Interactive Disassembler

The Interactive Disassembler ( IDA short ) is a disassembler, which makes it possible to convert binary code in assembler source code. It supports processors from different manufacturers and processor families. For the automatic analysis of the binary code IDA pulls the compiler used into consideration. This results in a particularly high recognition rate of library functions and their names that greatly simplify the understanding of the generated code later.

The ability to interactively engage in the analysis of binary codes gives the advanced user the possibility of his knowledge of the program or its structure to be included in with the decoding. Finally, a program does not decode correctly 100% capable of a binary code and benefited from the interaction of the user.

Thus falsely interpreted as code data is converted to the correct representation and complex data structures and data types can be specified in IDA. When converting data into code a function-based analysis of the code is carried out automatically and this appropriately structured and equipped with jump labels or names.

In newer versions of IDA has the ability to Intel processors run the binary under his control and to put up with a debugger breakpoints. This opens up new possibilities for understanding the program flow of the analyzed binary result.

Scripting

Extensions, called IDC scripts allow the extension of the functionality. There are already included some useful scripts that can serve as a template for your own extension. The most common script for further modification of the generated code can be used. Thus, external symbol tables loaded and thus the function name of the original source code to be restored.

There are some websites that specifically deal with the scripting of IDA and offer aid to common problems.

Areas of application

IDA is suitable for the analysis of their own programs - for example, to check the effectiveness of a compiler used - as well as for the analysis of other programs. For crackers this is the basis for the more detailed understanding of a computer program, and changing to the removal of copy protection mechanisms.

Supported Systems

  • Operating Systems Microsoft Windows
  • Linux
  • Mac OS X
  • Processors Intel 80x86/Pentium/i960
  • ARM Risc
  • Motorola 68xxx/h8
  • Zilog Z80, MOS Technology 6502, Intel 8051, Intel i860, DEC PDP -11
  • Compiler GNU C for Unix / common
  • GNU C for Cygwin
  • Borland C Builder v4 for DOS / Windows
  • Borland C 3.1
  • Borland C 5.x for DOS / Windows
  • Microsoft C (16 bit) for DOS / Windows
  • Microsoft Visual C v6
  • Microsoft Visual Studio. NET
  • Watcom C ( 16/32 bit) for DOS/OS2
  • ARM C v1.2
769865
de