DataRescue SA has revised its interactive disassembler, debugger, and binary analysis tool, adding a Linux hosted console version and better support for ARM and other embedded architectures, including custom processors. IDA Pro version 4.7 can be used to analyze Linux or Windows binaries for fragmented functions and other dissembling code.

IDA Pro in action
(Click for larger view)
According to DataRescue, new features in IDA Pro 4.7 shorten the binary analysis cycle and help preserve the integrity of the analysis. New features include:

• Support for fragmented functions and obfuscated code. Fragmented functions produced by optimizing compilers or Black Hats attempting to manually obfuscate hostile code can now be analyzed as a single entity, according to DataRescue.
• A native Linux hosted console version supports “hundreds of processors and their variants.” (A list of supported architectures is here).
• Remote debugging of single-threaded Linux binaries from Windows hosts, and vice versa, in order to isolate analysis from the execution of potentially hostile code
• Major improvements to the ARM and Epoc analysis modules. “With dozens of significant ARM disassembly engine enhancements, IDA Pro 4.7 brings most of the power of its 80×86 module to embedded developers in the PDA and Telecom industry,” says DataRescue.

Additionally, DataRescue says it has released the source code for 30 processor modules and 20 loaders. This source code is expected to help embedded developers write custom loaders and modules, for example for custom processors. The Linux interface and debugger source code are also freely available.

DataRescue President Pierre Vandevenne said, “We hope the additions to our SDK will further promote the development of the IDA Pro extensions market.”

Independent security researcher and author Ryan Russell said, “No other tool comes close to IDA Pro for performing detailed analysis of executable code. Not only does it do some of the best auto-analysis, but the interactive and programmable environment is just about ideal to complete the analysis manually.”

Availability

IDA Pro 4.7 is available now in a $399 standard edition supporting “more than twenty” 8-, 16-, and 32-bit processors, as well as a $795 advanced edition supporting “more than forty” processor families, including 64-bit processors.

An upgrade patch is available online for customers new since May of 2003, except those in the Russian Federation, Ukraine, or Belarus, who should contact their distributor, Geliosoft. A feature-limited Windows GUI version is also available for free trial download.

---

 
This article was originally published on LinuxDevices.com and has been donated to the open source community by QuinStreet Inc. Please visit LinuxToday.com for up-to-date news and articles about Linux and open source.