This is kind of an unorthodox question. I'm kinda new to using IDA Pro. Is there a way to edit the assembly code and then have IDA save the result as an executable? Is there some kind of plugin maybe that does that? because it seems that IDA doesn't want to save as an EXE. Or do I need to manually edit it in some other way? ...
I made my changes using IDA but I don't know how to make the new file exe again ...
Say there is a buggy program that contains a sprintf() and i want to change it to a snprintf so it doesn't have a buffer overflow.. how do I do that in IDA?? ...
Hi all, I'm debugging remotely a windows XP machine. One of my drivers is loaded at address 0xb2c4c000 up to 0xb2cb9680. Now when I open my driver in IDA, the offset I want to set a breakpoint on is at 00017619. How can I effectively match my IDA address into windbg? I've tried the obvious which is to sum 0xb2c4c000 + 00017619 = 0xB2...
I have an existing IDA Pro project for a C166 processor embedded application. This project already has many functions, variables, etc defined. There are different versions of the embedded application I am looking at. The different versions of the application are 99% the same, but with slight variations in code and data that cause functi...
After using IDA Pro to disassemble a x86 dll, I found this code (Comments added by me in pusedo-c code. I hope they're correct): test ebx, ebx ; if (ebx == false) jz short loc_6385A34B ; Jump to 0x6385a34b mov eax, [ebx+84h] ; eax = *(ebx+0x84) mov ecx, [esi+84h] ; ecx = *(esi+0x84) mov al, [eax+30h] ; al ...
So, while using IDA to disassemble a dll, I came across this class function: mov eax, [ecx+4] mov eax, [eax] retn I know ecx means this and eax is the return value, but I fail to understand what it returns. Any help? ...
I found a particularly important function using IDA Pro. However, the source is very large and I'm sure I'll lose track of it soon. Is there a way to "flag" the function as important, color code it, or something similar? ...
I've been messing around with IDA Pro and trying to disassemble my own products just for the sake of it. I've noticed a couple of things I don't understand because my assembly language knowledge is terrible. Here is a little chunk of code which invokes CGContextSetRGBStrokeColor. CGContextSetRGBStrokeColor(ctx, 1, 1, 1, 1); In IDA i...
Hi! Recently I was trying to learn more about Windows Kernel. I downloaded right symbols for my sys(win7 x64 free). I run IDA and open ntoskrnl.exe. IDA asked whether to attach pdb file. But most of functions were not resolved - sub_XXXXXX. So I ran Windbg, I unassembled randomly chosen function which has to be in ntoskrnl - KiSystemCall...
running on windows 7, 32bit home pro I created a very simple few line app in visual studio 2008 , compiled and linked with standard libraries in release mode into executable test.exe. The code in c is as follows: char* test = "h"; int main() { _asm { push 0xFEEDBACC; } MessageBoxA(0,test,test,0); } which res...