Jump to content

Site Work Failed, But We Didn't Die

Ugh. Still more roadblocks. Need to get an as-yet unknown password from Nay in order to get this sucker changed. For now, please enjoy the mess of a forums we've got, and dream of the forums we will probably never one day have.

< 3 - Tay

You can dismiss this alert by clicking on the "X" button

stormwyrm

Debuggers and Reverse Engineering Tools

Recommended Posts

Just curious as to what tools are widely used by the community for reverse engineering games and such. I haven't done serious reverse engineering in years and am wondering what debuggers, disassemblers, and similar tools are widely used these days as I'm looking to try doing this for various games here and there. I've heard of tools like ollydbg (http://www.ollydbg.de/), SoftICE (a rather old tool I think), GoVest (http://www.oocities.com/govest/), IDA, and Tracer (http://yurichev.com/tracer-en.html). What do you folks use here?

Share this post


Link to post
Share on other sites

Far is debugger and reverse-engineering tool? :) That's the news! Also Far do not like japanese locale, that's why it shows this way.

T'was more of a joke, although Far has a couple of functionalities (including a hex editor), that might prove helpful in some cases and it can be expanded via plugins.

Can't think of anything besides the apps already posted above. I used a couple of very solid programs back in the past, but they were already outdated and I lost them after my old HDD crash. Can't even recall their names at the moment and I haven't been using anything for quite a while.

Share this post


Link to post
Share on other sites

Far is debugger and reverse-engineering tool? :) That's the news! Also Far do not like japanese locale, that's why it shows this way.

T'was more of a joke, although Far has a couple of functionalities (including a hex editor), that might prove helpful in some cases and it can be expanded via plugins.

Can't think of anything besides the apps already posted above. I used a couple of very solid programs back in the past, but they were already outdated and I lost them after my old HDD crash. Can't even recall their names at the moment and I haven't been using anything for quite a while.

I believe it is mostly useless as hex editor as well (at least using with VNs), because it lack Shift-JIS support, and UTF-8 actually too...

Share this post


Link to post
Share on other sites

Still OllyDBG 1, PPSSPP, IDA.

Noteworthy: https://www.reddit.com/r/ReverseEngineering/comments/29rafa/breaking_spotify_drm_with_panda/ -- Uses a QEMU plugin called PANDA to record executed instructions and replay them. Apparently, the http://www.rrshare.org/ has shared captures including Win7 ones.

IDA also has an x86 Bochs emulator, that may be useful for running small snippets, but I have no idea how to use it.

 

Share this post


Link to post
Share on other sites

Still OllyDBG 1, PPSSPP, IDA.

Noteworthy: https://www.reddit.com/r/ReverseEngineering/comments/29rafa/breaking_spotify_drm_with_panda/ -- Uses a QEMU plugin called PANDA to record executed instructions and replay them. Apparently, the http://www.rrshare.org/ has shared captures including Win7 ones.

IDA also has an x86 Bochs emulator, that may be useful for running small snippets, but I have no idea how to use it.

 

And what is point in recording and replaying instructions, did you ever used that? For Bochs I see no point as well.

Share this post


Link to post
Share on other sites

Still OllyDBG 1, PPSSPP, IDA.

Noteworthy: https://www.reddit.com/r/ReverseEngineering/comments/29rafa/breaking_spotify_drm_with_panda/ -- Uses a QEMU plugin called PANDA to record executed instructions and replay them. Apparently, the http://www.rrshare.org/ has shared captures including Win7 ones.

IDA also has an x86 Bochs emulator, that may be useful for running small snippets, but I have no idea how to use it.

 

And what is point in recording and replaying instructions, did you ever used that? For Bochs I see no point as well.

When the program has a lot of encryption and anti-debugging stuff it could be very useful. The amount you'd have to go through would be pretty horrible. Seems quite needle in a haystack-ish to me, but if you have a clear way of executing the code you need and can do it quickly for a small dump, and no other way to check it, could be really nice.

Share this post


Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now


  • Recently Browsing   0 members

    No registered users viewing this page.

×