P32Dasm - VB 5/6 PCode/Native Decompiler/Disassembler

[DARKER]

2.5 - [14.06.2009] - Slovakia Release
* Changed app font for better language support
* Fixed storing wrong window possition
* Fixed displaying other language characters (tested on Russian, check screen)
* Word over cursor support other languages (take word divided by spaces)
 (Beware! Due some RichTextBox bug or unicode problems some strings with special REGIONAL CHARACTERS will be not found in main window!)
* Fixed Word over cursor string length extraction for other languages
* Fixed crash on some VB5 apps
+ Possibility select and apply font charset for better output (language support)
+ Search in tree
+ Added support for Events of DBLIST32.OCX, DBGRID32.OCX, MSDATGRD.OCX, MSCOMM32.OCX, MSCHRT20.OCX, MSMASK32.OCX

Download
http://progress-tools.110mb.com/p32dasm.zip

[DARKER]

Pripravil som pre vas vianocny darcek - novu verziu P32Dasm :-) Tento release pridava niektore velmi silne "features" ktore ti pomozu analyzovat VB5/6 aplikacie detailnejsie. Viac objektov je rozoznanych, viac procedur je identifikovanych so skutocnym menom, v niektorych pripadoch .ocx, .dll suborov su pridane aj parametre s realnymi menami a typmi plus dodatocne informacie ako Enumeratory, Konstanty, Eventy a Properties. Bolo tam vykonanej dost prace a dufam ze si vychutnate tuto novu verziu. Vas najlepsi nastroj na reversing VB5/6 aplikacii je pripraveny na pouzitie :-)

2.6 - [24.12.2009] - Christmas Release
+ Added procedure names identification
+ More objects recognition
+ Added reading more details (Enumerators, Constants, Events and Properties)
+ Added new Events icon for better resolution
+ Internal code tidy up and changes for displaying better debug info
+ More procedures details identified on some strange type apps (NCode)
- Removed displaying of procedure names list in output (moved to real names)
* fixed working of MRU files
* Fixed bug: missing end address in one procedure NCode object
* Fixed some GUI problems when app use visual styles

Download
http://progress-tools.110mb.com/p32dasm.zip

[Conflict]

Pouziva se VB 6 i dnes? Prece jenom je to vyvojovy prostredi z roku 98. Nepouziva se vic VB .NET? Slo by pdasm pouzit i na VB .NET?

[DARKER]

Cudoval by si sa, ale pouziva sa aj teraz a v porovnani s VB.NET je v nom napisanych este stale viac aplikacii. Co sa tyka bezpecnosti tak je stara VB6 na tom lepsie lebo kod kompiluje do ASM alebo PCodu co na rozdiel od .NET je menej citatelne kde si vytiahnes skoro cely zdrojak :-)
Nie neslo, VB.NET je sice na podobnom principe ako PCode ale je to trosku ina technologia. Nebol by to problem ale naco robit nieco co uz je hotove :-)

[Z!L0G80]

malware v VB je tez docela bezna vec ,dik

[Master]

Pripadne ruzne skripty a makra treba v excelu.

[DARKER]

Takze mam pre vas vianocny darcek - novu verziu P32Dasm :-) Viac menej vam pomoze v analyzovani VB6-5 NCode apps pri zaradovani neznamych procedur pod moduly a je tam pridana podpora pre IDA Visual Basic Debugger plugin (nepytajte sa nan, lebo je to majetok jednej nemenovanej avir firmy :-)

2.7 - [04.12.2010] - "Another start" Release
+ Added support for IDA Visual Basic Debugger plugin (source export)
+ Added "Heurestic assign unknown procedures into objects" (not all but it helps a lot of in native code apps!)
+ Adding VB5 SubMain to list of procedures if it's missing in list
+ Added parameters to some opcodes
* Fixed Drag & Drop files into P32Dasm

Download
http://progress-tools.x10.mx/p32dasm.zip

(je to mirror, lebo main site sa neda updatovat)

[Z!L0G80]

dobra prace ako vzdy uz to naky cas betatestujem :DD

[DARKER]

2.8 - [24.05.2011] - "It's my life" Release
+ Added identification of some created objects
+ Added identification of some CALLs and Objects
* Fixed some unknown CALLs
+ Better CALLs naming
+ Small speed up
+ Added better procedure naming in NCode (also for calls)
+ Better naming of Unknown Events
* Fixed export of some procedure names to IDA Visual Basic Debugger plugin
+ Possibility open any file extension (renamed malware or virus)
+ Default save extension: check if it's enabled Coloring and then set *.txt/*.rtf
+ Some changes in output formating
+ Now selected text is default string for searching
+ Removed some false alarm messages (In DB doesn't exist)
* Fixed crash on some big applications
* Fixed load and jump to offset in Hiew if cursor is not on address
+ Added display object offset and object ID in controls tree over mouse cursor, also included in export (Copy All) Usefull if you want manualy patch default control properties: label, enabled, disabled, visible, timer values ...
+ Added object ID to controls tree output
* Fixed wrong Event identification in some cases
+ Added identification of Private/Public function/procedures
+ Added identification of parameter names
- Removed some non usefull counters

Download
http://progress-tools.x10.mx/p32dasm.zip