EEVblog Electronics Community Forum

Products => Computers => Programming => Topic started by: metertech58761 on July 17, 2023, 06:53:28 pm

Title: Shareware x86 disassemblers?
Post by: metertech58761 on July 17, 2023, 06:53:28 pm
Just wanted to get a feel for what is available for x86 disassemblers (have a couple Windows app files I just want to nose around in... I don't need or want to spend the $$$ for a professional developer suite, and the files are ~1.5M, far too large for the online tools).

I don't mind forking over a bit of money for a shareware tool... what are some hobbyist-level apps that I could look at?
Title: Re: Shareware x86 disassemblers?
Post by: alm on July 17, 2023, 06:56:28 pm
Have you looked at Ghidra (https://ghidra-sre.org/), an open source solution that's getting quite a bit of attention recently?
Title: Re: Shareware x86 disassemblers?
Post by: metertech58761 on July 18, 2023, 11:54:49 am
If a TLA is involved, I'd be very leery of any kind of a back door. Just on general principles, I say that one is a hard pass.
Title: Re: Shareware x86 disassemblers?
Post by: redkitedesign on July 18, 2023, 01:57:02 pm
Well, the source is public so go look for the backdoor!

(For those who would like to point me to Ken Thompson's 1984 Turing Award lecture, let me point out that this is a disassembler, not a compiler. But then again GCC is also a TLA)
Title: Re: Shareware x86 disassemblers?
Post by: eutectique on July 18, 2023, 02:31:47 pm
In the days of QNX4 and Watcom compiler, I used to use wdisasm as the tool of choice. There is https://github.com/fonic/wcdatool nowadays, don't know how suitable it would be for you.
Title: Re: Shareware x86 disassemblers?
Post by: RAPo on July 18, 2023, 02:33:08 pm
I use ImHex (https://imhex.werwolv.net/), Ghidra (https://ghidra-sre.org/) and Cheat Engine (https://cheatengine.org/aboutce.php).
Title: Re: Shareware x86 disassemblers?
Post by: Veteran68 on July 18, 2023, 06:08:51 pm
Back in the day, I did a lot of reverse engineering of code (not so much these days). Back then (and I supposed still is), Hexrays IDA was the king of the hill. Pricey though for a legal copy.

I also had a license to SoftICE through my work back in the DOS/Win3.1 days (complete with a homemade NMI switch wired into an ISA slot). I'm not sure they still make SoftICE though. I also used wdasm and ollydbg a few times.

I've heard a lot about Ghidra in the past few years, and it seems to be taking over even from pirated IDA copies. If/when I have another RE opportunity I intend to look at it, since I no longer have any of the aforementioned tools handy, or even if they're still usable/supported/maintained on modern OS/CPU architectures.
Title: Re: Shareware x86 disassemblers?
Post by: eliocor on July 18, 2023, 06:46:03 pm
IDA Free: https://hex-rays.com/ida-free/
Title: Re: Shareware x86 disassemblers?
Post by: Veteran68 on July 18, 2023, 06:52:01 pm
Quote from: eliocor on July 18, 2023, 06:46:03 pm
IDA Free: https://hex-rays.com/ida-free/

I haven’t looked at it in awhile, but when I did the free version was an old version and very limited in capability, target type and size, etc.

But depending on the OP’s needs it might work.
Title: Re: Shareware x86 disassemblers?
Post by: coppice on July 18, 2023, 07:34:43 pm
Quote from: metertech58761 on July 18, 2023, 11:54:49 am
If a TLA is involved, I'd be very leery of any kind of a back door. Just on general principles, I say that one is a hard pass.
Use Ghidra with the network disconnected. What's it going to do? Make life easy for you? Its a really good tool.