1
00:00:00,570 --> 00:00:01,950
Hello and welcome back.

2
00:00:02,340 --> 00:00:11,220
In this video, listen, we are going to talk about how to use Ida to decompiled and also how to create

3
00:00:11,220 --> 00:00:12,330
structures and use it.

4
00:00:13,670 --> 00:00:21,900
So I created and you correct me, too, you can download this, too now and put it in your folder called

5
00:00:21,900 --> 00:00:22,460
Correct Me.

6
00:00:23,980 --> 00:00:27,190
And let's take a look at micrometeorites.

7
00:00:29,940 --> 00:00:40,590
So I just running it asks you to enter a key, and if I enter wrong, he has poured into the theater

8
00:00:40,600 --> 00:00:45,150
and into any theater and you get the message from.

9
00:00:46,910 --> 00:00:51,950
So now let's take a look and it's good for me to.

10
00:00:55,290 --> 00:00:56,790
So come to.

11
00:00:58,130 --> 00:01:07,330
Contains a new struct data structure called KeyBank with two views or two members in Turkey and into

12
00:01:07,340 --> 00:01:15,320
Syria, and he has two functions success, which is to print the correct string and fail function,

13
00:01:15,320 --> 00:01:17,120
to print the wrong string.

14
00:01:17,960 --> 00:01:26,180
And there's a main function with two integer variables, key in zero used to store the input from the

15
00:01:26,180 --> 00:01:26,600
user.

16
00:01:27,650 --> 00:01:36,200
Here we instantiate data structure kokabee of type struct KeyBank, which we created up here.

17
00:01:37,160 --> 00:01:39,710
Then we initialize the key.

18
00:01:39,710 --> 00:01:43,070
Filby one, two, three, seven and the cereal field.

19
00:01:43,400 --> 00:01:51,500
We one David from the Egypt and Turkey and we read the key a story in the key variable, then it from

20
00:01:51,500 --> 00:01:59,810
the user to enter a zero and the input it and start in the zero variable and then we compare if the

21
00:01:59,810 --> 00:02:02,300
user's key is the key.

22
00:02:02,300 --> 00:02:03,860
BKB the key.

23
00:02:04,840 --> 00:02:11,660
And whether this year with the U.S., it is the same with the candidates here in both are true, then

24
00:02:11,670 --> 00:02:19,240
we call the success function to just play the correct string or else we call the function to display

25
00:02:19,240 --> 00:02:20,020
the wrong string.

26
00:02:21,640 --> 00:02:25,360
So now we are going to decompiled this.

27
00:02:25,960 --> 00:02:29,560
Correct me to using Iida three.

28
00:02:31,330 --> 00:02:32,140
So let's start at.

29
00:02:37,710 --> 00:02:40,740
Click on New and select, correct me to.

30
00:02:48,040 --> 00:02:52,300
And so this is to disassemble assembly.

31
00:02:53,380 --> 00:02:56,980
Now, let's say we want to decompiled, you seem to see Soska.

32
00:02:58,690 --> 00:03:02,950
You can go to view opens up views.

33
00:03:04,000 --> 00:03:06,490
I didn't generate Sudoku.

34
00:03:07,210 --> 00:03:09,810
So Sudoku here refers to the C Soska.

35
00:03:11,130 --> 00:03:17,640
The short cut is fine, you can use that five or so, so Cleeland is click Yes.

36
00:03:20,660 --> 00:03:27,080
And so it has generated the speaker of the Assembly.

37
00:03:28,790 --> 00:03:31,520
And over here, you can see V4 whiffy.

38
00:03:32,770 --> 00:03:39,250
We 67 now, if we want to make it easier to read, we can be labeled an.

39
00:03:40,380 --> 00:03:44,460
So over here, we see in Turkey and here.

40
00:03:45,500 --> 00:03:53,630
It scans for the key and starting before that before is a key, so we can relay this by pressing in

41
00:03:55,700 --> 00:03:56,900
and in KALICKI.

42
00:03:59,800 --> 00:04:09,880
OK, so now it's easier to the way you see all the V4 as being really key here, is this into Syria,

43
00:04:10,780 --> 00:04:18,510
into Syria and yes, can you do if I have the means, if I was in Syria so we can relabel this person

44
00:04:19,920 --> 00:04:22,940
and then call this press.

45
00:04:23,410 --> 00:04:24,210
OK, OK.

46
00:04:24,790 --> 00:04:31,450
And now it's easier to Ricky in Syria than when it comes to here be six and seven.

47
00:04:32,110 --> 00:04:37,020
So we have seven other structures, but he doesn't show.

48
00:04:37,990 --> 00:04:42,550
So we can create our own structure and impose it on six, seven.

49
00:04:43,060 --> 00:04:47,950
So to do that, we can go up here into structures.

50
00:04:48,490 --> 00:04:58,780
And inside here we create a new structure press insert on the Kiewa and KeyBank or any other name you

51
00:04:58,780 --> 00:05:02,940
want with a capital key, OK.

52
00:05:05,590 --> 00:05:13,240
And now you're going to insert two members or two fields, so put your cursor here and press the.

53
00:05:14,560 --> 00:05:23,500
For white digging, for what they're digging for, which is for whites, and then here we can relabel

54
00:05:23,500 --> 00:05:24,430
the few as.

55
00:05:25,800 --> 00:05:32,300
As a key so we can press in and we can legally askey press enter.

56
00:05:32,610 --> 00:05:40,590
OK, OK, now put your cursor down here and then we're are going to add another field, press these

57
00:05:41,050 --> 00:05:46,410
for another time D for work and ready for double.

58
00:05:47,580 --> 00:05:52,310
So this one we are going to relabelling as zero.

59
00:05:52,320 --> 00:05:57,540
So press in and then give the name serial press.

60
00:05:57,770 --> 00:06:08,580
OK, so now you have to fuse for this structure key size four by double and zero also double.

61
00:06:09,480 --> 00:06:14,630
So now we can impose this data structure in our C language code.

62
00:06:15,540 --> 00:06:21,870
So to impose it in here, we can go to six, which we suspect to be a data structure.

63
00:06:21,870 --> 00:06:22,440
No.

64
00:06:22,990 --> 00:06:24,210
Or key.

65
00:06:24,840 --> 00:06:34,500
We just select here press y on the keyboard and here we just keep giving because we want this to be

66
00:06:34,950 --> 00:06:38,880
reinterpreted as a data structure of Thanksgiving.

67
00:06:42,120 --> 00:06:42,570
OK.

68
00:06:44,660 --> 00:06:47,210
And here, the new variable is bigger.

69
00:06:47,360 --> 00:06:50,800
OK, so just so I set out.

70
00:06:52,650 --> 00:06:54,570
So now we see Starkie.

71
00:06:55,700 --> 00:06:59,400
So automatically, this is also a with to serious.

72
00:07:00,620 --> 00:07:06,720
So now you can relabel these vehicles to become something else since we know is a killing.

73
00:07:08,060 --> 00:07:18,410
So what we can do is I'm here giving this so reliable press end and they start giving in lowercase to

74
00:07:18,410 --> 00:07:21,980
differentiate you from the capital K clock.

75
00:07:23,350 --> 00:07:26,190
So now you see it is much easier to eat.

76
00:07:28,870 --> 00:07:40,660
So this is how we can use the compiler to do the compar binary into C source code, and you can also

77
00:07:40,660 --> 00:07:49,360
use the structures gracious and enforce the structure in sight sars-cov-2 to reinterpret the various

78
00:07:49,870 --> 00:07:51,480
data that we see.

79
00:07:51,670 --> 00:07:52,870
So that easy to read.

80
00:07:53,590 --> 00:08:01,510
The same principle that we use in assembly here also applies when we are working with the pseudocode

81
00:08:01,510 --> 00:08:07,560
or the sequel, even if you're not sure what the particular variable does, always reliably.

82
00:08:07,600 --> 00:08:09,330
So that is easier to read.

83
00:08:09,820 --> 00:08:17,440
And if you happen to get more insight as you proceed with the analysis, you can always chastely.

84
00:08:17,440 --> 00:08:25,510
But again, now take note that if you wanted to synchronize this view with the disassembly of you,

85
00:08:25,870 --> 00:08:27,300
you can do it this way.

86
00:08:27,820 --> 00:08:33,640
So just right, click here and synchronize and synchronize and idea of you.

87
00:08:34,600 --> 00:08:39,250
So now whenever you click on this, I mean, you come back here, he will highlight the appropriate

88
00:08:39,250 --> 00:08:39,640
line.

89
00:08:40,480 --> 00:08:45,510
So if you click on this, come back here, you can see he highlighted the spot.

90
00:08:46,180 --> 00:08:54,380
That way you can understand which part of the kahir is being referred to in the assembly here.

91
00:08:55,750 --> 00:09:02,900
So another thing you can do is you can double click on any and the function here to enter into it.

92
00:09:03,520 --> 00:09:08,590
So if you double click on this access function, you can probably show it to you.

93
00:09:09,890 --> 00:09:16,790
And then you to go back escape and you go back here, same thing day, so if you double click on this

94
00:09:16,800 --> 00:09:22,600
function, you come back and show it to you and you skip he goes back again.

95
00:09:23,730 --> 00:09:25,680
So that's all for this video.

96
00:09:25,950 --> 00:09:26,970
Thank you for watching.