A binary analysis tool like a decompiler is incomplete without a programming interface.
Sure, decompilers tremendously facilitate binary analysis. You can concentrate
of the program logic expressed in a familiar way. Just add comments, rename variables
and functions to get almost the original source code, almost perfect. However, quite often there
is a small ugly detail and the output falls short of being satisfactory.
Continue reading Hex-Rays SDK is ready!
If you ever used IDA to analyze embedded stuff, you would immediately notice its pc-centric nature. While any embedded SDK targets specific devices with real-world part numbers, IDA just provides you with a universal analysis framework. You are supposed to know how the device works, its idiosyncrasies, programming model, memory organization, and all other practical stuff. If there is an automatic way to determine the entry point or interrupt vectors, IDA will use it but in general you will have to find out the correct parameters yourself.
The following tutorial fills the gap for C166 (and explains many other things!):
A month ago I received a support request:
If I have an instruction like
mov eax, [edi-0ch]
and I know that that’s really the sum of an offset to a structure not
at edi and the offset of a member within that structure, how do I get
IDA to display it as such without using a manual operand?
A legitimate question, which is somewhat hard to answer.
Continue reading Negated structure offsets
What happened to OpenRCE, does anyone know? It would be a pity to lose such a nice resource.
This news is not a bright one neither but I hope that the explanation for openrce is purely technical.