Tags
Language
Tags
December 2024
Su Mo Tu We Th Fr Sa
1 2 3 4 5 6 7
8 9 10 11 12 13 14
15 16 17 18 19 20 21
22 23 24 25 26 27 28
29 30 31 1 2 3 4

IDA Pro 8.3 (230608) with Plugins & SDK Tools

Posted By: scutter
IDA Pro 8.3 (230608) with Plugins & SDK Tools

IDA Pro 8.3 (230608) with Plugins & SDK Tools | 451.7 mb

The Hex-Rays Team has released IDA Pro 8.3 (230608) is a renowned software program utilized for reverse engineering binary code. As a disassembler and debugger, it enables users to delve into the intricate details of executable files, including executables, shared libraries, object files, and firmware. With its support for diverse processor architectures and file formats, IDA Pro proves to be a versatile tool for code analysis across various platforms.

IDA64 support for (32-bit) .idb files
We have further improved IDA64 so that it can be a complete replacement for the legacy 32-bit IDA in all situations. To ease the migration, we implemented a feature to convert the legacy .idb databases to .i64 ones (codenamed CVT64).

IDA Pro 8.3 (230608) with Plugins & SDK Tools

The 32-bit IDA is now considered deprecated and will likely go away at some point.

UX improvements
Improved UI performance on some strategic fronts. For example, slower autoanalysis of Dyld Shared Cache's due to the "Functions" window (whether filtered or not) is a thing of the past.

IDA Pro 8.3 (230608) with Plugins & SDK Tools

IDA Teams
- It is now possible to specify a (HTTP CONNECT-style) proxy for connecting to the Vault server.

IDA Pro 8.3 (230608) with Plugins & SDK Tools

- During a merging session, you can pick a chunk to resolve a conflict using context menu instead of the toolbar.

IDA Pro 8.3 (230608) with Plugins & SDK Tools

- The licensing logic was improved:
. Previously, when some licenses expired, the Vault server would refuse to work until the number of users was reduced to the count of the active licenses. Now it will continue working but simply refuse new license checkouts in such situation.
. IDA was relying on the local ida.key file and displaying the expiration date from it, even if the license was updated on Vault server. Now IDA Teams does not use the local ida.key at all but only information from the server.

IDA Educational
Our free offer for educational institutions gained a cloud decompiler for x86/x64 and the file size limit has been lifted.

IDA Home
The decompiler's IDA Python API (ida_hexrays module) now works with the cloud decompilers available in IDA Home

Processor module improvements
- PPC processor module gained support for the LSP extension, as well as the new Power ISA 3.1 instructions

IDA Pro 8.3 (230608) with Plugins & SDK Tools

- ARM module now shows symbolic names for well-known ARM64 system registers

IDA Pro 8.3 (230608) with Plugins & SDK Tools

- MIPS and RISC-V modules have improved register value tracking which should lead to better analysis and more discovered cross-references
- DEX module and loader now support the new features added in the DEX 039 format (Android 9 and 10)
- PC: instructions with three or more operands (such as imul or vinsertps) can support properly distinct types for each operand. In fact, this applies to instructions with three or more operands in all processors.

IDA Pro 8.3 (230608) with Plugins & SDK Tools

Loaders
- ESP: a new loader, supporting the common file format used for the Espressif ESP line of chips
- Cortex-M: a new loader for Cortex-M raw binary firmware, supports ARMv6-M to ARMv8-M and load base autodetection
- ELF: the loader now parses PPC-specific sections with details about the instruction set used, and configures the processor module automatically

Plugins
- golang: added support for Go 1.20 and improved detection and parsing of Go metadata
- Goomba, our open-source plugin for MBA deobfuscation is now shipped as part of IDA
- DWARF: loading of DWARF debug information has been sped up significantly, especially for big files
- OBJC: added support for Objective-C optimizations introduced in iOS16 (stubs for objc_msgSend with common selectors and custom wrappers for retain/release)

IDA Pro 8.3 (230608) with Plugins & SDK Tools

Decompiler
- it is now possible to disable some optional optimizations performed by default. This may be useful for plugin writers doing their own analysis on microcode
- multiple fixes were done for the outlined functions support initially introduced in 8.2
- improved detection of call arguments in multiple situation, including detection of return value passed via X8 on ARM64

Full list of changes and new features:

IDA Teams and Lumina
- lumina: add a UI action to inspect a function's metadata history
- lumina: allow specifying up to two Lumina servers (public or private, in any order)
- lumina: metadata history can now be browsed on private Lumina servers
- Teams: use licenses from vault server on IDA side (no more need for ida.key files on the client)
Procesor modules
- ARM: ARM64 system registers are now displayed using symbolic names
- ARM: set offsets/xrefs for LDRD/STRD if the base register is known
- Dalvik: support for const-method-handle and const-method-type bytecode instructions (DEX 039/Android 10)
- MIPS: improved analysis of functions with large stack frames for MIPS16
- MIPS: improved the regtracker
- PPC: added Power ISA 3.0C Ultravisor-related instructions
- PPC: support LSP (Lightweight Signal Processing) extension instructions, available in some MPC57xx cores
- PPC: support Power ISA 3.1, including prefixed instructions
- RISCV: register tracker can now be configured via settings in ida.cfg
File formats
- DEX: annotate hidden API section (DEX 039)
- ELF: ppc: parse and use .gnu.attributes and .PPC.EMB.apuinfo sections to detect the used ISA extension
- ESP: new loader for the Espressif images, supporting images from ESP8266 (Xtensa) to ESP32-C6 (RISC-V)
FLIRT / TILS / IDS
- TIL: added type library for Android ARM64
- TIL: suppport __attribute__((flag_enum)) or __bitmask attribute on enums
Standard plugins
- DWARF: improve handling of unsigned 'char' types; now they're mapped to 'char' on IDA's side (instead of 'unsigned __int8')
- DWARF: significantly speed up importing of type information
- golang: added "detect and parse golang metadata" command
- golang: annotate funcInfo's funcFlag field
- golang: handle different functions with the same name in pclntab
- golang: use full package prefix for functions dirtree
- goomba: new plugin for optimizing mixed boolean expressions (MBA) in pseudocode
- idaclang: added presets of predefined arguments for common platforms
- idaclang: updated libclang to 16.0.0
- OBJC: set prototypes for some widely used objc methods (e.g. objc_alloc_init)
- OBJC: support iOS16 optimized objc_retain_xY/objc_release_xY stubs
- OBJC: support objc_msgSend$… stubs
Kernel/Misc
- installer: Missing dependencies on Linux are now checked and reported at install time
- kernel: properly support operand types for 3rd to 8th operands
- licensing: the EULA has been updated and unified across all IDA editions and license types
- network: added ability to use an HTTP CONNECT-style proxy
- network: added support for HTTP CONNECT proxy basic authentication-
Scripting & SDK
- IDAPython: added an example showing how to paint over an existing graph's edges
- IDAPython: added support for Python 3.12
- IDAPython: enable access to the global debug variable+
- IDAPython: improve doc for str2ea (use text from the SDK header)
- SDK/Python: added get_config_value for retrieving arbitrary JSON values in config files
- SDK/Python: notepad APIs (get_ida_notepad_text/set_ida_notepad_text) now synchronize the database/UI state
- SDK/UI: added ability to dynamically change values in combobox in forms
- SDK: added functions validate_idb(), move_privrange()
- SDK: added methods edit_named_type_details()/edit_numbered_type_details() to edit local type enum/udt details
- SDK: added parse_decl_ex()
UI
- UI: "Color instruction" action now also colorizes undefined items in the selection (previously they were skipped)
- UI: Added support for Unicode 15.0, now more string literals are detected and displayed correctly
- UI: allow editing struct.enum comments in the type editor
- UI: during autoanalysis, mark choosers with a filter and/or sorting as outdated instead of updating immediately
- UI: improved performance for refreshing choosers when there is no sorting or filtering
- UI: provide the ability to specify icons for actions through CSS themes
- UI: show comments for strlits or mangled names on each member of a string array in the disassembly listing
- UI: the graph options are now saved in the desktop
- UI: teams: Allow picking a chunk to use from the context menu in addition to the toolbar button/hotkey
- UI: teams: save desktop layout in the database using user's name so that each user's desktop is not overridden by others
Decompilers
- decompiler: added a new API function change_hexrays_config() to update the hexrays configuration, e.g. to set the analysis options or disable warnings after IDA start
- decompiler: added the option to disable some optimizations
- decompiler: arm: detect usage of X8 for reurning structures on ARM64 and add a hidden 'retptr' argument when callee prototypes is guessed by IDA
- decompiler: enable IDAPython API for the cloud decompiler (IDA Home, IDA Educational)
- decompiler: exported set_lvar_name() which can be used to rename local variables
- decompiler: improve callee type guessing (detect arguments passed by reference)
- decompiler: improve fastcall/thiscall callee detection
- decompiler: improved guessing of call types (detect more fastcall/thiscall calls without stack arguments)
- decompiler: improved propagation of zero values
Bugfixes
- BUGFIX: decompiler: assignment to a stack variable used by reference in a syscall could be erroneously removed
- BUGFIX: decompiler: corrupted info in the database could lead to crashes during decompilation
- BUGFIX: decompiler: decompiler could cause IDA to crash if an error happened during plugin initialization
- BUGFIX: decompiler: fixed a crash that could occur when deleting a function in the presence of outlined functions
- BUGFIX: decompiler: fixed numerous interrs
- BUGFIX: decompiler: indirect jumps in outlined code were handled incorrectly
- BUGFIX: decompiler: jumps to outlined functions were handled incorrectly
- BUGFIX: decompiler: the "select union member" action (Alt-Y) could fail in some cases
- BUGFIX: ELF: Android ARM64 JNI files would incorrectly use 32-bit type library
- BUGFIX: formatting golang metadata could fail for some 64-bit binaries if they used addresses above 32-bit address space
- BUGFIX: IDA on Linux would not start if libsecret-1 or libglib-2.0 were not present
- BUGFIX: idapyswitch would accept buggy Anaconda 2022 distributions which would later cause IDA to crash
- BUGFIX: IDAPython: ida_dbg.get_dbg_byte() was not usable
- BUGFIX: IDAPython: non-modal Python forms (using class Form) could cause crashes on the ARM macOS build of IDA
- BUGFIX: IDAPython: the bookmarks_t object was not usable from IDAPython
- BUGFIX: kernel: fixed printing of opcode bytes for processors which use two-byte grouping (PR_WORD_INS flag)
- BUGFIX: kernel: idat64 would try to load picture_search plugin, although it only works in GUI version
- BUGFIX: Lumina: fixed interr 1512 which could occur on wrong directives in lumina.conf
- BUGFIX: MACHO: IDA 8.2 would fail to recover tagged pointers in arm64e dyld caches
- BUGFIX: MACHO: iOS16+ branch mappings/stubs regions were not loaded in "complete" and "dependencies" modes, leading to missing symbols
- BUGFIX: MACHO: when loading a complete dyld cache for iOS16, authenticated pointers would retain tagged values
- BUGFIX: MIPS: TX19A-only MIPS16 BAL does not have a delay slot
- BUGFIX: PDB: IDA would fail to load PDBs with page size 8192 (e.g. from recent Chrome builds)
- BUGFIX: PE: Load Config Directory comments for ProcessHeapFlags and ProcessAffinityMask fields were swapped in 32-bit files
- BUGFIX: PE: some files using EH4 metadata (__CxxFrameHandler4) could produce bogus "DATABASE IS CORRUPTED" warnings on load
- BUGFIX: Teams: IDA would crash silently on start if the license was expired but within the grace period
- BUGFIX: teams: IDA would sometime fail to save the login credentials
- BUGFIX: Teams: Vault server no longer refuses to work when there are not enough licenses
- BUGFIX: ui/qt: get_viewer_graph wouldn't return the mutable_graph_t instance for proximity views
- BUGFIX: UI: binary search with selection would fail if cursor was at the end of selection
- BUGFIX: UI: fixed an accelerator clash in the Cross-references tab of the Options dialog box
- BUGFIX: UI: graph printing did not work on Windows and macOS
- BUGFIX: UI: license agreement dialog was mis-interpreting UTF-8 text for Latin-1
- BUGFIX: UI: renaming a structure (or an enum) from the listing, could result in the left-hand list being outdated
- BUGFIX: UI: some of the search actions were not respecting user selection

IDA Pro 8.3 (230608) with Plugins & SDK Tools

IDA Pro as a disassembler is capable of creating maps of their execution to show the binary instructions that are actually executed by the processor in a symbolic representation (assembly language). Advanced techniques have been implemented into IDA Pro so that it can generate assembly language source code from machine-executable code and make this complex code more human-readable.
The unique Hex-Rays Decompiler, which has been developed in response to the need of hundreds of IDA users, is the fruit of more than ten years of proprietary research. Thanks to the speed and scalability of its core algorithms, Hex-Rays does not merely break new ground in the well known C/C++ decompilation problem: it lays foundations for future developments in the field of binary analysis. Hex-Rays SA also expands the power and flexibility of its decompiler through the addition of several new algorithms and by offering an SDK as part of its package.

Reverse Engineering Tutorial with IDA Pro


Founded in 2005, privately held, Belgium based, Hex-Rays SA focuses on the development of fast, stable, and robust binary analysis tools for the IT security market. Its world-renowned product IDA Pro is the premier product for software disassembly. Hex-Rays has also released the Hex-Rays Decompiler plugin for IDA Pro, which dramatically increases the productivity of IT security researchers involved in the analysis of real world C/C++ binaries.

Owner: Hex-Rays SA
Product Name: IDA Pro
Version: 8.3 (230608) with Plugins & SDK Tools
Supported Architectures: x64
Website Home Page : https://hex-rays.com/
Languages Supported: english
System Requirements: Windows *
Size: 451.7 mb

IDA Pro 8.3 (230608) with Plugins & SDK Tools

Please visit my blog

Added by 3% of the overall size of the archive of information for the restoration

No mirrors please


IDA Pro 8.3 (230608) with Plugins & SDK Tools