Briefly (~1 page) discuss the strengths and weaknesses of the recursive descent and linear sweep algorithms. What makes IDA a powerful disassembler?
Recursive Descent:
------------------------------
--->A first Pascal compiler used a recursive descent parser.
--->A recursive descent parser is a kind of Top-Down parser built from a set of mutually recursive procedures implements one of the non terminals of the grammer.
--->recursive descent is a parsing technique which does not allow backup.And it Involves backtracking and left recursion.
--->backtracking is used to find the correct production to be applied.
--->But, A predictive parser is a recursive descent parser that doesn't require backtracking.
--->This algorithm starts at the program main entry point and proceeds by following each branch instruction encountered in a depth-first or breadth-first manner, essentially a control flow analysis.
Advantages :
------------------
1.Recursive descent parser have the benefit of being very simple.
2.Overhead associated with backtracking is eliminated.
3.only disassembles bytes that the CPU encounters, and not
extraneous bytes
Dis-Advantages:
------------------------
1. Error recovery is difficult in recursive descent parser.
2. Recursive descent parser will not handle as large a det of
grammers as other parsing methods.
3. When we get the syntax error, in order for the compiler to
recover. it usually has to discard the last few takens, move to the
end line, and resume.
4. When a grammar with left recursive production is given, then the
parser might get into infinite loop.Hence, left recursion must be
eliminated.
5.relatively complex, does not always disassemble the whole executable if there is code which is not called explicitly based on its address.
Linear Sweep algorithm:
----------------------------------
--->Linear sweep algorithm is A basic algorithm taking all the
section marked as code and disassembling it by reading the
instructions one after each other.
--->In Linear Sweep algorithm, we start at the beginning of a section, and keep track of the length of each instruction we disassemble.
---> A linear sweep algorithm starts with the first byte in the code section and proceeds by decoding each byte, including any intermediate data byte, as code, until an illegal instruction is encountered.
Advantages:
------------------
1. main advantage is simplicity.
2. all the bytes in the section is guaranteed to be decoded
Dis-Advantages:
-----------------------
1.ALL the bytes in the section is guaranteed to be decoded including non-executable data
2.any data that is embedded in the instruction stream is misinterpreted as code and disassembled.
What makes IDA a powerful disassembler?
--->Interactive Disassembler is a disassembler for computer software which is used to generate assembly language code.
--->IDA perform automatic code analysis, using cross-reference between code sections, knowledge of parameters of API calls, and other information.
--->IDA is a is a professional disassembler which is expensive and it is extremely powerful, and has a whole slew of features.
--->Basically IDA can be used as a debugger for Windows PE, Mac OS X Mach-O ,e.t.c.,
--->IDA performs automatic code analysis.
--->Why IDA is Powerful?
1. IDA Pro is A disassembler.
2. IDA pro is a debugger.
3. IDA pro is a interactive.
4. IDA pro is a programmable.
5. IDA pro helps protect you essential rights.
USES:
----------
1. For Analyzing Hostile Code
2. We can do the research on Vulnerability.
3. Validating the COTS.
4. IDA Pro will automatically recognize the file format of the executable.
5. Recognition
6. Privacy protection
Get Answers For Free
Most questions answered within 1 hours.