Home > Development Tools > Disassembling a dll or exe

Disassembling a dll or exe

Use dumpbin…

// Disassemble a dll
dumpbin /disasm SomeDll.dll > RedirectToSomeFile.asm

// Disassemble an exe
dumpbin /disasm SomeExe.exe > RedirectToSomeFile.asm

Redirecting to a file, results in faster disassembling.

Help for dumpbin displays the following information!

Microsoft (R) COFF Binary File Dumper Version 6.00.8447
Copyright (C) Microsoft Corp 1992-1998. All rights reserved.

usage: DUMPBIN [options] [files]
   options:
      /ALL
      /ARCH
      /ARCHIVEMEMBERS
      /DEPENDENTS
      /DIRECTIVES
      /DISASM
      /EXPORTS
      /FPO
      /HEADERS
      /IMPORTS
      /LINENUMBERS
      /LINKERMEMBER[:{1|2}]
      /LOADCONFIG
      /OUT:filename
      /PDATA
      /RAWDATA[:{NONE|BYTES|SHORTS|LONGS}[,#]]
      /RELOCATIONS
      /SECTION:name
      /SUMMARY
      /SYMBOLS

Using dumpbin we can also list out the import table and export table of a dll or exe. An e.g.

dumpbin /EXPORTS %systemroot%/system32/user32.dll

Try out all those options 🙂

Advertisements
  1. No comments yet.
  1. No trackbacks yet.

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

%d bloggers like this: