State-of-the-art binary code analysis tools
A handful of our users have already requested information regarding the Qt 5.6.3 build, that is shipped with IDA 7.1. Configure options Here are the options that were used to build the libraries on: Windows: …\5.6.3\configure.bat “-nomake” “tests” “-qtnamespace” “QT” “-confirm-license” “-accessibility” “-opensource” “-force-debug-info” “-platform” “win32-msvc2015” “-opengl” “desktop” “-prefix” “C:/Qt/5.6.3-x64” Note that you will have […]
With IDA 7.0 switching fully to native x64 architecture, we also switched to the x64 Python which brought some new issues but also exposed some we’ve seen before. This post tries to summarize the most common issues we’ve seen our users encounter as well as suggestions about how to fix them or at […]
A handful of our users have already requested information regarding the Qt 5.6.0 build, that is shipped with IDA 7.0. Configure options Here are the options that were used to build the libraries on: Windows: …\5.6.0\configure.bat “-nomake” “tests” “-qtnamespace” “QT” “-confirm-license” “-accessibility” “-opensource” “-force-debug-info” “-platform” “win32-msvc2015” “-opengl” “desktop” “-prefix” “C:/Qt/5.6.0-x64” Note that you will have to […]
Sorry for the long silence since IDA v6.95, we all were incredibly busy with the transition to the 64-bit version. We are happy to say now that we are close to the finish line and will announce the beta test soon. Transition to x64 itself was not that hard. We have been compiling IDA in x64 […]
A handful of our users have already requested information regarding the Qt 5.6.0 build, that is shipped with IDA 6.95. Configure options Here are the options that were used to build the libraries on: Windows: …\5.6.0\configure.bat “-nomake” “tests” “-qtnamespace” “QT” “-confirm-license” “-accessibility” “-opensource” “-force-debug-info” “-platform” “win32-msvc2015” “-opengl” “desktop” “-prefix” “C:/Qt/5.6.0” Note that you will have […]
A handful of our users have already requested information regarding the Qt 5.4.1 build, that is shipped with IDA 6.9. Configure options Here are the options that were used to build the libraries on: Windows: …\5.4.1\configure.bat “-debug-and-release” “-nomake” “tests” “-qtnamespace” “QT” “-confirm-license” “-accessibility” “-platform” “win32-msvc2015” “-opengl” “desktop” “-force-debug-info” “-prefix” “C:/Qt/5.4.1” Note that you will have […]
Intended audience Plugin writers, either using the C SDK or IDAPython, who would like to add actions/commands to IDA UI in order to augment its capabilities. Rationale: before 6.7 APIs galore Depending on what type of context you were in, various APIs were available to you: Want to add a main menu item? add_menu_item(const char *menupath, const char *name, const char […]
One of the new features of IDA 6.6 is the Dalvik debugger, which allows us to debug Dalvik binaries on the bytecode level. Let us see how it can help when analysing Dalvik files. Encoded strings Let us consider the package with the encrypted strings: STRINGS:0001F143 unk_1F143:.byte 0x30 # 0 # DATA XREF: STR_IDS:off_70 STRINGS:0001F144 aFda8sohchnidgh: .string “FDA8sOhCHNidghM2hzFxMXUsivl2k7hFOhkJrW7O2ml8qLVM”,0 STRINGS:0001F144 […]
Target audience You may want to read this if you have been writing an IDA C++ plugin, that itself uses the CPython runtime. Prior art In 2010, Elias Bachaalany wrote a blog post about extending IDAPython: http://www.hexblog.com/?p=126 Note that this is not about writing your own plugins in Python. Rather, that blog post instruct on how you may […]
I’m happy to present you a guest post by David Zimmer <dzzie@yahoo.com>. The approach he describes can be used to develop plugins more conveniently (but not limited to that): In this article we are going to discuss a mechanism that can be used to interact with IDA through external applications. The reason this technique was developed was […]