identifying start or end of instructions given hex dump

hi all

any idea how to do this?


stanley

Comments

  • Dissassemble the binary, and compare/follow the dissassembled code
    and the hex dump.

    This is what I do.
    [hr][size=1][leftbr].:EvolutionEngine[rightbr][leftbr].:MicroOS Operating System[rightbr][leftbr][link=http://www.mt2002.sitesled.com]Website :: OS Development Series[rightbr][/link][/size]
  • : Dissassemble the binary, and compare/follow the dissassembled code
    : and the hex dump.
    :
    : This is what I do.
    : [hr][size=1][leftbr].:EvolutionEngine[rightbr][leftbr].:MicroOS
    : Operating
    : System[rightbr][leftbr][link=http://www.mt2002.sitesled.com]Website
    : :: OS Development Series[rightbr][/link][/size]
    :

    I've been starting my own disassembler and I must say - for a human with the proper documentation it can be quite complicated to know what is what.
    For a program to do so can be even more difficult

    Anyway, I used official Intel
  • thanks to both...

    i also had those intel papers...

    my task is actually to write a program to auto insert some codes into the binary so i have to know where to insert...hopefully not by parsing the whole file...

    sounds like i'm making a virus but i'm actually doing some research on obfuscation for my honors paper. =)
  • Hey, if you guys need some inspiration or something regarding disassemblers, then you might want to check out this alpha-stage thingy I made about a year ago:
    http://www.hot.ee/anthrax11/leht/wdisasm.zip

    It's not a perfect disassembler, but might give you some ideas.. It works on both 16- and 32-bit executables. I'll probably pick this project up again some time soon. Raw hex file disassembly was high on my todo list.

    Regards,
    a11

  • This might be cheeting, but if you need to insert instructions,
    just write 0xCC into any binary :-)

    0xCC is a breakpoint opcode.
    [hr][size=1][leftbr].:EvolutionEngine[rightbr][leftbr].:MicroOS Operating System[rightbr][leftbr][link=http://www.mt2002.sitesled.com]Website :: OS Development Series[rightbr][/link][/size]
Sign In or Register to comment.

Howdy, Stranger!

It looks like you're new here. If you want to get involved, click one of these buttons!

Categories