Could somebody please tell me the difference between these two lines:
mov ecx, dword_19034EEC
mov ecx, offset dword_19034EEC
It kind of depends on the assembler/disassembler that you used to get that, but I am guessing that the former copies the contents of dword_19034EEC into ecx, and the latter copies the address of dword_19034EEC into ecx (this address is probably 19034EEC).
If you provided the opcodes as well it would be more obvious.
damnit yoni :( i was about to answer that but i went to the bathroom and comeback and your answers here~!
but yea, the first one puts the contents of dword_19034EEC and the second one the address
hmm.. IDA doesn't display the opcodes.. *opens w32dasm
:190142A5 mov ecx, dword ptr [19034EEC]
:190142AB mov ecx, 19034EEC
hmm, guess that just answered my question ;-)
Which version w32dasm u got? I got 8.93. How to make it to switch to another thread in the code window while debugging an app? I need it for WC3 debugging. :( Is IDA better than w32dasm?
I never used w32dasm for debugging...but here's my 2 cents.
IDA is way slower than w32dasm...but it has more power. Like, it will try to figure out the C arguments for CALLs, and make a program map and all of that. W32dasm suits my needs better, it's a basic disassembler that meets my needs nicely. Search the net for W32dism++, it adds some nice functionality to W32dasm.
QuoteI never used w32dasm for debugging...but here's my 2 cents.
Thank you ;D
QuoteIDA is way slower than w32dasm...but it has more power. Like, it will try to figure out the C arguments for CALLs, and make a program map and all of that..
Actually my copy o w32dasm tries to figure 'em out, too. 8)
QuoteSearch the net for W32dism++, it adds some nice functionality to W32dasm.
LOL, google returned ony 2 URLs and both are links to some boards. :o
IDA is WAAY nicer, it lets you name variables, give functions parameters (that show up as comments before the push's in from the the function), add comments, etc.
For reversing, IDA is much nicer, and it's only slow if you don't save data. w32dasm is nice because it's so simple, though.
http://www.valhallalegends.com/files/IDA430/ida.zip
that link requires username/pass iago, mind moving it someplace else so I can grab it?
yea, please iago :)
It does? Hmm, I tried it earlier and it didn't, guess somebody didn't want it shared?
Anyway, it will eventually be here:
http://Guest:
[email protected]:665/ida.zip
People who know about IDA still use w32dasm?!
IDA is totally superior :)
Like everything else, w32dasm has it's place in the world! I find it cleaner and easier to work with, if I need to look up something, I just open w32dasm and wait the ~30 seconds to disassemble the file instead of opening IDA's saved file and having it done pretty much instantly :)
/me pokes iago
gogo put it on your ftp
I know!! I tried that thin like 5 times now... my ida is shareware.. :'(
C:\Documents and Settings\Daniel Spence>ftp
ftp> o iago.no-ip.com:665
Unknown host iago.no-ip.com:665.
ftp> o iago.no-ip.com 665
Connected to iago.no-ip.com.
220 BulletProof FTP Server ready ...
User (iago.no-ip.com: )none)): Guest
331 Password required for Guest.
Password:
230 User Guest logged in.
ftp> dir
200 Port command successful.
150 Opening data connection for directory list.
it froze after that.. and:
ftp> get ida.zip
200 Port command successful.
550 'ida.zip' : No Such File.
ftp>
iago (or whoever uploaded that version of IDA to vL.com) owns.
This is THE REAL IDA 4.30, not the crappy "cracked demo" that Acid uploaded a few months ago.
It contains all the FLIRT signatures and supports more than just x86.
Here's a screenshot of it disassembling a .NET EXE:
http://www.valhallalegends.com/yoni/IDADotNET.png
Understandably, the file is password protected to protect vL.com's bandwidth and to prevent it from becoming a l33t warez server.
As soon as I become less lazy (should be around 20-30 minutes from now) I will configure my FTP and put it up on it. Keep in mind though that my upstream is low (12KBps max.) and it's a 30mb file. You'll get over it.
ftp://
[email protected]:43981/ida.zip
(Server: yoni.no-ip.org, port: 43981, username: IDA, no password)
To prevent my bandwidth being raped, I limited access to 1 user at a time.
Oops... Looking at the logs, it was slightly misconfigured.
You should be able to download more than ~600kb now. :)
ugh, slow downloading but thanks ;D
Quoteiago (or whoever uploaded that version of IDA to vL.com) owns.
Yes, I uploaded it, but Arta sent it to me so we're all good.
You can download it from my ftp also, ftp://iago.no-ip.com:665. Username/Password = Guest. My max upspeed is ~30kbps and I haven't limited users (There's also other useful stuff on the ftp but IDA is by far the best)
Nice stuff iago :)
Quoteftp> dir ebooks
200 Port command successful.
550 Permission denied.
ftp> dir Misc
200 Port command successful.
550 Permission denied.
ftp> dir Movies
200 Port command successful.
550 Permission denied.
ftp> dir Music
200 Port command successful.
550 Permission denied.
ftp> dir Pictures
200 Port command successful.
550 Permission denied.
ftp> dir Programs
200 Port command successful.
550 Permission denied.
eek, forgot to set +subdirs, will do that now
ftp://Guest:
[email protected]:665/Programs/ida.zip works, I just tested it.