Menu
I have made a binary executable file disassembled using disassembler like IDA Pro. Now, I plan to recognize type and data structure information as much as possible. Is there any resource reference or ideas to help me finish the task?
Thank you!~
EDIT:
Thanks very much for tips below. Besides type and data structure information, any ideas about class object recognition?
383
The already mentioned Reversing: Secrets of Reverse engineering by Eldad Eilam has some nice descriptions of how various control flow and data structures look in the assembly. However, since you specifically mention classes, I would like to plug my article on Visual C++ implementation. A lot of it applies to other compilers as well.
BTW, I would recommend starting with small functions/classes and identifying them in the binary. If you are using Visual C++ and compile your code with debug info (Debug build or /Zi on command line), IDA (at least recent versions) will detect and offer to load the PDB symbols. That will make identification of your code easier.
106
This is practically impossible; adequate information simply does not exist in the file after compilation.
You need to walk through the disassembly by hand at run-time and try to decipher the numbers yourself.
34
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With
