#16
|
|||
|
|||
A Python scripting interface would be good, with breakpoints that can trigger scripts at certain points in execution. Good job on the debugger though.
|
#17
|
||||
|
||||
v0.4.0 released
+ added File ¨C Produce assembly text file + added possibility to create byte array type + added new command: dup + minor improvements |
#18
|
||||
|
||||
v0.5.0 released
added possibility to create subroutine added subroutine stack data (arguments, local variables) recognition added hex view window minor bugfixes and usability improvements Here is a screenshot how stack data recognition may look like http://arkdasm.com/stackdata.png It's possible to rename stack data after pressing n key. |
#19
|
|||
|
|||
v0.6.0 released
What's new: added structure support for global data added new commands: del_struct, struct, ls updated Qt to 5.2.1 minor improvements, bug fixes |
#20
|
|||
|
|||
ArkDasm v0.7.0
2014-04-06 Changelog: Quote:
Quote:
|
The Following 2 Users Gave Reputation+1 to MarcElBichon For This Useful Post: | ||
chessgod101 (04-08-2014), cyberbob (04-08-2014) |
#21
|
|||
|
|||
Are you planning to release the source code one day?
|
#22
|
||||
|
||||
sorry, at the moment no plans to release the source code
|
#23
|
|||
|
|||
ArkDasm v0.8.0
2014-09-28 Main features: - parsing PE32+ imports, exports, resources - subroutine stack data (arguments, local variables) recognition - loading local debug symbols (.pdb file) using IDA - multiline comments support - bookmarks support - python script support - possibility to save, load database Changelog: Quote:
Quote:
|
#24
|
||||
|
||||
v.1.0.0 released - www.arkdasm.com
+ added debugger capabilities + added new commands: bp, ba + switched to the Capstone disasm engine + updated Qt to 5.4.0 + switched to Visual Studio 2013 + minor improvements, bug fixes switched to Visual Studio 2013 so run-times (msvcp120.dll, msvcr112.dll) are required http://www.microsoft.com/en-us/download/details.aspx?id=40784 |
The Following 2 Users Gave Reputation+1 to cyberbob For This Useful Post: | ||
MarcElBichon (04-16-2015), Storm Shadow (04-19-2015) |
The Following User Says Thank You to cyberbob For This Useful Post: | ||
Insid3Code (04-18-2015) |
#25
|
|||
|
|||
Hey,
Nice seeing you added debugger capabilities! I have a few questions if you don't mind What is this 'DIA' thing you are talking about to load symbols? Is it open source? I could not find it anywhere (though maybe my search terms were off). And could you maybe give me some pointers as to how you recognize functions and local variables? Do you scan all instructions and populate a nice graph or do you do a linear scan with some algorithms to detect functions or maybe a combination? I am interested in this because I want to implement some of this in x64dbg Another small thing, is the arrow location just 'wrong' or is is placed between instructions for a reason? See this screenshot: http://prntscr.com/6ukf81 On and before I forget it, could you share some insight on how you implemented these python functions? I saw the python libs, but do you have some trick to auto generate the required function definitions or is it all manual work? Greetings |
#26
|
||||
|
||||
Quote:
Quote:
Quote:
Quote:
Cheers |
#27
|
|||
|
|||
I forgot what it's called or where I read this but there are 2 methods in which you can analyse the binary to find all the functions. The first method is to scan each and every function then link them together, but the other method is to analyse the instruction line by line and when you identify a function you check for calls inside of it and then go into that new function (inside of the main function) and then repeat the process. This means that if you had something like :
;function prologue call xxx ;function epilogue it would follow the call, identify the function and if it had another function the keep repeating it. In the end it would return back to the main function then continue line by line analysis. What method do you use for this? Sorry if this sounds vague or confusing. Btw I saw this project on /r/reverseengineering first so it's getting around a lot. good job |
#28
|
||||
|
||||
I use the second method (if I understood you correctly). I follow call instructions.
|
The Following User Says Thank You to cyberbob For This Useful Post: | ||
maktm (04-17-2015) |
#29
|
|||
|
|||
I plan on combining both linear search and a recursive search to also detect unused functions (and maybe evade some techniques like below). The problem I'm having is how to represent the instructions as a data structure...
|
#30
|
|||
|
|||
Good to see this project is still going! Good work cyberbob.
|
Tags |
disassembler |
|
|