Arm interactive disassembler

[dominicbeesley]

I've been poking around in various arm binaries and partial disassemblies and was wondering if there are any good, free, interactive disassemblers. In the past I've used https://6502bench.com/ with good results for making various 6502 and 65816 diassemblies.

I remember BITD there were a few for the Arc but I'd really prefer something that ran on Windows or Linux. I did find this https://onlinedisassembler.com/ online one but it seems pretty limited

Any ideas - I'm probably not using the right search terms?

D

[spanners]

You'll be wanting Ghidra, Binary Ninja or radare2.

D.

[dominicbeesley]

Thanks, I'd forgotten Ghidra - I had somehow thought it was x86 only. I've used it in the past to get DOS working on my machine - it's a bit clunky but hopefully it should serve.

The others look like probable "no"s, paid for binary ninja and too faffy for radare2.

I'm half tempted to have a go at something myself but really don't need another rabbit hole to disappear down!

On a similar vein any recommendations for a nice cross assemblers for ARM - I might go gcc but I really don't like the syntax. I've been trying vasm, is there a cross assembler that takes the same syntax as that used in the ROOL sources?

D

[dp11]

one more just to add to the list : https://salmanarif.bitbucket.io/visual/

[dominicbeesley]

Thanks Dominic,

That looks prettier than Ghidra which I'm currently fighting with but making progress. I'll give it a try later!

D

[spanners]

Whoops, I forgot that Binary Ninja was paid for. Hopper <https://www.hopperapp.com/> is paid for but isn't too bad price wise - £89.

I see there's now a fork of radare2 called Rizin and it's got a decent looking GUI called Cutter <https://cutter.re/>. I'll have to try that out sometime.

Honourable mention for ARMalyser <https://armclub.org.uk/free/> which isn't interactive but was built to pull apart RISC OS formats.

D.

[dominicbeesley]

Thanks again,

I need to reinstall Virtual RPC and have a look at Armalyser - I'm sure I remember something from the 90's that I ran on the A3000 that I used to reverse engineer some demos and some code that I'd lost the sources, was it something to do with !Zap?

I'll have a work through all those this evening if I get a chance and can cool down enough to concentrate!

D

[spanners]

There was Dissi by BASS, and Diss by Doggysoft. Zap's got the disassembler mode but it's not great for recreating sources.

D.

[IanJeffray]

And there's my !ArmTool. Interactive desktop disassembler and assembler (you can enter assembly instructions 'live' whilst editing a binary). Knows RISC OS modules and AOF and can generate symbolic labels for branches and things like that.

[dominicbeesley]

Ah it is flooding back now. I think I used both dissi and diss. Will they run on a RiscPC - perfect excuse to get mine working again.

Ian I will look at !ArmTool too.

Thanks both

[gtoal]

I just noticed this thread. Back in the Acorn days I created an ARM disassembler out of an instruction decoder that we got from 3L (the compiler writers).

https://gtoal.com/acorn/arm/adec.imp

with a binary in https://gtoal.com/acorn/arm/ADEC.tar (since you're unlikely to recompile an Imp program)

It does a bit of a tree walk and knows about modules. Unfortunately the hard-coded module names were just what happened to be in
my own machine at the time, so a good chance that they won't work in modern systems.

I thought you could just plug in the addresses on the command line but apparently not. Maybe that was a later version. So lucky I guess that
the tar file contains enough to rebuild the binary

I have a BBC 6502 disassembler somewhere too that knows about OsBytes etc, but it hasn't surfaced yet.

G

[dominicbeesley]

Thanks Graham. I'll add these to my stash of resources. I've now had a bash at a basic disassembler for my online debugger but it didn't do anything clever with code walking as yet.

I've never come across Imp before... another thing to read up on!

[spanners]

Another one for the list: DisAssem by Henrik Bjerregaard Pedersen <https://henrikbp.riscos.fr/>

D.

[gtoal]

Dominic - not usable code, but as an FYI... I've made a start on a generic tree-walking disassembler: https://gtoal.com/SBTPROJECT/generic/ - if you find yourself writing a new one from scratch, there may be some hints in there that will save some research. Best disassembly technique is to get some help from an emulator in identifying opcodes vs data. Especially for a specific system where you can look at the parameters of known procedure calls and identify them (eg graphics calls and associated data structures, for example sprites)