Looking for backdoor in exe

[Guthro]

I play an online game.
The makers are poor at updates so a third party has developed a fix for an ongoing problem.
This fix is in the form of an alternate front end client and has been accepted by the hosts of the game as a stopgap fix.
This game is written in Delphi and the fix has also been written in Delphi.
I've been trying to find signs of an IP address or some sign of a backdoor/trojan in this fix.
Lack of firewall permission requests and after looking at the code with a hex editor, it looks like this fix is probably safe.
Is there anyway to check for a backdoor in a compliled exe ?
Much of the code in the hex editor is unreadable so it might be hidden in this.


My Feeblegirl.com Forum boards for mmorpgs, sport, fun, politics...

http://www.jediknightsforum.com

 

[whosrdaddy]

if it is made in Delphui, you can use the dede disassembler to check most of it's code. I use it for occasional "hacking" when I don't have the source code for a partiular component

check it out:

http://delphi.about.com/od/devutilities/a/decompiling.htm

-----------------------------------------------------
What You See Is What You Get
Never underestimate tha powah of tha google!

 

[Guthro]

Thanks.
I had a look and found a Lite version.
It worked well and I could see the main procedures etc but a lot of the code was assembler so I can't really work out all the Mov, Call codes etc.
Nothing ugly jumped out though so it looks less of a threat.

My Feeblegirl.com Forum boards for mmorpgs, sport, fun, politics...

http://www.jediknightsforum.com