Quick introduction to reverse engineering for beginners
Quick introduction to reverse engineering for beginners
Quick introduction to reverse engineering for beginners
Create successful ePaper yourself
Turn your PDF publications into a flip-book with our unique Google optimized e-Paper software.
Chapter 5<br />
Tools<br />
∙ IDA as disassembler. Older freeware version is available <strong>for</strong> downloading: http://www.hex-rays.com/<br />
idapro/idadownfreeware.htm.<br />
∙ Microsoft Visual Studio Express 1 : Stripped-down Visual Studio version, convenient <strong>for</strong> simple expreiments.<br />
∙ Hiew 2 <strong>for</strong> small modifications of code in binary files.<br />
5.0.1 Debugger<br />
tracer 3 instead of debugger.<br />
I s<strong>to</strong>pped <strong>to</strong> use debugger eventually, because all I need from it is <strong>to</strong> spot some function’s arguments<br />
while execution, or registers’ state at some point. To load debugger each time is <strong>to</strong>o much, so I wrote a small<br />
utility tracer. It has console-interface, working from command-line, allow <strong>to</strong> intercept function execution,<br />
set breakpoints at arbitrary places, spot registers’ state, modify it, etc.<br />
However, as <strong>for</strong> learning, it’s highly advisable <strong>to</strong> trace code in debugger manually, watch how register’s<br />
state changing (<strong>for</strong> example, classic SoftICE, OllyDbg, WinDbg highlighting changed registers), flags, data,<br />
change them manually, watch reaction, etc.<br />
1 http://www.microsoft.com/express/Downloads/<br />
2 http://www.hiew.ru/<br />
3 http://conus.info/gt/<br />
145