Results 1 to 6 of 6

Thread: VB6 Question: Are there any tools that allow for disassembly of a binary?

  1. #1

    Thread Starter
    Fanatic Member
    Join Date
    Feb 2014
    Location
    Norfolk UK (inbred)
    Posts
    933

    VB6 Question: Are there any tools that allow for disassembly of a binary?

    I looked at some tools that allowed disassembly of binaries a while back and they were difficult to use, required some deep knowledge of the way programs operate at a machine code level and they were also difficult to obtain. Most used to crack open compiled code to allow reverse engineering.

    Time move on and tools progress and improve.

    I was hoping for some recommendations of current tools and methods for analysing binaries and hoping you'd give me some pointers if you have any experience. This obviously applies to (I am assuming) to any binary and not just one produced by VB6.

    I am trying to reverse engineer a program, but I am doing it in the traditional way by analysing and copying functionality and then re-coding using entirely new code. I have the original author's permission to do so. I do NOT have the source and so I am having to evaluate what the program does and re-implement that in VB6.

    In fact I have already done so and my job is nearly 98% complete with no show-stoppers. However, I would like to answer some questions regarding the implementation of the original binary, which language they used, did they use any external libraries?, timers, which APIs were used &c. I am not in a position to bombard the original author with questions.

    None of this is being used for nefarious purposes, it is more of an intelligence building exercise as my product clone is now almost complete. During the process of building my program, the 'steamyDock' program that I have been mooting here from time to time, I have learnt a lot and it would be nice to know if the original builders used the same or similar methods and if they had to surmount the same problems. I'll never know without looking at the source, which is unavailable to me, so I thought I'd ask if there other methods of determining what is going on within a binary without looking at the source, by analysing the binary itself.

    Any thoughts as to which tools I should try?

    Edit: updated to clarify what I have and what I do not have.
    Last edited by yereverluvinuncleber; May 14th, 2021 at 10:42 AM.

  2. #2
    Hyperactive Member
    Join Date
    Jul 2002
    Posts
    409

    Re: VB6 Question: Are there any tools that allow for disassembly of a binary?


  3. #3

    Thread Starter
    Fanatic Member
    Join Date
    Feb 2014
    Location
    Norfolk UK (inbred)
    Posts
    933

    Re: VB6 Question: Are there any tools that allow for disassembly of a binary?

    Quote Originally Posted by axisdj View Post
    Very interesting and I think I had a look at that tool a while ago when looking to migrate my VB6 apps to VB.NET. However, it is a commercial app and I do not have the source of the original app to convert so it won't be of any use to me.

    I am looking at the original binary only.

  4. #4
    Hyperactive Member
    Join Date
    Aug 2017
    Posts
    375

  5. #5

    Thread Starter
    Fanatic Member
    Join Date
    Feb 2014
    Location
    Norfolk UK (inbred)
    Posts
    933

    Re: VB6 Question: Are there any tools that allow for disassembly of a binary?

    Thankyou for that Victor,

    I have used dependencywalker, process hacker and the sysinternal tools before and those were good reminders of the sort of tools required to analyse what a program is doing/using.

    Using one of those (process explorer) has just informed me that it isn't a VB6 binary at all but in fact is a C++ one and it does confirm that the utility uses GDI+ as I expected, same as my own dock. It told me all the names of all the GDI+ syscalls that the target program (Rocketdock) was using (by analysing the program's strings), and in so doing, it gave me some useful information to research.

    I experimented with the SandSprite VB6 decompiler that showed me a lot about my own binary but not a lot about the RD binary as that was in C++, of course, I downloaded the snowman C decompiler and it did the job of decompiling but it produced what was to me, a load of gibberish, certainly nothing I could make use of. I need something like the SandSprite VB6 compiler but for C++ code, I'll keep looking.

    The task Explorer from the Explorer suite was also useful, identifying it as a C++ binary

    So, some digging to go but useful information gleaned so far. Thankyou for your help and to those that contacted me via PM.
    Last edited by yereverluvinuncleber; May 14th, 2021 at 04:19 PM.

  6. #6

    Thread Starter
    Fanatic Member
    Join Date
    Feb 2014
    Location
    Norfolk UK (inbred)
    Posts
    933

    Re: VB6 Question: Are there any tools that allow for disassembly of a binary?

    Using the above tools I was able to find out which GDI+ APIs the Rocketdock program was using and used that list to identify and compare them to those used within my own program. The list is more or less identical.

    However, it showed some GDI+ APIs that I was unaware of that are used to control image quality. I am now going to incorporate those into my own program. Being able to disassemble a binary and see what is going on inside can be a very useful tool.

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •  



Click Here to Expand Forum to Full Width