Felheart
11-25-2010, 07:41 AM
Hi there,
i have few questions about IDA Pro.
1) I made a (very) small tool and compiled it in release mode (VS2010)
The exe is 49KB big.
When I decompile the exe with IDA there are some functions I don't recognize.
For example a function that is 0x1004 bytes long (the biggest function in the exe).
The function is very complex and doesn't call any APIs so I could guess what it is doing.
Screen:
3670
Is there a way to find how from which file the compiler made this function?
How do I know what this function is doing?
2)
How can I edit assembly code in IDA like in Olly ?
Can I only assemble/change something while debugging it with IDA? If so, how ?
3)
And where do the 200+ functions in my exe come from?
The original .cpp file (the only source file the program consists of) only contains 3 functions (main, dialogproc, a threadfunction).
Thanks
i have few questions about IDA Pro.
1) I made a (very) small tool and compiled it in release mode (VS2010)
The exe is 49KB big.
When I decompile the exe with IDA there are some functions I don't recognize.
For example a function that is 0x1004 bytes long (the biggest function in the exe).
The function is very complex and doesn't call any APIs so I could guess what it is doing.
Screen:
3670
Is there a way to find how from which file the compiler made this function?
How do I know what this function is doing?
2)
How can I edit assembly code in IDA like in Olly ?
Can I only assemble/change something while debugging it with IDA? If so, how ?
3)
And where do the 200+ functions in my exe come from?
The original .cpp file (the only source file the program consists of) only contains 3 functions (main, dialogproc, a threadfunction).
Thanks