General Info Welcome to the home page of WIntruder. If you're looking for a nice debugger for Windows 95/98 we guess you've found one. WIntruder features an integrated debugger, which is pretty useful if you want to know what exactly your program does. You may view the entire memory or system structures like the GDT. If you want to cheat in a game, just use the memory analysis function, set hardware breakpoints and modify the code using the integrated assembler. And if you're interested in where programs store their configuration data run the registry monitor and change whatever you want using the registry editor. There are a lot more features, so we're going to list those we think are most important. Features: colored disassembler, memory view/dump inline 32bit assembler (including special opcodes of the 486, Pentium, PII, MMX) memory analysis message hooks, window structure display... easy address handling using commented address tables hex/oct/bin/dec calculator view and modify registers/FPU registers set hardware breakpoints registry monitor and editor file access monitor view an modifydescriptor tables and a lot more... System Requirements In contrast to Intruder needing just DOS WIntruder requires a working Windows 95/98 installation which sometimes is a little harder to get... in principle a i386 should be enough, we wouldn't try it... Windows 95/98 enough memory to run Windows 95/98 and the program you want to debug plus about 2MB for WIntruder just a label Download WIntruder You may download the unregistered version right here. If you want to register contact us and look at the Legal Stuff. However, there's no difference between the registered and the unregistered version except a little motivation screen (for reminding you, that there's a registered version available too). Note: You won't be able to use all the nice features of WIntruder (e.g. how you may drag and drop addresses...) without having read the help file. NOTE: The version of WIntruder available for download right now is still a BETA version. You may encounter severe bugs. WIntruder BETA (zipped 1714kB) You can contact us for sending your suggestions and hints, if you have problems using WIntruder, if you have found a bug in the program (obviously this is the most improbable reason to write us) or if you are a very nice person and want to register WIntruder. For registering download the 'WIntruder registration form' above. just a label Legal Stuff WIntruder is Shareware. This means you can use the program for some time without paying for it. If you like the program you should remember that programming is something that takes time. So wouldn't it be fair if you'd register your copy of Intruder?! (Anyway, the little "motivation screen" that pop's up every now and then is a "feature" the registered version is lacking.) Some other restrictions: You can distribute and use (see the text above) the program as long as you: do not change the distribution file(s) or any part of it/them do not use it for commercial purposes or 'earning money' in general do not reengineer or disassemble any part of the program Anyway we'd appreciate it if you'd send us an email to tell us your opinion about the program and what should be improved. just a label The Debugger The debugger of WIntruder is the central part, the part we've put the most work into to make it as convenient as possible. It uses a colored display to improve readability of the program code. You can step though the code instruction by instruction, jump over subroutine calls, execute the program until the end of the subroutines or another module is reached... You can also change the code using the integrated inline assembler. While stepping through the code you may do whatever you want, like changing registry entries, modifying memory or any register. Since most of the time one is dealing with addresses and labels during debugging, you'll like the address table, where you can store your addresses using drag'n drop, comment each address, and retrieve them for use in the disassembler, memory view... Not satisfied how windows arranges the memory for you? Why not change the descriptor tables to get access to the whole memory? Although nobody can guarantee that windows keeps running after you change an entry in the PM interrupt table, modifying the IO permission bitmap already proofed to be very useful. Analyzing memory, window structure, call structure... Memory analysis is most useful if you're looking for the spot of action... e.g. your health points in a game or just any variable of program whose value you want to track. Since it's possible to restrict the analysis to certain modules and behaviour (like increasing values, constant...) you don't need to work your way through masses of data. Once you've found the variable you may set a breakpoint on it to see every piece of code modifying this data. Monitoring registry access and editing the registry Have you ever tried to find where a program stores some configuration data, if it's not in a file and not where it should be in the registry. That's what we've tried. So we've written this registry monitor which monitors all registry accesses by the program being debugged. You may search and filter the result. And if you've found what you were looking for, use the built-in registry editor and configure the program yourself. And if that's not sufficient, try the file access monitor, which logs all the read, write, seek, open, close, and whatsoever accesses to the file system of the program. Now if you think, that's a program which could be useful, that's exactly what we think, go ahead and give it a try. fvsudden@yahoo.com