About
Articles
Book Store
Distributed RCE
Downloads
Event Calendar
Forums
Live Discussion
Reference Library
RSS Feeds
Search
Store
Users
What's New
Customize Theme
bluegrey
blackgreen
metal
simple
Flag:
Tornado!
Hurricane!
Login:
Password:
Remember Me
Register
OpenRCE Article Comments:
Reversing Microsoft Visual C++ Part II: Classes, Methods and RTTI
Article Abstract
Microsoft Visual C++ is the most widely used compiler for Win32 so it is important for the Win32 reverser to be familiar with its inner working. Being able to recognize the compiler-generated glue code helps to quickly concentrate on the actual code written by the programmer. It also helps in recovering the high-level structure of the program.
In part II of this 2-part article (see also:
Part I: Exception Handling
), I will cover how C++ machinery is implemented in MSVC, including classes layout, virtual functions, RTTI. Familiarity with basic C++ and assembly language is assumed.
Full Article ...
Printer Friendly ...
Article Comments
linestyle
Posted: Thursday, September 21 2006 20:02.11 CDT
great work!!:)
MohammadHosein
Posted: Friday, September 22 2006 15:23.54 CDT
actually didnt read the whole article yet , but seems very informative . the undocumented VC's switch was very interesting , would you like to share how did you find it and are there any other undocumented switches ? :)
igorsk
Posted: Friday, September 22 2006 16:30.48 CDT
Well, I was disassembling c1xx to check how it does certain things and sort of stumbled upon it. There are a lot of hidden options, but I didn't really investigate them that much. Here's a page that has a huge list with some described:
http://members.ozemail.com.au/~geoffch@ozemail.com.au/samples/programming/msvc/cl/
dnix
Posted: Tuesday, August 19 2008 03:32.23 CDT
wonder whether these structures found by these scripts could be added to the IDA structures so one choose them from add struct var
Sirmabus
Posted: Wednesday, December 24 2008 00:45.52 CST
Thanks the vtable finder/namer script functionality is great help. In particular over a very large target with over a 1000 vtables.
I read the article some time ago, but finally got around to experimenting.
It's probably way over looked, people probably don't know how usefull it is on such targets with lots of vtables. You have to try it to understand..
I think I may expand the idea into a plug-in and add some more features like a list/log window, etc.
Phenomenal work!
Sirmabus
Posted: Thursday, January 22 2009 04:26.19 CST
<Here's my plug-in>
Externalist
Posted: Thursday, January 29 2009 20:58.09 CST
I've also read this some time ago but never really got a chance to recognize the full power until recently when I got involved in a C++ reversing project.
This is truely awesome along with Part I of this article. I could say I gained tons from this. Thanks alot for the contribution!! And also, thanks for the plugin with extended features Sirmabus. :)
Add New Comment
Comment:
Active in Last 5 Minutes
Mackwa
There are
16,647
total registered users.
Recently Created Topics
SSL keyfindert plugi...
Mar/15
ApiHooks.com down
Mar/15
how to crate a PATC...
Mar/10
wsnpoem audio.dll
Mar/09
suggestions - RE tra...
Mar/09
Requesting Suggestio...
Mar/06
Force enable debug p...
Mar/05
upgrading new image ...
Mar/03
upgrading new image ...
Mar/03
upgrading new image ...
Mar/03
Recent Forum Posts
how to crate a PATC...
comrade
ApiHooks.com down
comrade
suggestions - RE tra...
enm16
wsnpoem audio.dll
zhane
suggestions - RE tra...
Silkut
how to crate a PATC...
Silkut
suggestions - RE tra...
RolfRolles
wsnpoem audio.dll
debbie
Requesting Suggestio...
secursig
Requesting Suggestio...
phn1x
Recent Blog Entries
RolfRolles
Mar/08
Compiler Optimizations for ...
ReWolf
Mar/04
When memory management goes...
thesprawler
Feb/20
log1949.txt -- Wondering ho...
thesprawler
Feb/20
log1949.log -- created on C...
thesprawler
Feb/17
Trying to reverse the firmw...
More ...
Recent Blog Comments
Boken
on:
Mar/12
Compiler Optimizations for ...
wildinto
on:
Mar/10
Compiler Optimizations for ...
Orr
on:
Mar/10
Compiler Optimizations for ...
bughoho
on:
Mar/09
Compiler Optimizations for ...
cliffwolf
on:
Mar/08
Compiler Optimizations for ...
More ...
Imagery
SoySauce Blueprint
Jun 6, 2008
[+] expand
View Gallery
(11) /
Submit
![[+] expand](/imagery/files/soysauce_blueprint.gif){kind=link}