A Few Suggestions
The hardest step in a journey is often the first. Here are a few suggestions to help you on your way.
- Start with a small project (< 1KB). If you haven't disassembled code before, this is the time to play with different conventions, like whether to use MixedCase or underscore_separated or SCREAMING_CAPS for labels.
- Use the program thoroughly. Understand all of what it does.
- Begin each project by separating code from data. Identify external entry points, format tables of addresses, and find JSRs that are followed by inline data. Write an extension script to handle the inlines so you won't keep tripping over them. If parts of the program are relocated to a different address, set the appropriate address overrides. Progress will be easier once you get code, data, and junk identified and arranged in memory.
- Start with easily identifiable pieces. If a chunk of code is reading from the keyboard, you can make reasonable guesses about the purpose of the code that interacts with it. The start of the program is often the hardest place to start, because it usually just initializes a bunch of stuff you haven't identified.
- Expect to figure out little pieces. Use what you learn from these to figure out other little pieces. It's a jigsaw puzzle, not a book.
- Don't get discouraged if there's a ton of code that you can't make sense of. It won't at first. Keep chipping away.
- Read On Disassembly for additional thoughts.