Familiarize
yourself with the available online IDA resources as, aside from your own hunting
around and poking at IDA, they will be your primary means of answering questions.
Some sites that have strong communities of IDA users include openrce.org and the IDA
support boards at DataRescue.
Stripped Binaries
The process of building software generally consists of several phases. In a typical C/C++
environment, you will encounter at a minimum the preprocessor, compilation, and
linking phases before an executable can be produced. For follow-on phases to correctly
combine the results of previous phases, intermediate files often contain information
specific to the next build phase. For example, the compiler embeds into object files a lot
of information that is specifically designed to assist the linker in doing its job of combining
those objects files into a single executable or library. Among other things, this
information includes the names of all of the functions and global variables within the
object file. Once the linker has done its job, however, this information is no longer necessary.
Quite frequently, all of this information is carried forward by the linker and
remains present in the final executable file where it can be examined by tools such as
IDA Pro to learn what all of the functions within a program were originally named.
Pages:
533
534
535
536
537
538
539
540
541
542
543
544
545
546
547
548
549
550
551
552
553
554
555
556
557