Uncategorized

IDA Pro 7.1 released

“With this version of IDA we publish the decompiler intermediate language: the microcode. We were planning to do it since very long time but the microcode was constantly evolving, we could not do it. After ten years of evolution it looks mature and ready to be published. We believe that it will permit our users to implement much more powerful and higher level analysis algorithms than before. In the future we plan to use the microcode in IDA too: if the decompiler is present, the analysis will be improved automatically. “

https://hex-rays.com/products/ida/7.1/index.shtml

https://hex-rays.com/products/ida/7.1/microcode.png

 

Standard
Uncategorized

IDA releases Freeware 7.0 update

https://www.hex-rays.com/products/ida/support/download_freeware.shtml

The freeware version of IDA v7.0 has the following limitations:

no commercial use is allowed
lacks all features introduced in IDA > v7.0
lacks support for many processors, file formats, debugging etc…
comes without technical support

 

Standard
Uncategorized

Cutter 1.0 released (GUI for radare2)

Re: https://firmwaresecurity.com/2017/09/25/iaito-becomes-cutter/

Cutter 1.0 has been released:

https://github.com/radareorg/cutter/releases/tag/v1.0
http://radare.org/

See-also:
https://insinuator.net/2016/10/reverse-engineering-with-radare2-part-3/
https://radare.gitbooks.io/radare2book/content/
https://github.com/ifding/radare2-tutorial

Screenshot

Standard
Uncategorized

REmatch: binary diffing framework

“REmatch, a complete binary diffing framework that is free and strives to be open source and community driven.

REmatch, a simple binary diffing utility that just works. At least, we hope it will be. Rematch is still a work in progress and is not fully functional at the moment. We’re currently working on bringing up basic functionality. Check us out again soon or watch for updates! It is intended to be used by reverse engineers by revealing and identifying previously reverse engineered similar functions and migrating documentation and annotations to current IDB. It does that by locally collecting data about functions in your IDB and uploading that information to a web service (which you’re supposed to set up as well). Upon request, the web service can match your functions against all (or part) of previously uploaded functions and provide matches. A secondary goal of this (which is not currently pursued) is to allow synchronization between multiple reverse engineers working on the same file. The goal of REmatch is to act as a maintained, extendable, open source tool for advanced assembly function-level binary comparison and matching. Rematch will be a completely open source and free (as in speech) community-driven tool. We support buttom-up organizational methods and desire Rematch to be heavily influenced by it’s users (both in decision making and development).[…]”

 

https://github.com/nirizr/rematch

Standard
Uncategorized

IDA Pro 7.0 released

https://www.hex-rays.com/products/ida/7.0/index.shtml

https://hex-rays.com/products/decompiler/news.shtml#170914

Standard
Uncategorized

Anti-disassembly on ARM with IDA

[…]So what else is cool about this is, this is just one combination of invalid bytes that creates a PLD instruction the processor can ingest. There’s all sorts of combinations that will cause this same thing to happen

https://kbdsmoke.me/anti-disassembly-on-arm-ida-specifically/

Standard