User Tools

Site Tools


ida_pro_tracing

Differences

This shows you the differences between two versions of the page.

Link to this comparison view

ida_pro_tracing [2013/05/21 10:02]
xvilka
ida_pro_tracing [2013/05/21 20:39] (current)
xvilka
Line 3: Line 3:
 1. IDA Pro 6.0 and above 1. IDA Pro 6.0 and above
  
-2. installed qemu-0.14 and above+2. installed qemu-1.4.0 and above
  
 ==== Preparations ==== ==== Preparations ====
Line 11: Line 11:
 2 Run relocate script 2 Run relocate script
  
-3. Place bios.rom, vgacirrus-bios.bin (from qemu site), bios_name.idb,​ linux.img in the current folder+3. Place bios.bin, vgacirrus-bios.bin (from qemu site), bios_name.idb,​ linux.img in the current folder
  
-4. Start qemu in debugging mode "qemu -s -S -L . -m 256 -hda linux.img+4. Start qemu in debugging mode "qemu-system-i386 ​-s -S -L . -m 256 -hda linux.img
 -localtime -M pc -nographic"​ -localtime -M pc -nographic"​
  
Line 73: Line 73:
 {{10.png}} {{10.png}}
 as we can see eax=0x80003B60. It is 00:07.3 device register BAR2 as we can see eax=0x80003B60. It is 00:07.3 device register BAR2
 +Also. for example we want to know, all calls of WritePCI_SL function, and values which it write somewhere. This is very simple - just add breakpoint to this function:
 +{{11.png}}
 +all calls we can see in the function calls window:
 +{{12.png}}
 +As we can see, we need add meaningfull comments in the line, where we can see “jmp WritePCI_SL” , so we can see these comments in each line in the function calls window
ida_pro_tracing.1369130545.txt.gz · Last modified: 2013/05/21 10:02 by xvilka