开发者_运维问答
We don’t allow questions seeking recommendations for books, tools, software libraries, and more. You can edit the question so it can be answered with facts and citations.
Closed 7 years ago.
Improve this questionI'm looking for a (preferably free) tool that can produce "proper" disassembly listing from a (non-.NET) windows PE file (*.exe or *.dll).
Important requirement: it should be possible to run the listing through a windows assembler (nasm, masm or whatever) and get working exe again (not necessarily identical to original one, but it should behave in the same way).
Intended usage is adding new subroutines into existing code, when source is not available.
Ideally, tool should be able to detect function/segment boundaries, API calls, and generate proper labels for jumps (I can live without labels for loops/jumps, though, but function boundary detection would be nice), and keep program resources/segments in place.
I'm already aware of IdaPRO(not free), OllyDBG (useful for in-place hacking, doesn't generate disassembly listing, AFAIK), ndisasm (output isn't suitable for assembler), dumpbin (useful, but AFAIK, output isn't suitable for assembler) and "proxy dll" technique.
Ideas? Or maybe there is a book/tutorial that explains some kind of alternative approach?
Also,check out Oilly. It's a pretty neat application and very intuitive too. You can disassemble and hex edit. Ideal for small to medium size projects.
You say you're aware of IdaPRO, but are you also aware of IdaFree?
I'm not positive it does exactly what you want but have you tried PEiD?
Take a look at free PEBrowse Professional:
http://www.smidgeonsoft.prohosting.com/pebrowse-pro-file-viewer.html
精彩评论