I can't get your dissassembler to work under windows 98. I have attatched the exe and the error report.
Posted on 2003-12-12 13:47:13 by Delight
i hardly call the 'disassembler' test above, a disassembler ;)
i hope to see Roticv's own disasm engine than using a preMade one.
well, personally i don't care, but for rotivc's it just boost more new knowledge :)

it's blazing fast

yes, since it just do linear disasm.
when it comes to analyzing imports, pushes, and don't forget First Pass analyse, you will probably won't see blazing speed ;)
you can disregard the first pass if u want to let the user define it's own data segments, but it would be best to add both features ;)
Posted on 2003-12-12 14:07:48 by wizzra
well, you always need a "simple" and CORRECT disasm engine behind a clever heuristic app..
Posted on 2003-12-12 18:40:36 by f0dder
your diassembler does no work with NASM code here a simple example

; this is a example of a messagebox

; it does not uses any library with the linker

; the exe is much more litle

; this in fact the aproach tha NAGOA.INC uses in is RAD IDE

; implemented on is already made macro !
; nasm -f obj iat_message.asm
; alink -oPE C:\lab\vasm\projects\iat_msg\iat_message.obj

segment data use32
title1 db 'A Windows Program', 0
string1 db 'Look, Ma! A Windows program!', 0

segment code use32


push dword 0
push dword title1
push dword string1
push dword 0
extern MessageBoxA
import MessageBoxA user32.dll

push dword 0
extern ExitProcess
import ExitProcess kernel32.dll
Posted on 2003-12-17 04:00:25 by Nguga

Sorry not to have seen your bug report. I will look into it later. I find it weird for a crash in kernel32.dll hmm..


I will look into your exe.
Posted on 2003-12-17 04:42:19 by roticv
hi! :)

there was no crash ! :)

just that it does not disassembles nothing at all ...
Posted on 2003-12-17 21:14:03 by Nguga
Hi Nguga,

The problem with your nasm example codes is that the flag IMAGE_SCN_CNT_CODE is not set for the section with the Entry point. In fact Wdasm cannot disassemble your application properly. I added some code to search for the section with the EP and disassembly from there.


I have yet to fix the problem yet. Will work on it when I have the time to.

Posted on 2003-12-18 03:02:48 by roticv