Data

Tools

Indexes

Applications

Experiments

Awesome

An open API service indexing awesome lists of open source software.

https://github.com/maximilianfeldthusen/disasmwinexe

disasseembly exe file using libdasm library
https://github.com/maximilianfeldthusen/disasmwinexe

Last synced: 7 months ago
JSON representation

disasseembly exe file using libdasm library

Awesome Lists containing this project

README 

          
## Documentation



### DisasmWinExe



The code is a simple C++ program that disassembles a Windows executable file (typically with a `.exe` extension) using the `libdasm` library, which is designed to disassemble machine code into human-readable assembly language. Let's break down the code step by step:



### Code Breakdown



1. **Includes and Namespace**:

   ```cpp

   #include 

   #include 

   #include 

   #include 

   ```

   - `#include `: Includes the standard input/output stream library for console I/O operations.

   - `#include `: Includes the file stream library for file handling.

   - `#include `: Includes the vector library for dynamic array handling.

   - `#include `: Includes the `libdasm` library header, which provides functions for disassembly.



2. **Action List Function**:

   ```cpp

   void my_actionlist(dasm_State *dasm) {

       // You would define how to handle each instruction here

       // This is a placeholder; actual implementation is needed based on your needs

   }

   ```

   - This function is a placeholder for defining how to handle each disassembled instruction. The actual implementation would involve specifying what to do with each instruction that `libdasm` disassembles.



3. **Main Function**:

   ```cpp

   int main() {

       // Open the .exe file

       std::ifstream file("", std::ios::binary);

       if (!file.is_open()) {

           std::cout << "Failed to open the .exe file." << std::endl;

           return 1;

       }

   ```

   - The program begins execution in the `main` function.

   - It attempts to open a specified `.exe` file in binary mode. Replace `` with the actual path to the executable you want to disassemble.

   - If the file cannot be opened, an error message is displayed, and the program exits.



4. **Reading the File**:

   ```cpp

       // Read the file contents into a buffer

       file.seekg(0, std::ios::end);

       std::streampos fileSize = file.tellg();

       file.seekg(0, std::ios::beg);

       std::vector buffer(fileSize);

       if (!file.read(reinterpret_cast(buffer.data()), fileSize)) {

           std::cout << "Failed to read the .exe file." << std::endl;

           return 1;

       }

   ```

   - The program determines the size of the file by seeking to the end of the file.

   - It then creates a `std::vector` to hold the binary data of the executable file.

   - The file contents are read into the buffer. If reading fails, an error message is displayed, and the program exits.



5. **Disassembler Initialization**:

   ```cpp

       // Disassemble the code

       dasm_State *dasm = dasm_init(DASM_ARCH_X86, DASM_OPTION_GENERATE);

       if (!dasm) {

           std::cout << "Failed to initialize disassembler." << std::endl;

           return 1;

       }

   ```

   - The disassembler state is initialized for the x86 architecture. The option `DASM_OPTION_GENERATE` specifies that the disassembler should generate code.

   - If initialization fails, an error message is displayed, and the program exits.



6. **Setting Up the Disassembler**:

   ```cpp

       dasm_setupglobal(dasm, buffer.data(), buffer.size());

       dasm_setup(dasm, my_actionlist);

       int status = dasm_link(dasm);

       if (status != DASM_S_OK) {

           std::cout << "Failed to link the disassembler." << std::endl;

           dasm_free(dasm);

           return 1;

       }

   ```

   - The disassembler is set up with the buffer data and size.

   - The action list is set up using the placeholder function `my_actionlist`. This is where you would define how to process each disassembled instruction.

   - The disassembler is linked, which prepares it for execution. If linking fails, an error message is displayed, and the program exits.



7. **Executing the Disassembler**:

   ```cpp

       // Print the disassembly result

       dasm_exec(dasm, 0);

       dasm_free(dasm);



       std::cout << "Disassembly finished." << std::endl;



       return 0;

   }

   ```

   - The disassembler is executed, starting from offset 0.

   - After disassembly, the disassembler state is freed with `dasm_free`.

   - A message indicating that disassembly is finished is printed to the console.



### Summary

This code is a skeleton for a disassembler using the `libdasm` library. It opens a specified executable file, reads its binary contents, initializes a disassembler, sets up an action list to handle instructions, and executes the disassembly. The actual implementation of how to handle instructions would need to be filled in the `my_actionlist` function. The program handles basic error checking for file operations and disassembler initialization.



![C++](https://img.shields.io/badge/c++-%2300599C.svg?style=for-the-badge&logo=c%2B%2B&logoColor=white)