exporting ida debug information overview
play

Exporting IDA Debug Information Overview Who am I? What's the - PowerPoint PPT Presentation

Nov 23, 2022 •220 likes •464 views

Exporting IDA Debug Information Overview Who am I? What's the problem? What does this tool do? How does it work? Demo about:me Why export information from IDA? An embedded device may have no way to connect IDA remotely

  1. Exporting IDA Debug Information

  2. Overview ● Who am I? ● What's the problem? ● What does this tool do? ● How does it work? ● Demo

  3. about:me

  4. Why export information from IDA? An embedded device may have no way to connect IDA remotely ● Manually referencing IDA is tedious ○ Some platforms may have software debuggers that would be useful with ● debug info Some tools allow interesting dynamic analysis techniques not available ● with IDA Ex: Reverse debugging ○

  5. Use-case: QNX Provides a version of GDB for their platform on lots of architectures ● Downside: it doesn't use the standard protocol ○ Lots of connected components of mixed architecture ● Maybe no IP connections ● With this plugin: export the debug info from IDA and import into gdb on the target.

  6. Debug Info Formats STABS ● Designed in the 1980s ○ Puts all info in symbol table ○ Not well standardized ○ DWARF ● Designed along with ELF ○ Used by most modern compilers ○ Binary format ○ Windows CodeView/Program Database ● Mostly undocumented, windows-only ○ Many Others ● COFF, OMF, IEEE-695 ○

  7. dwarfexport dwarfexport is a plugin for IDA Pro that creates DWARF debug info using function names/variables locations/structures extracted from IDA. It lets you create binaries as though you had built with debugging enabled.

  8. Implementation

  9. What do we need from Decompiled source ● IDA? 'step' points ● Global/local variable locations ● Type information ●

  10. Decompilation ┌ FunctionDecl main └┬ FunctionCall printf Intermediate ├├─ StringLiteral %d Representation ├└─ NumericLiteral 10

  11. IDA AST

  12. IDA AST

  13. Step Points

  14. Local Variables Stack Variables: ● Location is expressed as an offset from frame base address ○ Note: There is no (complete) SDK interface for this ○ Register Variables: ● Translate the IDA register number to dwarf number ○

  15. Type Information As the binary is traversed, maintain a mapping of `tinfo_t` to DWARF `die`: Extract each struct member ● name and type, as well as the offset from the struct start Handle array/pointer types ●

  16. Demo

  17. Other Uses Add debug info for shared libraries and create a fully debugged ● environment Reverse-debugging ● Tested using 'rr' on linux ○ Hardware Debugging ● Software frontends for hardware debuggers must use some debug format ○ Green Hill 'MULTI' IDE can import DWARF info ○

  18. Eclipse

  19. CLion

  20. VS Code

  21. Visual Studio(?)

  22. Limitations DWARF debug info is not useful for windows utilities ● Limitations in IDA SDK may make some debug info inaccurate (for now) ● Register number translations must be added on a per-architecture basis ● Local variable values don't display correctly under GDB 8 (released June 4) ●

  23. Twitter/Github : @alschwalm Questions? Email : adamschwalm@gmail.com github.com/alschwalm/dwarfexport or goo.gl/MlTkmV

Recommend

Exporting and Importing data Overview for exporting/importing data Create an export on one

Exporting and Importing data Overview for exporting/importing data Create an export on one

Exporting and Importing data Overview for exporting/importing data Create an export on one end Create an import on the other end The easiest way to exchange data with another institution, with a neighboring country, or even between

349 views • 17 slides
Debug Information From Metadata to Modules Adrian Prantl Duncan Exon Smith Apple Apple What is

Debug Information From Metadata to Modules Adrian Prantl Duncan Exon Smith Apple Apple What is

Debug Information From Metadata to Modules Adrian Prantl Duncan Exon Smith Apple Apple What is Debug Information? provides a mapping from source code binary program on disk: as DWARF, a highly compressed format in LLVM: as

754 views • 74 slides
Cool Cisco IOS Commands: debug interface debug interface When you are performing debugs you have

Cool Cisco IOS Commands: debug interface debug interface When you are performing debugs you have

Cool Cisco IOS Commands: debug interface debug interface When you are performing debugs you have at least two concerns: 1) making sure the that debug does not clobber the CPU of your device, and 2) filtering the debug output to get to the

460 views • 9 slides
DeBIN: Predicting Debug Information in Stripped Binaries ht https://debin.ai Jingxuan Pesho

DeBIN: Predicting Debug Information in Stripped Binaries ht https://debin.ai Jingxuan Pesho

DeBIN: Predicting Debug Information in Stripped Binaries ht https://debin.ai Jingxuan Pesho Petar Veselin Martin He Ivanov Tsankov Raychev Vechev Binaries with debug symbols Descriptive names for functions and variables Assembly

304 views • 29 slides
Exporting 101: Is Exporting Right for You? Presented by: Opening Remarks Jim Watson, Pero Family

Exporting 101: Is Exporting Right for You? Presented by: Opening Remarks Jim Watson, Pero Family

Exporting 101: Is Exporting Right for You? Presented by: Opening Remarks Jim Watson, Pero Family Farms & Economic Development Committee Co-Chair Welcome from Camden County College President Don Borden Panelists Moderator Eddy Mayen

1.09k views • 84 slides
To use it, you must compile your code with the -g option CXXFLAGS += -g g++ -g debug.cpp -o

To use it, you must compile your code with the -g option CXXFLAGS += -g g++ -g debug.cpp -o

To use it, you must compile your code with the -g option CXXFLAGS += -g g++ -g debug.cpp -o debug To run, type in gdb ./debug After typing in gdb ./debug you will enter the debugger Type run and it will run

502 views • 6 slides
Exporting Exporting and and Wo Worker Tr Training Joana Silva World Bank Paulo Bastos World Bank

Exporting Exporting and and Wo Worker Tr Training Joana Silva World Bank Paulo Bastos World Bank

Exporting Exporting and and Wo Worker Tr Training Joana Silva World Bank Paulo Bastos World Bank Rafael Prado Proenca World Bank June 2015, Nottingham In Intr troducti oduction on A growing body of literature suggests that exporting has

692 views • 20 slides
Wool exporting and risk management Mr Michael Blake Elders/BWK Ltd 1. Introduction Exporting,

Wool exporting and risk management Mr Michael Blake Elders/BWK Ltd 1. Introduction Exporting,

Wool exporting and risk management Mr Michael Blake Elders/BWK Ltd 1. Introduction Exporting, Documentation and Risk Management q Risks in exporting wool are carried by the exporter v Financial capacity v Specifications v

197 views • 18 slides
A Plan to Fix Local Variable Debug Information in GCC Alexandre Oliva aoliva@redhat.com

A Plan to Fix Local Variable Debug Information in GCC Alexandre Oliva aoliva@redhat.com

1 A Plan to Fix Local Variable Debug Information in GCC Alexandre Oliva aoliva@redhat.com http://people.redhat.com/~aoliva/ GCC Summit, June, 2008 A Plan to Fix Local Variable Debug Information in GCC Alexandre Oliva 2 Summary > -Wall

490 views • 16 slides
EXPORTING AMERICA, EXPORTING CAPITALISM: CULTURAL IMPERIALISM AND SOFT POWER CULTURAL

EXPORTING AMERICA, EXPORTING CAPITALISM: CULTURAL IMPERIALISM AND SOFT POWER CULTURAL

Week 6 EXPORTING AMERICA, EXPORTING CAPITALISM: CULTURAL IMPERIALISM AND SOFT POWER CULTURAL IMPERIALISM The Role of US Private and State Media The CIA and Abstract Expressionism Free Media: Corporate Ownership and Control

273 views • 13 slides
Aaron Pulkka 2 Evolving International Partnerships from Outsourcing to Exporting Aaron

Aaron Pulkka 2 Evolving International Partnerships from Outsourcing to Exporting Aaron

Aaron Pulkka 2 Evolving International Partnerships from Outsourcing to Exporting Aaron Pulkka | Director of Production | Activision 3 Overview Aaron Pulkka Key Ideas My Background Development Outsourcing Game Exporting

549 views • 52 slides
Plan for Today and Thursday Bottom-Up Parsing with LR parse tables JavaCUP debug information

Plan for Today and Thursday Bottom-Up Parsing with LR parse tables JavaCUP debug information

Plan for Today and Thursday Bottom-Up Parsing with LR parse tables JavaCUP debug information using an LR parser Building the LR Parsing Table for LR(0) items, closure, and goto, oh my! why does it need to know input token if LR(0)?

207 views • 5 slides
Leader in Exporting US Wines to the World. http://www.uswineexports.com Our Strengths &

Leader in Exporting US Wines to the World. http://www.uswineexports.com Our Strengths &

Leader in Exporting US Wines to the World. http://www.uswineexports.com Our Strengths & Expertise We specialize in exporting US Wines Globally We have direct relationships, ownership and exclusivity with our wineries to export the

218 views • 10 slides
Debug Info for Optimized Code LLVM BoF Session Adrian Prantl & Vedant Kumar, Apple October

Debug Info for Optimized Code LLVM BoF Session Adrian Prantl & Vedant Kumar, Apple October

Debug Info for Optimized Code LLVM BoF Session Adrian Prantl & Vedant Kumar, Apple October 2018 Ten years of LLVM Debug Info Ten years of debug info in LLVM #commits to LLVM 12000 9000 6000 3000 0 2007 2008 2009 2010 2011

380 views • 8 slides
Debug info in optimized code how far can we go? Improving LLVM debug info with function entry

Debug info in optimized code how far can we go? Improving LLVM debug info with function entry

Debug info in optimized code how far can we go? Improving LLVM debug info with function entry values RT-RK LLC Speakers: Djordje Todorovic djordje.todorovic@rt-rk.com Nikola Prica nikola.prica@rt-rk.com 1 CONFIDENTIAL Reproduction

543 views • 30 slides
efforts count: Best practices with the CDT Debugger Marc Khouzam ABOUT Me Working with CDT

efforts count: Best practices with the CDT Debugger Marc Khouzam ABOUT Me Working with CDT

Making your debugging efforts count: Best practices with the CDT Debugger Marc Khouzam ABOUT Me Working with CDT Debug since 2007 CDT project co-lead, lead for Debug component Things you don't like about CDT Debug are probably my

636 views • 50 slides
Importing and Exporting of of Cargo Th The Rol ole of of th the Mar aritime an and Por

Importing and Exporting of of Cargo Th The Rol ole of of th the Mar aritime an and Por

Importing and Exporting of of Cargo Th The Rol ole of of th the Mar aritime an and Por ort Auth thority of of Brunei Dar arussalam (M (MPABD) MSME Fes estival Brid idex Jer Jerudong 31 31 Ma Mac 20 2019 19 Pih ihak

367 views • 16 slides
Programmable Logic Core Based Post-Silicon Debug for SoCs Bradley R. Quinton and Steven J.E.

Programmable Logic Core Based Post-Silicon Debug for SoCs Bradley R. Quinton and Steven J.E.

Programmable Logic Core Based Post-Silicon Debug for SoCs Bradley R. Quinton and Steven J.E. Wilton University of British Columbia Vancouver, B.C., Canada What this talk is about: Enhancing ASIC debug using embedded FPGA cores - Use the

334 views • 17 slides
Exporting National Champions C H I N A S O F D I L E N D I N G I N C O M P A R A T I V E

Exporting National Champions C H I N A S O F D I L E N D I N G I N C O M P A R A T I V E

Exporting National Champions C H I N A S O F D I L E N D I N G I N C O M P A R A T I V E P E R S P E C T I V E A M O S I R W I N A N D K E V I N P . G A L L A G H E R Summary What is OFDI finance? How much is China

281 views • 26 slides
Debug Info Tutorial Eric Christopher (echristo@gmail.com), David Blaikie (dblaikie@gmail.com)

Debug Info Tutorial Eric Christopher (echristo@gmail.com), David Blaikie (dblaikie@gmail.com)

Debug Info Tutorial Eric Christopher (echristo@gmail.com), David Blaikie (dblaikie@gmail.com) What is debug info? Mapping of source to binary Program structure, lines, columns, variables Debuggers, Profiling, Editors Kaleidoscope Background

653 views • 36 slides
Trace Debugging in lowRISC lowRISC release v0.3 with Open SoC Debug Wei Song 1 , Stefan

Trace Debugging in lowRISC lowRISC release v0.3 with Open SoC Debug Wei Song 1 , Stefan

Trace Debugging in lowRISC lowRISC release v0.3 with Open SoC Debug Wei Song 1 , Stefan Wallentowitz 2 , Alex Bradbury 1 , Robert Mullins 1 1. lowRISC and University of Cambridge 2. Open SoC Debug 12 July 2016 lowRISC lowRISC

815 views • 22 slides
Assisted Discovery of On-Chip Debug Interfaces Joe Grand (@joegrand) Agenda Introduction

Assisted Discovery of On-Chip Debug Interfaces Joe Grand (@joegrand) Agenda Introduction

Assisted Discovery of On-Chip Debug Interfaces Joe Grand (@joegrand) Agenda Introduction Inspiration / Other Art Traditional HW RE Techniques On-Chip Debug Interfaces Design Requirements Hardware Firmware

1.05k views • 79 slides
Design and Debug HTML5 Apps for Devices with RIB and Web Simulator Gail R. Frederick Intel

Design and Debug HTML5 Apps for Devices with RIB and Web Simulator Gail R. Frederick Intel

Design and Debug HTML5 Apps for Devices with RIB and Web Simulator Gail R. Frederick Intel Corporation Open Source Technology Center OSCON 2012 - July 19, 2012 Agenda Learn how to develop and debug HTML5 apps for mobile devices using new

200 views • 18 slides
70% indirectly to our trade with the EU. of business R&D. Exporting makes companies

70% indirectly to our trade with the EU. of business R&D. Exporting makes companies

How trade benefits the UK economy Exporting is a source of sustainable growth. Exports contribute about 60% of GDP growth. One in four jobs in the UK is linked UK exporters to overseas business. account for Up to 3.5m jobs

529 views • 14 slides

More recommend