-
Notifications
You must be signed in to change notification settings - Fork 2
/
README.txt
60 lines (52 loc) · 2.39 KB
/
README.txt
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
This is the CVS archive of ciasdis, the ci assembler disassembler,
(or possibly a git copy of the cvs archive).
From control (debian style)
"
The package ciasdis contains an assembler-disassembler
combination that allows to reassemble to a byte-for-byte
same binary. This is useful for modifying programs where
the source was lost, analysing viruses, etc. and general
curiosity. Knowledge about a binary can be build up
automatically, using scripts, or interactively and can be
stored for continued use in .cul files.
.
The assembler chapter of the ciforth documentation is all but
mandatory. For cross assembling to other targets, such as
DEC Alpha or M6809, use the source package.
"
In order to build ciasdis:
make ciasdis FORTH=<ciforth-path>
FORTH shall on Linux contain the path of lina. The default for FORTH is
./lina.
FORTH shall on MS-Windows Linux contain the path of wina.
In the following ciforth refers to lina lina64 wina wina64 whatever
is appropriate for you OS.
In order to do a regressiontest for 32 bit:
make regressiontest FORTH=<somelina32>
which include Intel's 8086, 80386,Pentium I, the 8080, the 6809 and
the DEC Alpha and for Pentium the disassembly and reassembly of 3
executables.
In order to do a regressiontest for 64 bit:
make regressiontest64 FORTH=<somelina32>
In order to install
1. Only binary in the current directory: unpack ciasdis-1.0.0.tgz
Binary installation involves only two files, one being optional. The
remainder of the files is documentation and examples.
2. Binary system wide install.
Use the -i command of lina e.g.
ciasdis -i /usr/bin/ciasdis /usr/lib/ciasdis.lab
3. make install INSTALL_DIR=<debian-install-path>
This generates a unpacked debian compatible archive.
You can make this in a .deb file and install it with dpkg.
Hex code sheets in Postscript format:
inspect the targets with extension .ps in the Makefile.
Actual reverse engineering.
For actual reverse engineering you must study the man page of
ciasdis, as well as the man page of cul, the consult file format.
Consult files are the scripts that accumulate the knowledge gained
through reverse engineering, and govern the actual diassembly.
Assembly mnemonics are redesigned for reverse engineering.
A guide is found in the ciforth documentation.
The binary is for Intel Pentium only.
For other processors you must load the assembler from within ciforth,
then proceed as with a a compiled binary.