|
hello,
how can i understand or hopefully see the code in a .exe file?
i have only the exe file, nothing else, i tried to read it with visual c++, but i think i did a total sceewup, i cant read nothing! which sort of program do i need to read the source code of the file? and how can i convert it into c++?
thanks for any help possible!
|
|
|
|
|
My, is it the 1st of April already?
EXE means executable - no source. You can't reverse engineer it back into C++ source code becuase the compiler turns the source into sequences (albeit predictable and/or common ones) of machine language (sometimes using an assembler as an intermediary step). That machine language is often the final step in a complex process known as optimising, where the sequences themselves are subject to closer scrutiny and modified in an attempt to produce a smaller and/or faster version of the code.
To read source code, you need two things; the source itself (which you don't have), and a good editor. That last one is a tad objective (cue: editor wars, or how I learned to stop worrying and love emacs)
Steve S
|
|
|
|
|
Well, in my experience, you need a copy of dumpbin , a good understanding of the PE format, knowledge of how constructs are translated to machine language, and a good working knowledge of the processor's machine language - and the MSDN documentation.
You can get dumpbin to give you an assembly listing with the /disasm switch. You can then work back from there. Understanding the import table format is important: this tells you which functions in other libraries are being called.
Definitely not for the faint-hearted, though - it took me over a week to pick apart a Pocket PC OEM's DLL that wasn't working properly so I could bypass it - and that was in ARM assembly, which (being a RISC architecture) is a lot easier to understand than x86.
It's much easier to reverse-engineer a DLL than an executable, because you have a useful entry point that takes you right to the point. Most executables have a startup stub, such as the Microsoft C run-time's _WinMainCRTStartup function, which you have to pick through to find the actual WinMain .
Stability. What an interesting concept. -- Chris Maunder
|
|
|
|
|
ermmm.............. this is going to be fun! lol.....
so in breef my starting point is /disasm !
if i recreated the beginign of the code could that help me?
|
|
|
|
|
oh!! nah i think its not the 1st of april!
i know that its executable, i think my question wasnt so clear!
whene i run the program ( that is a dos executable file) i whould like to understand the tree of comands, example:
step 1: read a:...... .txt
step 2: do something (string,array, etc etc...)
step 3: .....
.
.
.
.
.
is it possible to read maybe with another program wile the exe file is running?
i need it so i can understand the structure and write it my self, maybe modify it etc etc....
or should i giveup this road and just writing a code based on what this program does?
|
|
|
|
|
Not true Steve, you can, you just have to know how, and this is an easy thing.
I'm doing this with my own code (in Release build) to check for some errors occuring in Release build but not in Debug build. It's easy if you know how...
Don't try it, just do it!
|
|
|
|
|
I wouldn't describe it as 'easy'. It is made easier if you have the original source code for reference, or if, alternatively, you have a debug and a release copy. It's also made easier by the availability of symbols or a map file.
Most people can't read x86 code too well, in general it's something you can do because you've had to in the past, you're using inline assembler, or you can't stand the idea that the compiler might be generating bad code
I'm with John Robbins (of BugSlayer fame), in that everyone should learn how to understand some assembler on the machine they use/target.
Oh, and anything is easy if you know how, apparently...
Steve S
|
|
|
|
|
The best you could hope for would be hard-to-read assembly code. I've heard rumor of a tool from long ago that could create C code from a .exe file, but never investigated it. With Visual Studio, you can open a file in binary and see the string constants. You can also open a file as a resource and see the menus, dialogs, icons, etc.
"The pointy end goes in the other man." - Antonio Banderas (Zorro, 1998)
|
|
|
|
|
Search for disasm in google. There are several tools that will turn the exe to assembly language but I know of none that will turn it into C++ code. This is a very hard problem. How do you know the program was written in C++ in the first place?
John
|
|
|
|
|
its a program given by a friend , he had it from his prof of c++! !
thats how i know and y i whant to understand it!
its just a chaleng between my my friend and his prof!
|
|
|
|
|
ok found disasm, tried to use it and gaveup nearly immidiatly!
i was reading that there are no desassemblers for c++ because every version has a different interpretation!!! is that true? how can it be possible? if c++ is so powerfull, u can do everything with it, y there is no library or sorce code that can read asemble? its a bit illogical seen that c++ write the executable files in assemble but cant read it!
|
|
|
|
|
gelcoman wrote:
if c++ is so powerfull, u can do everything with it,
nope it cant prepare a cup of coffee.
gelcoman wrote:
y there is no library or sorce code that can read asemble
Thats the job reserved for microprocessor.
gelcoman wrote:
its a bit illogical seen that c++ write the executable files in assemble but cant read it!
:trying to pull my hair: yes it can read binary data but its up to you to give some sence to it.
MSN Messenger.
prakashnadar@msn.com
|
|
|
|
|
step 1: it cant even buy my sgis..........:P
step 2: i have read some where, maybe im mistaken, that vb can read asemble with a desassemble!!!!
step 3: i think its called a sort of translator.......a bit like the one c++ uses to write to it!
maybe i shoudnt write my personal oppinions here! sorry!
|
|
|
|
|
gelcoman wrote:
maybe i shoudnt write my personal oppinions here! sorry!
personal oppinions go it the soapbox or the lounge.
MSN Messenger.
prakashnadar@msn.com
|
|
|
|
|
gelcoman wrote:
its a bit illogical seen that c++ write the executable files in assemble but cant read it!
No it's not. C++ is a standard language that expresses operations in a more or less human-readable manner, and defines what each operation should do. The language spec does not dictate how each operation must be implemented by the compiler; it only states what the resulting machine code must do. That's actually a good thing, as not all CPUs use the same instruction set - the same program written in C++ can be compiled to run on many different processors, a feat which would be impossible if the spec dictated what binary instructions must be used to accomplish every operation in the language.
Unless you have an intimate knowledge of assembly language for the CPU this program is compiled to use, you're wasting your time trying to reverse engineer it. If you want to duplicate its functionality, write a design spec from observed behaviors of the program, then write your own program to duplicate them.
Will Build Nuclear Missile For Food - No Target Too Small
|
|
|
|
|
Hi,
Is it possible to write sectors directly to a hard disk via windows or do you need to use inline assembly? Im basically looking to experiment with writing my own boot loader at the start of a floppy drive (bytes 0 - 512).
Any help / advice on writing directly to a HDD would be most appreciated
|
|
|
|
|
(I'd prefer a non-MFC example if there's one available )
Skute
|
|
|
|
|
// Open the Primary Disk Device
HANDLE hFile = CreateFile("\\\\.\\PHYSICALDRIVE0", GENERIC_READ | GENERIC_WRITE, FILE_SHARE_WRITE, NULL, OPEN_EXISTING, 0, NULL);
// Open the Floppy Drive
HANDLE hFile = CreateFile("\\\\.\\A:", GENERIC_READ | GENERIC_WRITE, FILE_SHARE_WRITE, NULL, OPEN_EXISTING, 0, NULL);
You almoust all work with devices have to be by drivers into windows enviroment.
|
|
|
|
|
|
The rawrite source code is in Pascal.
If you want to use the Windows API to do this, you can use CreateFile passing a path of "\\.\device" to get a raw handle to the device, e.g., "\\.\a:" for the first floppy drive, "\\.\PhysicalDisk0" for hard drive 1. You can use the returned HANDLE with the other File Management Functions to write directly to the device.
Basically, to read the boot sector, you CreateFile to the drive and read in the first 512 bytes using ReadFile to get the MBR. When finished don't forget to call CloseHandle.
|
|
|
|
|
Thats great, thanks ian + Branislav.
How do i determine which disk is HDD0 or HDD1 though? Ideally i want some form of drop down box to select the drive i want to write / read to / from. Because when you enumerate the drives, you dont get it in the form of ////DEVICE do you?
Cheers
Skute
|
|
|
|
|
How to draw a line (horizontal&vertical) in a dialog box ?
Thanks,
Deepak Samuel.
|
|
|
|
|
For a line to be both, horizontal and vertical, it would have to be diagonal, right? Otherwise, I would have just suggested using a static control either 1 pixel wide or 1 pixel high.
"The pointy end goes in the other man." - Antonio Banderas (Zorro, 1998)
|
|
|
|
|
DavidCrow wrote:
For a line to be both, horizontal and vertical, it would have to be diagonal, right?
Maximilien Lincourt
Your Head A Splode - Strong Bad
|
|
|
|
|
hmmm, how about a corner of a square, there the line is both horizontal and vertical.
MSN Messenger.
prakashnadar@msn.com
|
|
|
|