In Olly Dbg, there is an option to search for "All Referenced Text Strings." Is there a way to do something similar in WinDBG?
So far, I have tried the following:
s -[l4]sa 0x0 L?0xFFFFFFFF
This, however, returns a ton of garbage. Any ideas on how to reduce this to a more manageable list of strings (and maybe where they are referenced?) the way Olly does?
You might have a look at this book and try the suggested tips and tricks..
There are wonderful WinDbg commands dpu (UNICODE strings) and dpa (ASCII strings) and other d** equivalents like dpp....
Related
So I am trying to reverse a program and crack it but I am not able to find any of the Strings through searching for "referenced Strings" or "binary Strings", I am new to OllyDBG and I don't know a lot about it, which is why this is driving me crazy. I'd like to know how or where I can find the Strings then or if there is another method of finding a given Assembly Line where I could start.
Thank you already :)
Edit: If you need any more information, just ask and I'll deliver it.
Already asked in ReverseEngineering Stackexchange but it seems like nobody there knows or has the time to answer.
searching for All referenced strings only show you some function that push address of string but it cant find the address when calculate the address before.
here is a good idea:
press Alt + M and press Ctrl + B and search. it will find any string.
and then select the memory and use memory break-point for selected memory.
In OllyDBG it is not egal where you do the search. If you search in memory dum window, it will search in only one page. But if you search on memory pages window, it will run through all the pages looking for your string. Also, try searching for utf16 chars.
If you are in the right module Alt+E where the strings should be and you still could not find, the program could have hid it as an anti debugging measure, you may try to track it down by setting breakpoints on Symbolic Names Ctrol+N(which may be hid too) or try using the button method (which is very bad)
I'm searching for a tool that converts text to phonemes, (like text to speech software)
I can program one but it will not be without errors and takes a lot of time!
so my question is:
is there a simple tool for converting e.g.
"hello" to "HH AH0 L OW1"
maybe some command-line tool so i can capture the stdout?
i'm searching for the phonemes in 'Arpabet' style (see the 'hello' example).
espeak does something like that but the output is not in Arpabet style and the phonemes are
not split by some determiner.
If you had searched for Arpabet on wiki you would have found your answer. The CMU guys have prepared scripts which convert most english words to their respective Arpabet phonetic break up.
If you want the phone sequence of a couple of words you can use their interface here. But, if you want it for a big file then you might have to run their scripts on your own. They used to have a working page here, but it seems to be not working now.
I have written matlab programs that produce plots and tables for chemical substances. I get my input mostly from excel tables and a local MySql database. My problem is quite a few substance names contain greek letters.
My problem is I want to create plots that use exactly the names specified by my collegues. And also create tables that show the correct symbol.
An example:
If I create an excel file containing: "α-Methylstyrol" in the first cell and read it with [~,~,tmp] = xlsread('test.xlsx'). tmp will contain '(box with question mark)-Methylstyrol'. If I use the string in a plot (title(tmp)) it will be shown as: '(right arrow)-Methylstyrol'
So far I tried the native2unicode and unicode2native commands on the string but there is no effect. Also I tried replacing the characters but the number of characters I need to replace is growing way too fast for me - so I'm really hoping there would be a more systematic way.
(We know there are also names that wouldn't contain greek letters - but we try to adhere to some guidelines which prefer these names.)
As far as I understand, Matlab does not support unicode nicely. However, it is possible to type greek letters in image titles using LaTex syntax.
title('\alpha-Methanol')
Even though it is not the nicest solution, I think it should be possible to replace unicode symbols with LaTex keywords.
I think, your problem is, that xlsread is not even getting the correct greek letter out of your sheet.
Just give jexcelapi or poi a try. Both links lead to java classes for importing xls-files. In MATLAB you only need to add the jar-file to you path via javaaddpath and the next steps are like basic java coding.
One of the problems I have with Google is that it seems to strip special characters like dots, commas and some other special characters, which are usually what I'm looking for when I'm trying to find anything programming-related
ex: django # sign returns irrelevant data. Perhaps you know a way (or an alternative/technique) to make this possible?
Related Questions
Effective Googling for short names
Why would M# be harder to Google than C#?
If you're looking for actual code examples, you can try code.google.com. Otherwise, the safest bet is to find the main website for whatever language you've got questions about and look around there, although a little digging is likely to turn it up on google.
Have you tried http://www.google.com/codesearch?
This is not a programming question per se but a question about searching source code files, which help me in programming.
I use a search tool, X1, which quickly tells me which source code files contain some keywords I am looking for. However it doesn't work well for keywords which have punctuation attached to them. For example, if I search for "show()", X1 shows everything that has "show" in it including the too many results from "MessageBox.Show(.....)" which I don't want to see.
Another example: I need to filter to show ".parent" (notice the dot) and not show everything that has "parent" (no dot) in it.
Anyone knows a text search tool which can filter by keywords that have punctuation? I really prefer a desktop app instead of web based tool like Google (I find it clunky).
I am looking for a tool which indexes words and not a general file searcher like Windows File Explorer.
If you want to search code files efficiently for keywords and punctuation,
consider the SD Source Code Search Engine. It indexes each source langauge according
to langage-specific rules, so it knows exactly the identifiers, keywords,
strings, comments, operators in that langauge and indexes it according to
those elements. It will handle a wide variety of languages: C, C++, Java, VB6, C#, COBOL,
all at once.
Your first query would be posed as:
I=show - I=MessageBox ... '('
(locate identifiers named "show" but eliminate those that are overlapped by
MessageBox leftparen).
You second query would be posed as simply
'.' I=parent
See http://www.semanticdesigns.com/Products/SearchEngine/index.html
It seem to be the job of tools like ctags and cscope.
Ctags is used to index declarations of source files (many languages supported) and Cscope for in-depth c file analysis.
These tools are more suited for a per project use in my opinion. Moreover, you may need to use another tool to use these index, I use vim myself for this purpose, but many text editors use ctags.
The tool from DTSearch.com.