Ida Pro help

Disassembly, Reassembly, Tools and devleopment. Going deep with Hardware and Software.
limited cv8r
Posts: 3
Joined: Sun Apr 24, 2011 12:45 am

Ida Pro help

Post by limited cv8r »

Anyone have an idiots guide to usung Ida for disassembling the holden bins ?
User avatar
antus
Site Admin
Posts: 8237
Joined: Sat Feb 28, 2009 8:34 pm
cars: TX Gemini 2L Twincam
TX Gemini SR20 18psi
Datsun 1200 Ute
Subaru Blitzen '06 EZ30 4th gen, 3.0R Spec B
Contact:

Re: Ida Pro help

Post by antus »

Well, its no simple thing, you need to have very good understanding of exactly how the processor works, how the memory is mapped, how computers work, whats in the ecu and how to use ida. For 90s delcos you need know motorola hc11 aka 6811, or for 99+ ls1 its (close enough to for practical purposes) motorola 68332.

have a scan over something like

http://www.clear.rice.edu/elec201/Book/6811_asm.html

or

http://etidweb.tamu.edu/classes/entc349 ... sGuide.PDF

Then google using ida to disassemble roms. I found a few hits on other site for other ecus or console roms and theres a few threads on the hptuner forums.

Sorry dont have an idiots guide. but there is a book:

http://nostarch.com/idapro2.htm
Have you read the FAQ? For lots of information and links to significant threads see here: http://pcmhacking.net/forums/viewtopic.php?f=7&t=1396
skyline_stu
Posts: 10
Joined: Fri Aug 19, 2011 10:03 pm
cars: VS Commodore, 2xHR30 Skyline

Re: Ida Pro help

Post by skyline_stu »

I often use a 68HC11 disassembler called DHC11 and it's re-assembler ASHC11. Find them attached. It's only small but very powerful. Unfortunatly it's DOS based, but will happily run under a command window or DOSBox.

It doesn't have the bells and whistles that IDA has, so it may suit a beginner

As ANTUS said, you'll need a good understanding of how a 68HC11 processor operates to make any sense of the output files. It also supports code block identifiers to help in your decompiling- see attached BPYS.TXT file for examples

Stu
Attachments
BPYS.TXT
Demo identifier file.
(321 Bytes) Downloaded 967 times
dhc11.zip
Disassembler for 68HC11
(15.21 KiB) Downloaded 1023 times
ashc11.zip
Assemble for 68HC11 - reconstructs files from DHC11
(25.81 KiB) Downloaded 808 times
User avatar
antus
Site Admin
Posts: 8237
Joined: Sat Feb 28, 2009 8:34 pm
cars: TX Gemini 2L Twincam
TX Gemini SR20 18psi
Datsun 1200 Ute
Subaru Blitzen '06 EZ30 4th gen, 3.0R Spec B
Contact:

Re: Ida Pro help

Post by antus »

Yep, those tools are good for bin files 64kb or less and works well for those.

They come from techedge, and were created by Peter Gargano, one of the pioneers, looking at this in the 90s before ida even had a free version or a gui. The home page for DHC11 can be found here: http://www.techedge.com.au/utils/dhc11.htm
Have you read the FAQ? For lots of information and links to significant threads see here: http://pcmhacking.net/forums/viewtopic.php?f=7&t=1396
ejukated
Posts: 443
Joined: Wed Mar 04, 2009 8:52 pm

Re: Ida Pro help

Post by ejukated »

has anyone been able to get IDA to disassemble the Holden 128k bins?
User avatar
The1
Posts: 4694
Joined: Mon Jan 04, 2010 10:23 am

Re: Ida Pro help

Post by The1 »

it will do it, but no good for reassembly obviously. There isn't anything out there that supports 128k bins.
ejukated
Posts: 443
Joined: Wed Mar 04, 2009 8:52 pm

Re: Ida Pro help

Post by ejukated »

thanks, I might give it a go. Yes I understand the challenges with reassembly :(
ejukated
Posts: 443
Joined: Wed Mar 04, 2009 8:52 pm

Re: Ida Pro help

Post by ejukated »

any special config needed to load it up?
User avatar
The1
Posts: 4694
Joined: Mon Jan 04, 2010 10:23 am

Re: Ida Pro help

Post by The1 »

nar ive just used 68HC11F1 config before.
User avatar
antus
Site Admin
Posts: 8237
Joined: Sat Feb 28, 2009 8:34 pm
cars: TX Gemini 2L Twincam
TX Gemini SR20 18psi
Datsun 1200 Ute
Subaru Blitzen '06 EZ30 4th gen, 3.0R Spec B
Contact:

Re: Ida Pro help

Post by antus »

You need to cut the bin like the bank switching does in the computer and put together 2 bins. One for what the processor sees when the low bank is active, and one for the high bank. Then disassembled them seperately. Essentially 0-32kb is always in scope and contains the calibration and common code, and 32-64kb is e-side and 96-128k contains the transmission bank. Once you map the ram areas and the common code it's worth exporting the database to .idc and then importing it to the other file, but its a pain in the ass not having changes in the low bank automatically shared across both and you dont want to overload data to the top side. Its been a while since ive needed to do this, cant remember if it was case of editing the idc (i think it was?) or exporting/importing only a range from ida.
Have you read the FAQ? For lots of information and links to significant threads see here: http://pcmhacking.net/forums/viewtopic.php?f=7&t=1396
Post Reply