Exetools  

Go Back   Exetools > General > General Discussion
Reload this Page Reverse engineering mixed .NET/native code?
Register Forum Rules FAQ Calendar Mark Forums Read

Notices

 
 
Thread Tools Display Modes
Prev Previous Post   Next Post Next
  #6  
Old 04-06-2010, 20:47
dedificator dedificator is offline
Friend
  
Join Date: Oct 2002
Posts: 89
Rept. Given: 4
Rept. Rcvd 16 Times in 6 Posts
Thanks Given: 0
Thanks Rcvd at 4 Times in 4 Posts
dedificator Reputation: 17
You can parse .Net metadata segment in IDA. There is 'function' table with names, types and RVAs. That's all, what we need. Just create needed struct definitions in IDA. If you need only a few functions, use CFF explorer and look for interesting names (and their RVA). This worked for me very nice with BarTender software.
Reply With Quote
 

« Previous Thread | Next Thread »
Thread Tools
Display Modes
Threaded Mode Threaded Mode

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts
BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off

Similar Threads
Thread Thread Starter Forum Replies Last Post
Tips on reverse engineering mixed .NET/native binaries? jonwil General Discussion 6 11-07-2019 01:31
Reverse engineering x86 linux PIC code with hexrays/IDA jonwil General Discussion 0 02-16-2009 12:08
Reverse Engineering WMF Exploit Code lownoise General Discussion 0 01-19-2006 20:09


All times are GMT +8. The time now is 23:05.

Aaron's homepage - Top

Always Your Best Friend: Aaron, JMI, ahmadmansoor, ZeNiX, chessgod101
( Since 1998 )