.I'm attempting to do some work using IDA, and I'd like to disassemble a PE file from the command line. Currently I'm using the command:
idaw -a -B test.exe
Which creates the test.idb and test.asm files. I'm only really interested in the assembly that it generates in the asm file, however it is doing some interesting things that I'd like to get rid of.
First of all, the assembly seems to do some kind of analysis that modifies movs and jmps so that they are using offsets, an example is here:
mov [esp+18h+var_18], 8
Where the variable var_18 has the value -18, essentially meaning that there is no offset. Is there a way to get rid of this offset analysis or to just have the disassembler put in actual numeric offsets rather than using variables? I tried modifying the ida.cfg but none of the options seemed to solve this problem.
The next thing I'd like is to be able to see the hex codes beside instructions, and the addresses that they start at. I'm not necessarily interested in the hex codes, but they're an easy way to tell the length of an instruction. If there is a way to print the length of the instruction beside each instruction, that would be even better.
Anyone help with this would be much appreciated, thanks a lot.
![[+] expand](/imagery/files/soysauce_blueprint.gif){kind=link}