Jump to content

Debuggers and Reverse Engineering Tools


stormwyrm

Recommended Posts

Just curious as to what tools are widely used by the community for reverse engineering games and such. I haven't done serious reverse engineering in years and am wondering what debuggers, disassemblers, and similar tools are widely used these days as I'm looking to try doing this for various games here and there. I've heard of tools like ollydbg (http://www.ollydbg.de/), SoftICE (a rather old tool I think), GoVest (http://www.oocities.com/govest/), IDA, and Tracer (http://yurichev.com/tracer-en.html). What do you folks use here?

Link to comment
Share on other sites

Far is debugger and reverse-engineering tool? :) That's the news! Also Far do not like japanese locale, that's why it shows this way.

T'was more of a joke, although Far has a couple of functionalities (including a hex editor), that might prove helpful in some cases and it can be expanded via plugins.

Can't think of anything besides the apps already posted above. I used a couple of very solid programs back in the past, but they were already outdated and I lost them after my old HDD crash. Can't even recall their names at the moment and I haven't been using anything for quite a while.

Link to comment
Share on other sites

Far is debugger and reverse-engineering tool? :) That's the news! Also Far do not like japanese locale, that's why it shows this way.

T'was more of a joke, although Far has a couple of functionalities (including a hex editor), that might prove helpful in some cases and it can be expanded via plugins.

Can't think of anything besides the apps already posted above. I used a couple of very solid programs back in the past, but they were already outdated and I lost them after my old HDD crash. Can't even recall their names at the moment and I haven't been using anything for quite a while.

I believe it is mostly useless as hex editor as well (at least using with VNs), because it lack Shift-JIS support, and UTF-8 actually too...

Link to comment
Share on other sites

Still OllyDBG 1, PPSSPP, IDA.

Noteworthy: https://www.reddit.com/r/ReverseEngineering/comments/29rafa/breaking_spotify_drm_with_panda/ -- Uses a QEMU plugin called PANDA to record executed instructions and replay them. Apparently, the http://www.rrshare.org/ has shared captures including Win7 ones.

IDA also has an x86 Bochs emulator, that may be useful for running small snippets, but I have no idea how to use it.

 

Link to comment
Share on other sites

Still OllyDBG 1, PPSSPP, IDA.

Noteworthy: https://www.reddit.com/r/ReverseEngineering/comments/29rafa/breaking_spotify_drm_with_panda/ -- Uses a QEMU plugin called PANDA to record executed instructions and replay them. Apparently, the http://www.rrshare.org/ has shared captures including Win7 ones.

IDA also has an x86 Bochs emulator, that may be useful for running small snippets, but I have no idea how to use it.

 

And what is point in recording and replaying instructions, did you ever used that? For Bochs I see no point as well.

Link to comment
Share on other sites

Still OllyDBG 1, PPSSPP, IDA.

Noteworthy: https://www.reddit.com/r/ReverseEngineering/comments/29rafa/breaking_spotify_drm_with_panda/ -- Uses a QEMU plugin called PANDA to record executed instructions and replay them. Apparently, the http://www.rrshare.org/ has shared captures including Win7 ones.

IDA also has an x86 Bochs emulator, that may be useful for running small snippets, but I have no idea how to use it.

 

And what is point in recording and replaying instructions, did you ever used that? For Bochs I see no point as well.

When the program has a lot of encryption and anti-debugging stuff it could be very useful. The amount you'd have to go through would be pretty horrible. Seems quite needle in a haystack-ish to me, but if you have a clear way of executing the code you need and can do it quickly for a small dump, and no other way to check it, could be really nice.

Link to comment
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

  • Recently Browsing   0 members

    • No registered users viewing this page.
×
×
  • Create New...