Below we’re counting the number of lines of the ida.cfg configuration file, which is basically just a text file: The ida.cfg contains quite a log of configuration options. Obviously ida.cfg stores most common configuration options, while idagui.cfg applies to the graphical user interface and idatui.cfg applies to the command line version of Ida. We don’t really have to explain what each of the configuration files store, since their names speak for themselves. But the most important configuration files are those that govern the use of Ida and they are the following:
Most of the configuration files are named after their processor name like sparc, ppc those configuration files are important only when analyzing the executable for that particular processor. We can see that there are a lot of configuration files stored in the cfg/ directory. The author of this article assumes you're already familiar with IDA HOME or IDA 78k0s.cfg avr.cfg clsid.cfg dsp561xx.cfg f2mc16l.cfg hcs12.cfg i960.cfg kr1878.cfg mips.xml pdb.cfg ppc.cfg sparc.xml templates.xml tms320c55.cfgĦ808.cfg ad218x.cfg bochsrc.cfg cr16.cfg dsp563xx.cfg f2mc16lx.cfg hcs12x.cfg i960.xml m32r.cfg mn102l00.cfg pe.cfg ppc.xml st10.cfg tlcs900.cfg xbe.cfgĦ811.cfg alpha.cfg c166.cfg dbg_bochs.cfg dsp566xx.cfg fr.cfg hexrays.cfg ida.cfg m740.cfg n64.cfg pe.xml ppcdcr.cfg st20.cfg tms32054.xml z180.cfgĦ812.cfg alpha.xml c166v1.cfg dbg_gdb.cfg dsp56k.cfg gdb_arch.cfg hppa.xml idagui.cfg m7700.cfg noret.cfg pic12.cfg psx.cfg st7.cfg tms32055.xmlĦ816.cfg arm.xml c166v2.cfg dbg_wince.cfg exceptions.cfg h8.cfg hpux.cfg idatui.cfg m7900.cfg oakdsp.cfg pic14.cfg python.cfg st9.cfg tms320c3.cfgħ8k0.cfg atrap.cfg c39.cfg dbg_windbg.cfg f2mc.xml h8500.xml i51.cfg kernel.xml mc68.xml pc.xml pic16.cfg sh3.cfg super10.cfg tms320c54.cfg
Therefore a direct comparison static vs dynamic analysis is not that straightforward. Any protected executable (read obfuscated) must be dumped from memory and the IAT may need to be fixed manually before a binary can be properly analysed statically despite tools used. Here is a list of free alternatives to IDA that are currently included in the article: HEX DEREF and GHIDRAĭepending on your reverse engineering task, often you will have to do a full analysisīy combining both techniques. If you need to do dynamic analysis, try out HEX DEREF because as it has one of the most fastest, if not the fastest code analysis feature (an initial analysis in IDA PRO). I would start off with Ghidra (intended for static analysis).
If you're looking for free IDA alternatives. This article covers free IDA PRO alternatives, IDA HOME alternatives and IDA-like alternatives that are in active development, are somewhat rival to IDA PRO, suitable either for static or dynamic analysis and has a disassembler and debugger.
0 kommentar(er)
