BeaEngine DisAssembly .dll need guidance
Posted: Mon Dec 14, 2009 4:11 pm
many of you are familiar with ollydbg assembler level disassembler/debugger. I am coding a project which will do similar work, although it will be less featured. my biggest hurdle will be the disassembly/assembly part of the project (i.e. disassembling code of another program while it is running 'live' for viewing). also, it would be nice to have the ability to assemble live as well, as you can do with ollydbg (i.e. you can take a code location and modify it while it is running for testing purposes or debugging, etc.). my goal is to also have this program be able to work in 64 bit environment (i.e. two different .exe's, one for 32 bit disassembly/ another for 64, etc.) my end OS will be windows (32 or 64 bit), with an emphasis on moving towards windows 7.
at any rate, there are several libraries available that can be used to disassemble. i have several questions here:
1) if you know of any good disassm/assm libraries please list them here. BeaEngine (3.x) is used in ollydbg plugins to make ollydbg current (SSE instructions). There is UDIS86 library which i think PB even uses for debugging commands (no idea if it has 64 bit support). Also there is DiStorm and some others. Some things I would like to see from the library:
a) simplicity of calls
b) easy to port to PB
c) ability to disassemble memory of another program (i.e. program A attaches to program B and Program A displays disassembly of Program B at x location, etc.)
d) ability to assemble (i.e. you pass assembly instructions to function and it returns the OpCodes)
i used olly.dll which is a circa 2002 .dll that the developer of ollydbg released a long time ago to do a similar crude project but i dropped it because the olly.dll was unable to disassemble current machine code instructions (i.e. the disassembler engine was out of date).
2) can someone help me to get a working PB simple program that disassembles code using the BeaEngine .dll? it seems very straightforward engine based on my reading. however, i have not much experience calling .dll's from within PB or converting C code into purebasic.
the link is here:
http://beatrix2004.free.fr/BeaEngine/support1.php
maybe we can have the program attach to notepad.exe, use the .dll to display some code from notepad.exe (disassembly).
this would be of a great help=
best,
Mike Yurgalavage
at any rate, there are several libraries available that can be used to disassemble. i have several questions here:
1) if you know of any good disassm/assm libraries please list them here. BeaEngine (3.x) is used in ollydbg plugins to make ollydbg current (SSE instructions). There is UDIS86 library which i think PB even uses for debugging commands (no idea if it has 64 bit support). Also there is DiStorm and some others. Some things I would like to see from the library:
a) simplicity of calls
b) easy to port to PB
c) ability to disassemble memory of another program (i.e. program A attaches to program B and Program A displays disassembly of Program B at x location, etc.)
d) ability to assemble (i.e. you pass assembly instructions to function and it returns the OpCodes)
i used olly.dll which is a circa 2002 .dll that the developer of ollydbg released a long time ago to do a similar crude project but i dropped it because the olly.dll was unable to disassemble current machine code instructions (i.e. the disassembler engine was out of date).
2) can someone help me to get a working PB simple program that disassembles code using the BeaEngine .dll? it seems very straightforward engine based on my reading. however, i have not much experience calling .dll's from within PB or converting C code into purebasic.
the link is here:
http://beatrix2004.free.fr/BeaEngine/support1.php
maybe we can have the program attach to notepad.exe, use the .dll to display some code from notepad.exe (disassembly).
this would be of a great help=
best,
Mike Yurgalavage