6

Everyone knows the state of IDA's documentation... There is a bit of info in idc.idc and the SDK headers, there's Chris Eagle's book (which predates quite a few advances in IDA), and there's the occasional juicy tidbit in the blogs of Ilfak, Igorsk, Daniele and the others.

But by and large there's mostly Google, reversing IDA.WLL, and copious experimentation. Which means that it's often much slower going than we would like, and quite often things require a lot more effort than necessary because we're unaware of some trick, twist or workaround that somebody else has already discovered.

The perfect solution would be a community wiki. So, is there a wiki for all things IDA?

If so then all serious spelunkers needs to know about it: it ought to be linked from here, from IDA's home site and major RCE gathering places...

If there's no wiki yet then we ought to do something about it (like badgering Ilfak).

DarthGizka
  • 2,010
  • 1
  • 13
  • 30
  • 2
    Would help newbies a lot, would have helped me too when I didn't know how to use it. Good idea imo, +1 – rev Jan 20 '15 at 22:18
  • They're is an ida pro book . also they're many quick guides out there. Found this at the top of a google search and the information looks good for a beginner. I just glanced over it. Let me know what you think. https://www.google.com/url?sa=t&source=web&rct=j&ei=74LAVPu2K9K3yAS104L4Cw&url=http://www.darkblue.ch/programming/IDA%2520User%2520Tutorial.pdf&ved=0CBwQFjAA&usg=AFQjCNFplZY2uXFhfwLEzX2i4T3ZIUq5EQ&sig2=CSLqgOYuR4Hz-iPuQ9Uvlw – LUser Jan 22 '15 at 05:03
  • 1
    LOL: "Copyright 2003 by |nAbOo| - Don't make this tutorial public and don't give it away!!!" Apart from that I'm not so much interested in tutorials as in a place where hard-won insights into IDA can be deposited, and found by others. And where I can go look to find out what's really going on. E.g. why calling set_idc_getattr with the result of a previous call - or that of a call to get_idc_getattr - will fail and crash IDA when your plugin is unloaded (it's because IDA returns "" for an empty method but you have to pass 0 to reset, not "" which fails and leaves things as they are) – DarthGizka Jan 22 '15 at 06:01
  • 1
    At the moment there doesn't even seem to be one single place where IDC syntax is explained concisely and correctly - i.e. including try ... catch and the fact that objects are associative arrays that are indexed with strings using the . operator instead of [], and for any object o, o.foo == getattr(o, "foo") and o[n] == getattr(o, n) == getattr(o, ltoa(n,10)), but o["foo"] is not accepted. Or that ltoa() is really ultoa() (i.e., ltoa(-1,10) is not "-1" but "4294967295" or "18446744073709551615"). – DarthGizka Jan 22 '15 at 06:18
  • Create the Wiki and get started. That's how such community Wiki's work. I'm sure once there is this place, there will be people contributing as this would be certainly a usefull thing. – Devolus Jan 26 '15 at 11:41
  • 1
    @Devolus http://ida-pro.wikia.com done. I'll be adding info every now and then, and everybody can colaborate! – rev Feb 09 '15 at 15:15
  • @AcidShout Splendid! Could you please post this as an answer, to suit the StackExchange format? Just in case someone filters out unanswered questions, and to give it a bit more visibility... I shall be contributing inside info about IDC, IDA.WLL and the IDB format to the wiki, as soon as I've learnt the ropes and got the hang of wikiing. – DarthGizka Feb 09 '15 at 17:30
  • Of couse, gonna do it now. Thanks for the collaboration! – rev Feb 09 '15 at 19:51
  • "Hard won facts about IDA" as you call them are well suited into Stack Overflow. It is encouraged to create questions with prepared answers for questions you consider worthy and have an answer for, but no one had the chance to ask before. – NirIzr Apr 20 '17 at 12:04
  • 1
    I'm voting to close this question as off-topic because it should be asked on meta RE.SE rather than here – julian Apr 20 '17 at 14:24

1 Answers1

6

I just created a wikia for IDA Pro.

Do add your contributions there! :)

I'll also be adding some info every now and then. It is a community wiki, so please do no evil! =P

rev
  • 1,293
  • 12
  • 22