flat assembler
Message board for the users of flat assembler.

Index > DOS > Please recommend me a DOS-based disassembler!

Author
Thread Post new topic Reply to topic
Cas



Joined: 26 Feb 2004
Posts: 82
Location: Argentina
Cas
Can you guys recommend me a DOS-based disassembler? I am not experienced using any, since so far I have only disassembled short code and I've done it manually.... usually by just copying what I read with DOS DEBUG. Razz

Is there any disassembler that can produce Flat Assembler format ASM files, by the way? ....Just in case the solution is much simpler than I though....

Thanks in advance! Smile

_________________
«Earth is my country; science is my religion» - Christian Huygens
Post 27 Nov 2009, 02:30
View user's profile Send private message Yahoo Messenger MSN Messenger Reply with quote
windwakr



Joined: 30 Jun 2004
Posts: 827
Location: Michigan, USA
windwakr
I use Borg disassembler for DOS stuff. There's probably something better, but that's what I use.

Also, I don't think there is any disassembler that produces a FASM compatible file.


EDIT: Oh wait, "DOS based" as in runs in DOS? Oops, ignore my post.

_________________
----> * <---- My star, won HERE


Last edited by windwakr on 27 Nov 2009, 05:17; edited 1 time in total
Post 27 Nov 2009, 03:27
View user's profile Send private message Reply with quote
DOS386



Joined: 08 Dec 2006
Posts: 1901
DOS386
Cas wrote:
Can you guys recommend me a DOS-based disassembler?


1. There is a sticky FAQ: http://board.flatassembler.net/topic.php?t=9473

2. http://www.unet.univie.ac.at/~a0503736/php/drdoswiki/index.php?n=Main.Development#toc11 (slightly outdated)

3. OBJCONV: http://board.flatassembler.net/topic.php?t=10291 (very smart)
Post 27 Nov 2009, 05:01
View user's profile Send private message Reply with quote
vid
Verbosity in development


Joined: 05 Sep 2003
Posts: 7105
Location: Slovakia
vid
AFAIK IDA still runs under DOS, doesn't it? But of course it isn't free...
Post 27 Nov 2009, 13:06
View user's profile Send private message Visit poster's website AIM Address MSN Messenger ICQ Number Reply with quote
DOS386



Joined: 08 Dec 2006
Posts: 1901
DOS386
vid wrote:
AFAIK url=hex-rays.com/idapro/ IDA still runs under DOS, doesn't it? But of course it isn't free...


The version you linked propbably doesn't (sorry, I'm too lazy to test Shocked ). IIRC I ran some old version long ago and it sucked in multiple areas. But considering there are several good and free disassemblers around, why bother with IDA ??? Wink
Post 28 Nov 2009, 08:13
View user's profile Send private message Reply with quote
vid
Verbosity in development


Joined: 05 Sep 2003
Posts: 7105
Location: Slovakia
vid
I remember using IDA in DOS without any trouble, but that was long time ago. Which free disassembler do you think matches IDA?
Post 28 Nov 2009, 08:51
View user's profile Send private message Visit poster's website AIM Address MSN Messenger ICQ Number Reply with quote
DOS386



Joined: 08 Dec 2006
Posts: 1901
DOS386
vid wrote:
IDA in DOS without any trouble, but that was long time ago. Which free disassembler do you think matches IDA?


I don't know what "exclusive" features you mean, but see above, OBJconv.
Post 28 Nov 2009, 09:52
View user's profile Send private message Reply with quote
vid
Verbosity in development


Joined: 05 Sep 2003
Posts: 7105
Location: Slovakia
vid
I meant mostly interactive disassembling
Post 28 Nov 2009, 11:07
View user's profile Send private message Visit poster's website AIM Address MSN Messenger ICQ Number Reply with quote
Cas



Joined: 26 Feb 2004
Posts: 82
Location: Argentina
Cas
Thanks. I'll check that! I actually don't need much. It's a couple of 16bit DOS EXE files I have to decompile, but then I'd need to translate the result to Flat Assembler, so that I can rebuild it with it. I'm sure the code will work even on a 286, so I don't even need the decompiler to support 32bit instructions at all Smile
Post 29 Nov 2009, 06:43
View user's profile Send private message Yahoo Messenger MSN Messenger Reply with quote
LocoDelAssembly
Your code has a bug


Joined: 06 May 2005
Posts: 4633
Location: Argentina
LocoDelAssembly
If you only need to disassemble a file then IDApro Freeware version will probably work good for you.

Example:

Code:
seg000:0000 ;
seg000:0000 ; +-------------------------------------------------------------------------+
seg000:0000 ; ¦     This file is generated by The Interactive Disassembler (IDA)        ¦
seg000:0000 ; ¦     Copyright (c) 2006 by DataRescue sa/nv, <ida@datarescue.com>        ¦
seg000:0000 ; ¦                      Licensed to: Freeware version                      ¦
seg000:0000 ; +-------------------------------------------------------------------------+
seg000:0000 ;
seg000:0000 ; File Name   : C:\Documents and Settings\Hernan\Escritorio\MULTISEG.EXE
seg000:0000 ; Format      : MS-DOS executable (EXE)
seg000:0000 ; Base Address: 1000h Range: 10000h-10140h Loaded length: 35h
seg000:0000 ; Entry Point : 1000:0
seg000:0000
seg000:0000                 Ideal
seg000:0000                 p686
seg000:0000                 pmmx
seg000:0000                 model large
seg000:0000
seg000:0000 ; ---------------------------------------------------------------------------
seg000:0000
seg000:0000 ; Segment type: Pure code
seg000:0000 segment         seg000 byte public 'CODE' use16
seg000:0000                 assume cs:seg000
seg000:0000                 assume es:nothing, ss:seg003, ds:nothing, fs:nothing, gs:nothing
seg000:0000
seg000:0000 ; ¦¦¦¦¦¦¦¦¦¦¦¦¦¦¦ S U B R O U T I N E ¦¦¦¦¦¦¦¦¦¦¦¦¦¦¦¦¦¦¦¦¦¦¦¦¦¦¦¦¦¦¦¦¦¦¦¦¦¦¦
seg000:0000
seg000:0000
seg000:0000                 public start
seg000:0000 proc            start near
seg000:0000                 mov     ax, seg dseg
seg000:0003                 mov     ds, ax
seg000:0005                 assume ds:dseg
seg000:0005                 mov     dx, 0
seg000:0008                 call    sub_10030
seg000:000D                 mov     ax, 4C00h
seg000:0010                 int     21h             ; DOS - 2+ - QUIT WITH EXIT CODE (EXIT)
seg000:0010 endp            start                   ; AL = exit code
seg000:0010
seg000:0010 ; ---------------------------------------------------------------------------
seg000:0012                 align 10h
seg000:0012 ends            seg000
seg000:0012
dseg:0000 ; ---------------------------------------------------------------------------
dseg:0000
dseg:0000 ; Segment type: Pure data
dseg:0000 segment         dseg para public 'DATA' use16
dseg:0000                 assume cs:dseg
dseg:0000 aHelloWorld     db 'Hello world!$',0
dseg:000E                 align 4
dseg:000E ends            dseg
dseg:000E
seg002:0000 ; ---------------------------------------------------------------------------
seg002:0000
seg002:0000 ; Segment type: Pure code
seg002:0000 segment         seg002 byte public 'CODE' use16
seg002:0000                 assume cs:seg002
seg002:0000                 assume es:nothing, ss:nothing, ds:dseg, fs:nothing, gs:nothing
seg002:0000
seg002:0000 ; ¦¦¦¦¦¦¦¦¦¦¦¦¦¦¦ S U B R O U T I N E ¦¦¦¦¦¦¦¦¦¦¦¦¦¦¦¦¦¦¦¦¦¦¦¦¦¦¦¦¦¦¦¦¦¦¦¦¦¦¦
seg002:0000
seg002:0000
seg002:0000 proc            sub_10030 far           ; CODE XREF: start+8P
seg002:0000                 mov     ah, 9
seg002:0002                 int     21h             ; DOS - PRINT STRING
seg002:0002                                         ; DS:DX -> string terminated by "$"
seg002:0004                 retf
seg002:0004 endp            sub_10030
seg002:0004
seg002:0004 ; ---------------------------------------------------------------------------
seg002:0005                 db 0Bh dup(?)
seg002:0005 ends            seg002
seg002:0005
seg003:0000 ; ---------------------------------------------------------------------------
seg003:0000
seg003:0000 ; Segment type: Uninitialized
seg003:0000 segment         seg003 byte stack 'STACK' use16
seg003:0000                 assume cs:seg003
seg003:0000                 assume es:nothing, ss:nothing, ds:dseg, fs:nothing, gs:nothing
seg003:0000                 db 100h dup(?)
seg003:0000 ends            seg003
seg003:0000
seg003:0000
seg003:0000                 end start    


Original:
Code:
; fasm example of writing multi-segment EXE program

format MZ

entry main:start                        ; program entry point
stack 100h                              ; stack size

segment main                            ; main program segment

  start:
        mov     ax,text
        mov     ds,ax

        mov     dx,hello
        call    extra:write_text

        mov     ax,4C00h
        int     21h

segment text

  hello db 'Hello world!',24h

segment extra

  write_text:
        mov     ah,9
        int     21h
        rett    
Post 29 Nov 2009, 07:11
View user's profile Send private message Reply with quote
DOS386



Joined: 08 Dec 2006
Posts: 1901
DOS386
> only need to disassemble a file then IDApro Freeware version

Bloat = 15 MiB Shocked

DOS_Support = False Shocked

> will probably work good for you.

The example output indeed is a good reason why NOT to use IDA Wink
Post 30 Nov 2009, 06:15
View user's profile Send private message Reply with quote
LocoDelAssembly
Your code has a bug


Joined: 06 May 2005
Posts: 4633
Location: Argentina
LocoDelAssembly
Quote:

DOS_Support = False Shocked

Yes, but from the post just above mine I deduced it wasn't the real requirement but disassembly of DOS executable.

Quote:

The example output indeed is a good reason why NOT to use IDA Wink

Why?
Post 30 Nov 2009, 13:13
View user's profile Send private message Reply with quote
DOS386



Joined: 08 Dec 2006
Posts: 1901
DOS386
Quote:
I meant mostly interactive disassembling


AFAIK none is. At least, OBJconv is smart.

Quote:
couple of 16bit DOS EXE files I have to decompile, but then I'd need to translate the result to Flat Assembler, so that I can rebuild it with it.


LocoDelAssembly wrote:

Yes, but from the post just above mine I deduced it wasn't the real requirement but disassembly of DOS executable.


If not obvious ...

Quote:
Quote:

The example output indeed is a good reason why NOT to use IDA
Why?


Because in the very same post Cas asked for FASM output.
Post 01 Dec 2009, 14:11
View user's profile Send private message Reply with quote
LocoDelAssembly
Your code has a bug


Joined: 06 May 2005
Posts: 4633
Location: Argentina
LocoDelAssembly
Ahp, didn't know OBJconv supported -fasm, sorry.

PS: For the casual reader, there is no sarcasm above, OBJconv really supports fasm output or at least the manual claims to have it.
Post 01 Dec 2009, 16:29
View user's profile Send private message Reply with quote
Japheth



Joined: 26 Oct 2004
Posts: 151
Japheth
LocoDelAssembly wrote:
Ahp, didn't know OBJconv supported -fasm, sorry.

PS: For the casual reader, there is no sarcasm above, OBJconv really supports fasm output or at least the manual claims to have it.


objconv's -fasm option doesn't create FASM style source, it's just good old Masm style instead.
Post 01 Dec 2009, 18:00
View user's profile Send private message Visit poster's website Reply with quote
revolution
When all else fails, read the source


Joined: 24 Aug 2004
Posts: 17665
Location: In your JS exploiting you and your system
revolution
Japheth wrote:
objconv's -fasm option doesn't create FASM style source, it's just good old Masm style instead.
Good? Are you sure that is the right word to go there? Wink
Post 12 Dec 2009, 11:01
View user's profile Send private message Visit poster's website Reply with quote
Alphonso



Joined: 16 Jan 2007
Posts: 294
Alphonso
I've use objconv -fnasm 64bit.exe to produce 64-bit nasm type files, not too much different from fasm. Didn't think it worked with 16-bit though.

I don't know of anything specific for fasm but the dos debugger GRDB will let you un-assemble to a file using the log to file function.

http://ladsoft.tripod.com/grdb.htm
Post 12 Dec 2009, 12:05
View user's profile Send private message Reply with quote
rCX



Joined: 29 Jul 2007
Posts: 166
Location: Maryland, USA
rCX
Cas wrote:
Can you guys recommend me a DOS-based disassembler? I am not experienced using any, since so far I have only disassembled short code and I've done it manually.... usually by just copying what I read with DOS DEBUG. Razz


Hey Cas, you can save dissasemblies from debug to a file. First you have to create a debug script and save it as "script.txt". Make sure you enter an extra blank line after the "q"Exclamation

Code:
u 100:200
q


    


Then all you have to do is...
Code:
debug hello.com < script.txt >> out.txt
    


Your disassembly will be saved in "out.txt"
Post 12 Dec 2009, 15:07
View user's profile Send private message Reply with quote
Japheth



Joined: 26 Oct 2004
Posts: 151
Japheth
revolution wrote:
Japheth wrote:
objconv's -fasm option doesn't create FASM style source, it's just good old Masm style instead.
Good? Are you sure that is the right word to go there? Wink


No, not really. But I thought that I have to be polite and hence chose an attribute which won't offend anybody.
Post 12 Dec 2009, 19:30
View user's profile Send private message Visit poster's website Reply with quote
rugxulo



Joined: 09 Aug 2005
Posts: 2341
Location: Usono (aka, USA)
rugxulo
Japheth's PE will also disassemble, as will BEYE (formerly BIEW).

The last (?) DOS version of IDA seems to be 3.7, which you can grab from here.
Post 28 Mar 2010, 18:51
View user's profile Send private message Visit poster's website Reply with quote
Display posts from previous:
Post new topic Reply to topic

Jump to:  


< Last Thread | Next Thread >
Forum Rules:
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum
You cannot attach files in this forum
You can download files in this forum


Copyright © 1999-2020, Tomasz Grysztar. Also on GitHub, YouTube, Twitter.

Website powered by rwasa.