During the work with binaries, IDA sometimes shows warnings to inform the user about unusual or potentially dangerous behavior or asks questions: Hiding messages For some of such messages there is a checkbox “Don’t Display this message again”. If you enable it before answering or confirming the message (hint: you can press ‘D’ to Read More
Quick rename can be useful when you have code which copies data around so the variable names stay the same or similar. However, sometimes there is a way to get rid of duplicate variables altogether. Reasons for duplicate variables Even if in the source code a specific variable may appear only once, on the machine code […]
Read MoreOne of the features added in IDA 7.6 was automatic renaming of variables in the decompiler. Unlike PIT, it is not limited to stack variables but also handles variables stored in registers and not just calls but also assignments and some other expressions. It also tries to interpret function names which include a verb […]
Read MoreThis is a guest entry written by Markus Gaasedelen from RET2 SYSTEMS. His views and opinions are his own, and not those of Hex-Rays. Any technical or maintenance issues regarding the code herein should be directed to him, through the github.com repository. Refreshing IDA’s Binary Patching Workflow Patching assembly code to change the behavior of an […]
Read MoreAs part of the 7.7 release, IDA bundles a new C++ parser based on the libclang library from the LLVM project. In addition to that, we wrote a new command-line utility, which allows you to build custom type libraries from C/C++ codebases. (Note: this link is protected by the download area password, included in […]
Read MoreIn C, union is a type similar to a struct but in which all members (possibly of different types) occupy the same memory, overlapping each other. They are used, for example, when there is a need to interpret the same data in different ways, or to save memory when storing data of different types […]
Read MoreMany features of IDA and other disassemblers are taken for granted nowadays but it’s not always been the case. As one example, let’s consider automatic variable naming. A little bit of history In the first versions, IDA did not differ much from a dumb disassembler with comments and renaming and showed pretty much raw instructions with […]
Read MoreEven though Python 2 has been end-of-life’d on January 1st, 2020, we have until now been providing IDAPython builds that can run on a Python 2 runtime. But usage of Python 2 runtimes has been discouraged for a while now by the Python community, and official downloads for Python 2 for certain systems simply on which IDA runs, don’t exist […]
Read MoreThe first 2022 IDA training session will take place online from 16-20 and 23-25 May 2022 , from 9am Pacific Standard Time. The session is devised to help professional reverse engineers master IDA Pro, the de-facto industry standard reverse engineering tool and take their reversing skills to the next level. Provided by the experts behind […]
Read MoreOutput window is part of IDA’s default desktop layout and shows various messages from IDA and possibly third-party components (plugins, processor modules, scripts…). It also contains the Command-line interface (CLI) input box. Opening the Output window Although it is present by default, it is possible to close this window, or use a desktop layout without it. […]
Read More