From owner-freebsd-hackers Sun Apr 4 22:15:30 1999 Delivered-To: freebsd-hackers@freebsd.org Received: from danberlin.resnet.rochester.edu (danberlin.resnet.rochester.edu [128.151.84.217]) by hub.freebsd.org (Postfix) with SMTP id AFAC1153C6 for ; Sun, 4 Apr 1999 22:15:26 -0700 (PDT) (envelope-from root@danberlin.resnet.rochester.edu) Received: (from root@localhost) by danberlin.resnet.rochester.edu (950413.SGI.8.6.12/950213.SGI.AUTOCF) id BAA21404; Mon, 5 Apr 1999 01:08:20 -0700 From: Daniel Berlin MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Transfer-Encoding: 7bit Message-ID: <14088.28531.908490.405287@danberlin.resnet.rochester.edu> Date: Mon, 5 Apr 1999 01:08:19 -0700 (PDT) To: Warner Losh Cc: Doug Rabson , Nick Hibma , FreeBSD hackers mailing list , USB BSD list Subject: Re: disassembling i386 code In-Reply-To: <199904050118.TAA66919@harmony.village.org> References: <199904050118.TAA66919@harmony.village.org> X-Mailer: VM 6.67 under 21.0 "20 minutes to Nikko" XEmacs Lucid (beta67) Sender: owner-freebsd-hackers@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.ORG Actually, the best dissasembler around is IDA Pro from DataRescue. This is for just about any executable format on x86, ELF/PEF on PPC, and a few other andom processors in the standard version (i860, SH-4, and JAVA). It's really pretty damn amazing. I've used sourcer before (used it for years), but ever since IDA came about, it's blown everything else out of the water. I've dissasembled BeOS executables (PEF on PPC, ELF on x86, used to be PE) , JAVA class files (I'll admit it's not the best tool for doing JAVA class files, because it looks at it from the point of view of a java processor), and a bunch of other stuff with it, never had a problem. It makes sourcer look like a 3rd grade science project. There little blurb says it best: " IDA Pro is simply the world's most advanced disassembler. It mixes multi pass analysis, stack variables, symbolic constants, unicode, ELF support, color highlighting, C++ name demangling to compiler library recognition in a stunning package ! " http://www.datarescue.com grab the demo, but the input file size is limited to 64k. it's a bit pricey, but do a dejanews search on ida 3.84 or ida 3.8, and read what people say about it. I've yet to see a negative comment yet. I'll stop now before i start to sound like i get paid to say this stuff :P, Dan Warner Losh writes: > In message Doug Rabson writes: > : If you are lucky, you might be able to use 'objdump --disassemble' using > : the version of objdump in the cygwin toolset. > > This supposedly works. However, the objdump output is somewhat less > than wonderful for these projects. > > : There is a commercial disassembler for Windows, Sourcer from V > : Communications. Have a look at http://www.v-com.com/products/sourcer.html > : but it costs money... > > Sourcer is why I took an interest in the doscmd program earlier in the > year. I managed to get things to the point where sourcer's main > programs would run, but not the batch files. The program is a pain to > use, but does give OK results. > > There are boatloads of disassemblers that run under windows. Do a web > search for them and you'll see plenty. > > Warner > > > To Unsubscribe: send mail to majordomo@FreeBSD.org > with "unsubscribe freebsd-hackers" in the body of the message To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-hackers" in the body of the message