X hits on this document

488 views

0 shares

0 downloads

0 comments

23 / 120

Password Vault application defines a constant named “TRIALVERSION” which causes

the resulting executable to limit the number of password records a user may create to

only five, using conditional compilation. This limitation is very similar to limitations

found in many shareware and trialware applications that are available on the Internet.

4.3 Recommended Reversing Tool for the Wintel Exercise

OllyDbg is a shareware interactive machine code debugger and disassembler for

Microsoft Windows® [13]. The tool has an emphasis on machine code analysis which

makes it particularly helpful in cases where the source code for the target program is

unavailable [13]. Fig. 4.1 illustrates the OllyDbg graphical workbench. OllyDbg

operates as follows: the tool will disassemble a binary executable, generate assembly

language instructions from machine code instructions, and perform some heuristic

analysis to identify individual functions (methods) and loops. OllyDbg can open an

executable directly, or attach to one that is already running. The OllyDbg workbench can

display several different windows which are made visible by selecting them on the View

menu bar item. The CPU window, shown in Fig. 4.1, is the default window that is

displayed when the OllyDbg workbench is started. Table 4.2 lists the panes of the CPU

window along with their respective capabilities; the contents of the table are adapted

from the online documentation provided by [13] and experience with the tool.

15

Document info
Document views488
Page views489
Page last viewedFri Jan 20 10:52:40 UTC 2017
Pages120
Paragraphs2913
Words25794

Comments