![]() ![]() Personally, I go for debugging first, as I can usually get a much better understanding for how a game works by watching it as it runs through specific functionality. ![]() I then switch to the static disassembly later on if I want to really get an understanding for a specific section of the binary. Once you become proficient at following through the assembly of a program, you can do fun things like this…Ĭheat Engine works really well as a debugger, and it includes pretty much everything you need. I also like to use 圆4dbg, as it includes a lot of great features (for example - open multiple dump memory dump tabs at once, built-in scripting support, and an ecosystem of great plugins like xAnalyzer). 圆4dbg also displays the meaning of every assembly code as you step through it, and it also translates the values for you (i.e. it fetches the value of a pointer), which is really helpful. You could use WinDbg, but it doesn’t handle anti-debug measures very well, and the interface isn’t nearly as intuitive as 圆4dbg. The best free static disassembler out there right now is probably Ghidra, and it’s pretty good. The gold standard disassembler is IDA Pro, but be prepared to spend an arm and a leg (in the ballpark of $2000+ USD per year).īinary Ninja is also a good commercial option, but it’s lacking the vast plugin ecosystem that IDA Pro (and even Ghidra) has, and they don’t (at the time of writing) have any Windows API function signatures like IDA Pro does with FLIRT that eases a lot of Windows-based reverse engineering. There’s also a free version of IDA that is great as a standalone disassembler, but you don’t get any plugin support, no decompiler, and you’re locked at an older version of the product. To see debugging and light reverse engineering in action, I would highly recommend checking out Chris Fayte’s Cheat The Game YouTube channel.įor some more advanced reverse engineering videos (with excellent video quality and editing), check out LiveOverflow’s YouTube channel. Many games come with a range of anti-debug measures that are designed to prevent you from attaching a debugger to the game. ![]() But if you just want to get on with debugging your game, I’d recommend just doing the following: If you want to learn more about the exact types of measures they take, I would highly recommend Peter Ferrie’s “The Ultimate Anti-Debugging Reference”. This will launch it with the anti-anti-debug measures in place. (Optional) Detach from your game in 圆4dbg and attach using your debugger of choice.You can find some more information about ScyllaHide, as well as the anti-debug measures they counteract in their documentation. ![]()
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |