SteveI know your IP addressConsultant
Yorba Linda, CA
|reply to Steve |
Re: Analysis of Backstealth technology
... and I'd like to take this chance to sing a happy song about the fantastic disassembler I use, "IDA Pro" from DataRescue. The last time I jumped into disassembling something (Code Red II), I was using an utter piece of crap that made life lousy. I was determined not to go through that again, so I looked in to IDA Pro.
What a fantastic piece of software. It's an interactive disassembler that runs under Windows, and it's simply spectacular in its ability to turn "bytes" back into "programs". They have modules to disassemble nearly anything, and they recognize most of the popular C runtime libraries so that "unknown_sub_1235" is actually recognized as "printf". It's just stunningly good.
Highest possible recommendation for this work of art.
Stephen J. Friedl Security Consultant Tustin, California USA »www.unixwiz.net