Chapter 12. Library Recognition Using FLIRT Signatures
At this point it is time to start moving beyond IDA’s more obvious capabilities and begin our exploration of what to do after “The initial autoanalysis has been finished.”[70] In this chapter we discuss techniques for recognizing standard code sequences such as the library code contained in statically linked binaries or standard initialization and helper functions inserted by compilers.
When you set out to reverse engineer any binary, the last thing that you want to do is waste time reverse engineering library functions whose behavior you could learn much more easily simply by reading a man ...
Get The IDA Pro Book now with the O’Reilly learning platform.
O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.