X hits on this document

399 views

0 shares

0 downloads

0 comments

23 / 120

Password Vault application defines a constant named “TRIALVERSION” which causes

the resulting executable to limit the number of password records a user may create to

only five, using conditional compilation. This limitation is very similar to limitations

found in many shareware and trialware applications that are available on the Internet.

4.3 Recommended Reversing Tool for the Wintel Exercise

OllyDbg is a shareware interactive machine code debugger and disassembler for

Microsoft Windows® [13]. The tool has an emphasis on machine code analysis which

makes it particularly helpful in cases where the source code for the target program is

unavailable [13]. Fig. 4.1 illustrates the OllyDbg graphical workbench. OllyDbg

operates as follows: the tool will disassemble a binary executable, generate assembly

language instructions from machine code instructions, and perform some heuristic

analysis to identify individual functions (methods) and loops. OllyDbg can open an

executable directly, or attach to one that is already running. The OllyDbg workbench can

display several different windows which are made visible by selecting them on the View

menu bar item. The CPU window, shown in Fig. 4.1, is the default window that is

displayed when the OllyDbg workbench is started. Table 4.2 lists the panes of the CPU

window along with their respective capabilities; the contents of the table are adapted

from the online documentation provided by [13] and experience with the tool.

15

Document info
Document views399
Page views400
Page last viewedSun Dec 11 06:55:30 UTC 2016
Pages120
Paragraphs2913
Words25794

Comments