4, 2017 Thanks . Yes i am going to try a few free ones first
dylrovertson Posted September 20, 2017 Posted September 20, 2017 REMnux v6 is the best software for reverse engineering. You can use it. Thanks
bimbo36 Posted September 20, 2017 Author Posted September 20, 2017 dylrovertson Thanks for the suggestion . I will try to install that version of Linux . A lot of people said IDA Pro . Anyway i managed to install IDA pro in my windows 7 PC . Looks good . Somebody from some other forum also sent me an exe to learn reverse engineering . Right now , busy learning assembly language from scratch for a second time . I am glad i found something to do with my free time .
Recommended Posts
Create an account or sign in to comment
You need to be a member in order to leave a comment
Create an account
Sign up for a new account in our community. It's easy!
Register a new accountSign in
Already have an account? Sign in here.
Sign In Now