IDA Question menu
Follow us:

Shout-Out

User Tag List

Thread: IDA Question

Results 1 to 3 of 3
  1. 10-04-2015 #1
    Achilees's Avatar
    Achilees
    Achilees is offline
    Member
    Reputation
    14
    Join Date
    Sep 2013
    Posts
    20
    Thanks G/R
    0/3
    Trade Feedback
    0 (0%)
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)

    IDA Question

    Trying to learn assembly if this is a stupid question my bad, but will appreciate any answers
    Code:
    .text:00547C10 ; =============== S U B R O U T I N E =======================================
.text:00547C10
.text:00547C10 ; Attributes: bp-based frame
.text:00547C10
.text:00547C10 sub_547C10      proc near               ; DATA XREF: .data:00B9F2CCo
.text:00547C10
.text:00547C10 var_8           = qword ptr -8
.text:00547C10 arg_0           = dword ptr  8
.text:00547C10
    arg_0 means it is taking a 32 bit single argument ? I will assume it is integer ? If not how can i ?
    var_8 .... what is this ?
    I dont have money to spend on HEX-RAYS decompiler.
    Reply With Quote Reply With Quote
    IDA Question
  2. 10-04-2015 #2
    Valediction's Avatar
    Valediction
    Valediction is offline
    Active Member
    Reputation
    37
    Join Date
    Jul 2012
    Posts
    48
    Thanks G/R
    8/4
    Trade Feedback
    0 (0%)
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    You'll have to read the code below to be sure, and you may have to spend some learning assembly first if you're unsure about this, irrespective of whether you have hex-rays or not, since you'll need to check the asm sooner or later anyways. hex-rays can sometimes produce incorrect analysis.

    arg_0 could be an integer, could be a pointer to whatever. Also note that analysis, while good in IDA, isn't 100% acurate neither in all cases.

    About var, it represents the stack space the function uses for local variables, instead of showing it to you in terms of EBP or the stack pointer, it shows var, to represent that address in the stack.
    Reply With Quote Reply With Quote
  3. 10-04-2015 #3
    lolp1's Avatar
    lolp1
    lolp1 is offline
    Site Donator CoreCoins Purchaser
    Reputation
    190
    Join Date
    Feb 2013
    Posts
    210
    Thanks G/R
    43/77
    Trade Feedback
    3 (100%)
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    Originally Posted by Achilees View Post
    Trying to learn assembly if this is a stupid question my bad, but will appreciate any answers [...] I dont have money to spend on HEX-RAYS decompiler.
    I'm just barley starting out learning too. You don't need hex-rays, but it is nice and there are *cough* options to get it with out spending a lot of money. The best tip I can give to you is if you want to learn assembly/reversing:

    Then first do the basics, there is no short cuts. Nothing crazy, just get a solid basic understanding of how call stacks/registers/calling conventions/pointers/structures (ALL of those are important) work. Prior to this, attempting to reverse or poke around in IDA is like trying to inspect a cars engine that is broken, remove it, and repair the broken parts before you even know what a single engine part is. I wasted a lot of time not actually doing the work needed to actually start to learn this stuff, don't do that. Dive right in and build up.
    Reply With Quote Reply With Quote
« Previous Thread | Next Thread »

Similar Threads

  1. [Question] Will Warden detect IDA Pro's Debugger?
    By pouettest in forum WoW Memory Editing
    Replies: 1
    Last Post: 04-09-2014, 11:24 PM
  2. Question about IDA DB, and FindPattern.
    By SwInY in forum WoW Memory Editing
    Replies: 2
    Last Post: 06-26-2010, 08:22 AM
  3. [Question] Finding offsets using IDA or OllyDBG.
    By defcon5 in forum WoW Memory Editing
    Replies: 10
    Last Post: 01-09-2010, 07:07 PM
  4. Question..
    By janzi9 in forum Community Chat
    Replies: 3
    Last Post: 04-02-2006, 10:20 AM
  5. A GALB question
    By bassman in forum World of Warcraft General
    Replies: 4
    Last Post: 03-28-2006, 09:49 AM
All times are GMT -5. The time now is 12:00 AM. Powered by vBulletin® Version 4.2.3
Copyright © 2025 vBulletin Solutions, Inc. All rights reserved. User Alert System provided by Advanced User Tagging (Pro) - vBulletin Mods & Addons Copyright © 2025 DragonByte Technologies Ltd.
Google Authenticator verification provided by Two-Factor Authentication (Free) - vBulletin Mods & Addons Copyright © 2025 DragonByte Technologies Ltd.
Digital Point modules: Sphinx-based search