Interactive Disassembler

Interactive Disassembler

The Interactive Disassembler, more commonly known as simply IDA, is a commercial disassembler widely used for reverse engineering. It supports a variety of executable formats for different processors and operating systems. It also can be used as a debugger for Windows PE, Mac OS X Mach-O, and Linux ELF executables.

Although IDA performs a large degree of automatic code analysis to a certain extent, leveraging cross-references between code sections, knowledge of parameters of API calls, and other information, it is focused on being interactive. A typical IDA user will begin with an automatically generated disassembly listing and then rename, annotate, or otherwise add information to the listing, until it becomes clear what it does, creating an effective reverse-engineering.

Created as a shareware application by Ilfak Guilfanov, it was later turned into a commercial product by DataRescue, a Belgian company, who improved it and sold it under the name IDA Pro. In 2007, Guilfanov founded Hex-Rays to pursue the development of the Hex-Rays Decompiler IDA extension. In January 2008, Hex-Rays assumed the development and support of Datarescue's IDA Pro.

Ilfak is the main author of IDA (Interactive Disassembler Pro).

Scripting

"IDC scripts" make it possible to extend the operation of the disassembler. Some helpful scripts are provided, which can serve as the basis for user written scripts. Most frequently scripts are used for extra modification of the generated code. For example, external symbol tables can be loaded thereby using the function names of the original source code. There are websites devoted to IDA scripts and offer assistance for frequently arising problems.

Users have created plugins that allow other common scripting languages to be used instead of, or in addition to, IDC. [http://www.metasploit.com/users/spoonm/idarub/ IdaRUB] supports Ruby and [http://www.d-dome.net/idapython IDAPython] adds support for Python.

Supported systems/processors/compilers

* Operating systems
** x86 Windows GUI
** x86 Windows console
** x86 Linux console
** x86 Mac OS X
** ARM Windows CE
* Executable file formats
** PE (Windows)
** ELF (Linux, most *BSD)
** Mach-O (Mac OS X)
** Netware .exe
** OS/2 .exe
** Geos .exe
** raw binary, such as a ROM image
* Processors
** Intel 80x86 family
** ARM, including thumb code
** Motorola 68xxx/h8
** Zilog Z80
** MOS Technology 6502
** Intel i860
** DEC Alpha
** Analog Devices ADSP218x
** Angstrem KR1878
** Atmel AVR series
** DEC series PDP11
** Fujitsu F2MC16L/F2MC16LX
** Fujitsu FR 32-bit Family
** Hitachi SH3/SH3B/SH4/SH4B
** Hitachi H8: h8300/h8300a/h8s300/h8500
** Intel 196 series: 80196/80196NP
** Intel 51 series: 8051/80251b/80251s/80930b/80930s
** Intel i960 series
** Intel ia64 series
** Java virtual machine
** MIPS: mipsb/mipsl/mipsr/mipsrl/r5900b/r5900l
** Microchip PIC: PIC12Cxx/PIC16Cxx/PIC18Cxx
** MSIL
** Mitsubishi 7700 Family: m7700/m7750
** Mitsubishi m32/m32rx
** Mitsubishi m740
** Mitsubishi m7900
** Motorola DSP 5600x Family: dsp561xx/dsp5663xx/dsp566xx/dsp56k
** Motorola ColdFire
** Motorola HCS12
** NEC 78K0/78K0S
** PA-RISC
** PowerPC
** SGS-Thomson ST20/ST20c4/ST7
** SPARC Family
** Samsung SAM8
** Siemens C166 series
** TMS320Cxxx series
* Compiler/libraries (for automatic library function recognition)
** Borland C++ 5.x for DOS/Windows
** Borland C++ 3.1
** Borland C Builder v4 for DOS/Windows
** GNU C++ for Cygwin
** MS C (16 bit) for DOS/Windows
** MS Visual Studio .NET
** MS Visual C++ v6
** Watcom C++ (16/32 bit) for DOS/OS2
** ARM C v1.2
** GNU C++ for Unix/common

References

*cite book |title= |last=Eilam |first=Eldad |year=2005 |publisher=Wiley Publishing |isbn=0764574817 |pages=595
*cite book|title=The IDA Pro Book: The Unofficial Guide to the World's Most Popular Disassembler|last=Eagle |first=Chris|year=2008|publisher=No Starch Press|isbn=9781593271787

External links

* [http://www.hex-rays.com/idapro/ English-language IDA Pro home page]
* [http://www.idapro.ru/ Russian-language IDA Pro home page]
* [http://www.hex-rays.com/idapro/idadownfreeware.htm IDA Pro 4.9 Freeware Version download]
* [http://www.openrce.org OpenRCE.org: Large collection of IDA plug-ins and scripts]


Wikimedia Foundation. 2010.

Игры ⚽ Нужно сделать НИР?

Look at other dictionaries:

  • Interactive Disassembler — En informática, Interactive Disassembler (Desensamblador Interactivo), más conocido por su acrónimo IDA, es un desensamblador empleado para ingeniería inversa. Soporta una variedad de formatos ejecutables para diferentes procesadores y sistemas… …   Wikipedia Español

  • The Interactive Disassembler — (kurz IDA) ist ein Disassembler, der es ermöglicht, Binärcode in Assembler Quelltext umzuwandeln. Er unterstützt Prozessoren verschiedener Hersteller und Prozessorfamilien. Bei der automatischen Analyse des Binärcodes zieht IDA den benutzten… …   Deutsch Wikipedia

  • Disassembler — A disassembler is a computer program that translates machine language into assembly language the inverse operation to that of an assembler. A disassembler differs from a decompiler, which targets a high level language rather than an assembly… …   Wikipedia

  • Packet Assembler/Disassembler — A packet assembler/disassembler, abbreviated PAD is a communications device which provides multiple asynchronous terminal connectivity to an X.25 (packet switching) network or host computer. It collects data from a group of terminals and places… …   Wikipedia

  • Lazer's Interactive Symbolic Assembler — (Lisa) is an interactive MOS 6502 assembler for Apple II computers written by Randall Hyde in the late 1970s.The latest version of Lisa is V3.2. Syntax mistakes can be reported immediately in the edit mode. Lisa can assemble about 30,000 lines of …   Wikipedia

  • Reverse engineering — is the process of discovering the technological principles of a device, object, or system through analysis of its structure, function, and operation. It often involves taking something (e.g., a mechanical device, electronic component, software… …   Wikipedia

  • Disassemblieren — Ein Disassembler ist ein Computerprogramm, das die binär kodierte Maschinensprache eines ausführbaren Programmes in eine für Menschen lesbarere Assemblersprache umwandelt. Er ist also ein spezieller Übersetzer, der den umgekehrten Arbeitsvorgang… …   Deutsch Wikipedia

  • Disassemblierung — Ein Disassembler ist ein Computerprogramm, das die binär kodierte Maschinensprache eines ausführbaren Programmes in eine für Menschen lesbarere Assemblersprache umwandelt. Er ist also ein spezieller Übersetzer, der den umgekehrten Arbeitsvorgang… …   Deutsch Wikipedia

  • Debuggen — Ein Debugger (von engl. bug im Sinne von Programmfehler) ist ein Werkzeug zum Diagnostizieren, Auffinden und Beheben von Fehlern in Computersystemen, dabei vor allem in Programmen, aber auch in der für die Ausführung benötigten Hardware.… …   Deutsch Wikipedia

  • Debugging — Ein Debugger (von engl. bug im Sinne von Programmfehler) ist ein Werkzeug zum Diagnostizieren, Auffinden und Beheben von Fehlern in Computersystemen, dabei vor allem in Programmen, aber auch in der für die Ausführung benötigten Hardware.… …   Deutsch Wikipedia

Share the article and excerpts

Direct link
Do a right-click on the link above
and select “Copy Link”