19 October 2016, 19:40 | #81 |
Registered User
Join Date: Sep 2003
Location: chester
Posts: 415
|
Interesting stuff. Been on-and-off looking for a way to disassemble a binary for a long time, and this looks like the key!
Having teething issues with getting the python environment working at the moment, and I don't know 68000 (but familiar enough with 6502 so hopefully not too much to learn) but I thought I'd supply a little feedback! |
19 October 2016, 20:08 | #82 |
Registered User
Join Date: Jul 2009
Location: Lala Land
Posts: 520
|
You're probably better off using Resource until I am a little further along the road.
|
14 January 2022, 23:16 | #83 |
Zone Friend
Join Date: May 2006
Location: France
Posts: 1,801
|
@copse did you hit the road?
|
14 January 2022, 23:21 | #84 |
This cat is no more
Join Date: Dec 2004
Location: FRANCE
Age: 52
Posts: 8,162
|
@copse that's exactly what "cheapres.py" does. finds the names passed to openlibrary and figures out the lib base variable.
But the program can be lost when there are wrappers around the OpenLibrary calls. For instance a C program adds a lot of wrappers and then you need to manually rename the calls for the tool to continue. Unless you execute the program formally, which is not a piece of cake. |
02 October 2022, 17:16 | #85 |
Zone Friend
Join Date: May 2006
Location: France
Posts: 1,801
|
@Jotd
is there's a way to help cheapres.py to handle non recognzied lib call. Ex : MOVE.L D0,2016(A4) ;00000324: 294007e0 is saving localbase Can I tell cheapres that MOVE.L D0,2016(A4) = saving localbase to 2016(A4) so it could put the right function call when seeing things like move.l 2016(A4),a6 followed by a system call ? |
01 January 2023, 10:42 | #86 |
This cat is no more
Join Date: Dec 2004
Location: FRANCE
Age: 52
Posts: 8,162
|
Not possible ATM. The only way is to change 2016(A4) to the library base then run the tool again. Which I admit is a weakness of the tool because you destroy the -offset(A4) address so the tool can detect LVOs. And if you want to reassemble the code, you can't. No biggie for me most of the time because i only use those sources for reverse engineering, but...
That would be much better to provide a configuration file to specify that those offsets are actually library bases. I may do that in a next future. About those A4 register-based variables that are hell... I know IRA can handle them, and so yesterday I added this feature as well here. say you have located the LEA to A4 in your code: Code:
LEA lb_00314+32766,A4 ;2b2be: 49f900008312 Code:
cheapres.py -i source.asm -b A4:2b2be cheapres.py: Base offset for A4 is $8312 Code:
MOVE.L A7,-13628(A4) ;2b268: 294fcac4 (links:aka=lb_04dd6) Code:
dc.w $4EF9 dc.w some_func Code:
jmp some_func To conclude, cheapres also detects wrapper functions that just get args from stack and JMP to OS function. Both features above are illustrated below Code:
lb_2b474: JMP -30780(A4) ;2b474: 4eec87c4 (links:jmp=dos_Rename) SECTION S_67,CODE dos_Rename: MOVEM.L 4(A7),D1-D2 ;2b478: 4cef00060004 MOVEA.L DosBase,A6 ;2b47e: 2c6ccad0 JMP (_LVORename,A6) ;2b482: 4eeeffb2 dos.library (off=-78) DC.W $0000 ;2b486 available in my repository now. |
01 January 2023, 20:34 | #87 |
Zone Friend
Join Date: May 2006
Location: France
Posts: 1,801
|
Thanks I’ll look into it.
|
Currently Active Users Viewing This Thread: 1 (0 members and 1 guests) | |
Thread Tools | |
Similar Threads | ||||
Thread | Thread Starter | Forum | Replies | Last Post |
Peasauce disassembler | copse | Coders. General | 1 | 31 January 2021 20:54 |
ReSource disassembler | BlueAchenar | request.Apps | 2 | 04 December 2008 23:18 |
resource disassembler | dalton | request.Apps | 5 | 05 July 2006 21:26 |
ReSource disassembler | gizmomelb | request.Apps | 5 | 21 January 2006 23:50 |
Built in disassembler | XDread | request.UAE Wishlist | 4 | 24 April 2004 02:20 |
|
|