当我们的光标在某个函数处时,按回车键就可以跳到这个函数所在的位置:

按回车,跳到这里:

再按回车,跳到导入表:

我们再连续按ESC键就可以返回到刚才进入的地方:

使用快捷键N可以进行重命名:

在数字上按下H键或者右键进行选择,可以将数字转化为十进制:

在按一下相同的键就变回来了。按下B键转换为二进制也是同理。

按下空格键可以使IDA在图形视图和文本视图之间切换:

  • 常用默认快捷键

"JumpAsk" = 'g'
"JumpName" = "Ctrl-L"
"JumpSegment" = "Ctrl-S"
"JumpSegmentRegister" = "Ctrl-G"
"JumpQ" = "Ctrl-Q"
"JumpPosition" = "Ctrl-M"
"JumpXref" = "Ctrl-X"
"JumpXrefFrom" = "Ctrl-J"
"JumpOpXref" = "X"
"JumpFunction" = "Ctrl-P"
"JumpEntryPoint" = "Ctrl-E"
"JumpError" = "Ctrl-F"

"JumpEnter" = "Enter" // jump to address under cursor
"JumpEnterNew" = "Alt-Enter" // jump to address under cursor
// in a new window
"Return" = "Esc"
"UndoReturn" = "Ctrl-Enter" // undo the last Esc

"MarkPosition" = "Alt-M"

"JumpSuspicious" = "Ctrl-V"
"JumpCode" = "Alt-C"
"JumpData" = "Ctrl-D"
"JumpUnknown" = "Ctrl-U"
"JumpExplored" = "Ctrl-A"
"AskNextImmediate" = "Alt-I"
"JumpImmediate" = "Ctrl-I"
"AskNextText" = "Alt-T"
"JumpText" = "Ctrl-T"
"AskBinaryText" = "Alt-B"
"JumpBinaryText" = "Ctrl-B"

"MakeAlignment" = 'L'
"ManualInstruction" = "Alt-F2"

"MakeCode" = 'C'
"MakeData" = 'D'
"MakeAscii" = 'A'
"MakeArray" = "Numpad*"
"MakeUnknown" = 'U'

"MakeName" = 'N'
"ManualOperand" = "Alt-F1"

"MakeFunction" = 'P'
"EditFunction" = "Alt-P"
"FunctionEnd" = 'E'
"OpenStackVariables" = "Ctrl-K" // open stack variables window
"ChangeStackPointer" = "Alt-K" // change value of SP
"RenameRegister" = 'V'
"SetType" = 'Y'

"MakeComment" = ':'
"MakeRptCmt" = ';'

"OpNumber" = '#'
"OpHex" = 'Q'
"OpDecimal" = 'H'
"OpBinary" = 'B'
"OpChar" = 'R'
"OpSegment" = 'S'
"OpOffset" = 'O'
"OpOffsetCs" = "Ctrl-O"
"OpAnyOffset" = "Alt-R"
"OpUserOffset" = "Ctrl-R"
"OpStructOffset" = 'T'
"OpStackVariable" = 'K'
"OpEnum" = 'M'

"EditSegment" = "Alt-S"

"SetSegmentRegister" = "Alt-G"

"ShowRegisters" = "Ctrl-Space"

"OpenFunctions" = "Shift-F3" // open functions window
"OpenNames" = "Shift-F4"
"OpenSignatures" = "Shift-F5" // open signatures window
"OpenSegments" = "Shift-F7"
"OpenSegmentRegisters" = "Shift-F8"
"OpenStructures" = "Shift-F9" // open structures window
"OpenEnums" = "Shift-F10" // open enums window
"OpenTypeLibraries" = "Shift-F11"
"GraphFunc" = "F12" // display function flow-chart
"CallFlow" = "Ctrl-F12" // display function call graph
"OpenStrings" = "Shift-F12"
"OpenLocalTypes" = "Shift-F1"

"SetAsciiStyle" = "Alt-A" // set ascii strings style

"ShowFlags" = 'F'
"Hide" = "Numpad-"
"Unhide" = "Numpad+"

"ExternalHelp" = "Ctrl-F1"

"WindowsListNext" = "Ctrl-Tab"
"WindowsListPrev" = "Ctrl-Shift-Tab"

"NextWindow" = "F6"
"PrevWindow" = "Shift-F6"
"CloseWindow" = "Alt-F3"

IDA Pro使用的更多相关文章

  1. 安卓动态调试七种武器之孔雀翎 – Ida Pro

    安卓动态调试七种武器之孔雀翎 – Ida Pro 作者:蒸米@阿里聚安全 0x00 序 随着移动安全越来越火,各种调试工具也都层出不穷,但因为环境和需求的不同,并没有工具是万能的.另外工具是死的,人是 ...

  2. 计算机病毒实践汇总六:IDA Pro基础

    在尝试学习分析的过程中,判断结论不一定准确,只是一些我自己的思考和探索.敬请批评指正! 1. IDA使用 (1)搜索.下载并执行IDA Pro,对可执行程序lab05-01.dll进行装载,分别以图形 ...

  3. Ubuntu下安装IDA pro

    预备 由于IDA pro只能装在32位环境下,如果是64位Ubuntu,需要运行如下命令安装32位的必备库. sudo dpkg --add-architecture i386 sudo apt-ge ...

  4. How to create an anonymous IDA PRO database (.IDB)

    Source: http://www.0xebfe.net/blog/2013/01/13/how-to-create-an-anonymous-ida-pro-database-dot-idb/ P ...

  5. android调试系列--使用ida pro调试so

    1.工具介绍 IDA pro: 反汇编神器,可静态分析和动态调试. 模拟机或者真机:运行要调试的程序. 样本:阿里安全挑战赛第二题:http://pan.baidu.com/s/1eS9EXIM 2. ...

  6. android调试系列--使用ida pro调试原生程序

    1.工具介绍 IDA pro: 反汇编神器,可静态分析和动态调试. 模拟机或者真机:运行要调试的程序. 样本:自己编写NDK demo程序进行调试 2.前期准备 2.1  准备样本程序(假设已经配置好 ...

  7. [转]How to create an anonymous IDA PRO database (.IDB)

    Source: http://www.0xebfe.net/blog/2013/01/13/how-to-create-an-anonymous-ida-pro-database-dot-idb/ P ...

  8. IDA Pro使用技巧

    DA Pro基本简介 IDA加载完程序后,3个立即可见的窗口分别为IDA-View,Named,和消息输出窗口(output Window). IDA图形视图会有执行流,Yes箭头默认为绿色,No箭头 ...

  9. IDA Pro使用(静态分析+动态调试)

    链接:http://skysider.com/?p=458 IDA Pro使用(静态分析+动态调试) 1.静态分析 IDA FLIRT Signature Database —— 用于识别静态编译的可 ...

  10. IDA Pro Disassembler 6.8.15.413 (Windows, Linux, Mac)

    IDA: What's new in 6.8 Highlights This is mainly a maintenance release, so our focus was on fixing b ...

随机推荐

  1. <span>什么意思

    <span> 在CSS定义中属于一个行内元素,在行内定义一个区域,也就是一行内可以被 <span> 划分成好几个区域,从而实现某种特定效果. <span> 本身没有 ...

  2. Eclipse连接MySQL出现Server time zone is unrecognized错误

    错误代码: The server time zone value '?й???????' is unrecognized or represents more than one time zone. ...

  3. 手工场景--controller--场景设计、场景监控、运行场景

    场景设置: 1.设置界面 2.全局设置. A:初始化: B:启动用户: C:

  4. 将Cygwin Emacs设为Windows explorer默认打开程序

    由于我在平日的学习与工作中会经常用到Cygwin中的Emacs,很自然地想到应该将emacsclient作为指定文件类型在Windows explorer中的默认打开程序.这样,便可以直接双击文件后在 ...

  5. wpf 界面线程 添加项

    foreach (var r in sec.Records) { listView.Dispatcher.Invoke((new Action(delegate() { listView.Items. ...

  6. Html5NodeJs安装less之千辛万苦CMD系列

    如题,这个东西很是费了一般脑筋 上一次讲了如何在浏览器端解析less文件,这次是在cmd中使用npm中的less模块来解析 详解如下 首下我们去下载一个NodeJs,   我下载的是4.44版本,一路 ...

  7. TortoiseSVN 1.8 关于右键的设置

    以前用SVN但都是 IDE 自己集成的插件,最近使用 android studio 发现居然自己不带SVN command line插件,非得自己单独装一个,于是使用了 TortoiseSVN ,但用 ...

  8. cp执行命令,如何直接覆盖不提示

    参数说明 -i, --interactive prompt before overwrite (overrides a previous -n option)   #文件存在是,交互式提示是否覆盖 - ...

  9. iOS错误之-Presenting view controllers on detached view controllers is discouraged

    遇到这个警告后找了一下网络资源,基本上只说通过 [self.view.window.rootViewController presentViewController:controller animat ...

  10. 搭建git代码服务器

    在代码管理中,通常需要使用版本管理工具,git就是一个不错的选择,这里简单罗列一下git服务器的搭建过程. 1. 安装git工具包 2. 初始化git库:在代码服务器上,通常只需要创建一个不含有工作目 ...