Thank you for purchasing BinDiff, the leading executable-comparison tool for reverse engineers that need to analyze patches, malware variants, or are generally interested in the differences between two executables. This manual is intended to help you to get up to speed quickly.
In order to make best use of BinDiff, it is very helpful to spend a bit of time familiarizing yourself with the concepts and algorithms behind BinDiff. For this, we recommend reading Chapter 3, Understanding BinDiff, which explains the behind-the-scenes, Chapter 4, Core Functionality, which explains the basic elements of the user interface. Ideally, we would like you to also read Chapter 6, A basic walk-through Analyzing a Microsoft Patch (a walkthrough through analyzing a simple security update) and Chapter 7, Advanced Usage (a walk-through through porting your symbols and comments from one disassembly to the next). Don't worry - after Chapter 3,Understanding BinDiff, there's not a lot of text to parse and mostly screenshots to look at.
We hope that you have a great experience using our product!
Conventions used in this document
The following typographical conventions are used in this document: ItalicUsed for new terms, URLs, email addresses as well as the name of commands and utilities.Constant widthIndicates elements of code, configuration options, variables and their values, functions, modules the contents of files, or the output from commands.Constant width boldShows commands or other text that should be typed literally by the user. Also used for emphasis in command output.Constant width italicShows text that should be replaced with user-supplied values.
Changes New in Version 4.2
Built on IDA SDK 6.8, so this is the new minimum version required
Support for AArch64 (a.k.a. ARM64)
Increase maximum export file size to 2GiB
Improvements to the core BinDiff engine
New import symbols and comments feature to mark imported comments as coming from an external library
LoadLibrary(C:\Analysis Tools\Debug Tools\IDA 6.8\plugins\zynamics_bindiff_4_2.plw) error: The specified procedure could not be found.
C:\Analysis Tools\Debug Tools\IDA 6.8\plugins\zynamics_bindiff_4_2.plw: can't load file
LoadLibrary(C:\Analysis Tools\Debug Tools\IDA 6.8\plugins\zynamics_binexport_8.plw) error: The specified procedure could not be found.
C:\Analysis Tools\Debug Tools\IDA 6.8\plugins\zynamics_binexport_8.plw: can't load file
LoadLibrary(C:\Analysis Tools\Debug Tools\IDA 6.8\plugins\zynamics_bindiff_4_2.plw) error: The specified procedure could not be found.
C:\Analysis Tools\Debug Tools\IDA 6.8\plugins\zynamics_bindiff_4_2.plw: can't load file
LoadLibrary(C:\Analysis Tools\Debug Tools\IDA 6.8\plugins\zynamics_binexport_8.plw) error: The specified procedure could not be found.
C:\Analysis Tools\Debug Tools\IDA 6.8\plugins\zynamics_binexport_8.plw: can't load file
[复制链接]
发表于 2015-12-24 15:40
发表于 2015-12-24 16:00
发表于 2017-1-28 19:01
