我只想知道如何更改 IDA-view A 中的 asm 指令:
- 如何编辑指令(例如:jnz 到 jmp)?
- 如何插入新指令(调用 func1,调用 func2 插入现有代码)?
我知道如何制作 dif 文件,我知道如何在我的 DLL 上应用更改,但我怎样才能“有所作为”?如何在 IDA 中编辑代码?
我学会了如何修改 DLL:
- 修改代码(如何?)
- 生成差异文件。
- 使用 diff 文件和脚本将代码修改应用于 DLL。
问问题
34375 次
3 回答
21
- There is a
Edit / Patchmenu that used to be shown by default but that is hidden in recent IDA releases. If it is your case, edit thecfg/idagui.cfgfile, look for theDISPLAY_PATCH_SUBMENU = NOline and change the setting. On the next IDA session, you will be able to change single byte / word values or assemble some code like in OllyDbg. - Once you have patched your database, go to
File / Produce file / Create DIF file, it will let you create a simple diff file in the form offset / value before / value after (it is not the common diff file format) - To apply the diff file to an existing file, you can use the source code of a dif file patcher that was released in the IDA Pro Book
于 2011-06-13T17:46:41.267 回答
2
试试 IDA Pro 6.1 或 6.2。它能够直接将更改写入输入文件。
于 2012-04-06T20:59:19.847 回答
2
用于Edit->patch program->assemble 编写汇编语法
用于Edit->patch program -> patch bytes编辑二进制文件中的字节
最后,用于Edit->patch program -> apply patch to input file
应用补丁。我个人在 IDA 7.0 中使用过它
于 2019-06-19T16:36:03.280 回答