How to do reverse engineering once most efficiently? [closed]

As it currently stands, this question is not a good fit for our Q&A format. We expect answers to be supported by facts, references, or expertise, but this question will likely solicit debate, arguments, polling, or extended discussion. If you feel that this question can be improved and possibly reopened, visit the help center for guidance. Closed 10 years ago.

RE for me is a completely new subject, so this may be naive.

I would like to read data directly from the file -- the thing is the format of the file is unknown, it can be encrypted as well. I know what is in the file so I can probe it if it is necessary, but I don't know how it is written (for example if "hello" is written as "hello" or "HELLO" or "h e l l o", and so on).

I figure out that I could use some RE tool and disassemble a function from the program (Windows, x86) which already reads that data. But when I checked the prices for the most popular tools (IDA Pro) it appeared that this "one time job" would cost me a lot -- IDA Pro is around 400 EUR and Decompiler for it around 1600 EUR.

Well, I cannot afford such purchase not only because I don't have such money, but simply because I 开发者_运维问答am not sure if I won't fail with the task. And this is only done as a hobby.

So -- are there any others tools without not such steep prices? Or is there other approach? Writing my own disk filter driver, or something like that?

Thank you for any help in advance!

---

There is a freeware version of IDA Pro which is perfectly enough for most x86 programs (you didn't mention what is your target).

---

OllyDbg works quite well, and is free. Since you're apparently looking at a data file, you might want to look at a good hex dumper such as Hiew or Hex Workshop (Googling for something like "hex editor" will probably turn up at least a dozen more).