Make your own free website on Tripod.com

WE HAVE MOVED!!! www.windowshackerz.bravehost.com

Home
ip toolz
Anti Virus Software
Key Loggers
Binary and other decompilers
passwords
sub7
sub7 help
Sub7 Frequently Asked Questions
sub7 Support
Binary and other decompilers

NEW RELEASE!!!! AK47 Released october 1'st 2007 (this trojan is undetected by virus scanners!!!) Click here to get AK47

HexWorkshop-32 V2.5 
Size 1079K
The very latest version and my personal favorite Hex Editor
Hacker's View v5.81a
Size: ??
The cracker's No1 choice in File Viewer/Disassembler/Editor in one executable.
IDA v3.74
Size: 11 Mb
The No1 DOS based Disassembler around for crackers. however, I prefer the Win32Dasm since it runs in Win'95 and is much easier to use.
W32Dasm v8.93  
 
 
Size: 512K
 
 
 
 
Latest Version of W32Dasm and my personal favourite 32-bit Win disassembler.  Nice User interface and lots of options to help understand the source listings produced from this utility. Highly Recomended.    
Regmon Size: 422K Tracks changes and accesses by other programs to your System Registry File. Highly reccomended. 
 Visual Basic 3  
Discompiler
Size 1.3 mb Disassembles *most* Visual Basic 3 programs!
 Visual Basic 4  
Discompiler
Size 4.8 mb Disassembles *some* Visual Basic 4 programs!
 Help Decompiler 2.1 Size 222K Decompiles .HLP files, even those passworded protected!

working full version w32dasm

w32dsm

Tutorial on W32Dasm!
By Krobar Nov 1999

Here a quick tut on how to start off with W32dasm.

Download


First we gotta install it. Just make a directory and unzip in it....could be
C:\W32dasm, or like me, C:\Program files\W32dasm. Dont bury it too deep in lots of directories because you may get problems disassembling.

Once you got it unzipped just click on the w32dasm.exe and W32dasm open...better to have full screen view if it doesnt automatically open like this.
Now you looking at a screen with menu and buttons.

To open a file to disassemble you can either go to Disassembler menu (thats top left) and click 'open file to disassemble', or click on the 'open file to disassemble' button (top left but directly below the menu option):

In the message box that appears, just scroll round till you find the program you want (in our case it gonna be crackme1.exe) and click open.
Depending on the size of the file...could happen quick, or take a while...it'll disassemble. Just wait till it finishes.

You now got a whole 'dead listing' of the programs code, and you should be able to follow the tuts you find that use this tool.

If you look along the top you see a row of menu items and below these a row of buttons. A few of the buttons you should get familiar with are:

  • 'Strn ReF' button..second in from the right. This button is mentioned quite regularly in tuts to search for string references in program. Click this button and a box with 'strings of text' that are used in the program is displayed...like 'register', 'invalid serial number', etc. Double click a line and you'll jump to the place in the code that that line is. (Note, not all programs have string references):



  • 'Jump To' and 'Ret JMP' buttons..near the middle. Used for following jumps and returning from them. There also hotkeys for these functions. Right arrow key follows a jump...Ctrl and left arrow key returns from the jump (to follow a jump the line in the code has to be highlighted).
  • 'Call' and 'RET' buttons.. to the right of the 'RET JMP' button. Used for following and returning from calls. Also hotkeys. Right arrow key to follw a call...left arrow key to return.

Note: these buttons will 'light up' when they are useable.

Another function you use quite often is the 'Goto' menu...along the top about halfway. Click on this menu item and you get four options, but probably the one you use most is 'Goto Code Location'...the last of the four. Click this option and a box appears. Type in the code location, (obviously only if you know it) click ok, and you be taken to that line of code. Shift/F12 also brings up this box:

There one more thing I explain coz a lot of tuts mention it. This is the offset. Once you found the relevant bit of code that you think you got to change you highlight the line, then look down bottom and you'll see this:

See right at bottom: 'Line 896 Pg 11 of 32 Code Data @ blah blah @ Offset 00001595h. What we interested in is Offset 00001595h... Forget the zeros at the beginning, and the h at the end means hex. Take note of the remaining numbers...1595...that the offset. Thats the number we put in hiew to take us to that piece of code we want to change.

Anyway, get used to this program coz a lot of tuts use it.