IDA 7 - ARM Dissassembler Demo & Qemu - General Discussion and Assistance

Hardware_Hacker

322

IDA 7 - ARM Dissassembler Demo & Qemu

« on: 28 / September / 2017, 03:21:08 »

Advertisements

What's new in IDA 7.0.170914 (Released on September 14, 2017)
here:- https://www.hex-rays.com/products/ida/news.shtml
Reasons for API changes in 7.0

"...IDA 7.0 consists of x86_64 binaries (as opposed to all previous versions, which consisted of i386 binaries).
This has the very unfortunate side-effect that all existing binary plugins will stop working..."

"...If something doesn't work/isn't there anymore, it's likely an omission from our side.
In that case, please let us know about any missing bits & pieces, that you believe should be there and that we might have forgotten!..."

"...There are still two variants of IDA: one supporting 32-bit (ea_t is 32-bit) and the other 64-bit address space (ea_t is 64-bit).
IDA database extensions remain correspondingly '.idb' and '.i64'..."

More Info here:- https://www.hex-rays.com/products/ida/7.0/docs/api70_porting_guide.shtml

(The Demo IDA 7.0 Has NO support for WinCE ARM.) (

)
"...Target Platform:- Windows CE ARM....." is now only supported on the full version. (

)

Edit #1 A IDA plugin:-

This is the Sk3wlDbg plugin for IDA Pro.
It's purpose is to provide a front end for using the Unicorn Engine to emulate machine code that you are viewing with IDA.
here:- https://github.com/cseagle/sk3wldbg
The plugin installs as an IDA debugger which you may select whenever you open an IDA database containing code supported by Unicorn.
Currently supported architectures include:-

ARM
ARM64

Prepwork for Ida 7.0, by cseagle committed on 21 Aug Here:-
https://github.com/cseagle/sk3wldbg/commit/4cce46f63508f08242d1b64f6b740ba3a16c6bce

The Old Demo IDA 6.95.160808 has now expired. (i386 binaries, Released on August 08, 2016).
(The Demo IDA 6.95 had support for WinCE ARM.)

« Last Edit: 21 / October / 2017, 02:26:20 by Hardware_Hacker »

Logged

Hardware_Hacker

322

Re: IDA 7 - ARM Disassembler Demo & Qemu

« Reply #1 on: 21 / October / 2017, 01:31:39 »

Some Up Dates for IDA 6.x & 7 and QEMU:-

Shortly after I downloaded the IDA-7 x64 ARM Disassembler Demo,
it then became only available to corporate users.

Also just noticed this ML post.
Re: Firmware Dumping and Loading into IDA
« Reply #14 on: July 20, 2017 by a1ex

IDA 6.x by a1ex Re: Getting around:-

Also because the IDA Demos have various limitations,
it's possible to, rapidly, switch some of the IDA Options ON and OFF.

So when attempting to MATCH something in the dis-assembly some IDA Options can be switched ON.
i.e. A Verbose Dis-Assembly mode.

And when attempting just to COPY something in the dis-assembly all the
IDA Options can then be switched OFF.
i.e. A Simple and Basic mode.

There is also another recent Windows 10 Creators Fall Up-Date that might be of some interest
for any one who wants to try to run some CHDK stuff in QEMU:-

"...Win-10v16299 SubSystem for Linux (WSL)

Another key upgrade is that the Windows Subsystem for Linux (WSL) is now fully released.
Once again, there are several steps involved: enable the feature, install your preferred distro
from the Store, run the app to complete.
This is a huge feature though for admins, developers and power users, and works like magic ...."

That relates to this series of ML posts:-
Compiling Magic Lantern on Windows 10 (using its Linux subsystem)
« (starting) on: August 06, 2017 by g3gg0

"...It is possible to compile magic lantern and qemu on windows, without any third-party-programs like cygwin, MSYS, VirtualBox etc by solely using windows' native linux compatibility layer....."

"...QEMU (or: how to run Canon OS within qemu within the linux environment within windows 10 on a x64 CPU)...."

and this series of ML posts.
Re: How to run Magic Lantern into QEMU?!...
« Reply #218 on: October 02, 2017,

IDA-7 Edit #1:- Freeware version of IDA v7.0

The "new" freeware version of IDA v7.0 has the following limitations:-
here https://www.hex-rays.com/products/ida/support/download_freeware.shtml

no commercial use is allowed
lacks all features introduced in IDA > v7.0
lacks support for many processors, file formats, debugging etc...
comes without technical support

ALSO there is now NO ARM SUPPORT, (i.e. Intel ONLY)
but the IDA 7.0 freeware documentation still has various ARM related stuff

Qemu Edit #2:- DIGIC 7 Emulation Ready and Initial [ML] Support

Ref:- [ML]DIGIC 7 Development (.....) by a1ex
« Reply #35 on: April 30, 2018
https://www.magiclantern.fm/forum/index.php?topic=19737.msg200799#msg200799

[ML] DIGIC 7 Development (QEMU) "...Emulation ready...")
https://bitbucket.org/hudson/magic-lantern/commits/a20c79bcfe12867a2d62fc50e2fe628fa16f9200

H-H

« Last Edit: 16 / January / 2019, 22:35:58 by Hardware_Hacker »

Logged