Randy Howard
3/22/2016 5:11:00 PM
On 3/22/16 8:06 AM, cwf wrote:
> Hello everyone. I want to know how reverse engineering is done professional way.
> Having simple scenario - you have binary program and want to disassemble
> and convert/translate it to different language like C/C++. I know assembler well enough.
> What tools disassemblers have to simplify, speed up and make this process most convenient?
> And what disassemblers you would recommend? Any materials/literature/videos?
> Considering here only x86 processors. Thanks for all help
>
> cw
>
Many of the commercial ones seem to have disappeared since the wave of
open source came along. The process isn't particularly complicated. A
bit tedious, perhaps. You need to have a good understand of the
file format(s) for executables on the platform of interest, and the
opcodes for the CPU. Then it's a fairly straightforward process of
decoding the binary, generating labels (you can't know the original
ones generally) for jmp targets, memory variables, etc.
The output is generally not fun to read because of the invented names
for things in the assembly source, but that shouldn't be much of a
burden on those using one that are actually well versed in assembly
for the architecture.
A quick glance shows a number of open source disassembler projects
if you want to get your feet wet.
--
Randy Howard
(replace the obvious text in the obvious way if you wish to contact me
directly)