|
It's always possible. Sometimes it's a little harder than otherwise, but it can not be impossible (since that would mean that you can not see any code, and then how would the CPU know what to do with your program?)
|
|
|
|
|
Yea, right, onevote it..
It's true though.
IDA should do, btw.
|
|
|
|
|
SNI wrote: No...I just want to know that is there any tool which does binary (.exe in release mode)inspection so that backdoors can be identified.
I think Google is the place to look. However, I am not sure that any such tool could identify what you term "backdoors".
|
|
|
|
|
You may use the dumpbin tool [^], looking for 'backdoor' or 'please hack here' or 'virus place holder' sections.
If the Lord God Almighty had consulted me before embarking upon the Creation, I would have recommended something simpler.
-- Alfonso the Wise, 13th Century King of Castile.
This is going on my arrogant assumptions. You may have a superb reason why I'm completely wrong.
-- Iain Clarke
[My articles]
|
|
|
|
|
|
|
Yes, or from the concise mirror
f@#?ingtools.pallini.com[^]
If the Lord God Almighty had consulted me before embarking upon the Creation, I would have recommended something simpler.
-- Alfonso the Wise, 13th Century King of Castile.
This is going on my arrogant assumptions. You may have a superb reason why I'm completely wrong.
-- Iain Clarke
[My articles]
|
|
|
|
|
In general it would be hard to imagine how such a tool would work. The kind of thing you're asking for requires intelligence, which is something computers don't do well; they do dumb but fast. The normal way one would go about doing such a thing would to be use various tools, such as disassemblers, to take out some of the grunt work and help you visualise what's going on, but the user (you in this case) would do the "real" work.
Steve
|
|
|
|
|
Stephen Hewitt wrote: ... requires intelligence, which is something computers don't do well; they do dumb but fast.
A bit like some of the posters here ... 
|
|
|
|
|
Hi there,
I got trouble with calling externals. Maybe somebody can help me.
I used to call external programs (exe-files) with the system() call. Now I want to start an external program in a seperate shell (and as a separate process). Can anybody tell me how to do that?
Thanks a lot.
Souldrift
|
|
|
|
|
call a batch file. In it can you create an own environment.
Press F1 for help or google it.
Greetings from Germany
|
|
|
|
|
Use one of the exec()[^] calls. They create a separate process and also allow some communication with the parent.
|
|
|
|
|
Souldrift wrote: Can anybody tell me how to do that?
By reading here.
"Old age is like a bank account. You withdraw later in life what you have deposited along the way." - Unknown
"Fireproof doesn't mean the fire will never come. It means when the fire comes that you will be able to withstand it." - Michael Simmons
|
|
|
|
|
Hi
Can i get column name from excel?
|
|
|
|
|
Davitor wrote: Can i get column name from excel?
What exactly do you mean; columns are fixed alphabetic identifiers starting at 'A'?
|
|
|
|
|
Are you referring to the range's GetName() method?
"Old age is like a bank account. You withdraw later in life what you have deposited along the way." - Unknown
"Fireproof doesn't mean the fire will never come. It means when the fire comes that you will be able to withstand it." - Michael Simmons
|
|
|
|
|
I use file-manager to view property of my exe file, file-manager displays:
| File size: | 3,401,216 bytes | | File size on disk: | 3,403,776 bytes |
You see, sizes are different.
What do they exactly stand for?
What C functions are related or used for obtaining the sizes?
"File size" is from FindFirstFile(...) function - just tested.
But which function gets "Size on disk"?
modified on Thursday, October 1, 2009 6:22 AM
|
|
|
|
|
They mean exactly as labeled. The size of the file is 3,401,216 bytes but when it is stored on the disk it takes 3,403,776 bytes.
This is because you can allocate space from HDD only in blocks, for windows it is 4KB. So even if you create an empty text file it will still take 4KB on HDD.
-Saurabh
|
|
|
|
|
Fake info.
You try a empty txt file to see its "size on disk", which is 0.
I just tested.
|
|
|
|
|
How many clusters do you need to store 0 bytes?
Personally, I love the idea that Raymond spends his nights posting bad regexs to mailing lists under the pseudonym of Jane Smith. He'd be like a super hero, only more nerdy and less useful. [Trevel]
| FoldWithUs! | sighist
|
|
|
|
|
Well its not fake but slightly incorrect info. Trying adding a single character to file and see what happens. You know you can learn a lot but just experimenting yourself.
-Saurabh
|
|
|
|
|
Answer question or go away.
You need to learn how to comunicate with others, do not say the useless and meaningless sentence anywhere:
You know you can learn a lot but just experimenting yourself.
How about yourself?
|
|
|
|
|
Well I learn most of things by experimenting. And that sentence was not meaningless it had a very specific purpose and I think it served its purpose very well.
Fine this is my last reply to you. I am not getting paid to answer here, I like helping others.
-Saurabh
|
|
|
|
|
Actually, if the file system is NTFS, then really short files are completely contained in the MFT itself and do not take up any clusters outside of the MFT.
For some good info on file systems, download JkDefrag version 3.36 (the last open source version) and read both the commentary and the code.
Dave.
|
|
|
|
|
Thanks. I use JkDefrag, now MyDefrag, quite frequently but didnt knew its documentation has information about file system also.
-Saurabh
|
|
|
|
General 
News 
Suggestion 
Question 
Bug 
Answer 
Joke 
Praise 
Rant 
Admin 
Submit an article or tip
