Three new debuggers
We continue to add more debugger modules to IDA and improve the existing ones.
This version introduces three new debuggers: bochs, gdb, and windbg.
Each of these debuggers deserve a separate article, so only the most interesting highlights here:
- Bochs: can run any 32bit code, from a few instructions to whole
operating systems. Just click F9 and immediately switch to running state.
In fact, any code
snippet can be executed in a safe and user friendly way.
With the bochs debugger, we offer three different worlds:
windows-like-environment for PE files, and
any-bochs-image bare-bone machine emulation mode.
Please read more about Bochs plugin here:
- GDBServer: x86 and arm targets are supported.
Among other things, it is possible to connect IDA to QEMU or debug a
virtual machine using VMWare.
- Windbg: both user and
kernel mode debugging are available.
IDA can automatically load required PDB files and populate the listing with
meaningful names, types, etc. Speaking of PDB files, IDA imports more information
from them: local function variables and types are retrieved too, c++ base classes are handled, etc.
The GDBServer and Windbg debugger modules support
local and remote debugging. We tried
to make the debugger modules as open as possible: target-specific commands can be sent
to all backend engines very easily.