IDA Pro being and old and time-proven platform for binary analysis, many plugins grew on it. There are custom made plugins for new processors and file formats. There are deobfuscators, exporters, data visualizers, object reconstructors and other stuff.
This short entry is just to tell you that the decompiler got a name: Hex-Rays and it goes to the phase of closed beta testing. The qualified beta testers already received their copies and I have some very positive feedback. Thank you, guys! For the curious about the decompiler, I put the user manual online. It […]
If you used IDA Pro for a while, you might have noted that it contents itself with simple things. It neatly displays the disassembly listing. It allows you to improve the listing by adding names and comments. You can manually define your symbols, types, functions. IDA itself can add some types and discover some program properties, but overall the performed […]
Sometimes unexpected detours are necessary to reach the goal. Take this simple assembly code:
A decompiler is commonly viewed as a tool to recover the source code of a program, the same way as a disassembler is a tool to convert a binary executable program to an assembler text. This is true in some cases but only in some.
So far this is the absolute record for the binary size of one division/remainder/multiplication operation:
Even unobfuscated code is difficult to understand. Look at this function. Can you tell its purpose?