Sunday, September 16, 2012

How to Disassemble Setup.exe (Reverse Engineering)

A disassembler is a program that lets you look at a program's machine code while executing on a computer. Disassembly is a type of analytic procedure programmers use to view how a program runs in memory. Several programs let you disassemble a setup.exe file. Disassembling a setup.exe file allows you to see how the installation procedure runs on the computer. 


Instructions

    • Download and install the IDA Pro program by Hex Ray (see Resources). The program is a color-coded application that lets you discern between your setup.exe code and the Windows operating system code. The memory view shows you the executing code for the EXE file located in memory. The program also let you manipulate values and pause the execution of the file. This helps you test program options for your setup.exe file.

    • Download and install W32 DASM on your computer that has the setup.exe file on it (see Resources). W32 DASM is a free program, so it is good for people who are new to disassembling execution files and reading the code in memory. The interface is a single window that displays the code in each memory address. You cannot change the code in memory like you can with IDA Pro.

    • Download and install OllyDbg (see Resources). The OllyDbg program is a disassembler and a debugger. A debugger works with a disassembler to view the code in memory and lets you manipulate the code to find problems and errors in the setup.exe file. The OllyDbg program is open source, so you can also add open source modules or add your own add-on to the program.
Reactions:

1 comments:

  1. Hi there, after reading this amazing article i am too
    delighted to share my familiarity here with mates.


    Also visit my web blog film critic [www.fizzlive.com]

    ReplyDelete