Disassembler

From Wikipedia, the free encyclopedia

A disassembler is a computer program which translates machine language into assembly language, performing the inverse operation to that of an assembler. A disassembler differs from a decompiler, which targets a high level language rather than assembly language. Disassembly, the output of a disassembler, is often formatted for human-readability rather than suitability for input to an assembler, making it principally a reverse-engineering tool.

Assembly language source code generally permits the use of symbolic constants and programmer comments. These are usually removed from the final machine code by the assembler. If so, a disassembler operating on the machine code would produce disassembly lacking these constants and comments; the disassembled output becomes more difficult for a human to interpret than the original annotated source code. Some disassemblers can infer useful names and comments; however, interactive disassemblers are able to successfully disassemble more programs than fully-automated disassemblers because human insight applied to the disassembly process parallels human creativity in the code writing process.

There can never be a completely automated disassembly tool which always outputs correct source code because the disassembly process reduces to the impossible-to-solve halting problem.

Disassemblers are often confused with reassemblers, which are different.

Contents 1 Disassemblers 2 References 3 See also 4 External links

[edit] Disassemblers

• Most debuggers include a disassembler, e.g. objdump, part of GNU Binutils, or e2dbg, the Embedded ELF debugger part of the ELF shell framework.
• BORG Disassembler with source code
• RosASM - 32 bit Assembler (The Bottom Up Assembler which is free and GPLed). Although this tool is basically an assembler, it also contains a very powerful (though automated) disassembler that is able to rebuild a huge variety of small applications. Support for disassembly of larger applications is under development. Those curious in this product should note that the disassembler injects extra data into the source, combines sections from the original object code, and moves data from one PE section to another, which are uncommon operations in something calling itself a disassembler.
• Interactive Disassembler - A commercial, interactive disassembler.
• Sourcer - A disassembler based on definition files.
• The Bastard Disassembler - Linux disassembler. Doesn't have a usable front-end yet, but it does have an interactive command-line mode.
  • x86 Disassembler Library - The library that Bastard is based on.
• The Libasm from the ELF shell (elfsh) comes with advanced symbol resolving features
• Kopi Project
• PVDasm - Proview (PVDasm) is a online free interactive disassembler, Multi-Cpu (x86/Chip8) Disassembler. with features such as: PE-Editor, Process Manager and Dumper, Plugin SDK, MASM Source Code Generator, MAP File analysis, Hex Editor, Function Param Recognition and more.
  • PVDasm screen shot.
• The Java Class File Disassembler
• HT Editor - Binary editor for Linux and Windows console.
• PE Explorer Disassembler - a win32 PE file disassembler designed to reconstruct the assembly language source code of target binary win32 PE (Portable Executable) files such as .EXE, .DLL, Device Drivers (.SYS), OCX Controls, and Borland Libraries (.dpl & .bpl).
• Udis86 Udis86 is an easy-to-use minimalistic disassembler library for the x86 and x86-64 (AMD64) range of instruction set architectures, designed to aid software development projects that entail binary code analysis.
• diStorm64 diStorm is an open source highly optimized stream disassembler library for 80x86 and AMD64.
• PostSharp - Disassembles .NET modules to an object model, let you modify it and assembles it back.
• OllyDbg - Free, small ( < 1MB ) and very complete disassembler/debugger for Win32 applications.

[edit] References

• L. Vinciguerra, L. Wills, N. Kejriwal, P. Martino, and R. Vinciguerra, "An Experimentation Framework for Evaluating Disassembly and Decompilation Tools for C++ and Java", Proc. of 10th Working Conference on Reverse Engineering (WCRE) 2003.
• B. Schwarz, S. Debray, and G. Andrews, "Disassembly of Executable Code Revisited", Proc. of 9th Working Conference on Reverse Engineering (WCRE), pp. 45-54, 2002.

[edit] See also

• Control flow graph
• Data-flow analysis
• Infinite loop
• Self-modifying code

[edit] External links

• transformation Wiki on disassembly
• Disassembler Class Reference
• OpenRCE: Various Disassembler Resources and Plug-ins