ida远程调试linux_使用IDA从Windows到Linux进行远程调试

ida远程调试linux

Sometimes it happens, in my case, in CTF challenge - the day when you received an ELF binary but your host machine is Windows and your IDA+license is already installed on your host. One option is to install a free version of IDA on a virtual Linux machine but there is another option that sounds in the beginning complex, but actually it is not.

就我而言，有时会发生在CTF挑战中，即收到ELF二进制文件但主机为Windows且主机上已安装IDA +许可证的那一天。 一种选择是在虚拟Linux机器上安装IDA的免费版本，但是在开始时听起来还有另一种选择，但实际上并非如此。

This option called “Remote Debugging”, the ability to debug a process from your host while it runs on a “remote” machine or in my case, virtual machine.

此选项称为“远程调试”，可以在主机在“远程”计算机或虚拟机上运行时从主机调试进程。

The scenario: We need to debug 32-bit ELF binary from our Windows host while it will run on a 64-bit Ubuntu virtual remote machine.

场景：我们需要从Windows主机调试32位ELF二进制文件，同时它将在64位Ubuntu虚拟远程计算机上运行。

Note: This post will help you in other scenarios (32/64 bit binary and 32/64 bit target machine).

注意：本文将在其他情况 (32/64位二进制和32/64位目标计算机)中为您提供帮助。

TL; DR (TL;DR)

1. [Windows] Load the 32-bit ELF binary to IDA (for 32-bit!)
   [Windows]将32位ELF二进制文件加载到IDA(用于32位！)
2. [Windows] Load Remote debugger on IDA and choose Linux remote debugger
   [Windows]在IDA上加载远程调试器，然后选择Linux远程调试器
3. [Linux] Setup Ubuntu with x86 support (only if you plan to run 32-bit binary on Ubuntu 64 bit)
   [Linux]设置具有x86支持的Ubuntu(仅当您计划在Ubuntu 64位上运行32位二进制文​​件时)
4. [Linux] Run the IDA server on the Ubuntu virtual machine to connect to the debugger
   [Linux]在Ubuntu虚拟机上运行IDA服务器以连接到调试器
5. Debug!
   调试！

将ELF二进制文件加载到IDA (Load ELF binary to IDA)

The first thing to do, is to start IDA (for 32-bit) on our host machine (Windows) and load the ELF file:

要做的第一件事是在我们的主机(Windows)上启动IDA(用于32位)并加载ELF文件：

Load new file window

加载新文件窗口

在IDA上加载远程调试器 (Load Remote debugger on IDA