Decompiling a *.DLL to assembly for .net in delphi 4
Posted
by Lex Dean
on Stack Overflow
See other posts from Stack Overflow
or by Lex Dean
Published on 2010-06-08T02:45:51Z
Indexed on
2010/06/08
2:52 UTC
Read the original article
Hit count: 715
I love my Delphi 4 but at the same time I see the need to talk to windows .net This is a recompiled dll that I found on sourceforge.net/projects/delphinet/ (DelphiNet03.zip) by some nice people that fund the dll from some were. The real answer is to make this dll so that fits into Delphi as true Delphi code, and not a dll clip on. So we can make objects that use dot net in Delphi. Because I’m not an assembly freak, I’m freaking out a little with a wee sweek for help!
1/ How do I link the asm code with the data info at the bottom of this code. Can some one show me which calls to look for to make this link to data.
2/ I need to find the beginning of all the procedures and functions, but I cannot find a ‘RET’ statement. And what line is the beginning statement in this code.
3/ How do I identify were the jump statements go to, put them into Delphi format
In this code it looks I can do:-
jle 402890h \1000:00402854 7e3a
add [eax], al \1000:00402856 0000
……………………………………………..
or ch, [edi+3eh] \1000:0040288d 0a6f3e
xrefs first: 1000:00402854 number : 1 \;
add [eax], al \1000:00402890 0000
//*******************************
jle @@21 \\1000:00402854 7e3a
add [eax], al \\1000:00402856 0000
……………………………………………..
or ch, [edi+3eh] \1000:0040288d 0a6f3e
xrefs first: 1000:00402854 number : 1 \;
@@21 add [eax], al \1000:00402890 0000
Is that a correct conversion. I think a xrefs first: 1000:004021d1 number : 1 is the best to follow
4/ I need a good reference on 8086 up assembly code that I can print out and get to learn properly.
I found this asm decomplier of http://www.cronos.cc/ that is so similar to Delphi that it only needs a little more convertion to get it into Delphi asm I think. It’s only taken me 3 hours to get the file into TMemo and to write a few lines to chop the line over in a stream and reload the memo.
Help please Email: [email protected]
xrefs first: 1000:004041ae number : 1 \\;
dd 4190h \\1000:00402000 90410000
dd 00h \\1000:00402004 00000000
dec eax \\1000:00402008 48
add [eax], al \\1000:00402009 0000
add [edx], al \\1000:0040200b 0002
add [eax], al \\1000:0040200d 0000
add [eax-2bffffd2h], al \\1000:0040200f 00802e0000d4
adc al, [eax] \\1000:00402015 1200
add [ecx], al \\1000:00402017 0001
add [eax], al \\1000:00402019 0000
add [eax], al \\1000:0040201b 0000
add [eax], al \\1000:0040201d 0000
add [eax], al \\1000:0040201f 0000
add [eax], al \\1000:00402021 0000
add [eax], al \\1000:00402023 0000
add [eax], al \\1000:00402025 0000
add [eax], al \\1000:00402027 0000
add [eax], al \\1000:00402029 0000
add [eax], al \\1000:0040202b 0000
add [eax], al \\1000:0040202d 0000
add [eax], al \\1000:0040202f 0000
add [eax], al \\1000:00402031 0000
add [eax], al \\1000:00402033 0000
add [eax], al \\1000:00402035 0000
add [eax], al \\1000:00402037 0000
add [eax], al \\1000:00402039 0000
add [eax], al \\1000:0040203b 0000
add [eax], al \\1000:0040203d 0000
add [eax], al \\1000:0040203f 0000
add [eax], al \\1000:00402041 0000
add [eax], al \\1000:00402043 0000
add [eax], al \\1000:00402045 0000
add [eax], al \\1000:00402047 0000
add [eax], al \\1000:00402049 0000
add [eax], al \\1000:0040204b 0000
add [eax], al \\1000:0040204d 0000
add [ebx], dl \\1000:0040204f 0013
xor [eax+eax], al \\1000:00402051 300400
or al, [ecx] \\1000:00402054 0a01
add [eax], al \\1000:00402056 0000
add [eax], eax \\1000:00402058 0100
add [ecx], dl \\1000:0040205a 0011
push cs \\1000:0040205c 0e
add al, 50h \\1000:0040205d 0450
mov gs, [ecx+05h] \\1000:0040205f 8e6905
push eax \\1000:00402062 50
mov gs, [ecx+2eh] \\1000:00402063 8e692e
add eax, f938h \\1000:00402066 0538f90000
add [ebx], al \\1000:0040206b 0003
jc 402070h \\1000:0040206d 7201
add [eax], al \\1000:0040206f 0000
jo 40209bh \\1000:00402071 7028
add al, [eax] \\1000:00402073 0200
add [edx], cl \\1000:00402075 000a
sub eax, 36f0408h \\1000:00402077 2d08046f03
add [eax], al \\1000:0040207c 0000
or ch, [ebx] \\1000:0040207e 0a2b
push es \\1000:00402080 06
add al, 6fh \\1000:00402081 046f
add al, 00h \\1000:00402083 0400
add [edx], cl \\1000:00402085 000a
adc eax, [edi] \\1000:00402087 1307
push ss \\1000:00402089 16
adc ecx, [eax] \\1000:0040208a 1308
cmp cl, cl \\1000:0040208c 38c9
add [eax], al \\1000:0040208e 0000
add [ecx], dl \\1000:00402090 0011
pop es \\1000:00402092 07
adc [eax], ecx \\1000:00402093 1108
callf 056f:060a9a08h \\1000:00402095 9a0a066f05
add [eax], al \\1000:0040209a 0000
or cl, [ebx] \\1000:0040209c 0a0b
push es \\1000:0040209e 06
outsd \\1000:0040209f 6f
push es \\1000:004020a0 06
add [eax], al \\1000:004020a1 0000
or al, [ebx] \\1000:004020a3 0a03
sub [edx], al \\1000:004020a5 2802
add [eax], al \\1000:004020a7 0000
or bh, [ecx] \\1000:004020a9 0a39
movsd \\1000:004020ab a5
add [eax], al \\1000:004020ac 0000
add [edi], al \\1000:004020ae 0007
mov gs, [ecx+0eh] \\1000:004020b0 8e690e
add al, 50h \\1000:004020b3 0450
mov gs, [ecx+40h] \\1000:004020b5 8e6940
cwde \\1000:004020b8 98
add [eax], al \\1000:004020b9 0000
add [edi], dl \\1000:004020bb 0017
or al, 16h \\1000:004020bd 0c16
or eax, 9072b2bh \\1000:004020bf 0d2b2b0709
callf 0000:076f9a09h \\1000:004020c4 9a6f070000
or ch, [edi+08h] \\1000:004020c9 0a6f08
add [eax], al \\1000:004020cc 0000
or ch, [eax+ebx] \\1000:004020ce 0a2c18
push cs \\1000:004020d1 0e
add al, 50h \\1000:004020d2 0450
or [edx+d72h], ebx \\1000:004020d4 099a720d0000
jo 402104h \\1000:004020da 7028
or [eax], eax \\1000:004020dc 0900
add [edx], cl \\1000:004020de 000a
add dl, cs:[esi] \\1000:004020e0 2e0216
or al, 08h \\1000:004020e3 0c08
sub eax, 90c2b02h \\1000:004020e5 2d022b0c09
pop ss \\1000:004020ea 17
pop eax \\1000:004020eb 58
or eax, 50040e09h \\1000:004020ec 0d090e0450
mov gs, [ecx+32h] \\1000:004020f1 8e6932
int 08h \\1000:004020f4 cd08
sub al, 5ch \\1000:004020f6 2c5c
push ss \\1000:004020f8 16
adc eax, [ebx+ebp] \\1000:004020f9 13042b
dec esi \\1000:004020fc 4e
push cs \\1000:004020fd 0e
add al, 50h \\1000:004020fe 0450
adc [edx+ebx*4], eax \\1000:00402100 11049a
jc 402112h \\1000:00402103 720d
add [eax], al \\1000:00402105 0000
jo 402131h \\1000:00402107 7028
or [eax], eax \\1000:00402109 0900
add [edx], cl \\1000:0040210b 000a
xor esi, [esi] \\1000:0040210d 3336
pop es \\1000:0040210f 07
adc [edx+ebx*4], eax \\1000:00402110 11049a
outsd \\1000:00402113 6f
pop es \\1000:00402114 07
add [eax], al \\1000:00402115 0000
or ch, [edi+0ah] \\1000:00402117 0a6f0a
add [eax], al \\1000:0040211a 0000
or dl, [ebx] \\1000:0040211c 0a13
push es \\1000:0040211e 06
add eax, 9a041150h \\1000:0040211f 055011049a
sub [ebx], cl \\1000:00402124 280b
add [eax], al \\1000:00402126 0000
or dl, [edx] \\1000:00402128 0a12
push es \\1000:0040212a 06
adc al, [c28h] \\1000:0040212b 1205280c0000
xrefs first: 1000:00402107 number : 1 \\;
or ch, [edx+eax] \\1000:00402131 0a2c02
sub ebx, [esi] \\1000:00402134 2b1e
push cs \\1000:00402136 0e
add al, 50h \\1000:00402137 0450
adc [edi+eax], eax \\1000:00402139 110407
adc [edx+ebx*4], eax \\1000:0040213c 11049a
outsd \\1000:0040213f 6f
pop es \\1000:00402140 07
add [eax], al \\1000:00402141 0000
or ah, [edx+58170411h] \\1000:00402143 0aa211041758
adc eax, [ecx+edx] \\1000:00402149 130411
add al, 0eh \\1000:0040214c 040e
add al, 50h \\1000:0040214e 0450
mov gs, [ecx+32h] \\1000:00402150 8e6932
test eax, 58170811h \\1000:00402153 a911081758
adc ecx, [eax] \\1000:00402158 1308
adc [eax], ecx \\1000:0040215a 1108
adc [edi], eax \\1000:0040215c 1107
mov gs, [ecx+3fh] \\1000:0040215e 8e693f
sub al, ffh \\1000:00402161 2cff
db ff \\1000:00402163 ff
jmp [edx] \\1000:00402164 ff2a
add [eax], al \\1000:00402166 0000
adc esi, [eax] \\1000:00402168 1330
add eax, 8100h \\1000:0040216a 0500810000
add [edx], al \\1000:0040216f 0002
add [eax], al \\1000:00402171 0000
adc [edx+esi*2], eax \\1000:00402173 110472
xor eax, [eax] \\1000:00402176 3300
add [eax+28h], dh \\1000:00402178 007028
add al, [eax] \\1000:0040217b 0200
add [edx], cl \\1000:0040217d 000a
sub al, 09h \\1000:0040217f 2c09
add ebp, [eax] \\1000:00402181 0328
or eax, a0a0000h \\1000:00402183 0d00000a0a
sub eax, [edi] \\1000:00402188 2b07
add al, 28h \\1000:0040218a 0428
push cs \\1000:0040218c 0e
add [eax], al \\1000:0040218d 0000
or cl, [edx] \\1000:0040218f 0a0a
push es \\1000:00402191 06
add eax, f6f1717h \\1000:00402192 0517176f0f
add [eax], al \\1000:00402197 0000
or cl, [ebx] \\1000:00402199 0a0b
push ss \\1000:0040219b 16
lea eax, [edx] \\1000:0040219c 8d02
add [eax], al \\1000:0040219e 0000
add [esi+ecx], ecx \\1000:004021a0 010c0e
add al, 2ch \\1000:004021a3 042c
push cs \\1000:004021a5 260e
add al, 8eh \\1000:004021a7 048e
c160d imul edi, [eax+28dh], d160c01h \\1000:004021a9 69b88d020000010c
sub edx, [eax] \\1000:004021b3 2b10
or [ecx], cl \\1000:004021b5 0809
push cs \\1000:004021b7 0e
add al, 09h \\1000:004021b8 0409
callf 0000:106f9a09h \\1000:004021ba 9a6f100000
or ah, [edx+d581709h] \\1000:004021bf 0aa20917580d
or [esi], ecx \\1000:004021c5 090e
add al, 8eh \\1000:004021c7 048e
imul esi, [edx], 17202e9h \\1000:004021c9 6932e9027201
add [eax], al \\1000:004021cf 0000
jo 4021dah \\1000:004021d1 7007
db 0f \\1000:004021d3 0f
add al, 12h \\1000:004021d4 0412
add ch, [eax] \\1000:004021d6 0228
add [eax], eax \\1000:004021d8 0100
xrefs first: 1000:004021d1 number : 1 \\;
add [esi], al \\1000:004021da 0006
pop es \\1000:004021dc 07
or [edi+11h], ch \\1000:004021dd 086f11
add [eax], al \\1000:004021e0 0000
or dl, [ebx] \\1000:004021e2 0a13
add al, 11h \\1000:004021e4 0411
add al, 0eh \\1000:004021e6 040e
add al, 6fh \\1000:004021e8 046f
adc al, [eax] \\1000:004021ea 1200
add [edx], cl \\1000:004021ec 000a
adc eax, [511002bh] \\1000:004021ee 13052b001105
sub al, [eax] \\1000:004021f4 2a00
add [eax], al \\1000:004021f6 0000
adc esi, [eax] \\1000:004021f8 1330
add eax, 4e00h \\1000:004021fa 05004e0000
add [ebx], al \\1000:004021ff 0003
add [eax], al \\1000:00402201 0000
adc [ebx], eax \\1000:00402203 1103
outsd \\1000:00402205 6f
adc [eax], al \\1000:00402206 1000
add [edx], cl \\1000:00402208 000a
or al, [8db8698eh] \\1000:0040220a 0a058e69b88d
add al, [eax] \\1000:00402210 0200
add [ecx], al \\1000:00402212 0001
or edx, [esi] \\1000:00402214 0b16
or al, 2bh \\1000:00402216 0c2b
db 0f \\1000:00402218 0f
pop es \\1000:00402219 07
or [106f9a08h], al \\1000:0040221a 0805089a6f10
add [eax], al \\1000:00402220 0000
or ah, [edx+c581708h] \\1000:00402222 0aa20817580c
or [eb32698eh], al \\1000:00402228 08058e6932eb
add al, [esi+eax] \\1000:0040222e 020406
lsl edx, [edx] \\1000:00402231 0f0312
add [eax], ebp \\1000:00402234 0128
add [eax], eax \\1000:00402236 0100
add [esi], al \\1000:00402238 0006
push es \\1000:0040223a 06
add al, 07h \\1000:0040223b 0407
outsd \\1000:0040223d 6f
adc eax, [eax] \\1000:0040223e 1300
add [edx], cl \\1000:00402240 000a
or eax, 6f050309h \\1000:00402242 0d0903056f
adc al, 00h \\1000:00402247 1400
add [edx], cl \\1000:00402249 000a
adc eax, [ebx+ebp] \\1000:0040224b 13042b
add [ecx], dl \\1000:0040224e 0011
add al, 2ah \\1000:00402250 042a
add [eax], al \\1000:00402252 0000
adc esi, [eax] \\1000:00402254 1330
add eax, 7600h \\1000:00402256 0500760000
add [eax+eax], al \\1000:0040225b 000400
add [ecx], dl \\1000:0040225e 0011
add al, 72h \\1000:00402260 0472
xor eax, [eax] \\1000:00402262 3300
add [eax+28h], dh \\1000:00402264 007028
add al, [eax] \\1000:00402267 0200
add [edx], cl \\1000:00402269 000a
sub al, 09h \\1000:0040226b 2c09
add ebp, [eax] \\1000:0040226d 0328
or eax, a0a0000h \\1000:0040226f 0d00000a0a
sub eax, [edi] \\1000:00402274 2b07
add al, 28h \\1000:00402276 0428
push cs \\1000:00402278 0e
add [eax], al \\1000:00402279 0000
or cl, [edx] \\1000:0040227b 0a0a
push es \\1000:0040227d 06
add eax, f6f1717h \\1000:0040227e 0517176f0f
add [eax], al \\1000:00402283 0000
or cl, [ebx] \\1000:00402285 0a0b
push cs \\1000:00402287 0e
add eax, 8db8698eh \\1000:00402288 058e69b88d
add al, [eax] \\1000:0040228d 0200
add [ecx], al \\1000:0040228f 0001
or al, 16h \\1000:00402291 0c16
or eax, 908102bh \\1000:00402293 0d2b100809
push cs \\1000:00402298 0e
add eax, 106f9a09h \\1000:00402299 05099a6f10
add [eax], al \\1000:0040229e 0000
or ah, [edx+d581709h] \\1000:004022a0 0aa20917580d
or [esi], ecx \\1000:004022a6 090e
add eax, e932698eh \\1000:004022a8 058e6932e9
add cl, [esi] \\1000:004022ad 020e
add al, 07h \\1000:004022af 0407
db 0f \\1000:004022b1 0f
add eax, 1280212h \\1000:004022b2 0512022801
add [eax], al \\1000:004022b7 0000
push es \\1000:004022b9 06
pop es \\1000:004022ba 07
push cs \\1000:004022bb 0e
add al, 08h \\1000:004022bc 0408
outsd \\1000:004022be 6f
adc eax, [eax] \\1000:004022bf 1300
add [edx], cl \\1000:004022c1 000a
adc eax, [ecx+edx] \\1000:004022c3 130411
add al, 14h \\1000:004022c6 0414
push cs \\1000:004022c8 0e
add eax, 146fh \\1000:004022c9 056f140000
or dl, [ebx] \\1000:004022ce 0a13
add eax, 511002bh \\1000:004022d0 052b001105
sub al, [eax] \\1000:004022d5 2a00
add [ebx], dl \\1000:004022d7 0013
xor [eax+eax], al \\1000:004022d9 300400
jbe 4022deh \\1000:004022dc 7600
xrefs first: 1000:004022dc number : 1 \\;
add fs:[esi+45h], cl \\1000:004034fc 64004e45
push esp \\1000:00403500 54
dec ecx \\1000:00403501 49
xrefs first: 1000:004034b2 number : 1 \\;
outsb \\1000:00403502 6e
jbe 403574h \\1000:00403503 766f
imul esp, [ebp+43h], 6ch \\1000:00403505 6b65436c
popad \\1000:00403509 61
jnc 40357fh \\1000:0040350a 7373
dec ebp \\1000:0040350c 4d
jz 403578h \\1000:0040350d 657468
outsd \\1000:00403510 6f
add fs:[esi+45h], cl \\1000:00403511 64004e45
push esp \\1000:00403515 54
push ebx \\1000:00403516 53
jz 40355fh \\1000:00403517 657445
outsb \\1000:0040351a 6e
jnz 40358ah \\1000:0040351b 756d
push esi \\1000:0040351d 56
xrefs first: 1000:004034b7 number : 1 \\;
popad \\1000:0040351e 61
insb \\1000:0040351f 6c
jnz 403587h \\1000:00403520 7565
add [esi+45h], cl \\1000:00403522 004e45
push esp \\1000:00403525 54
inc edi \\1000:00403526 47
db 65 ;'e' \\1000:00403527 65
xrefs first: 1000:004034be number : 1 \\;
db 74 ;'t' \\1000:00403528 74
db 50 ;'p' \\1000:00403529 50
db 72 ;'r' \\1000:0040352a 72
db 6f ;'o' \\1000:0040352b 6f
db 70 ;'p' \\1000:0040352c 70
db 65 ;'e' \\1000:0040352d 65
db 72 ;'r' \\1000:0040352e 72
db 74 ;'t' \\1000:0040352f 74
db 79 ;'y' \\1000:00403530 79
db 00 \\1000:00403531 00
db 4e ;'n' \\1000:00403532 4e
db 45 ;'e' \\1000:00403533 45
db 54 ;'t' \\1000:00403534 54
db 47 ;'g' \\1000:00403535 47
db 65 ;'e' \\1000:00403536 65
db 74 ;'t' \\1000:00403537 74
db 46 ;'f' \\1000:00403538 46
db 69 ;'i' \\1000:00403539 69
db 65 ;'e' \\1000:0040353a 65
db 6c ;'l' \\1000:0040353b 6c
db 64 ;'d' \\1000:0040353c 64
db 00 \\1000:0040353d 00
could not fit the rest in because of Stack overflow limitions
© Stack Overflow or respective owner