IDA Pro Code Change Help?
Aug 27, 2010, 09:04 AM
#1
IDA Pro Code Change Help?
I am trying to make some changes to 96531706 in IDA Pro. I'm using the HEX Dump section to make changes and after I make a change, it seems like it carries over instructions from the previous set of instructions in the disassemble window?
Here are two screen shots.
Left is the normal 96531706 code and the right side is the code changes I'm trying to make. Right now, I'm just NOP'ing things out to hold places, but the NOPs have that extra garbage with it on the right?
Any help?
Here are two screen shots.
Left is the normal 96531706 code and the right side is the code changes I'm trying to make. Right now, I'm just NOP'ing things out to hold places, but the NOPs have that extra garbage with it on the right?
Any help?
Aug 27, 2010, 09:36 AM
#2
I can't offer any help, but I never knew you could edit the hex in IDA Pro. I have IDA Pro and used it a few times to port some patches that mrfred made to other ROMs. But, I always just used IDAPro to 'look' at the code and then used ECUFlash to make the actual changes.
It would definitely be a lot easier with a hex editor, but I just wasn't aware (or never looked into it enough) that IDA could do it. I always thought that it should, but in the hex window, it was always read-only for me, and I never looked into any setting to change that.
It would definitely be a lot easier with a hex editor, but I just wasn't aware (or never looked into it enough) that IDA could do it. I always thought that it should, but in the hex window, it was always read-only for me, and I never looked into any setting to change that.
Aug 27, 2010, 10:20 AM
#4
I just click on the Hex of interest, F2 to edit, F2 to commit changes and then in the dissassembly, hit C on each line I changed to update the code.
MrFred, what do you use for code change?
Once you are in .i64 or .idb in IDA Pro, I'm assuming there is no easy way to go back into .bin format?
MrFred, what do you use for code change?
Once you are in .i64 or .idb in IDA Pro, I'm assuming there is no easy way to go back into .bin format?
Aug 27, 2010, 03:17 PM
#5
You might want to take a peek at chapter 14 of the IDA Pro Book; specifically, The Infamous Patch Program Menu (you can register for a free trial; or, just buy the book, as it's pretty good). That might get you a little bit closer to what it is you're trying to accomplish. 
Personally, I just use a hex editor ("xvi32" or the hex editor plugin for "Notepad++" on Windows, "hexedit" on Linux) for small changes. For bigger changes, I use binutils/GAS to go from assembly to binary, and EcuFlash to help with cut-and-paste from time to time.
Originally Posted by The IDA Pro Book
14 - PATCHING BINARIES AND OTHER IDA LIMITATIONS
One of the most frequently asked questions by new or prospective IDA users is, "How can I use IDA to patch binaries?" The simple answer is, "You can't." IDA's intended purpose is to assist you in understanding the behavior of a binary by offering you the best disassembly possible. IDA is not designed to make it easy for you to modify the binaries you are examining. Not wanting to take no for an answer, die-hard patchers often follow up with questions such as, "What about the Edit -> Patch Programs menu?" and "What is the purpose of "File -> Produce File -> Create EXE File?" In this chapter we discuss the apparent anomalies and see if we can't coax IDA into helping us, at least a little bit, in developing patches for binary program files.
One of the most frequently asked questions by new or prospective IDA users is, "How can I use IDA to patch binaries?" The simple answer is, "You can't." IDA's intended purpose is to assist you in understanding the behavior of a binary by offering you the best disassembly possible. IDA is not designed to make it easy for you to modify the binaries you are examining. Not wanting to take no for an answer, die-hard patchers often follow up with questions such as, "What about the Edit -> Patch Programs menu?" and "What is the purpose of "File -> Produce File -> Create EXE File?" In this chapter we discuss the apparent anomalies and see if we can't coax IDA into helping us, at least a little bit, in developing patches for binary program files.
Aug 27, 2010, 03:33 PM
#6
Evolving Member
Join Date: Apr 2008
Location: Reading, PA
Posts: 265
Likes: 0
Received 0 Likes
on
0 Posts
I use IDA to "code edit" for my H8 stuff, mostly because there isn't a easy to use assembler available.
First, hexedit the new instructions in.
Second, you need to select the changed area, and Undefine it. Then hit the C key to change it back to code. Or P key if doing a whole sub.
Third you need to dump your changes. The changes you made have no effect on the original .rom file. I made script to do this.
You will need to change script for SH-2s, in present form it reads 0x10000 - 0x2FFFF from IDA and dumps it to a file.
hex_dump.idc
First, hexedit the new instructions in.
Second, you need to select the changed area, and Undefine it. Then hit the C key to change it back to code. Or P key if doing a whole sub.
Third you need to dump your changes. The changes you made have no effect on the original .rom file. I made script to do this.
You will need to change script for SH-2s, in present form it reads 0x10000 - 0x2FFFF from IDA and dumps it to a file.
hex_dump.idc
Code:
#include <idc.idc>
#include <memcpy.idc>
#define ROM_START 0x10000
#define ROM_END 0x30000
static main() {
auto pFile;
auto a;
auto i;
pFile = fopen ("hex_dump.hex", "wb");
for (i = ROM_START; i < ROM_END; i = i + 1)
{
a = Byte(i);
fputc (a ,pFile);
}
fclose(pFile);
}
Trending Topics
Aug 27, 2010, 10:38 PM
#8
I just use IDA to mark my locations and then dump undefined and look for my markers. Then I manually insert/edit stuff in defined form replacing code in between the markers--and then re-assemble with kpit-cummins assembler.
There's a little more to it like aligning code sometimes but thats just a result of my method. I'm sure there's a switch somewhere that could be used to fix that lol.
Then I verify meticulously with IDA again/maybe do hex compare/verification too. Kind of cumbersome, but that's how I do things.
I like Ceddy's method better. Never tried it that way yet.
Good Luck Man.
EDIT: the extra garbage is IDA tracking code that is linked to the area's you are NOPing (lol NOPing). basically you have [a lot] more work to do :/.
There's a little more to it like aligning code sometimes but thats just a result of my method. I'm sure there's a switch somewhere that could be used to fix that lol.
Then I verify meticulously with IDA again/maybe do hex compare/verification too. Kind of cumbersome, but that's how I do things.
I like Ceddy's method better. Never tried it that way yet.
Good Luck Man.
EDIT: the extra garbage is IDA tracking code that is linked to the area's you are NOPing (lol NOPing). basically you have [a lot] more work to do :/.
Last edited by evoredy; Aug 27, 2010 at 10:47 PM.
Yesterday, 02:46 PM
#10
I am trying to make some changes to 96531706 in IDA Pro. I'm using the HEX Dump section to make changes and after I make a change, it seems like it carries over instructions from the previous set of instructions in the disassemble window?
Here are two screen shots.
Left is the normal 96531706 code and the right side is the code changes I'm trying to make. Right now, I'm just NOP'ing things out to hold places, but the NOPs have that extra garbage with it on the right?
Any help?
Here are two screen shots.
Left is the normal 96531706 code and the right side is the code changes I'm trying to make. Right now, I'm just NOP'ing things out to hold places, but the NOPs have that extra garbage with it on the right?
Any help?
Thread
Thread Starter
Forum
Replies
Last Post
scheides
ECU Flash
357
Oct 22, 2021 08:59 AM
assembly, change, code, codechange, edit, evo, fopen, ida, idc, instruction, instructions, modify, net, pro, replace
