Text only | Text with Images

The MASM Forum Archive 2004 to 2012

General Forums => The Campus => Topic started by: bcddd214 on April 22, 2011, 11:41:21 PM

Title: A total conversion question?
Post by: bcddd214 on April 22, 2011, 11:41:21 PM
I was goofing around with a disassembler and disassembled a 'Hello World' executable written in C++.
It spit out everything a lot clearer than expected.

Just goofing around I put it into a Irvine32 type format and getting an error and just curios what it is trying to tell me and curious why she does not just recompile clean?
I was imagining a clean 'cut and paste'.

Just digging and curious.


**********************************************new code************************
INCLUDE Irvine32.inc

.code
main proc near

var_8= dword ptr -8
var_4= dword ptr -4
argc= dword ptr  8
argv= dword ptr  0Ch
envp= dword ptr  10h

push    ebp
mov     ebp, esp
sub     esp, 8          ; char *
and     esp, 0FFFFFFF0h
mov     eax, 0
add     eax, 0Fh
add     eax, 0Fh
shr     eax, 4
shl     eax, 4
mov     [ebp+var_4], eax
mov     eax, [ebp+var_4]
call    sub_401710
call    sub_4013B0
mov     [esp+8+var_8], offset aHelloWorld ; "Hello World"
call    printf
mov     eax, 0
leave
retn

exit
main endp

END main

********************************************original disassembled code*************

d

; Attributes: bp-based frame

; int __cdecl main(int argc,const char **argv,const char *envp)
_main proc near

var_8= dword ptr -8
var_4= dword ptr -4
argc= dword ptr  8
argv= dword ptr  0Ch
envp= dword ptr  10h

push    ebp
mov     ebp, esp
sub     esp, 8          ; char *
and     esp, 0FFFFFFF0h
mov     eax, 0
add     eax, 0Fh
add     eax, 0Fh
shr     eax, 4
shl     eax, 4
mov     [ebp+var_4], eax
mov     eax, [ebp+var_4]
call    sub_401710
call    sub_4013B0
mov     [esp+8+var_8], offset aHelloWorld ; "Hello World"
call    printf
mov     eax, 0
leave
retn
_main endp

************************************end code*******************************
Title: Re: A total hacker question?
Post by: hutch-- on April 22, 2011, 11:54:36 PM
bcddd214,

Do us all a favour and leave the "hacker" terminology alone as its a bait that draws the wrong attention and makes the post a candidate for removal.
Title: Re: A total conversion question?
Post by: bcddd214 on April 23, 2011, 02:57:22 AM
Cheers!

I think I found my answer and it has to do with the differences between NASM, MASN and TASM?
Maybe?

It would appear the biggest stretch is going from asm to c...

Just a curiosity thing.
Title: Re: A total conversion question?
Post by: jj2007 on April 23, 2011, 06:18:17 AM
Wow, what compiler is that?
Replacing
Code Select
mov     eax, 0
add     eax, 0Fh
add     eax, 0Fh
shr     eax, 4
shl     eax, 4
mov     [ebp+var_4], eax
with
Code Select
mov     [ebp+var_4], 10h
might be an option
Title: Re: A total conversion question?
Post by: bcddd214 on April 23, 2011, 07:08:30 AM
That was actually IDA Pro.
The more I tinker with it, the more I am amazed.
Text only | Text with Images