Sourcer has been the best disassembler for x86 code before IDA hit the scene. If you can’t imagine how world looked like without IDA (and it’s different clones) please read further.
The philosophy of Sourcer never changed during its development. Looking at early and last version (8.1) GUI, you know immediately that this is Sourcer and you just need to press ‘G‘ to start disassembly. So onced you’ve mastered the first version, you could handle the last one without any additional learning. This is quite different from IDA where over the years several versions provided quite important changes both to GUI and functionality (Python integration, graphs etc.)
Below is main Sourcer screen from the last version: as you can see very minor changes were introduced to UI over the years.
If you invoke Sourcer with file name it will try to open the file. If you just invoke it without passing any file name Sourcer will ask you to provide one on the main screen before proceeding further. Sourcer is not able do disassemble directly from memory. If you want to diassemble area of memory you need to dump it to a file first. This limitation has impact on companion product Bios Preprocessor. Sourcer also accept a number of switches from command line. Use -? option to display all available switches. For example If you dislike newer Sourcer look you can disable it using -v option. To speed up disassembly process a bit you can use -n1 -f.
One great feature of Sourcer UI is that you can see how most basic options will influence disassembly:
When Sourcer finishes disassembly it exits automatically to DOS and displays summary:
The summary screen – unsurprisingly like the rest of UI- didn’t evolved much during Sourcer development:
Sourcer 8.1 supports up to Pentium III. You can select the output to be compatible with one of the following assemblers syntax:
- MASM 6.11
- MASM 6.1
- MASM 6.0
- MASM 5.1
- MASM 5.0
- MASM 4.0
- TASM 5.0
- TASM 4.0
- TASM 3.2
- TASM 3.1
- TASM 3.0
- TASM 2.x
- TASM 1.0
OPTASM by SLR Systems assembler is worth mentioning. It was assembler competing first with MASM, later with TASM on the market. It got a number of devoted fans who liked its features and compilation speed. OPTASM was partially compatible with MASM. Later the company got sold to Symantec and their other product OPTLINK has been part of Zortech C++ package.
BIOS Preprocessor is and add-on to Sourcer enabling BIOS disassembly. In order to use a preprocessor, Sourcer is needed. The package comes with utility that allows to dump BIOS and video adapter ROM from your machine. This also work under DOSBox.
V Communication has been marketing this product using one of customer testimony that disassembly listing provided by Sourcer is actually more clean than the source code provided by BIOS manufacturer.
Windows Source is an add-on to Sources enabling it disassembling Windows 16 and 32-bit files including DLL and VxD. Originally written by Andrew Schulman later development has been picked up by Clive Turvey. The page of last Windows Source author is still available here.
Internally Windows Source is implemented using AWK. AWK has been ported from Unix to DOS by Thomson Automation Software and called TAWK Compiler. The Unix heritage resulted in DOS Extender employment. Thomson Automation Software used DOS/4GW.
Employment of AWK shouldn’t been surprising since Andrew Schulman used it in the past for disassembling DOS. This approach has been demonstrated in his brilliant “Undocumented DOS” books.
Both Bios Preprocessor and Windows Source use Sourcer as a front-end.
Sourcer comes with set of additional tools, INTVIEW being one example. As others V Communications utilities it is simple to use but elegant (in DOS interface terms obviously).
INTVIEW let’s you inspect real mode Interrupt Vector Table. This could be handy utility in some cases, but on the other hand you can do the same (except comments) with DOS DEBUG utility or any other debugger. Secondly it doesn’t detect protected/v86 mode where IDT would be more appropriate.
Overall it is a simple utility, nice but not crucial add-on inside Sourcer package.
The name says it all – it is another patch utility. It could be convient in some cases. On the other hand someone who probably were using Sourcer also had a set of other development tools including debuggers. DOS DEBUG could also be used for patching. Nobody would buy Sourcer because of PATCH utility but it could be handy in some cases. On the other hand it is always nice to have a set of tools from one vendor.
One thing that would set PATCH utility apart from other similar tools of the era: it understand COM, EXE and NE file formats.
Like with PATCH case the name says it all. UNPACK tries to unpack packed EXE files. I plan to review UNPACK abilities at one point in separate post.
It is worth mentioning that Sourcer is capable of detecting packed files during file loading. It will display proper warning before you can proceed with disassembly, giving you a chance to run UNPACK before you attempt to disassemble resulting file (assuming UNPACK succeeded). It is a pity that SR doesn’t run UNPACK automatically but I guess this was due to memory constrains. Anyway idea to add UNPACK to Sourcer makes a lot of sense.
Books by Sourcer authors
Frank van Gilluwe – original Sourcer developer and President of V Communication – has written both editions of brilliant “The Undocumented PC” book. I am planning to write a review of those books soon.
Andrew Schulman has written and coauthored number of excellent books in the “Undocumented” series including both edition of “Undocumented DOS”, “Undocumented Windows” and “Unauthorized Windows 95” to name a few.
Why Sourcer eventually failed on the market?
Sourcer became instant hit (in disassembler market niche) shortly after its first release and had been considered number one disassembler for a number of years. Why isn’t it still with us?
I think the biggest reason was Sourcer philosophy based on automatic disassembly without allowing any interaction with a user after disassembly process starts. This is one of biggest IDA advantages over Sourcer and other disassemblers from same era. Rise of compressed (hence addition of UNPACK utility), encrypted or otherwise protected from disassembly binaries requested more and more manual interaction. Running Sourcer over and over on executable with multiple layers of encryption or compression was a very time consuming practice and it still requaired usage of external debugger like Periscope for example. One disassembler that predates Sourcer is ASMGEN and it allows some interaction but the user interface is realized through a control file. Not the best UI but don’t forget we are talking about a program from the ’80. I knew people who were so proficient in using ASMGEN that they had serious doubts and problems moving to Sourcer and only development of new processors and file formats eventually made them to take this step.
Another reason were tools like HIEW (still in development today and popular in antimalware circles) that allowed instant disassembly, while Sourcer (especially on bigger files) requires more time before you can access disassembly. As a side note it is worth mentioning the internal disassemblers of debuggers also were improved over the years.
The original developer of Sourcer V Communication survived in a different form still providing utilities for PC, but dropped supported for Sourcer line of products long time ago. You can visit them at this link: www.v-comm.com