PDA

View Full Version : w32dasm cannot find string/text while searching.


doit1ce
November 27th, 2013, 05:49
w32dasm cannot find string/text/Reference string while searching.

can anyone tell me how to find?

esther
November 27th, 2013, 07:05
use ollydbg or IDA

doit1ce
November 27th, 2013, 07:16
Quote:
[Originally Posted by esther;95804]use ollydbg or IDA


I found the tutorial with w32dasm.
I used ollydbg it says
unable to start file: "path of file"

and IDA is not opening like w32dasm because for the tutorial that
i have using hiew should be giving the address.

If I can find address of the string for the NAG with IDA then that will be very helpful.

esther
November 27th, 2013, 07:22
I'm not sure what kind of format is your exe file is ,IDA is the best tool to open any exe file

doit1ce
November 27th, 2013, 07:32
Quote:
[Originally Posted by esther;95806]I'm not sure what kind of format is your exe file is ,IDA is the best tool to open any exe file


I am win7 x64.
While in task manager I find, *.exe,and not *32.exe.

so, That means, it is 64 bit, right?

so, how can if find string in ida?

esther
November 27th, 2013, 07:43
ollydbg doesn't works in 64bit I think,search the forum might find the anwser.

I don't use IDA but I searched and found this on google.

* In IDA, just load the file and perform a binary search (press Alt+B), then look at the address. You can also check for cross-references to the string by pressing x.

doit1ce
November 27th, 2013, 07:46
Quote:
[Originally Posted by esther;95808]ollydbg doesn't works in 64bit I think,search the forum might find the anwser.

I don't use IDA but I searched and found this on google.

* In IDA, just load the file and perform a binary search (press Alt+B), then look at the address. You can also check for cross-references to the string by pressing x.


Yes, you are right.

Thanks I can find the text just checked with Alt+B.

Hope this will remove the NAG.

doit1ce
November 27th, 2013, 08:35
I found one many lines with same address.

What should be the next stage?

Here is it.

2856



Edited.2013 Nov 30

Used the windbg and solved the problem.
Thank you for the help.

disavowed
December 1st, 2013, 20:03
Looks like it's packed. You'll need to unpack it (or let it unpack itself) before you can search for your string.

NeOXOeN
December 2nd, 2013, 10:04
search for lena tutorial and watch .. it will make a lot of stuff clear for you..


bye NEO

doit1ce
December 3rd, 2013, 07:34
Quote:
[Originally Posted by disavowed;95820]Looks like it's packed. You'll need to unpack it (or let it unpack itself) before you can search for your string.


What should i use to unpack?sorry for my noob Question.


Quote:
[Originally Posted by NeOXOeN;95821]search for lena tutorial and watch .. it will make a lot of stuff clear for you..


bye NEO


I had one the len tutorial that swf version right? N yes You are right.I should try to learn.thank you.