hello,
i have a question related to reverse engineering of windows mobile application using ida pro. I change one instruction with hex editor, i check if everything was changed and it seems ok, but when i run the same application with ida on my wm 6 device i notice that the instruction hasn't changed.
How is that possible if even hex editor shows me another instruction. I checked with charmed via my device and it shows that the instruction was successfully changed. Ida shows the changed instructions until i don't start debugging the application. Anybody knows where's the problem?
Thanks in advance.
Related
Hi All,
I'm writing an app which uses an SQL Mobile DB on the JasJar. It works fine in the emulator, but as soon as I run on the JasJar I get the following message:
Unable to find PInvoke DLL sqlceme30.dll
The code which causes this is the first reference to a System.Data.SqlServerCe object.
I've searched for clues and tried manual installations of SQL Mobile Cabs on the device, I've tried putting the required DLL's into the project and marking them to be copied onto the device during deployment, and I've tried a factory reset. All of these (except the reset) get rid of the first error and give this one:
A SQL Mobile DLL could not be loaded. Reinstall SQL Mobile. [ DLL Name = sqlceqp30.dll ]
The code which causes this is the first call to execute a query against the DB. I've been unable to get any further than this.
I've tried to rule out device problems by performing the factory reset, and have also tried to rule out VS2005 configuration issues by running on the emulator.
Has anyone else had (and more importantly - solved ) this problem?
Many thanks for any help you can offer.
Regards
Alec
FYI This was solved by applying the latest ROM update.
Hi
just for information, this error may also appear if the DLL is loaded to late and the RAm would not be sufficient to load the dll
Hi guys.
I stumbled upon this fantastic website which has already help me to understand my windows mobile 6 device.
However i have noticed that in the program list there is a folder named - HTC Debug Tools. Within this folder is a program named - QxdmSdLog.
Now i know that QxdmSdLog is a logging tool. I want to know how this tool can be activated so i can log the workings of the device. I know that the QxdmSdLog program states to have the Radio Flags in the Debug Tool program set to 4xx. Does anyone know what 4xx means???
If only i could get the logs through QxdmSdLog!!
Any help would be greatly appreciated please.
Thanks in advance.
bashme
I am interesting. How to get the HTC debug tools?
1. Run Debug Tool
2. Set [5]Debug flags to '5'
3. Set [8]Radio Flags to '405'
4. Reset device
You'll see \HtcLog folder with a text file inside. Actually this file should appear on SD card but looks like it depends on the phone. I have XPeria X1
I want to modify the messaging program but I've not done any WM coding before. I've looked at a number of posts on the forum and taken a look at the wiki but I'm still totally confused about where to start.
My current view is that I need to:
Extract the messaging program from the ROM I'm using
Is this possible? If so, what tools do I need? I found a few utilities that look promising on the wiki but there is no documentation for them so I've got no idea how to use them.
Disassemble the program
Can I do this with Visual Studio? Ideally I would like to step through the execution to find the bits I need to change, can I do that with the extracted program in the WM emulator? Or can I do it directly on my PDA?
Patch the program
I can probably figure this bit out by myself.
Get the patched program onto my PDA
As the program is in ROM, I'm assuming I'll have to re-make the ROM. Or can ROM files be updated/overwritten without rebuilding the ROM?
Each of those steps is assuming the previous one is the correct approach and is actually possible. I'm not looking for hand holding at every step, just some good pointers to relevant information and tools. Thanks.
0. - which programm you want to hack ?
1. What type of PDA you use ?
for example - for hx4700 -
prepare_imgfs.exe dump.dat
viewimgfs.exe imgfs_raw_data.bin
2. IDA - diassemble, or Visual Studio for debugging - if you know how
3. What type of PDA you use ?
for example - for hx4700 - like vivi kitchen.
4. ...
Thanks for your reply.
0. - which programm you want to hack ?
Click to expand...
Click to collapse
The messaging program, is it called Outlook Mobile? Do you know if it is native or managed code? If not, what's the easiest way to tell?
1. What type of PDA you use ?
for example - for hx4700
Click to expand...
Click to collapse
I've got a Kaiser. Currently running "udK 8.0 R0 Vega" ROM (WM6.1). Forgot to mention that in my previous post.
IDA - diassemble, or Visual Studio for debugging - if you know how
Click to expand...
Click to collapse
Does IDA support remote debugging on Windows Mobile? Also, are there any restrictions on what you can debug in VS, ie. do they stop you from debugging things you don't have the source for or are Microsoft applications (eg. Outlook) restricted from debugging in some way?
I'm finding it really hard to get decent information on these kinds of things. If I actually manage to get anywhere with this then I'll write up some kind of guide for the wiki.
Ok, I've used this tool to extract the ROM and get a file called 00_OS.nb. I then got these tools and managed to dump the NB file so that I now have all of the files inside the ROM.
I've been playing about with IDA but when I try and run poutlook.exe in the debugger, it runs but exits straight away (ie. it doesn't create a window on the PDA). I tried copying poutlook.exe onto my device but it doesn't run, I think I need to get it running from the exe before I do anymore IDA stuff. I remember reading somewhere that executables in the ROM image have been manipulated in some way (addresses rewritten or relocated or something), is that what is affecting it? Or do I need to run some additional tool on the extracted exe before it will run standalone?
How do I get an executable extracted from the ROM to run on my device? Or do I have to roll it all up into a ROM for it to work?
Hi there. What I am looking for is a functional debugger for Windows Mobile Applications. I does not have to run on Windows Mobile - I'd rather have a sort of emulator with included debugger for Win Vista. I need to be able to set Breakpoints and view the code being executed of course. I don't think it will be x86 ASM, but I suppose some Asm of whatever architecture these QUALCOMM CPUs are.
IDA Pro
I'd recommend IDA Pro v5.x
You can try the demo version which comes with ARM/Windows CE debugger.
http://www.hex-rays.com/idapro/
crc64 said:
I'd recommend IDA Pro v5.x
You can try the demo version which comes with ARM/Windows CE debugger.
http://www.hex-rays.com/idapro/
Click to expand...
Click to collapse
Downloaded it but I does not work very well. How would you properly load a program? What I tried was copying the Exe to my PC and open it - fail of course. WHen I try to run it, it asks me whether I would like to copy it to my phone. SO that's what I do. Then the program starts but it closes immediately because language files are missing. So I copy the contents of the program folder to the folder where IDA copies the file. Now when I click Run nothing happens. And it prompts me all the time for bthutil.dll - I think that's the Bluetooth driver. But no idea what do to with this, I only click cancel.
Anyone? I really need this
Are you debugging a native or a .NET app?
Check
http://msdn.microsoft.com/en-us/library/bb158521.aspx
I can't tell by this time. If it's .NET, then it's NOT .NET 3.5. I do NOT have the sourcecode readily available.
Anyone? Hey, I think about 60% of all keygenners/crackers/etc for WinMo are registered users here. You MUST know!
0 get the ide debugger for every non system dll app this thing works on the X1
1 find the registry values to set to allow the IDA debugger to work
2 read the documentation provided @ hexrays for exactly your project.
0x41414141 said:
0 get the ide debugger for every non system dll app this thing works on the X1
1 find the registry values to set to allow the IDA debugger to work
2 read the documentation provided @ hexrays for exactly your project.
Click to expand...
Click to collapse
Sorry I don't fully understand you, can you go in a little bit more detail?
Firefall! said:
Sorry I don't fully understand you, can you go in a little bit more detail?
Click to expand...
Click to collapse
0 ida doesn't let you set breakpoints on system dll's
1 Key: 'HKLM\Security\Policies\Policies001001'
change to value DWORD:1
Key: 'HKLM\Security\Policies\Policies00100b'
change to value DWORD:1
2 http://www.hex-rays.com/idapro/wince/index.htm
ljankok said:
0 ida doesn't let you set breakpoints on system dll's
1 Key: 'HKLM\Security\Policies\Policies001001'
change to value DWORD:1
Key: 'HKLM\Security\Policies\Policies00100b'
change to value DWORD:1
2 http://www.hex-rays.com/idapro/wince/index.htm
Click to expand...
Click to collapse
Thank you very much, will try this Much appreciated!
cedit does not work for my windows 7 + hd2 combination..
anyone know of a working freeware?
ceregistry editor. don't forget on first time connection to click "tools - unlock registry"else it won't let you make changes
I used mobile registry editor 1.1 and it was fine. (doesn't seem to have a find or export feature, I could be wrong.)
CeRegEditor <--- and whatever the latest version of that is, snag that.
It's the easiest to use on any desktop PC.
Otherwise, try Resco Registry Editor on your device, or MemMaid, or even the file editor from SPB.
ceregeditor doesnt work for me.. could it be win7's prob?
leobox1 said:
ceregeditor doesnt work for me.. could it be win7's prob?
Click to expand...
Click to collapse
describe the problem please? cos if it simply saying it can't make changes, sees my earlier post about unlocking the registry.
Works fine on Winows 7
it doesnt show anything.. i cant see HKLM etc etc even with the unlock .. where is the latest ver? could it be it? is there anything additional i need to do?
I assume that you connect via activesync first!!
And then click the connect button (or hit F1)
Hi,
did you try to rightclick on icon and "run as Administrator" ?
Ok guys kinda new here but I reg edit for the pc a lot. I cant seem to get the program to work. In my active sync it says its connected and when I get ready to unlock the registry via the program its says it cant load the program on my device.