Where can I find a good windows disassembler?
Where can I find info on going from dos assembly to windows assembly
with out haveing to wade through the basicassembly stuff?
Posted on 2003-04-29 13:24:43 by rob.rice
I recall that this was asked several times so searching for "disassembler" might bring up some threads.
Posted on 2003-04-29 14:08:11 by bazik
There's a lot of disassemblers, but currently nothings beats datarescue IDA. I think they still have free version available; iirc the download was pulled from their main site because of bandwith reasons, but simtel or some other mirror (legally) hosts the free version download.
Posted on 2003-04-29 14:15:34 by f0dder
This is where I got it (Simtel): http://www.simtel.com/pub/pd/29498.html

Iczelion's great tutorial series is one of the only beginner's reference to Win32asm: http://spiff.tripnet.se/~iczelion/tutorials.html
Posted on 2003-04-29 16:47:13 by Masmer
rob,

MASM32 has Clive Turvey's DumpPE which does a lot of normal stuff very well. IDA is a good choice if you need heavyweight capacity and its a free download as well.

The shift from DOS assembler to 32 bit is more understanding the OS difference. You are free of segment-offset addressing and you have more instructions you can use. You also get effectively no limits on your usable memory.

NASM is the choice of the Linux guys I have known over time as it can be used for both Windows and UNIX based code on x86 hardware.

The majority of assembler code around in 32 bit Windows is in MASM form but if you get the swing of that OK, its no big deal to adapt to NASM later if you want to write som code for Linux.

Regards,

hutch@movsd.com
Posted on 2003-04-29 19:03:49 by hutch--
rob.rice,

You can use the Borg disassembler.(It's free.)

http://homepage.ntlworld.com/cronos/borg227.zip
Posted on 2003-04-30 02:02:28 by Vortex

rob,

MASM32 has Clive Turvey's DumpPE which does a lot of normal stuff very well. IDA is a good choice if you need heavyweight capacity and its a free download as well.

The shift from DOS assembler to 32 bit is more understanding the OS difference. You are free of segment-offset addressing and you have more instructions you can use. You also get effectively no limits on your usable memory.

NASM is the choice of the Linux guys I have known over time as it can be used for both Windows and UNIX based code on x86 hardware.

The majority of assembler code around in 32 bit Windows is in MASM form but if you get the swing of that OK, its no big deal to adapt to NASM later if you want to write som code for Linux.

Regards,

hutch@movsd.com


I was more than less forced to learn masm to learn Dos assembly
even though I was useing the a86 assembler leaveing out the goo guaws
almost all intel syntax assembler are almost all the same
Posted on 2003-04-30 18:07:34 by rob.rice
Thanx !

I guess what I should have asked is
Where is a good place to get info on the windows API?

ida looks like the same ida I used running dos
kinda like finding an old tool I liked to use
Posted on 2003-04-30 18:11:03 by rob.rice
The new Debuggy was finally released today! :grin:

***Implemented options: (ONLY W32)***
Last Update:30.04.2003.

-Native Debugger
-Disassembler-
-Tracer-
-Resource Extractor-
-W32 RES Export- *NEW*
-OLE/COM Viewer- *NEW*
-Window Sniffer-
-API Spy (*Under Construction*)-Note:Disable API Spy with Process Attach option while debugger raise the threads/DLL's
-File Hex Editor-

http://web.vip.hr/inga.vip/index.htm
Posted on 2003-04-30 18:44:58 by Masmer
You can download the 8 MB Win32 API reference here: http://spiff.tripnet.se/~iczelion/files/win32api.zip
Posted on 2003-04-30 18:57:38 by Masmer
Most or all debuggers use load process. How do you write with load process and why does Windows use editmap to load exe's?
Posted on 2003-05-01 01:42:18 by mrgone
rob.rice, the best place for info on windows api is http://msdn.microsoft.com . If you're on broadband, download the PlatformSDK (there's a link somewhere, probably in the FAQ section, to the full .cab downloads). If you're on dialup, the old win32.hlp will probably have to do :(
Posted on 2003-05-01 02:17:36 by f0dder
I downloaded the SDK once, found out it's in HTMLHelp 2 format so there isn't and IDE on the planet that can use it directly except Visual Studio .NET and you have to install all of that .NET framework stuff to get DExplore to work. Too bad, would have been nice to be able to use it with RadASM. But it's true that you can't get more complete or more up to date information than is available in the SDK.

PS: just as a side issue, I know that MS has scrapped HTMLHelp 2 except for the SDK but has anyone ever found a way to access it externally ? Just to say look up a particular peice of info in the TOC and have it displayed with DExplore.
Posted on 2003-05-01 02:38:46 by donkey
I dislike htmlhelp2... probably mainly due to the viewer, how on earth did they manage to make it that much slower than the old one (hmm, by .net'ing it? :-( ). And if that wasn't enough, it's harder to access with just the keyboard.

Somebody should host the (slightly) older htmlhelp1 version of the PSDK.
Posted on 2003-05-01 02:47:44 by f0dder
Man, I would love that. But I think MS might have some problems with it though. HTMLHelp 2 was designed to push .NET and the fact that nothing but VS.NET can use the SDK directly anymore kind of speaks to thier motives. I actually subscribed to a HH2 forum once, MS help VIP's everything on the forum, lots of questions but they refused to answer any questions about how to access the TOC or get information from the files. I gave up after a while and scrapped my idea to upgrade the MSDNHelp addin for RadASM.
Posted on 2003-05-01 02:52:23 by donkey
Hrm weird. It doesn't make sense to not release a SDK. Not releasing information of the file format, perhaps, but not releasing a SDK? :confused: If MS really wants to push .NET as much as they do, not being able to integrate the help with other products than their own IDE isn't helping them.
Posted on 2003-05-01 02:58:00 by f0dder
Donkey,

I currently stick with the Whistler Edition of the PlatformSDK as it covers the win2k stuff and it seems to work OK. I don't know of a reliable way to access it but I at least have it set up on a menu so it starts then I paste in what I am looking for and its usually pretty fast.

Certainly Winhelp is more flexible and a lot faster but the platformsdk is a lot later.

Regards,

hutch@movsd.com
Posted on 2003-05-01 02:58:39 by hutch--
Hutch, if it's htmlhelp1 format (.col rather than all those weird .hxs, .hxk, etc) files, it's rather simple to access it - the HtmlHelp SDK. Really easy to use, and actually more flexible than the old winhelp - you can for example choose to integrate the help system in a window of your own, instead of popping it up in a new window.

Fast, humm... probably. HtmlHelp2 is rather slow at first load on my system, where htmlhelp1 is instantanoeus; I can't really tell the difference from old winhelp and htmlhelp1. It's a bit annoying at first load, but not too much of a bother usually, as I tend to keep the help window open (minimized) all the time while coding.
Posted on 2003-05-01 03:05:09 by f0dder
I agree Hutch, but unfortunately I started programming in August, that means that I never had the chance to get anything but an HTMLHelp 2 format SDK. That was the reason I was going to rewrite the MSDNHelp addin, to be able to use the same stuff as everybody else seemed to have. Ah well, unless someone hosts it, there's no way to get it in HH1 format, I keep searching the internet every once in a while though.
Posted on 2003-05-01 03:08:08 by donkey

You can download the 8 MB Win32 API reference here: http://spiff.tripnet.se/~iczelion/files/win32api.zip


thanks

I opened it with windows exlploiter and it looks like just like what I was looking for.

Now what I need to know is how do I install this so that it
becomes part of windows help system so I don't need windows
exploiter to open it ? (I can't find any theng about adding to windows help system)
Posted on 2003-05-01 22:23:52 by rob.rice