当我们的光标在某个函数处时,按回车键就可以跳到这个函数所在的位置:

按回车,跳到这里:

再按回车,跳到导入表:

我们再连续按ESC键就可以返回到刚才进入的地方:

使用快捷键N可以进行重命名:

在数字上按下H键或者右键进行选择,可以将数字转化为十进制:

在按一下相同的键就变回来了。按下B键转换为二进制也是同理。

按下空格键可以使IDA在图形视图和文本视图之间切换:

  • 常用默认快捷键

"JumpAsk" = 'g'
"JumpName" = "Ctrl-L"
"JumpSegment" = "Ctrl-S"
"JumpSegmentRegister" = "Ctrl-G"
"JumpQ" = "Ctrl-Q"
"JumpPosition" = "Ctrl-M"
"JumpXref" = "Ctrl-X"
"JumpXrefFrom" = "Ctrl-J"
"JumpOpXref" = "X"
"JumpFunction" = "Ctrl-P"
"JumpEntryPoint" = "Ctrl-E"
"JumpError" = "Ctrl-F"

"JumpEnter" = "Enter" // jump to address under cursor
"JumpEnterNew" = "Alt-Enter" // jump to address under cursor
// in a new window
"Return" = "Esc"
"UndoReturn" = "Ctrl-Enter" // undo the last Esc

"MarkPosition" = "Alt-M"

"JumpSuspicious" = "Ctrl-V"
"JumpCode" = "Alt-C"
"JumpData" = "Ctrl-D"
"JumpUnknown" = "Ctrl-U"
"JumpExplored" = "Ctrl-A"
"AskNextImmediate" = "Alt-I"
"JumpImmediate" = "Ctrl-I"
"AskNextText" = "Alt-T"
"JumpText" = "Ctrl-T"
"AskBinaryText" = "Alt-B"
"JumpBinaryText" = "Ctrl-B"

"MakeAlignment" = 'L'
"ManualInstruction" = "Alt-F2"

"MakeCode" = 'C'
"MakeData" = 'D'
"MakeAscii" = 'A'
"MakeArray" = "Numpad*"
"MakeUnknown" = 'U'

"MakeName" = 'N'
"ManualOperand" = "Alt-F1"

"MakeFunction" = 'P'
"EditFunction" = "Alt-P"
"FunctionEnd" = 'E'
"OpenStackVariables" = "Ctrl-K" // open stack variables window
"ChangeStackPointer" = "Alt-K" // change value of SP
"RenameRegister" = 'V'
"SetType" = 'Y'

"MakeComment" = ':'
"MakeRptCmt" = ';'

"OpNumber" = '#'
"OpHex" = 'Q'
"OpDecimal" = 'H'
"OpBinary" = 'B'
"OpChar" = 'R'
"OpSegment" = 'S'
"OpOffset" = 'O'
"OpOffsetCs" = "Ctrl-O"
"OpAnyOffset" = "Alt-R"
"OpUserOffset" = "Ctrl-R"
"OpStructOffset" = 'T'
"OpStackVariable" = 'K'
"OpEnum" = 'M'

"EditSegment" = "Alt-S"

"SetSegmentRegister" = "Alt-G"

"ShowRegisters" = "Ctrl-Space"

"OpenFunctions" = "Shift-F3" // open functions window
"OpenNames" = "Shift-F4"
"OpenSignatures" = "Shift-F5" // open signatures window
"OpenSegments" = "Shift-F7"
"OpenSegmentRegisters" = "Shift-F8"
"OpenStructures" = "Shift-F9" // open structures window
"OpenEnums" = "Shift-F10" // open enums window
"OpenTypeLibraries" = "Shift-F11"
"GraphFunc" = "F12" // display function flow-chart
"CallFlow" = "Ctrl-F12" // display function call graph
"OpenStrings" = "Shift-F12"
"OpenLocalTypes" = "Shift-F1"

"SetAsciiStyle" = "Alt-A" // set ascii strings style

"ShowFlags" = 'F'
"Hide" = "Numpad-"
"Unhide" = "Numpad+"

"ExternalHelp" = "Ctrl-F1"

"WindowsListNext" = "Ctrl-Tab"
"WindowsListPrev" = "Ctrl-Shift-Tab"

"NextWindow" = "F6"
"PrevWindow" = "Shift-F6"
"CloseWindow" = "Alt-F3"

IDA Pro使用的更多相关文章

  1. 安卓动态调试七种武器之孔雀翎 – Ida Pro

    安卓动态调试七种武器之孔雀翎 – Ida Pro 作者:蒸米@阿里聚安全 0x00 序 随着移动安全越来越火,各种调试工具也都层出不穷,但因为环境和需求的不同,并没有工具是万能的.另外工具是死的,人是 ...

  2. 计算机病毒实践汇总六:IDA Pro基础

    在尝试学习分析的过程中,判断结论不一定准确,只是一些我自己的思考和探索.敬请批评指正! 1. IDA使用 (1)搜索.下载并执行IDA Pro,对可执行程序lab05-01.dll进行装载,分别以图形 ...

  3. Ubuntu下安装IDA pro

    预备 由于IDA pro只能装在32位环境下,如果是64位Ubuntu,需要运行如下命令安装32位的必备库. sudo dpkg --add-architecture i386 sudo apt-ge ...

  4. How to create an anonymous IDA PRO database (.IDB)

    Source: http://www.0xebfe.net/blog/2013/01/13/how-to-create-an-anonymous-ida-pro-database-dot-idb/ P ...

  5. android调试系列--使用ida pro调试so

    1.工具介绍 IDA pro: 反汇编神器,可静态分析和动态调试. 模拟机或者真机:运行要调试的程序. 样本:阿里安全挑战赛第二题:http://pan.baidu.com/s/1eS9EXIM 2. ...

  6. android调试系列--使用ida pro调试原生程序

    1.工具介绍 IDA pro: 反汇编神器,可静态分析和动态调试. 模拟机或者真机:运行要调试的程序. 样本:自己编写NDK demo程序进行调试 2.前期准备 2.1  准备样本程序(假设已经配置好 ...

  7. [转]How to create an anonymous IDA PRO database (.IDB)

    Source: http://www.0xebfe.net/blog/2013/01/13/how-to-create-an-anonymous-ida-pro-database-dot-idb/ P ...

  8. IDA Pro使用技巧

    DA Pro基本简介 IDA加载完程序后,3个立即可见的窗口分别为IDA-View,Named,和消息输出窗口(output Window). IDA图形视图会有执行流,Yes箭头默认为绿色,No箭头 ...

  9. IDA Pro使用(静态分析+动态调试)

    链接:http://skysider.com/?p=458 IDA Pro使用(静态分析+动态调试) 1.静态分析 IDA FLIRT Signature Database —— 用于识别静态编译的可 ...

  10. IDA Pro Disassembler 6.8.15.413 (Windows, Linux, Mac)

    IDA: What's new in 6.8 Highlights This is mainly a maintenance release, so our focus was on fixing b ...

随机推荐

  1. 你真的懂javascript中的 “this” 吗?

    一.前言: 我们知道 "this" 是javascript语言的一个关键字,在编写javascript代码的时候,经常会见到或者用到它. 但是,有一部分开发朋友,对 "t ...

  2. 办理西蒙弗雷泽大学(本科)学历认证『微信171922772』SFU学位证成绩单使馆认证Simon Fraser University

    办理西蒙弗雷泽大学(本科)学历认证『微信171922772』SFU学位证成绩单使馆认证Simon Fraser University Q.微信:171922772办理教育部国外学历学位认证海外大学毕业 ...

  3. 疑问:关于postgres的to_number()

    postgres中的to_number(text,number),即是把字符串text转为number的函数,但有时候用的时候经常碰到这样的错误:[Err] ERROR:  invalid input ...

  4. codewars-random(3)

    思路:两个嵌套的for循环(不推荐,应该有更好的.) 具体代码:function longestConsec(strarr, k) {    // your code    var n = strar ...

  5. mac nodejs安装

    很久没有配置开发环境了,刚换了新电脑,正好借机会重新配置一下node相关的开发环境 安装 nvm :Node Version Manager 由于nodejs版本更新迭代较快,而不同版本间的差异又很大 ...

  6. Apache server for win解压版的安装与配置

    下载地址: Apache 2.4.16 Win64位:VC14:http://www.apachelounge.com/download/VC14/binaries/httpd-2.4.16-win6 ...

  7. Python学习懒出极致——自备常用链接

    linux: samba配置:http://blog.chinaunix.net/uid-23069658-id-3142052.html ubuntu: mysql启停:http://www.2ct ...

  8. 通过file文件选择图片预览功能

    <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/ ...

  9. python2 基础

    标识符 标识符是由字母,下划线和字母组成的字符序列标识符必须以字母,下划线开头,不能以数字开头标识符不能是关键字标识符可以为任意长度 算术运算符+-*///**% 科学记数法 aEb 或者aE+b例: ...

  10. HttpHelps类

    /// <summary> /// 类说明:HttpHelps类,用来实现Http访问,Post或者Get方式的,直接访问,带Cookie的,带证书的等方式,可以设置代理 /// 重要提示 ...