A disassembler is a software tool which transforms machine code into a human readable mnemonic representation called assembly language.
Questions tagged [disassemblers]
145 questions
13
votes
2 answers
What is the algorithm used in Recursive Traversal disassembly?
Disassembling binary code is a quite difficult topic, but for now only two (naive) algorithms seems to be broadly used in the tools.
Linear Sweep: A basic algorithm taking all the section marked as code and disassembling it by reading the…
perror
- 19,083
- 29
- 87
- 150
6
votes
2 answers
What is the Sourcer syntax for defining data structures?
I am working with version 8 circa 2000 of Sourcer from V Communications. They no longer support it. I've long since lost the manual.
There is a definition file that you edit as you discover the code you are dissembling. In that file's data section…
Rich Shealer
- 161
- 2
5
votes
1 answer
What type of disassembler is distorm?
In Alam you can find the classical differentiation between disassemblers. The author explains in general the two well known types of disassemblers:
The Linear Sweep technique starts from the first byte of the code and disassembles one instruction…
knx
- 1,257
- 1
- 9
- 26
4
votes
2 answers
Change code segment with disassemblers like IDA
Do disassemblers like IDA or Ghidra change write rules on code segment of a process to change instructions? For example one can place NOP instead of a function call, so it should have RWX instead only RX bits
Balora
- 41
- 1
4
votes
4 answers
Identifying jump table of a switch statement
I'm using a linear disassembler (beaEngine), and whenever I get to a jump table section, I get an error (or an incorrect decode since beaEngine mistakenly thinks it is code).
How can I recognize this section as a jump table? What is the…
user14614
- 41
- 1
- 2
3
votes
5 answers
Do you need a 64 bit disassembler like IDA Pro to disassemble 64 bit code?
My question is simply can you reverse a 64 bit compiled code using a 64 bit disassembler (like IDA Pro 64 bit) or can you use a 32 bit code disassembler. I'm a little confused.
Dadji E
- 31
- 1
- 2
2
votes
3 answers
Disassembler for batch/automated processing
I want to extract opcodes (MOV, ADD, ...etc) from binary files 'exe files' but as I want the process to be completely automated, I was looking for a free disassembler which can be easily integrated preferably a python based tool..
I've found this…
Ophilia
- 187
- 7
1
vote
0 answers
Disassembler with pixel/bitmap view
I am looking for an ARM disassembler that runs on Linux that has a graphic "pixel" or "bitmap" view like the one shown in the pictures below:
I am reverse engineering some old Nokia firmwares using the ARM7TDMI, and I've been using for several…
PJMOR
- 31
- 5
1
vote
1 answer
what's meaning address inside disassembler
I'm recently start in reverse engineering filed. While working with the disassembler I asked myself:what the "address" label meant. For example here we have hopper image:https://www.hopperapp.com/tutorial_files/[email protected]
As you can see…
user3782573
- 45
- 1
- 3
1
vote
1 answer
Disassembler for Renesas RX62 micro
Does anybody know a free disassembler tool for decoding a Renesas RX62 micrcocontroller binary file? There had been www.onlinedisassembler.com, but this site is down and the new beta.onlinedisassembler.com does not integrate the RX type for…
RoadRunner
- 31
- 1
- 3
1
vote
2 answers
OnlineDisassembler is down - any alternative?
Since weeks my beloved and favorite site www.onlinedisassembler.com is down and shows server error 500.
Does anybody know any alternative for trying different microcontroller architetures on an unknown binary file?
RoadRunner
- 31
- 1
- 3
0
votes
1 answer
Virtual functions call asm
It seems to be a virtual function call. How would this code look in a high-level language like C ++?
.text:0053A745 loc_53A745: ; CODE XREF: sub_53A690+CEj
.text:0053A745 mov ecx,…
black4
- 333
- 1
- 6
0
votes
1 answer
Recognize of data block
Assembler code from data segment:
.data:006A5038 dword_6A5038 dd 0
.data:006A5038
.data:006A503C ; char *off_6A503C
.data:006A503C off_6A503C dd offset aOption0
.data:006A503C …
black4
- 333
- 1
- 6