Bochs debugger plugin is in alpha stage now, all of the 3 loaders mentioned in the previous blog entry, are now complete.
Read MoreThe last week Elias ran a sample malware in the Bochs emulator and I was curious to see what it exactly does. So I took the unpacked version of the malware and fed it into the decompiler. It turned out to be a pretty short downloadler (different AV vendors give it different names: Lighty […]
Read MoreThe next version of IDA will be released with a bochs debugger plugin, and what is nice about it is that you will be able to use it easily by just downloading bochs executables and telling IDA where to find them.
Read MoreThe idea to use BITS to download files from the internet is not new. If you check the corresponding page from Wikipedia, you will find that Background Intelligent Transfer Service (BITS) is a component of modern Microsoft Windows operating systems that facilitates prioritized, throttled, and asynchronous transfer of files between machines using idle network bandwidth. The […]
Read MoreThis is not the first book about IDA Pro. However, this is the first book I recommend to anyone using IDA Pro because of the following points: Comprehensive: it describes all major IDA features by starting at the beginning and going all the way to the end. Experienced users may be tempted to skip the first few chapters; […]
Read MoreI’m happy to tell you that Mr. Elias Bachaalany has joined our development team! He is one of keenest and most knowledgeable IDA users. Elias bought his first copy of IDA long ago while he was a student. Immediately after that he contacted us with tons of questions, suggestions, ideas how to improve things, etc. While […]
Read MoreGood news for real iPhone fans: we ported IDA to iPhone! It can handle any application and provides the same analysis as on other platforms. It is funny to see IDA on a such small device:
Read MoreWalking the stack and trying to reconstruct the call stack is a challenge (especially if no or little symbolic information is present) and there are many questions to be answered in order to have a correct call stack: Determining return address Determining the boundary of the caller function Distinguishing between pointers to callbacks and return addresses Determining stack frames … In […]
Read MoreHave you ever tried to create a debugger for Mac OS X? It is an adventurous enterprise with lots of unexpected (should I say unforeseeable?) problems. This guy tried and described his adventures in this entertaining post: http://www.matasano.com/log/1100/what-ive-been-doing-on-my-summer-vacation-or-it-has-to-work-otherwise-gdb-wouldnt/ His post reminded me of all problems we faced with the first version of the IDA debugger for iMac. […]
Read More