Solved

Editing diassembled code

Posted on 1998-04-17
8
157 Views
Last Modified: 2013-11-20
I can debug in DevStudio EXE file going step by step from one statement to another one. Now I would like to edit assempled code and modify some instructions, for instance I would like to change address to jump to of je instruction. How can I do this?
0
Comment
Question by:galkin
  • 3
  • 2
  • 2
  • +1
8 Comments
 
LVL 4

Expert Comment

by:piano_boxer
ID: 1300180
You cannot modify a .exe/.dll file using DevStudio. But URSoft's W32Dasm has some nice features for this (reverse enginereing).

Take a look at it:
http://www.expage.com/page/w32dasm

0
 
LVL 7

Author Comment

by:galkin
ID: 1300181
This disassembler utility is rather useful but demo version that is availible for free download doesn't allow to modify instruction.
0
 
LVL 10

Expert Comment

by:RONSLOW
ID: 1300182
You cannot do this directly from within dev studio.  The assembler output is a listing only - it is not source code.

If you REALLY need to change at assembly level, then save the assembler output for a given statement/statements, discard the original source put in some inline assembler using an __asm block in its place.  You will need to replace memory addresses with the appropriate C/C++ variable and function names.

See the online help about __asm for more info


0
 
LVL 7

Author Comment

by:galkin
ID: 1300183
I don't have code. What I need to change is instructions. Yes DevStudio does not allow to change instructions so I am looking for some disassembler that does allow. I will give points to whom who will show me where I can get such a disassembler for free.
0
6 Surprising Benefits of Threat Intelligence

All sorts of threat intelligence is available on the web. Intelligence you can learn from, and use to anticipate and prepare for future attacks.

 
LVL 10

Expert Comment

by:RONSLOW
ID: 1300184
So you have a compiled program (fomr somewhere) that you don't have source for and you want to patch it to change the instructions.

A dissasmbler WONT let you change the original machine code .. you need an assembler for that.  You'd generate the assembly language from the execuatable using a disassembler, edit it to make changes (being careful about adding or deleting instructions, and then reassemble using an Assembler (eg Macro Assembler)

I'd try SoftIce from BoundsChecker - that should let you patch the executable .. it is commonly used by hackers and crackers for just such purposes.

PS: How does this relate to MFC Programming?

0
 
LVL 7

Author Comment

by:galkin
ID: 1300185
First I would like to emphasize I don't have source code I have only EXE and DLLs used by this EXE. Disassembler can show me instructions. One of them I want to modify. Disassembler that piano_boxer referred me to does allow to do this but full version not DEMO. SoftIce is also comercial application that is not free. I am looking for free disassembler. Anyway thank you for your answer.
And I increase points to 150.
0
 
LVL 3

Expert Comment

by:byang
ID: 1300186
the easiest way is to figure out the opcode of your new instructions, then patch it in using a hex editor, or even DOS's debug.
0
 
LVL 4

Accepted Solution

by:
piano_boxer earned 150 total points
ID: 1300187
W32Dasm did it :-)
0

Featured Post

Free Trending Threat Insights Every Day

Enhance your security with threat intelligence from the web. Get trending threat insights on hackers, exploits, and suspicious IP addresses delivered to your inbox with our free Cyber Daily.

Join & Write a Comment

Introduction: Finishing the grid – keyboard support for arrow keys to manoeuvre, entering the numbers.  The PreTranslateMessage function is to be used to intercept and respond to keyboard events. Continuing from the fourth article about sudoku. …
Introduction: Dialogs (1) modal - maintaining the database. Continuing from the ninth article about sudoku.   You might have heard of modal and modeless dialogs.  Here with this Sudoku application will we use one of each type: a modal dialog …
This video will show you how to get GIT to work in Eclipse.   It will walk you through how to install the EGit plugin in eclipse and how to checkout an existing repository.
Sending a Secure fax is easy with eFax Corporate (http://www.enterprise.efax.com). First, Just open a new email message.  In the To field, type your recipient's fax number @efaxsend.com. You can even send a secure international fax — just include t…

706 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

18 Experts available now in Live!

Get 1:1 Help Now