Article directory
1. What is IDA?
The full name of IDA is Interactive Disassembler Professional (Interactive Disassembler Professional). People call it IDA for short. It is the best static decompilation software at present. It is an indispensable tool for many members of the 0day world and ShellCode security analysts! IDA Pro is an interactive, programmable, scalable, multi-processor, cross- Windows or Linux WinCE MacOS platform host to analyze programs, and is recognized as the best reverse engineering tool money can buy. IDA Pro has become the de facto standard for analyzing hostile code and has rapidly established itself as an important tool in the attack research field. It supports dozens of CPU instruction sets including Intel x86 , x64 , MIPS , PowerPC , ARM , Z80 , 68000, c8051 and so on.
2. Installation Guide
1. Free download URL
Ida Free - Hex Rays (hex-rays.com) Click to jump. If you can't jump, just search IDA with any search engine to jump out.
2. Installation steps
Open the download website as shown in the figure below, select download.
Then choose a version that suits you and install it. I chose the first one
Just download and install, the installation process is not difficult.
3. User Guide
1. Open the file
Easy way: first open IDA, the following interface appears
Directly drag the file to be opened to this interface to open the file. After dragging, the interface is as follows. Select the corresponding option according to the format of the file to be displayed to open the file.
As shown in the figure above, the left window is the function list window, the right window is the assembly code disassembled by IDA, and the bottom window is the information during the disassembly process of the file.
2. Introduction of the menu
First, enter the IDA interface and you can see the following menu bar:
Next, I will introduce the corresponding functions for you in turn.
File: used to open, create, load, save, close a file or database
Edit: Used to edit the disassembly code
Jump: used to jump to a certain location, address or a window
Search: Used to search code snippets, data, errors, etc.
View: The display method used to display the content of the file
Debugger: debugger, integrated in IDA
Lumina: perform various operations on metadata
Options: You can make some personalized settings
Windows
Help
3. File disassembly shortcut
Press F5 to quickly disassemble, and convert the file assembly language into pseudocode, which is convenient for users to analyze.
Summarize
The above is my personal rough knowledge about the novice using IDA. I refer to Baidu Encyclopedia and the article https://blog.csdn.net/z786849296/article/details/83211633 , I hope to continue to learn, welcome friends We point out the shortcomings and put forward thinking!