[panda-users] windows symbols
Hulin, Patrick - 0559 - MITLL
Patrick.Hulin at ll.mit.edu
Thu Feb 26 12:22:54 EST 2015
I¹ve been thinking of writing a DWARF plugin that parses debug symbols for a
while, but I haven¹t gotten around to it. I assume there are good libraries
for this sort of thing, so it probably wouldn¹t be that hard to do.
From: Michael Sieffert <seefdogg at gmail.com>
Date: Thursday, February 26, 2015 at 11:36 AM
To: "panda-users at mit.edu" <panda-users at mit.edu>
Subject: [panda-users] windows symbols
Hi -
I want to use PANDA to do some windows reversing.
Anyone have any tips for integrating Windows symbols to quickly determine
module and offsets from which calls are made? I have the addresses I'm
interested in, obtained through a simple run of the stringsearch.so plugin,
but translating those addresses into useful information for stuff like
disassembling in IDA is getting to be a pain.
I did check the archives first, and didn't see anything about symbols.
However, feel free to tell me to RTFM again.
Thanks.
Seef
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://mailman.mit.edu/mailman/private/panda-users/attachments/20150226/b7ffb50c/attachment.htm
-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/pkcs7-signature
Size: 5233 bytes
Desc: not available
Url : http://mailman.mit.edu/mailman/private/panda-users/attachments/20150226/b7ffb50c/attachment.bin
More information about the panda-users
mailing list