Flag: Tornado!
Hurricane!
|
|
 No blog entries found for specified user.
Topic created on: by  .
I added several hotkeys to my ida:
- shift-I: repeat current manual IDC script.
- shift-O: change selection to offsets
- shift-G: change selection to guids
- shift-A: change selection to unicode + ascii strings
* tries to automatically find out what is ascii, what is unicode, what is alignment padding.
- shift-D: change selection to dwords
- shift-P: parse selection as p-data section
- shift-U: summarize selection of '?' unknowns
- shift-X: swap 2 instructions - fixing relative offsets in arm + x86.
* very useful to reorder instructions to clear up code.
- shift-T: set this struct. .. function needs to be named as "objname_methodname" .. the object itself needs to be named "struc_objname"
then it finds all references to the 'this' ptr, and changes them to structure references.
- shift-H: help + info on current line.
and i created a function 'Table' which takes a format pattern, and can then changes the current selection according to that pattern, ... like 'wwdal' to create {short, short, dword, ascii, align)
.. and more
see http://nah6.com/~itsme/cvs-xdadevtools/ida/idcscripts/
and http://www.xs4all.nl/~itsme/projects/disassemblers/ida.html
willem
|
|
To keep in the spirit of this post. I posted a quick little script that will rename ja to ja_unsigned. It does with all jxx instructions. This makes for quicker analysis in some areas. You can download the script from my file repository.
|
ASCII_PREFIX = "str->" // This prefix used when a new
// name is generated
// changed from 'a' to 'str->'
MAX_NAMES_LENGTH = 128 // Maximal length of new names
// (specify values up to 511)
// increased this to 128
NameChars = "$?@->" // asm chars, added '-' and '>'
Pedram,
Though you may have gotten the "str->" string identifier modification from Nicolas Brulez, the first time I saw it suggested was in 98/99 by a cracker named Mammon_ (it might be "_Mammon" -I don't quite remember the exact text of the pseudonym). As far as I know, Mammon_ wrote the very first flow graphing software used with IDA.
JCR
|
|
JCR: ahhh, interesting to see where that little customization originated from. I recently decided I no longer like it actually and have switched to 'str.' ;-)
|
Note: Registration is required to post to the forums.
|
|
|
|
There are 31,328 total registered users.
|
|
![[+] expand](/imagery/files/soysauce_blueprint.gif){kind=link}