|
The iPhone Wiki is no longer updated. Visit this article on The Apple Wiki for current information. |
Difference between revisions of "EDA"
Posixninja (talk | contribs) (Undo revision 5520 by 1337urmompois0n (Talk)) |
|||
| Line 1: | Line 1: | ||
| + | The embedded disassembler. |
||
| + | [[Image:eda.png|right|thumb]] |
||
| − | Haxed by 1337Urmom at The Pois0nhack team |
||
| − | Haxed by 1337Urmom at The Pois0nhack team |
||
| − | Haxed by 1337Urmom at The Pois0nhack team |
||
| − | Haxed by 1337Urmom at The Pois0nhack team |
||
| − | Haxed by 1337Urmom at The Pois0nhack team |
||
| + | ==Purpose== |
||
| − | Haxed by 1337Urmom at The Pois0nhack team |
||
| + | * Static disassembly misses a lot and requires you to keep a lot in your head. |
||
| − | Haxed by 1337Urmom at The Pois0nhack team |
||
| + | * Debuggers require you have that sort of access to the target system |
||
| − | Haxed by 1337Urmom at The Pois0nhack team |
||
| + | * Simulators are painful to set up and don't really behave like debuggers |
||
| − | Haxed by 1337Urmom at The Pois0nhack team |
||
| − | Haxed by 1337Urmom at The Pois0nhack team |
||
| + | EDA is a cross between these three; a static disassembler with support for things like breakpoints and quick system configuration(like a system designed to run one function). Also, it keeps all past states of the system allowing the memory and registers to be viewed from any point of code execution. Click an instruction or memory address, and see every access and the system state at that point. No more missing xref because of things like(MOV R0, #0x1004 ADD R0, PC). This is all within an IDA-like frontend. |
||
| − | Haxed by 1337Urmom at The Pois0nhack team |
||
| − | Haxed by 1337Urmom at The Pois0nhack team |
||
| − | Haxed by 1337Urmom at The Pois0nhack team |
||
| − | Haxed by 1337Urmom at The Pois0nhack team |
||
| − | Haxed by 1337Urmom at The Pois0nhack team |
||
| + | And this is just phase one. Theres planned support for differential paths(run twice and graphical compare), a version migrator and differ(compare iBoot 1.0 and 1.1, find exploits, and at worst not have to migrate the names), a built in patching engine based on a lot more than pattern matching, and collaboration. |
||
| − | Haxed by 1337Urmom at The Pois0nhack team |
||
| − | Haxed by 1337Urmom at The Pois0nhack team |
||
| − | Haxed by 1337Urmom at The Pois0nhack team |
||
| − | Haxed by 1337Urmom at The Pois0nhack team |
||
| − | Haxed by 1337Urmom at The Pois0nhack team |
||
| + | ==History== |
||
| − | Haxed by 1337Urmom at The Pois0nhack team |
||
| + | EDA is a descendant of [http://opengsm.blogspot.com/ DBS](Disassembly by Simulation), an idea I had after coming home from a party at college and couldn't keep stuff straight in IDA. I used DBS to work out the bugs and verify nckbf. Unfortunately, like simulators, it was annoying to set up and the GUI I wrote used Microsoft CLR; arrays crapped out at like 5000 elements. |
||
| − | Haxed by 1337Urmom at The Pois0nhack team |
||
| − | Haxed by 1337Urmom at The Pois0nhack team |
||
| − | Haxed by 1337Urmom at The Pois0nhack team |
||
| − | Haxed by 1337Urmom at The Pois0nhack team |
||
| + | EDA alpha was the version I did at the end of August. It was designed without a clear plan in mind, basically I wrote a frontend, then bsed my way through a backend. It was written in C, with the frontend in Web(HTML,CSS,JS). It looked nice, and did function as both a disassembler and a simulator. But the code base became very unmanagable; I would add a button to the frontend then hack on the backend to make it work. |
||
| − | Haxed by 1337Urmom at The Pois0nhack team |
||
| − | Haxed by 1337Urmom at The Pois0nhack team |
||
| − | Haxed by 1337Urmom at The Pois0nhack team |
||
| − | Haxed by 1337Urmom at The Pois0nhack team |
||
| − | Haxed by 1337Urmom at The Pois0nhack team |
||
| + | ==EDA== |
||
| − | Haxed by 1337Urmom at The Pois0nhack team |
||
| + | As of yesterday, I got motivated to work on this again, and hopefully motivated posixninja and westbaer to help. This is too big a project to do alone. We discussed design and have a plan this time. The backend will be C++, running a web server that any webkit browser can run the front end in. It's fully cross platform. Initially, we plan only to support ARM, but it should be easily extendable to support more architechures. |
||
| − | Haxed by 1337Urmom at The Pois0nhack team |
||
| − | Haxed by 1337Urmom at The Pois0nhack team |
||
| − | Haxed by 1337Urmom at The Pois0nhack team |
||
| − | Haxed by 1337Urmom at The Pois0nhack team |
||
| + | I believe this is well within the reach of this community. Think of this as a meta-project, finish this and all your reversing tasks will be sped up 2-20x |
||
| − | Haxed by 1337Urmom at The Pois0nhack team |
||
| − | Haxed by 1337Urmom at The Pois0nhack team |
||
| − | Haxed by 1337Urmom at The Pois0nhack team |
||
| − | Haxed by 1337Urmom at The Pois0nhack team |
||
| − | Haxed by 1337Urmom at The Pois0nhack team |
||
| + | ==Tasks== |
||
| − | Haxed by 1337Urmom at The Pois0nhack team |
||
| + | * Front-end coding: We are looking for skilled HTML/CSS/JS devs to write a front-end and help think up the protocol |
||
| − | Haxed by 1337Urmom at The Pois0nhack team |
||
| + | * Arch extensions: If we get someone on this now, it'll be easy later. I don't know how much ARM I assume. |
||
| − | Haxed by 1337Urmom at The Pois0nhack team |
||
| + | * Skilled C++ developers: The whole EDA kernel is in C++, we need a web server and someone to deal with threads and messages |
||
| − | Haxed by 1337Urmom at The Pois0nhack team |
||
| + | * Good reversers: To tell me why IDA frustrates them |
||
| − | Haxed by 1337Urmom at The Pois0nhack team |
||
| + | ==Sites== |
||
| − | Haxed by 1337Urmom at The Pois0nhack team |
||
| + | http://code.google.com/p/eda-reversing/ -- Google code for the wiki and releases |
||
| − | Haxed by 1337Urmom at The Pois0nhack team |
||
| − | Haxed by 1337Urmom at The Pois0nhack team |
||
| − | Haxed by 1337Urmom at The Pois0nhack team |
||
| − | Haxed by 1337Urmom at The Pois0nhack team |
||
| + | http://github.com/geohot/eda-reversing/tree/master -- github for the source in development |
||
| − | Haxed by 1337Urmom at The Pois0nhack team |
||
| − | Haxed by 1337Urmom at The Pois0nhack team |
||
| − | Haxed by 1337Urmom at The Pois0nhack team |
||
| − | Haxed by 1337Urmom at The Pois0nhack team |
||
| − | Haxed by 1337Urmom at The Pois0nhack team |
||
| + | If you join the project, we have an internal Google Doc too, viewable at http://docs.google.com/View?docid=dg49sn22_167kkh2vcn |
||
| − | Haxed by 1337Urmom at The Pois0nhack team |
||
| − | Haxed by 1337Urmom at The Pois0nhack team |
||
| − | Haxed by 1337Urmom at The Pois0nhack team |
||
| − | Haxed by 1337Urmom at The Pois0nhack team |
||
| − | Haxed by 1337Urmom at The Pois0nhack team |
||
| − | |||
| − | Haxed by 1337Urmom at The Pois0nhack team |
||
| − | Haxed by 1337Urmom at The Pois0nhack team |
||
| − | Haxed by 1337Urmom at The Pois0nhack team |
||
| − | Haxed by 1337Urmom at The Pois0nhack team |
||
| − | Haxed by 1337Urmom at The Pois0nhack team |
||
| − | |||
| − | Haxed by 1337Urmom at The Pois0nhack team |
||
| − | Haxed by 1337Urmom at The Pois0nhack team |
||
| − | Haxed by 1337Urmom at The Pois0nhack team |
||
| − | Haxed by 1337Urmom at The Pois0nhack team |
||
| − | Haxed by 1337Urmom at The Pois0nhack team |
||
| − | |||
| − | Haxed by 1337Urmom at The Pois0nhack team |
||
| − | Haxed by 1337Urmom at The Pois0nhack team |
||
| − | Haxed by 1337Urmom at The Pois0nhack team |
||
| − | Haxed by 1337Urmom at The Pois0nhack team |
||
| − | Haxed by 1337Urmom at The Pois0nhack team |
||
| − | |||
| − | Haxed by 1337Urmom at The Pois0nhack team |
||
| − | Haxed by 1337Urmom at The Pois0nhack team |
||
| − | Haxed by 1337Urmom at The Pois0nhack team |
||
| − | Haxed by 1337Urmom at The Pois0nhack team |
||
| − | Haxed by 1337Urmom at The Pois0nhack team |
||
| − | |||
| − | Haxed by 1337Urmom at The Pois0nhack team |
||
| − | Haxed by 1337Urmom at The Pois0nhack team |
||
| − | Haxed by 1337Urmom at The Pois0nhack team |
||
| − | Haxed by 1337Urmom at The Pois0nhack team |
||
| − | Haxed by 1337Urmom at The Pois0nhack team |
||
| − | |||
| − | Haxed by 1337Urmom at The Pois0nhack team |
||
| − | Haxed by 1337Urmom at The Pois0nhack team |
||
| − | Haxed by 1337Urmom at The Pois0nhack team |
||
| − | Haxed by 1337Urmom at The Pois0nhack team |
||
| − | Haxed by 1337Urmom at The Pois0nhack team |
||
| − | |||
| − | Haxed by 1337Urmom at The Pois0nhack team |
||
| − | Haxed by 1337Urmom at The Pois0nhack team |
||
| − | Haxed by 1337Urmom at The Pois0nhack team |
||
| − | Haxed by 1337Urmom at The Pois0nhack team |
||
| − | Haxed by 1337Urmom at The Pois0nhack team |
||
| − | |||
| − | Haxed by 1337Urmom at The Pois0nhack team |
||
| − | Haxed by 1337Urmom at The Pois0nhack team |
||
| − | Haxed by 1337Urmom at The Pois0nhack team |
||
| − | Haxed by 1337Urmom at The Pois0nhack team |
||
| − | Haxed by 1337Urmom at The Pois0nhack team |
||
| − | |||
| − | Haxed by 1337Urmom at The Pois0nhack team |
||
| − | Haxed by 1337Urmom at The Pois0nhack team |
||
| − | Haxed by 1337Urmom at The Pois0nhack team |
||
| − | Haxed by 1337Urmom at The Pois0nhack team |
||
| − | Haxed by 1337Urmom at The Pois0nhack team |
||
| − | |||
| − | Haxed by 1337Urmom at The Pois0nhack team |
||
| − | Haxed by 1337Urmom at The Pois0nhack team |
||
| − | Haxed by 1337Urmom at The Pois0nhack team |
||
| − | Haxed by 1337Urmom at The Pois0nhack team |
||
| − | Haxed by 1337Urmom at The Pois0nhack team |
||
| − | |||
| − | Haxed by 1337Urmom at The Pois0nhack team |
||
| − | Haxed by 1337Urmom at The Pois0nhack team |
||
| − | Haxed by 1337Urmom at The Pois0nhack team |
||
| − | Haxed by 1337Urmom at The Pois0nhack team |
||
| − | Haxed by 1337Urmom at The Pois0nhack team |
||
| − | |||
| − | Haxed by 1337Urmom at The Pois0nhack team |
||
| − | Haxed by 1337Urmom at The Pois0nhack team |
||
| − | Haxed by 1337Urmom at The Pois0nhack team |
||
| − | Haxed by 1337Urmom at The Pois0nhack team |
||
| − | Haxed by 1337Urmom at The Pois0nhack team |
||
| − | |||
| − | Haxed by 1337Urmom at The Pois0nhack team |
||
| − | Haxed by 1337Urmom at The Pois0nhack team |
||
| − | Haxed by 1337Urmom at The Pois0nhack team |
||
| − | Haxed by 1337Urmom at The Pois0nhack team |
||
| − | Haxed by 1337Urmom at The Pois0nhack team |
||
| − | |||
| − | Haxed by 1337Urmom at The Pois0nhack team |
||
| − | Haxed by 1337Urmom at The Pois0nhack team |
||
| − | Haxed by 1337Urmom at The Pois0nhack team |
||
| − | Haxed by 1337Urmom at The Pois0nhack team |
||
| − | Haxed by 1337Urmom at The Pois0nhack team |
||
Revision as of 07:32, 7 November 2009
The embedded disassembler.
Purpose
- Static disassembly misses a lot and requires you to keep a lot in your head.
- Debuggers require you have that sort of access to the target system
- Simulators are painful to set up and don't really behave like debuggers
EDA is a cross between these three; a static disassembler with support for things like breakpoints and quick system configuration(like a system designed to run one function). Also, it keeps all past states of the system allowing the memory and registers to be viewed from any point of code execution. Click an instruction or memory address, and see every access and the system state at that point. No more missing xref because of things like(MOV R0, #0x1004 ADD R0, PC). This is all within an IDA-like frontend.
And this is just phase one. Theres planned support for differential paths(run twice and graphical compare), a version migrator and differ(compare iBoot 1.0 and 1.1, find exploits, and at worst not have to migrate the names), a built in patching engine based on a lot more than pattern matching, and collaboration.
History
EDA is a descendant of DBS(Disassembly by Simulation), an idea I had after coming home from a party at college and couldn't keep stuff straight in IDA. I used DBS to work out the bugs and verify nckbf. Unfortunately, like simulators, it was annoying to set up and the GUI I wrote used Microsoft CLR; arrays crapped out at like 5000 elements.
EDA alpha was the version I did at the end of August. It was designed without a clear plan in mind, basically I wrote a frontend, then bsed my way through a backend. It was written in C, with the frontend in Web(HTML,CSS,JS). It looked nice, and did function as both a disassembler and a simulator. But the code base became very unmanagable; I would add a button to the frontend then hack on the backend to make it work.
EDA
As of yesterday, I got motivated to work on this again, and hopefully motivated posixninja and westbaer to help. This is too big a project to do alone. We discussed design and have a plan this time. The backend will be C++, running a web server that any webkit browser can run the front end in. It's fully cross platform. Initially, we plan only to support ARM, but it should be easily extendable to support more architechures.
I believe this is well within the reach of this community. Think of this as a meta-project, finish this and all your reversing tasks will be sped up 2-20x
Tasks
- Front-end coding: We are looking for skilled HTML/CSS/JS devs to write a front-end and help think up the protocol
- Arch extensions: If we get someone on this now, it'll be easy later. I don't know how much ARM I assume.
- Skilled C++ developers: The whole EDA kernel is in C++, we need a web server and someone to deal with threads and messages
- Good reversers: To tell me why IDA frustrates them
Sites
http://code.google.com/p/eda-reversing/ -- Google code for the wiki and releases
http://github.com/geohot/eda-reversing/tree/master -- github for the source in development
If you join the project, we have an internal Google Doc too, viewable at http://docs.google.com/View?docid=dg49sn22_167kkh2vcn
