idatips

@idatips

Tips and tricks for everyone's favorite disassembler. Account not run by Hex-Rays.

Vrijeme pridruživanja: rujan 2018.

Tweetovi

Blokirali ste korisnika/cu @idatips

Jeste li sigurni da želite vidjeti te tweetove? Time nećete deblokirati korisnika/cu @idatips

  1. Prikvačeni tweet
    30. ruj 2018.

    Got a tip or trick? Drop me a line!

    Poništi
  2. proslijedio/la je Tweet
    24. sij

    Ever get a pointer to the middle of a struct? Just add the __shifted keyword to the variable's type definition!

    Poništi
  3. proslijedio/la je Tweet
    15. sij
    Poništi
  4. proslijedio/la je Tweet
    27. pro 2019.

    Friday night tweetin' for those that want their Ida and their Ghidra too. Chock full o' bugs no doubt.

    Poništi
  5. proslijedio/la je Tweet
    9. pro 2019.

    how to disable arm macro instruction? Options>General…>Analysis>Kernel option3>Enable macro, uncheck it.

    Poništi
  6. proslijedio/la je Tweet
    14. lis 2019.

    New IDA 7.4 and Decompilers released! Changelog: - IdaPython move to Python 3 - New Local Types editor - Improved GDB support (iOS 13) - Multiple improvements in decompiler engine - Global xrefs directly in pseudocode

    Poništi
  7. proslijedio/la je Tweet
    28. kol 2019.

    Remember that you can trigger actions in IDA's UI using idaapi.process_ui_action(action_name) (get the name from the shortcuts window)

    Poništi
  8. 20. srp 2019.

    Tired of decimal supremacy? Depressed that you recognize -2147483648? Try changing the default radix in hexrays! - change DEFAULT_RADIX in your hexrays.cfg to 16 More info: Thanks to for this tip!

    Poništi
  9. 20. lip 2019.

    One thing to note here: by default IDA assumes your theme is a light theme and places the resulting user.css in %IDAUSR%/themes/default. If you have a dark theme, you'll need to move it to %IDAUSR%/themes/dark/user.css

    Prikaži ovu nit
    Poništi
  10. 19. lip 2019.

    Married to an old .clr color theme? Can't work unless your colours are just right? - In <=IDA7.2, load a .clr and run idaapi.reg_write_int('PortedToCss', 0), then open a file in IDA7.3 to convert - Or run: More info:

    Prikaži ovu nit
    Poništi
  11. 19. lip 2019.

    Make a mistake? IDA 7.3 has undo! - Screw something up, this should be second nature by now - Hit Control-Z - Wow I'd like to take this moment to thank and co for ruining an Aprils fools joke I put nine months of hard labor into >:(

    Poništi
  12. 15. lip 2019.

    Part of the horde working on a BlueKeep exploit with IDA on GNU+Linux? Don't know how to organize your PDB's without _NT_SYMBOL_PATH? Set PDBSYM_DOWNLOAD_PATH in /cfg/pdb.cfg to keep things organized! Thanks to for this tip!

    Poništi
  13. 15. lip 2019.

    - Hexrays tips are great, but I don't have a license so I can't repro them. Please bring your own screenshots and I'll be happy to include them! - Let me know if you want to be credited or not! That's all, submit 'em if you got 'em!

    Prikaži ovu nit
    Poništi
  14. 15. lip 2019.

    With 7.3 coming out we've got some more tips lined up. Quick notes on new tips: - Plugins by themselves generally do not make good tips (for a bunch of reasons) and I find it easier to just try to avoid them. I'm sure yours is great, but please don't be offended if I skip it!

    Prikaži ovu nit
    Poništi
  15. proslijedio/la je Tweet
    20. ožu 2019.
    Poništi
  16. proslijedio/la je Tweet
    25. velj 2019.
    Odgovor korisnicima

    If the DWARF plugin doesn't support type extraction, you can work around by opening the main executable with the DWARF info, then copy the .TIL file and run it through TILIB with the "-#-" option to get a .TIL that can be loaded from the GUI as a type library. Better than nothing

    Poništi
  17. 22. sij 2019.

    Do you write IDApy only to hate it later? amtal wrote up a quick cheat sheet for cleaner IDApy! Check it out here:

    Poništi
  18. 10. sij 2019.

    Working with standard constants which aren't imported by default? Before spending forever trying to create a clean header to import remember to check the local types view! - Use a reference (MSDN, manpages, etc) to identify your type - Search in local types - Sync

    Poništi
  19. proslijedio/la je Tweet
    27. pro 2018.
    Odgovor korisnicima

    And now, after hours of that super complex structure, you can use SyntheticTypes JS () to use it directly in your debugger

    Poništi
  20. 13. pro 2018.

    Reversing C++ and want to trim the horizontal width of your basic blocks? Maybe you're tired of manged names? Get IDA to display them... marginally nicer! - Options -> Demangled names... - Select 'Names' Thanks to for finding this in a paper by gorlist

    Poništi
  21. 10. pro 2018.

    We love IDA's navigation bar, but did you know it can visualize more than the default categories? - Click the menu on the right - Select what you're interested in, e.g. xrefs to LoadFile - Click Ok - Enjoy your visual xref locations! Thanks to for this tip!

    Poništi

Čini se da učitavanje traje već neko vrijeme.

Twitter je možda preopterećen ili ima kratkotrajnih poteškoća u radu. Pokušajte ponovno ili potražite dodatne informacije u odjeljku Status Twittera.

    Možda bi vam se svidjelo i ovo:

    ·