Custom data types and formats
Another new feature that will be available in the upcoming version of IDA Pro is the ability to create and render custom data types and formats. (Embedded instructions disassembled and rendered along side with x86 code)
Scriptable Processor modules
One of the new features we are preparing for the next version of IDA is the ability to write processor modules using your favorite scripting language. After realizing how handy it is to write file loaders using scripting languages, we set out to making the same thing for processor modules. As an exercise for this […]
New IDC improvement in IDA Pro 5.6
Scripting with IDA Pro has always been a very handy feature, not only when used in scripts but also in expressions, breakpoint conditions, form fields, etc… In IDA Pro 5.6 we improved the IDC language and made it more convenient to use by adding objects, exceptions, support for strings with embedded zeroes, string slicing and references.
Practical Appcall examples
Last week we introduced the new Appcall feature in IDA Pro 5.6. Today we will talk a little about how it’s implemented and describe some of the uses of Appcall in various scenarios. How Appcall works Given a function with a correct prototype, the Appcall mechanism works like this: Save the current thread context Serialize the parameters (we […]
Introducing the Appcall feature in IDA Pro 5.6
In this blog entry we are going to talk about the new Appcall feature that was introduced in IDA Pro 5.6. Briefly, Appcall is a mechanism used to call functions inside the debugged program from the debugger or your script as if it were a built-in function. If you’ve used GDB (call command), VS (Immediate window), […]
Debugging ARM code snippets in IDA Pro 5.6 using QEMU emulator
Introduction IDA Pro 5.6 has a new feature: automatic running of the QEMU emulator. It can be used to debug small code snippets directly from the database. In this tutorial we will show how to dynamically run code that can be difficult to analyze statically. Target As an example we will use shellcode from the article “Alphanumeric RISC […]
PDF file loader to extract and analyse shellcode
One of the new features in IDA Pro 5.6 is the possibility to write file loaders using scripts such as IDC or Python. To illustrate this new feature, we are going to explain how to write a file loader using IDC and then we will write a file loader (in Python) that can extract shell […]
Hex-Rays Plugin Contest
We are glad to announce the results of our first plugin contest! For the contest rules, please check this page: http://www.hex-rays.com/contests/ Or you may directly go to the contest results and check out some cool plugins: https://www.hex-rays.com/contests_details/contest2009/ It was our first contest, but we are happy with the results and will repeat it in the near future. Have […]
Hex-Rays is hiring
We are looking for someone to join our team and participate in the development of unique software security tools. The candidates must know low-level details of modern software as well as high-level data structures and algorithms. Requirements: * strong knowledge of C/C++ * experience with Qt and GUI development is a big PLUS * knowledge of x86 assembler and […]
SEH Graph
It is said that a picture is worth a thousand words, and similarly many reversers would agree that a graph is worth a thousand lists! 😉 Recently, we added graphing support into IDAPython and now Python scripts can build interactive graphs. To demonstrate this new addition, we will write a small script that graphs the structured […]