ARTEAM EZINE ISSUE IV
4.3
FILLING OUR REVERSING LABORATORY
Fortunately for us, some tools are in existence (debugger ) which will make our life easier. We have the option to crack the application with dead listing or with the live approach. Also we have in our hands an emulator and we will load our programs. 1. 2. 3. 4. 5. 6. 7.
Here is the approach that we will follow: Choosing which PalmOS we will use Install the software on our emulator Wait till finishes Find the correct patch Change correctly the bytecodes, later more info Test the application by loading into the emulator(or real Palm)
Repack the new .prc file to distribute our patched application
4.3.1 EXISTING TOOLS TO HANDLE PRC FILES SouthDebugger: This debugger is Java-based and specifically designed for the Palm OS. This program has a memory dump, trap breakpoints and a notes section. You can log addresses and register values. It will become our Olly for Palm.
PRCEdit: PRCedit is a graphical frontend for pilotdis and splitprc. PRCedit has an own splitprc built in but it still can use the original program. PilotDis: This Disassembler was originally created to overcome the "Crash" problem that "PilDis" had when disassembling certain .prc files. Debuffer: We can analyze the alive code. Something like Numega Softice, but freeware edition. Palm OS emulator: We will load the applications to test like being our real palm.
Primer on Reversing PalmOS Applications Extended Edition by, Wast3d_Bytes, Suntzu
82