flat assembler
Message board for the users of flat assembler.

Index > Projects and Ideas > LDE - Length Disassembly Engine [done]

Author
Thread Post new topic Reply to topic
Reverend



Joined: 24 Aug 2004
Posts: 408
Location: Poland
Reverend 13 Aug 2005, 11:42
I wrote my own lde. It is a proc, that returns length of current opcode in address given as an argument. I wrote it for enhancing ApiResolve (my other program) possiblities. Code is os independent (as it doesn't use any API). Hope someone will find it useful Smile

EDIT: v1.3.2 has many bugs fixed and is heavily optimized for speed


Description: Length Disassembly Engine v1.3.2
Download
Filename: Length.Disassembly.Engine.v1.3.2.zip
Filesize: 4.26 KB
Downloaded: 1341 Time(s)



Last edited by Reverend on 23 Oct 2006, 12:25; edited 1 time in total
Post 13 Aug 2005, 11:42
View user's profile Send private message Visit poster's website Reply with quote
comrade



Joined: 16 Jun 2003
Posts: 1150
Location: Russian Federation
comrade 13 Aug 2005, 16:00
excellent
Post 13 Aug 2005, 16:00
View user's profile Send private message Visit poster's website AIM Address Yahoo Messenger MSN Messenger ICQ Number Reply with quote
Raedwulf



Joined: 13 Jul 2005
Posts: 375
Location: United Kingdom
Raedwulf 13 Aug 2005, 20:47
ApiResolve...lemme guess...rather than diassembling a function completely... it searches for the ret opode and finds out how many parameters the function returns Smile
Just a guess Very Happy
Great work Smile
Post 13 Aug 2005, 20:47
View user's profile Send private message MSN Messenger Reply with quote
Reverend



Joined: 24 Aug 2004
Posts: 408
Location: Poland
Reverend 13 Aug 2005, 21:18
Good guess Smile
The program searches opcode by opcode for ret. Searching byte by byte didn't work, but when I know how many bytes does the current opcode have I can go through them. But this thread is not about ApiResolve Smile
Post 13 Aug 2005, 21:18
View user's profile Send private message Visit poster's website Reply with quote
Raedwulf



Joined: 13 Jul 2005
Posts: 375
Location: United Kingdom
Raedwulf 14 Aug 2005, 07:20
My DLL2INC does the same but it disassembles using UDis86...kinda slow...well extremely slow Razz
Here's something i found though...in kernel32.dll some of the api calls have more than one ret and they are not always the same.
I designed my DLL2INC to pick the ret with the highest number for a function because it seems to be always the correct number.
Note: I'm not planning to release this version of DLL2INC because it is in VB6....I'm still planning to ma ke a FASM version...when I have time Razz
Post 14 Aug 2005, 07:20
View user's profile Send private message MSN Messenger Reply with quote
Reverend



Joined: 24 Aug 2004
Posts: 408
Location: Poland
Reverend 23 Oct 2006, 12:26
New version in the first post. Enjoy Wink
Post 23 Oct 2006, 12:26
View user's profile Send private message Visit poster's website Reply with quote
RedGhost



Joined: 18 May 2005
Posts: 443
Location: BC, Canada
RedGhost 27 Nov 2006, 06:53
Awesome, I kept looking for ADE32 by z0mbie but I couldn't find it /any where/. Thank you.

edit: Very clean code, well done.

_________________
redghost.ca
Post 27 Nov 2006, 06:53
View user's profile Send private message AIM Address MSN Messenger Reply with quote
Vasilev Vjacheslav



Joined: 11 Aug 2004
Posts: 392
Vasilev Vjacheslav 27 Nov 2006, 07:35
here ade32 from z0mbie


Description:
Download
Filename: ade32.rar
Filesize: 4.94 KB
Downloaded: 1117 Time(s)


_________________
[not enough memory]
Post 27 Nov 2006, 07:35
View user's profile Send private message Reply with quote
RedGhost



Joined: 18 May 2005
Posts: 443
Location: BC, Canada
RedGhost 27 Nov 2006, 11:20
Vasilev Vjacheslav wrote:
here ade32 from z0mbie


I needed it for a C project as well, but I have since ported Reverend's code to POASM (basically MASM) so I can include it in my C project. But thank you!

_________________
redghost.ca
Post 27 Nov 2006, 11:20
View user's profile Send private message AIM Address MSN Messenger Reply with quote
vid
Verbosity in development


Joined: 05 Sep 2003
Posts: 7105
Location: Slovakia
vid 27 Nov 2006, 11:33
Quote:
I needed it for a C project as well, but I have since ported Reverend's code to POASM (basically MASM) so I can include it in my C project.

why did you rewrite it to MASM to use it with C ???

Reverend: didn't know you are "in the scene" Wink
also note that "htb.team.prv.pl" doesn't seem to be working, you could fix NFO
Post 27 Nov 2006, 11:33
View user's profile Send private message Visit poster's website AIM Address MSN Messenger ICQ Number Reply with quote
RedGhost



Joined: 18 May 2005
Posts: 443
Location: BC, Canada
RedGhost 27 Nov 2006, 22:21
vid wrote:
Quote:
I needed it for a C project as well, but I have since ported Reverend's code to POASM (basically MASM) so I can include it in my C project.

why did you rewrite it to MASM to use it with C ???

Reverend: didn't know you are "in the scene" Wink
also note that "htb.team.prv.pl" doesn't seem to be working, you could fix NFO


Ah no, not MASM, there is an LCC based C compiler called "Pelles C", Pelle wrote his own assembler called POASM, it has a very similar to MASM syntax (I don't really like the syntax) but you can add ".asm" files to your project and it compiles them as an object and links with the rest of the C objects so only 1 compiler is required.

_________________
redghost.ca


Last edited by RedGhost on 29 Nov 2006, 10:19; edited 1 time in total
Post 27 Nov 2006, 22:21
View user's profile Send private message AIM Address MSN Messenger Reply with quote
vid
Verbosity in development


Joined: 05 Sep 2003
Posts: 7105
Location: Slovakia
vid 27 Nov 2006, 23:28
RedGhost: and why didn't you just add those few line and create "format MS COFF" instead?
Post 27 Nov 2006, 23:28
View user's profile Send private message Visit poster's website AIM Address MSN Messenger ICQ Number Reply with quote
RedGhost



Joined: 18 May 2005
Posts: 443
Location: BC, Canada
RedGhost 29 Nov 2006, 10:21
vid wrote:
RedGhost: and why didn't you just add those few line and create "format MS COFF" instead?

Then I would have to compile with two compilers, manually edit the linker settings and copy and paste. Too much work, adding a few offset prefixes and modifying how proc is declared was easy enough.

_________________
redghost.ca
Post 29 Nov 2006, 10:21
View user's profile Send private message AIM Address MSN Messenger Reply with quote
Display posts from previous:
Post new topic Reply to topic

Jump to:  


< Last Thread | Next Thread >
Forum Rules:
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum
You cannot attach files in this forum
You can download files in this forum


Copyright © 1999-2024, Tomasz Grysztar. Also on GitHub, YouTube.

Website powered by rwasa.