Hi there. What I am looking for is a functional debugger for Windows Mobile Applications. I does not have to run on Windows Mobile - I'd rather have a sort of emulator with included debugger for Win Vista. I need to be able to set Breakpoints and view the code being executed of course. I don't think it will be x86 ASM, but I suppose some Asm of whatever architecture these QUALCOMM CPUs are.
IDA Pro
I'd recommend IDA Pro v5.x
You can try the demo version which comes with ARM/Windows CE debugger.
http://www.hex-rays.com/idapro/
crc64 said:
I'd recommend IDA Pro v5.x
You can try the demo version which comes with ARM/Windows CE debugger.
http://www.hex-rays.com/idapro/
Click to expand...
Click to collapse
Downloaded it but I does not work very well. How would you properly load a program? What I tried was copying the Exe to my PC and open it - fail of course. WHen I try to run it, it asks me whether I would like to copy it to my phone. SO that's what I do. Then the program starts but it closes immediately because language files are missing. So I copy the contents of the program folder to the folder where IDA copies the file. Now when I click Run nothing happens. And it prompts me all the time for bthutil.dll - I think that's the Bluetooth driver. But no idea what do to with this, I only click cancel.
Anyone? I really need this
Are you debugging a native or a .NET app?
Check
http://msdn.microsoft.com/en-us/library/bb158521.aspx
I can't tell by this time. If it's .NET, then it's NOT .NET 3.5. I do NOT have the sourcecode readily available.
Anyone? Hey, I think about 60% of all keygenners/crackers/etc for WinMo are registered users here. You MUST know!
0 get the ide debugger for every non system dll app this thing works on the X1
1 find the registry values to set to allow the IDA debugger to work
2 read the documentation provided @ hexrays for exactly your project.
0x41414141 said:
0 get the ide debugger for every non system dll app this thing works on the X1
1 find the registry values to set to allow the IDA debugger to work
2 read the documentation provided @ hexrays for exactly your project.
Click to expand...
Click to collapse
Sorry I don't fully understand you, can you go in a little bit more detail?
Firefall! said:
Sorry I don't fully understand you, can you go in a little bit more detail?
Click to expand...
Click to collapse
0 ida doesn't let you set breakpoints on system dll's
1 Key: 'HKLM\Security\Policies\Policies001001'
change to value DWORD:1
Key: 'HKLM\Security\Policies\Policies00100b'
change to value DWORD:1
2 http://www.hex-rays.com/idapro/wince/index.htm
ljankok said:
0 ida doesn't let you set breakpoints on system dll's
1 Key: 'HKLM\Security\Policies\Policies001001'
change to value DWORD:1
Key: 'HKLM\Security\Policies\Policies00100b'
change to value DWORD:1
2 http://www.hex-rays.com/idapro/wince/index.htm
Click to expand...
Click to collapse
Thank you very much, will try this Much appreciated!
Related
It's seems DllMain won't run when a dll loaded by LoadLibrary in wm5.0.
The dll is very simple,complied by vs 2005 beta2,just a MessageBox in dllmain
I load this dll in another process,using the api loadlibrary,In windows mobile 5.0 ppc emulator,no dialog box appear,but you can see that dll.dll had been loaded with remote file viewer.In Pocket PC 2003 SE emulator,every thing is ok
anybody has any idea about it?
Thanks
dll.cpp
#include "stdafx.h"
#include <windows.h>
#include <commctrl.h>
BOOL APIENTRY DllMain( HANDLE hModule,
DWORD ul_reason_for_call,
LPVOID lpReserved
)
{
MessageBox(NULL,L"11",L"22",0);
return TRUE;
}
Hi,
There is no default entry point in a DLL. You are doing everything fine except you need to load the module (function) you want to call. I cant remember off hand the details but its LoadModule.
Look thought the documentation for calling a function in a dll some more.
Paul
psneddon said:
Hi,
There is no default entry point in a DLL. You are doing everything fine except you need to load the module (function) you want to call. I cant remember off hand the details but its LoadModule.
Look thought the documentation for calling a function in a dll some more.
Paul
Click to expand...
Click to collapse
Thanks for your reply.
I don't want to call any function,excep the default entry point DllMain when loading library.
There should be default entry point in the dll I complied,because in wm2003,everything is ok(Messagebox appears when loading or unloading library)
DllMain worked in my programs in 2K5. Maybe your messagebox appears behind today window? I never tried MessageBox in DLLs, but CreateFile worked fine.
oh right. Maybe I'm wrong - i always thought DLL's didnt have default entry points - I need to get reading the SDK's more
Paul
mamaich said:
DllMain worked in my programs in 2K5. Maybe your messagebox appears behind today window? I never tried MessageBox in DLLs, but CreateFile worked fine.
Click to expand...
Click to collapse
hi mamaich,what device are you using?Emulator?
I've tried in another way:return TRUE or FALSE in DllMain,then check whether the dll is loaded with remote process viewer.
In wm5.0 emulator,DllMain's return value is ingored,the dll is always loaded.And in wm2003 emulator,dll can be loaded only if DllMain's return value is TRUE
I've compiled the DLL with eVC4 and run it on XDA2 with WM5. That DLL was a part of a rather large project.
Maybe VS2005 produces incorrect DLLs?
mamaich said:
I've compiled the DLL with eVC4 and run it on XDA2 with WM5. That DLL was a part of a rather large project.
Maybe VS2005 produces incorrect DLLs?
Click to expand...
Click to collapse
The dll should be ok,it works well on ppc2003's emulator.I have also tried the dll produced by evc4.0.
Seems it's my fault,I got it work on wm emulator now
Thanks for all
I found it,dllmain not run just because the dll export no function.after add a not used fuction,MessageBox appear when loading
I have been trying to get the new demo version of IDA to connect to my WM5 Qtek S200 with no luck.
When I click on attach it sends across wince_remote_arm.dll
then I get cannot invoke server.
If I add the reg key in HKLM\Security\Policies\Policies then it will connect and immediatly kill the ActiveSync connection and I have to unplug/replug in the USB cable. It also displays the following message.
irs_recv:An existing connection was forcibly closed by the remote host.
I can however debug .net apps and do the usual active sync transfer files etc.
Anyone have any thoughts on what to try?
Thanks
Pete
I think you have to enable RAPI, there is a cab for it on the forums or on the FTP, search for it, I think it is enable_rapi.cab.
^^ exactly... just run it on the device and it will connect
I have tried the above cab file and unfortunately still no luck.
It still dies when connecting, and the green activesync icon changes to grey and the "irs_recv:An existing connection was forcibly closed by the remote host." messagebox is displayed.
Strangely I can get it to connect to and debug the emulator.
Anyone have any other suggestions.
Thanks
Pete
I use full version of IDA (you can find it on chinese warez sites), ARM debugger extracted from demo version of IDA, cert.SPCS.cab, EnableRapi.cab, and HKLM\Init\RequireCertMods=0.
IDA connects and works.
mamaich said:
I use full version of IDA (you can find it on chinese warez sites), ARM debugger extracted from demo version of IDA, cert.SPCS.cab, EnableRapi.cab, and HKLM\Init\RequireCertMods=0.
IDA connects and works.
Click to expand...
Click to collapse
Uhhmm... which site exactly? And why doesn't it containt the debugger?
i have the same error "irs_recv...." anyone found a solution for it ?
Guybrush said:
i have the same error "irs_recv...." anyone found a solution for it ?
Click to expand...
Click to collapse
Solution is 2 posts upper.
I tried... Installed cert_SPCS.cab, EnableRapi.cab changed registry value but always same message
can you give me your security policies values under
HKLM/Security/Policies/Policies/
Thanks in advance.
I'm trying to run the IDA debugger on a Cingular 8125. It gives me the exact same error.
I have these values in the registry:
HKLM/init/BootVars/RequireCertMod = 0
HKLM/Security/Policies/Policies/00001001 = 1
HKLM/Security/Policies/Policies/00001005 = 40
HKLM/Security/Policies/Policies/00001017 = 144
I've installed EnableRapi.cab and Cert_SPCS.cab, but it still doesn't work.
Has anyone found a solution for this?
Same for me
I did all the same actions but it still doesn't work
Anyone?????
I think the problem is a result of some incompatibility of ida's debugger dll under OMAP 850 cpu...Therefore I use m$ deviceemulator which is VERY slow.
I had problems aswell with my devices... And after this last post.. i tried a WM device without a OMAP 850.. And it worked fine for me... on every OMAP850 device i tried .. i get the same error as you guys have reported..
So I must agree with george that OMAP850 is the problem
sashje, the problem is in IDA debugger's CPU detection routines. I've even reported this to IDA "support" but they paid no attention to my words.
Datarescue
you must download CE Debugger for windows ce if have it you must test another version of it you can download directly from datarescue
accepted, as far as I know even the latest versions of IDA 5 are bundled with an old ARM remote debugger dated from 2005...I bet that presently there is no such working version with OMAP CPU, but I would take my words back if only you could have pointed out the links for the downloads you meant.
if u changed your WM to unofficial WM
if u have any problem with pointers and breakpoints
if u have any connection error
you should test another version of CE Debugger On IDA PRO 5(my current version)
i have this problem with my device(Axim X30)
i changed CE debugger and work truth now
if you want some version of CE debugger i can give u
please use private messages
thanks
regards
accepted, your axim has Intel PXA270 (at 624MHz). We are speaking about Texas Instruments OMAP CPU problems lately here - so your remarks are quite incompetent. There is no version of this arm ida remote debugger dll that can work with OMAP CPU. If you have one (I'm sure you don't) please share it with all of us.
Texas Instruments
oh man i am sorry
i don't read carefully
IDA PRO do not support OMAP and only support ARm version
only support ARM(CE debugger)
sorry again
attached UnSigner.exe:
Strips authenticode signs (aka certificates) from binary files (exe, dll, mui, cpl etc.)
command line (PC):
UnSigner file1 [...]
Latest version here. Compiled under VS2005 without SP1 and it should run on any PC
getting an error when running from cmd line. "system cannot execute the specified program"
Wrrr
I hate Msoft. It is the same as: http://forum.xda-developers.com/showthread.php?p=1161953&highlight=execute#post1162020
Could anybody recompile attached source under VS2005 without(!) ServicePack and post exe here? As Win32 console application.
eb3604 said:
getting an error when running from cmd line. "system cannot execute the specified program"
Click to expand...
Click to collapse
Same problem under Win XP SP2.
NOTE: Oh, I saw that you've find the reason
One question:
Any success using this with cab files?
Form my experience ImageRemoveCertificate function only works with valid binary images meaning exe and dll (also MUI which is a dll).
levenum said:
One question:
Any success using this with cab files?
Form my experience ImageRemoveCertificate function only works with valid binary images meaning exe and dll (also MUI which is a dll).
Click to expand...
Click to collapse
Just tested. In fact - no support for cabs. But (IMO) it is relatively easy to re-create CAB (without sign).
Looking forward for this
see if this works. used it on 2 files from a titan dump. worked great! thanks!
eb3604 said:
see if this works. used it on 2 files from a titan dump. worked great! thanks!
Click to expand...
Click to collapse
Thanks. Updated first post
eb3604 said:
see if this works. used it on 2 files from a titan dump. worked great! thanks!
Click to expand...
Click to collapse
It doesn't work in my PC. I'm running XP Pro Italian with all the .Net crap installed.
Any suggestion?
risidoro said:
It doesn't work in my PC. I'm running XP Pro Italian with all the .Net crap installed.
Any suggestion?
Click to expand...
Click to collapse
Same problem here... have all .net 1.1, 2 and 3 installed... nothing
dont knw running xp sp2. works fine for me
eb3604 said:
see if this works. used it on 2 files from a titan dump. worked great! thanks!
Click to expand...
Click to collapse
Your binary is compiled with VS2005 with(!) SP1. Work well on any PC with VS2005 with SP1. Otherwise you will got a message "improper configuration" or something like it.
-------------------------
Probably (updated) attachment from first post should work on any PC windows
Nice! Just tested working on Vista 32. Thanks very much.
luv2chill said:
Nice! Just tested working on Vista 32. Thanks very much.
Click to expand...
Click to collapse
Damn, Vista doesn't run in my PC, it's too painfully slow...
Wait! I've run every kind of OS's in my PC before, Linux (with compiz), FreeBSD (and web server running), OpenBSD, OpenSolaris, XP, 2k3 Server Pro, BeOS... Maybe it is Vista that's too awfully slow!!!
risidoro said:
Damn, Vista doesn't run in my PC, it's too painfully slow...
Wait! I've run every kind of OS's in my PC before, Linux (with compiz), FreeBSD (and web server running), OpenBSD, OpenSolaris, XP, 2k3 Server Pro, BeOS... Maybe it is Vista that's too awfully slow!!!
Click to expand...
Click to collapse
Ubuntu FTW
Downloaded file on first post. Will post feedback ASAP.
dferreira said:
Ubuntu FTW
Click to expand...
Click to collapse
Great! I'm an Ubuntu guy too
PS: sorry for the OT!
Everything is working now... lets see now if I can do what I want
Is it supposed to say anything if it doesn't or does remove the signing ?
EDIT: it says if any certificate is removed... ok... lets see if it works now then
I'm contributing to this unsigner
Just add UnSigner.exe and the attached batchUnsign.bat to the root of the directory you want to remove the certifications from *.exe *.mui *.dll files and if you run the batchUnsign.bat it should process the entire directory and sub directories for those files
Enjoy.
Marvelous program from a Super Duper programmer.
I want to modify the messaging program but I've not done any WM coding before. I've looked at a number of posts on the forum and taken a look at the wiki but I'm still totally confused about where to start.
My current view is that I need to:
Extract the messaging program from the ROM I'm using
Is this possible? If so, what tools do I need? I found a few utilities that look promising on the wiki but there is no documentation for them so I've got no idea how to use them.
Disassemble the program
Can I do this with Visual Studio? Ideally I would like to step through the execution to find the bits I need to change, can I do that with the extracted program in the WM emulator? Or can I do it directly on my PDA?
Patch the program
I can probably figure this bit out by myself.
Get the patched program onto my PDA
As the program is in ROM, I'm assuming I'll have to re-make the ROM. Or can ROM files be updated/overwritten without rebuilding the ROM?
Each of those steps is assuming the previous one is the correct approach and is actually possible. I'm not looking for hand holding at every step, just some good pointers to relevant information and tools. Thanks.
0. - which programm you want to hack ?
1. What type of PDA you use ?
for example - for hx4700 -
prepare_imgfs.exe dump.dat
viewimgfs.exe imgfs_raw_data.bin
2. IDA - diassemble, or Visual Studio for debugging - if you know how
3. What type of PDA you use ?
for example - for hx4700 - like vivi kitchen.
4. ...
Thanks for your reply.
0. - which programm you want to hack ?
Click to expand...
Click to collapse
The messaging program, is it called Outlook Mobile? Do you know if it is native or managed code? If not, what's the easiest way to tell?
1. What type of PDA you use ?
for example - for hx4700
Click to expand...
Click to collapse
I've got a Kaiser. Currently running "udK 8.0 R0 Vega" ROM (WM6.1). Forgot to mention that in my previous post.
IDA - diassemble, or Visual Studio for debugging - if you know how
Click to expand...
Click to collapse
Does IDA support remote debugging on Windows Mobile? Also, are there any restrictions on what you can debug in VS, ie. do they stop you from debugging things you don't have the source for or are Microsoft applications (eg. Outlook) restricted from debugging in some way?
I'm finding it really hard to get decent information on these kinds of things. If I actually manage to get anywhere with this then I'll write up some kind of guide for the wiki.
Ok, I've used this tool to extract the ROM and get a file called 00_OS.nb. I then got these tools and managed to dump the NB file so that I now have all of the files inside the ROM.
I've been playing about with IDA but when I try and run poutlook.exe in the debugger, it runs but exits straight away (ie. it doesn't create a window on the PDA). I tried copying poutlook.exe onto my device but it doesn't run, I think I need to get it running from the exe before I do anymore IDA stuff. I remember reading somewhere that executables in the ROM image have been manipulated in some way (addresses rewritten or relocated or something), is that what is affecting it? Or do I need to run some additional tool on the extracted exe before it will run standalone?
How do I get an executable extracted from the ROM to run on my device? Or do I have to roll it all up into a ROM for it to work?
Hello,
Can someone give me a hint, how to Shutdown and Restart (Soft-Reset) Windows Mobile Devices with .netCompactFramework 3.5?
Is there somewhere a special file like shutdown.exe on Windows Systems wich I can run with parameters to shutdown/restart the device?
Thanks for help!
Nightskill
Nightskill said:
Hello,
Can someone give me a hint, how to Shutdown and Restart (Soft-Reset) Windows Mobile Devices with .netCompactFramework 3.5?
Is there somewhere a special file like shutdown.exe on Windows Systems wich I can run with parameters to shutdown/restart the device?
Thanks for help!
Nightskill
Click to expand...
Click to collapse
try this...
maybe can help you
just install Mortscript
and make a script named as you want
with just the word
Reset
your file must be named xxxxx.mscr
You'll probably need to P/Invoke.
SetSystemPowerState is the function you'll want to use, though the exact implementation of it varies a little from device to device.
http://msdn.microsoft.com/en-us/library/aa929708.aspx