Related
Hi,
Can someone assist me with how i might go about decompiling or viewing a dll, making changes to it and recompiling it? What tools can i use to do this?
I have tried copying some of the dlls from my device over to my local pc, however most of the time i get an "access violation" message.
Further, i realize i can use idlasm to disassemble .net files, but it seems most of the more interesting dlls and files may be standard c dlls. How can i take a look at the code in these and modify if wanted?
thanks much.
farseer: what level of experience do you have?
V
I'd like to think i am decent developer, but that may be in my own mind
However, i do not do a lot of "hacking", i.e., have not had the need to do much reverse engineering. I have been coding ground up apps for over 10 years however, uisng C++, Java, C#, VB, etc. You name the language, and i've probably done something in it .
vijay555 said:
farseer: what level of experience do you have?
V
Click to expand...
Click to collapse
was that the wrong answer?
farseer said:
I'd like to think i am decent developer, but that may be in my own mind
However, i do not do a lot of "hacking", i.e., have not had the need to do much reverse engineering. I have been coding ground up apps for over 10 years however, uisng C++, Java, C#, VB, etc. You name the language, and i've probably done something in it .
vijay555 said:
farseer: what level of experience do you have?
V
Click to expand...
Click to collapse
Click to expand...
Click to collapse
The correct answer should be "I know ARM assembler language, the structure of Win32 PE files, I know what is XIP DLL and why I cannot modify them directly, and I have read the WM5 source code".
In this case the process is simple - you decompile a DLL with IDA (www.datarescue.com), find the place you need, modify the code to suit your needs - and that is all. In most cases there is not enough place in DLL for your code, so you need to use virus-like techniques, my prefered method is to patch the code so that it loads my DLL and run it instead of original code. Or use some other hooking methods so that my code is executed instead of original.
Ah, thanks much, this was helpful. I do have a few follow up questions:
1. Is "Arm assembler" different than standard assembler? If so, any suggested readings?
2. There are some dlls that cannot be copied to my local pc (i get an access violation i believe). How does one extract an image of such dlls?
3. Where is the WM5 source code? and why would i need to read this to be able to hack/patch dlls?
thanks again.
mamaich said:
The correct answer should be "I know ARM assembler language, the structure of Win32 PE files, I know what is XIP DLL and why I cannot modify them directly, and I have read the WM5 source code".
In this case the process is simple - you decompile a DLL with IDA (www.datarescue.com), find the place you need, modify the code to suit your needs - and that is all. In most cases there is not enough place in DLL for your code, so you need to use virus-like techniques, my prefered method is to patch the code so that it loads my DLL and run it instead of original code. Or use some other hooking methods so that my code is executed instead of original.
Click to expand...
Click to collapse
Hi farseer!
I am nowhere near the level of mamaich or vijay555 but I have some experience in this and I believe I can give you some basic answers:
1. ARM is a different architecture then x86 processors and the assembler is different to accommodate it. There are some basic similarities like mov add and such, but even the registers are different (R0 - R15 if I am not mistaken). Sorry, I don't know any books on it, but if you google you will quickly find the list of commands with basic explanation.
2. Since the OS is in ROM you can't just copy and paste it's DLLs and EXEs. Look for ROM dumping tools on this forum, or already extracted images on the ftp. Keep in mind MS did some tricks to save memory and make it harder to get at the files, so like mamaich said, you need to learn about XIP and the ROM structure in general to understand whats going on.
3. Hmm... MS does have a program for sharing most of WM source code, but it's not for common people like us. (check out their site to see what I mean) I suspect there are other sources of getting the parts necessary to understand DLL hooking, but I have no idea what they might be.
Well that's my two cents until an expert can answer you. Hope this helps.
farseer: you gave a perfectly good answer IMHO, just needed to get an idea of what level to pitch a response without talking up or down to you!
It's well documented that I'm a self confessed newb to c++, and would say that your programming skills should certainly hold you in good stead. However, having a good knowledge of the Win32 API is certainly beneficial.
For decompiling, basically IDA. There is an IDA demo available on their website that should get you going, it's pretty much 100% functional other then it won't save, and closes itself (or crashes itself) after a reasonable, random period of time. IDA is "the daddy" for pretty much all mainstream reversing, although you could write your own decompiler/debugger.
Recompiling - that's a toughy. IDA won't permit recompiling on ARM AFAIK.
You'll have to hexedit into the target and patch directly. Otherwise you get into the exciting world of code injection, hooking etc, as Mamaich says.
For that area, read everything he's ever written, before you start reversing
Oh, and a helpful hint to all. Don't just read what Mamaich's written on this board, his posts on other boards are even more useful!
It's worth getting a good familiarity with reversing on x86 first, get used to how IDA works etc (and Soft Ice is very useful to give a good insight into x86, although AFAIK it's not available for WinCE). ARM assembler is different, but just grab a list of the opcodes and read through a few CPU developers' guides (online).
There are a number of tutorials on reversing ARM stuff online. In the usual places for that kind of stuff.
For getting access to the ROM files, easiest way is to grab a rom update file and decrypt it. Mamaich is once again your man, his romtools do the job. He also has a "live" rom grabber, that'll grab all the files/modules out of your running phone for your perusal.
Platform Builder is available free to give you (some) WinCE source code. Not all, but enough to give you years worth of reading.
V
Thanks all...very kind of you to respond in such detail. I look forward to dabbling a bit with IDA and some of mamaich tools. I suppose the first order of business is to do a lil more research and then just dive in! It's been a while since i wrote any assembly code (not since college!), but i am a bit excited at having an excuse to do so again.
thanks again.
Just remember that unless you really luck out and the developer left the symbol table intact, you're going to end up with garbage for the names of variables and subroutines.
I hate reading decompiled code.
I had developed a software. The software are using the external dll library, how can I compile the exe embedded *.dlls??
PS: I am using a VS 2005, Language: VB.net
Also I would like to know how to protect my application code avoid the decompiler to decompile ???
sorry for my poor english.
Welcome to the forum.
Your English is fine, but unfortunately there is no simple answer to your questions.
I will start with the last one first:
There is no one simple way to protect your code. There are whole books and articles written on it and if you google you will even find commercial products that "scramble" compiled apps to make it difficult to disassemble and reverse engineer.
Unfortunately I can not give you more specific info like book titles since I am not too interested on the subject.
I can tell you this: whether you app gets hacked or not is a matter of how much it costs vs. how useful / desirable it is. That means that if your program is really grate and everyone wants it but it costs a lot someone will put in the effort and eventually crack it no matter what you do.
As for your first question: unless you have source code or the obj files for the DLL to link to there is no way to combine it with your exe. If something was released as a DLL library and only as a DLL library it will remain just that.
Like mentioned above; the only possibility to 'protect' your .NET application is to obfuscate the code. there are some good (but commercial) tools out there. Google for it and if you're lucky you can find a comparison as well. (hopefully somebody tested some tools already to compare them)
You cannot recompile a DLL unless you've the source code as well.
it's easier to do if one dont use .net
I'm not a programmer, I just want to compile MAME for the Android. But, of course compiling code within the Android platform is not possible (as one would do it in Ubuntu or Debian), so I need the Android SDK and enough knowledge of java to call the native code, which needs to be packaged by the NDK, launched from within Cygwin.
Seems there will also be some video issues, beyond my comprehension. MAME developer R. Belmont posted this on porting MAME to Android:
The OpenGL support won't help you with GLES, that'll need to be an entirely separate code path
Click to expand...
Click to collapse
Whatever that means, it sounds like a lot of work. Looking around for similar projects for examples on how to call native code like the source for MAME , I found the java activity source code for aDosBox. It's also an emulator, but also has video requirements and uses native source as it's base. I'm still decrypting what it does, but for a developer (perhaps you!) looking to port MAME, it might be a good place to start.
What would be cool, is a couple templates I could just plug the needed particulars into. One for the Android.mk file that adds any required libraries needed for video stuff when I use ndk-build, and one for the java activity that simply calls the native code.
The MAME source code also has an SDL backend in the included build system. The build system 'detects' what platform it's on and builds accordingly. Can SDL be used in the Android SDK?
Hey guys im considering porting/recoding an app from VB.net to work on android, but i havent got a clue what language is used in android, could someone tell me its name or some sort of website with this information?
Finally if someone is experienced in programming apps for android, i would like to chat about a few capabilities of the language.
Thanks in advance!
Android is Java-ish based.
i would recommend you checking out the program Eclipse.
The main applayer is java based with some xml thrown in. But there is a native development kit that you can compile c c++ and many other languages to run on an android phone. But since java is virtual machine based an app written in java will run on all phones*(some caveats like os version) while the app in ndk will work on only hardware that it was designed for
Also, is Google not working? A simple search for "Android programming language" would answer this question
From something awesome
killersnowman said:
The main applayer is java based with some xml thrown in. But there is a native development kit that you can compile c c++ and many other languages to run on an android phone. But since java is virtual machine based an app written in java will run on all phones*(some caveats like os version) while the app in ndk will work on only hardware that it was designed for
From something awesome
Click to expand...
Click to collapse
hmmm, yes there is google but not what im exactly asking, and that makes me ask this:
You talk about c & c++ and other languages compilations to run on android phone, is vb.net a part of that list?
Could you show me a website or something that says more about that dev kit? im basically trying to port my apps from vb 2010 express (windows forms based) to android and if that thing is not possible should i use java to code it all over again?
Thanks in advance!
http://developer.android.com/sdk/ndk/ this is for the ndk but it is not as simple as just compiling your code with the ndk. You will need to rewrite some of it to actuallytie into the android apis
You should really just use the java sdk. You will reach more people and be able to find more help and info
And I stand corrected, while there are projects trying to bring other languages to the ndk it is at this point just C and C++
From something awesome
killersnowman said:
http://developer.android.com/sdk/ndk/ this is for the ndk but it is not as simple as just compiling your code with the ndk. You will need to rewrite some of it to actuallytie into the android apis
You should really just use the java sdk. You will reach more people and be able to find more help and info
And I stand corrected, while there are projects trying to bring other languages to the ndk it is at this point just C and C++
From something awesome
Click to expand...
Click to collapse
oh well in that case i will need to learn java.... thanks mate, i think its easier to just rewrite the whole thing really i like proper optimizations and ports most of the times lack them.
Thanks for the information thats all i needed.
PS: rep added
if you know vb.net well you'll have no real problem with java.. it just adds brackets and semicolons essentially lol. I learned java in college and then was thrown into the .net framework using c# and i love the .net framework.. its so hard for me to go from using Visual Studios to Eclipse to make an android application because Visual Studios (which im assuming you use, is so powerful).. But yes android is java code behind and html (preferred) GUI. You can make your GUI using java but trust me its terrible!
jr10000 said:
But yes android is java code behind and html (preferred) GUI. You can make your GUI using java but trust me its terrible!
Click to expand...
Click to collapse
Html? You mean xml?
Also try Intellij instead of Eclipse. Eclipse is way too bloated and IntellJ has some amazing autocomplete features. Its better in my opinion
From something awesome
jr10000 said:
if you know vb.net well you'll have no real problem with java.. it just adds brackets and semicolons essentially lol. I learned java in college and then was thrown into the .net framework using c# and i love the .net framework.. its so hard for me to go from using Visual Studios to Eclipse to make an android application because Visual Studios (which im assuming you use, is so powerful).. But yes android is java code behind and html (preferred) GUI. You can make your GUI using java but trust me its terrible!
Click to expand...
Click to collapse
what?? i really need a proper GUI ugh... yes im using visual studio, and indeed is amazing, the app i have and i want to port to android is windows form based, the most essential thing i would need about it is the calendar control :\
You can use Javascript+HTML5 (it's complicated to express here but the whole things is pretty much native).
Python aswell, use SL4x or Kivy (Kivy is pretty good but it's still too new).
Sorry, being hate Java too much.
Funnnny said:
You can use Javascript+HTML5 (it's complicated to express here but the whole things is pretty much native).
Python aswell, use SL4x or Kivy (Kivy is pretty good but it's still too new).
Sorry, being hate Java too much.
Click to expand...
Click to collapse
ok np, so to doublecheck this: to have an application with graphical interface i will need javascript and html5?
TheWarKeeper said:
ok np, so to doublecheck this: to have an application with graphical interface i will need javascript and html5?
Click to expand...
Click to collapse
I dont know why people spread extremely non standard practices to people getting started...
No you dont need javascript or html5.
Android has a ui layout system based in xml. Its just there to arrange objects that you can access from the java code. So a little xml and java is all you need
From something awesome
TheWarKeeper said:
ok np, so to doublecheck this: to have an application with graphical interface i will need javascript and html5?
Click to expand...
Click to collapse
The right way to do GUI is with Java, with the official SDK from Google.
Some non-standard way to do this is with Javascript (just a GUI wrapper from Javascript to Java) and Python (again wrapper to Python).
You can choose which way you want, many people I know didn't like Java, and they choose to use a web application, and then they want to embed this to a native Android application, so they go with Titanium Mobile or some others framework like that. It's not as good as Java, but it's some other way to start with your application (Web app first and then Native app)
Funnnny said:
The right way to do GUI is with Java, with the official SDK from Google.
Some non-standard way to do this is with Javascript (just a GUI wrapper from Javascript to Java) and Python (again wrapper to Python).
You can choose which way you want, many people I know didn't like Java, and they choose to use a web application, and then they want to embed this to a native Android application, so they go with Titanium Mobile or some others framework like that. It's not as good as Java, but it's some other way to start with your application (Web app first and then Native app)
Click to expand...
Click to collapse
i feel like i should probably stick with java, i want it to be quick and fast and have alot of stuff to code, the program should run in background so it must not affect performance at all, will use timers with a basic code ticking every second while on background and thats it really
TheWarKeeper said:
i feel like i should probably stick with java, i want it to be quick and fast and have alot of stuff to code, the program should run in background so it must not affect performance at all, will use timers with a basic code ticking every second while on background and thats it really
Click to expand...
Click to collapse
Then use java bro, it's an awesome programming language, I don't know why some people don't like it, each programmer should learn to get used to each language.
Anyway, for likes.. colors
Cheers, D4.
D4rKn3sSyS said:
Then use java bro, it's an awesome programming language, I don't know why some people don't like it, each programmer should learn to get used to each language.
Anyway, for likes.. colors
Cheers, D4.
Click to expand...
Click to collapse
well ive been learning vb and i will admit that im still on intermediate level, even though i know all the basic stuff such as messing with its own functions, etc i still havent used any of the apis for it, the main problem with programming is that if u learn a language you would waste your time learning that one or else if u go learn to many languages you will end up not knowing none of them at all.
Ill see if i can mess with java, some people say syntax is a bit similar to c & c++
EDIT: btw, im not saying i dont find java good, a programming language that will basically run on any machine independently of the OS makes the language itself possibly the best and most versatile around.
I'm learning Android and I use Java and XML. I'm still a beginner though.
Sent from my SGH-T959 using XDA App
I am just curious, software like Titanium Backup, or Angry Birds, which programming language do they use? Could this stuff be programmed with Eclipse in Java?
killersnowman said:
Html? You mean xml?
Also try Intellij instead of Eclipse. Eclipse is way too bloated and IntellJ has some amazing autocomplete features. Its better in my opinion
From something awesome
Click to expand...
Click to collapse
Hey, do you know how to use intellij idea fire Android development?
Sent from my GT-S5830 using xda premium
.NET decompiler with support for XAP applications. Allows hackers developers to decompile assemblies and resources in a code editor, make changes and compile the code back to the assembly.
Click to expand...
Click to collapse
View on GitHub
Features:
Decompile .NET assemblies to C# and allow editing/compiling the high-level code back to CIL
Edit CIL instructions in method bodies
Modify assembly structure
Edit and extract assembly resources
Edit the contents of a XAP by adding, removing or swapping files, or using internal editors for certain resource types.
Integrated editors for text, hex, manifest, resource, XML and XAML.
XAP package manager (compatible with Windows Phone and Silverlight applications) allowing to view and extract XAP contents.
Does laundry, has mastered Italian cuisine, cleans and makes mind-blowjobs when asked kindly and treated right.
Click to expand...
Click to collapse
Some of your skills that could be useful may be:
Blogging: You can write down the results of your testing, your ideas and stuff about .NET Rain the way you see it.
UI/UX design: You don't have to bother with WPF implementation. Photoshop designs are good enough.
C#/WPF programming: You can contribute to the code quality and all user-related features of the application.
C# Reflection mastery: The "core" is in a very alpha state and is full of bugs. The are many planned new features, too.
Donations: They will be wisely spent.
Crowd-funding experience: You can help with raising money to pay for community-hired professionals to write code that will later remain open-source.
Virgin goat blood: For recreational uses.
Click to expand...
Click to collapse
Not going to lie, I laughed at that last part in the description. Very good work. Thanks for sharing!
I laughed at the git hub title for DLL editing : DLL Deep Throat XD
lol WUT!
Edit : Screen****s ? XD
jepp nice way to word some things , but please let us not use the kind of words here
and yes real good jop
I live to serve the forum rules, so fear not. GitHub is quite liberal, on the other hand
Let me know how do you like it because as of a while I'm experimenting with great new substances.
The effects of which include, but are not limited to, reviving this old project into The Tool for Windows 10.
So I'd love some (a lot of) "pre-"feedback. Try it out. Open issues on GitHub. Help me make it awesome.
Cheers