1
00:00:00,750 --> 00:00:01,960
Hello and welcome back.

2
00:00:02,280 --> 00:00:09,180
In this lesson, I'm going to show you how to start using Iida, so that's opened for them.

3
00:00:09,180 --> 00:00:10,580
Veiga is fun.

4
00:00:10,590 --> 00:00:15,930
Click on activities here and then here you can click on the terminal to open a terminal.

5
00:00:17,040 --> 00:00:21,460
And have you get to your idea for the evilest.

6
00:00:21,540 --> 00:00:32,120
I would see the idea for this here so I could get into it and hear the singing and the voice here.

7
00:00:32,970 --> 00:00:39,520
So the study done just tightened that from a slash, followed by the name of the executable it asked

8
00:00:39,540 --> 00:00:39,900
for.

9
00:00:40,620 --> 00:00:48,350
And then if you want the process to run in the background free of the terminal, can you just put in

10
00:00:48,360 --> 00:00:50,480
a percent of the back and hit enter?

11
00:00:51,510 --> 00:00:59,400
So he will start off either separately as a GUI program and you will not take up your terminal and this

12
00:01:00,420 --> 00:01:02,640
is free for you to do any other commands.

13
00:01:03,330 --> 00:01:07,550
So now I started you in starting a new project.

14
00:01:08,010 --> 00:01:09,660
You click on the new button.

15
00:01:12,200 --> 00:01:20,840
And then here and there, we get to young revising file, which is reversing for his home territory

16
00:01:20,840 --> 00:01:21,800
under Inuksuit.

17
00:01:22,800 --> 00:01:30,090
Reversing and go to the level one for the next one, click open.

18
00:01:33,220 --> 00:01:42,760
So here is detected that this is our 64 executable for Linux, so it is automatically deleted, so you

19
00:01:42,790 --> 00:01:45,190
don't have to make any changes.

20
00:01:46,030 --> 00:01:53,110
So just click, OK, now this here, there are other platforms you can choose, but this is already

21
00:01:53,440 --> 00:01:54,820
that, so you don't need to do anything.

22
00:01:55,650 --> 00:01:56,020
OK.

23
00:02:00,540 --> 00:02:05,940
So now you've successfully opened the file and disassembled it for you.

24
00:02:07,640 --> 00:02:15,020
Now, remember, you can always go to the activity stream button here and click on this false navigator

25
00:02:15,650 --> 00:02:21,130
and he can take you to the view for all your followers inside your Linux.

26
00:02:21,530 --> 00:02:23,810
And we are now inside this folder here.

27
00:02:25,620 --> 00:02:28,710
We are now examining this, reversing this five.

28
00:02:32,080 --> 00:02:39,520
It seems that he managed to understand a lot more from this far compared to our hexameter, this is

29
00:02:39,520 --> 00:02:45,140
the default view, but you can see this for you in this foggy is called graph.

30
00:02:45,140 --> 00:02:49,660
If you you can switch it to the new view by pressing space on the keyboard.

31
00:02:50,740 --> 00:02:52,360
So this is called the linear view.

32
00:02:53,260 --> 00:02:55,050
On the left is your address.

33
00:02:55,570 --> 00:03:01,190
This is 64 bit addresses because we are examining if we file.

34
00:03:02,440 --> 00:03:08,230
If you scroll down, you will see the addresses increase and then you will see the court here and the

35
00:03:08,230 --> 00:03:09,370
disassemble code.

36
00:03:09,730 --> 00:03:11,530
And this is called assembly language.

37
00:03:12,400 --> 00:03:17,710
If you keep scrolling down, you will see a little section which contains all the data structures.

38
00:03:18,430 --> 00:03:21,630
And further down you get scrolling.

39
00:03:21,680 --> 00:03:27,430
We see in the data section, which contains some of the strings which we have seen earlier.

40
00:03:28,060 --> 00:03:29,350
And you scroll down for the.

41
00:03:30,990 --> 00:03:40,770
And here is the BSF session, also known as the initialised notarization, as you can see, VSS on initialised

42
00:03:40,770 --> 00:03:45,920
Detestation from further, you will see the external session.

43
00:03:46,410 --> 00:03:52,710
We hear this down some of the external functions provided by system.

44
00:03:53,910 --> 00:03:59,940
So this is called a linear view, you can see it back to the graph you by pressing the spacebar one

45
00:03:59,940 --> 00:04:00,420
more time.

46
00:04:02,510 --> 00:04:06,500
So if you see this kind of error, it means that you are not in the function.

47
00:04:06,530 --> 00:04:12,920
So you need to go to a function, so you need to screw up now you in the data session, so screw up

48
00:04:12,920 --> 00:04:14,090
to the function.

49
00:04:14,660 --> 00:04:20,050
One quick way to go into a function is to click on this any of this function here.

50
00:04:20,060 --> 00:04:26,510
For example, I click on the first one and other ways to go out here and the string here, the blue

51
00:04:26,540 --> 00:04:29,520
outline, the location and the function.

52
00:04:29,570 --> 00:04:38,090
So this is actually the entire content of this linear file and the one in Blue WHIO functions the programs

53
00:04:38,090 --> 00:04:38,500
to code.

54
00:04:39,140 --> 00:04:42,950
So I'm going to click on this one here now and press spacebar.

55
00:04:43,850 --> 00:04:45,590
And you go back to your graph.

56
00:04:45,600 --> 00:04:49,360
You can go to any function by clicking on this here.

57
00:04:49,910 --> 00:04:52,480
So I go to the state now and I'm back here.

58
00:04:53,300 --> 00:04:59,780
So one more time you click space, you go to the linear view, you press space again, you go back to

59
00:04:59,780 --> 00:05:00,470
your graph here.

60
00:05:00,920 --> 00:05:08,150
So one of the many advantages of the graph here is you can get an idea of the flow of the control even

61
00:05:08,150 --> 00:05:11,790
before you understand what the program is trying to do.

62
00:05:12,350 --> 00:05:16,450
So, for example, here we see a green arrow and arrow.

63
00:05:16,460 --> 00:05:21,520
So here you can take Tupa now to get to the bottom path here.

64
00:05:22,250 --> 00:05:26,570
This will be a easier path, but this would be a harder path, a longer path.

65
00:05:26,960 --> 00:05:32,070
So this to suggest that this is probably the wrong path because it's easy to get here.

66
00:05:32,360 --> 00:05:35,150
So this is probably some kind of error if you get here.

67
00:05:35,720 --> 00:05:38,240
So but this one takes a longer path.

68
00:05:38,270 --> 00:05:39,760
So this is probably the right path.

69
00:05:40,520 --> 00:05:47,800
And the other thing to note is Green Arrow and the Green Arrow indicates true.

70
00:05:48,440 --> 00:05:50,510
You will happen when the gas is true.

71
00:05:50,700 --> 00:05:55,490
So you could do this, but the arrow will take place when the test is false.

72
00:05:55,680 --> 00:05:56,710
So you will go here.

73
00:05:57,560 --> 00:05:59,590
You also have the blue error arrow.

74
00:05:59,630 --> 00:06:06,710
The error doesn't mean as a test, but it simply means that the gem will take place even though there

75
00:06:06,710 --> 00:06:07,840
is no test before.

76
00:06:08,390 --> 00:06:12,980
Sometimes the arrow is also used to split up into two small blocks.

77
00:06:12,980 --> 00:06:14,600
So that's easier to visualize.

78
00:06:15,320 --> 00:06:21,190
If you wanted to move the Graffy around, you just press on the left mouse button, hold it down and

79
00:06:21,200 --> 00:06:24,590
right and you be able to move the Graffy around.

80
00:06:25,160 --> 00:06:29,930
If you want to zoom in and out press control, hold on control and screw.

81
00:06:31,160 --> 00:06:35,750
And you're in a scruby and you can zoom in and out if you press one on the key.

82
00:06:35,750 --> 00:06:41,300
But he goes back to the normal zoom, which is zoom one hundred percent zoom.

83
00:06:41,690 --> 00:06:45,260
Now the error is so thing, as I mentioned earlier, is the stream here.

84
00:06:46,040 --> 00:06:48,780
This tree here represents the linear view for the court.

85
00:06:48,860 --> 00:06:50,270
So let's go back to linear view.

86
00:06:52,160 --> 00:06:59,210
So if I now move this yellow mark here, I can screw up.

87
00:06:59,570 --> 00:07:06,430
If I go left and if I scroll it, move it to the right, I'm scrolling down to higher addresses.

88
00:07:06,440 --> 00:07:10,120
So this is the meaning of the street.

89
00:07:10,130 --> 00:07:10,550
Yeah.

90
00:07:12,000 --> 00:07:17,780
And you can see this blue collar here now, if I screw along the blue color, you can see all the in

91
00:07:17,820 --> 00:07:25,070
here and other colors, for example, gray usually means is data that's more identical.

92
00:07:25,560 --> 00:07:31,920
And you can see we're in a data session so we can get more standardization or more of the instruction

93
00:07:31,920 --> 00:07:35,240
session by dragging the cursor here.

94
00:07:35,850 --> 00:07:37,610
And there's also a big part here.

95
00:07:37,620 --> 00:07:43,950
So if it's the pink, but you will see the pink, usually the there are also some gaps.

96
00:07:43,950 --> 00:07:45,630
For example, here you have get.

97
00:07:47,620 --> 00:07:48,010
Here.

98
00:07:49,400 --> 00:07:56,750
Here, the blanket denoted by this line, you get another line here and this is and then I get here

99
00:07:56,870 --> 00:08:02,630
in Gry, meaning that this is some data here, the Beiser not showing, but if you wanted to see the

100
00:08:02,630 --> 00:08:09,630
bite, you can actually choose the option so you can get options here in general and then over here.

101
00:08:09,890 --> 00:08:11,360
No, of course not.

102
00:08:11,750 --> 00:08:14,840
You can set anything from, for example, six or eight.

103
00:08:15,470 --> 00:08:16,790
So you put it here.

104
00:08:17,300 --> 00:08:19,280
He will show it by now.

105
00:08:19,280 --> 00:08:23,890
You can see it by all the Beiser here showing this column.

106
00:08:24,530 --> 00:08:29,480
And if you see a plus sign here, you missed this instruction takes up more invites.

107
00:08:30,020 --> 00:08:30,740
If you want.

108
00:08:30,740 --> 00:08:36,540
You can increase the size of the base by going back to option to increase the size here.

109
00:08:36,830 --> 00:08:40,030
So the instructions are different sizes.

110
00:08:40,340 --> 00:08:43,640
So some instructions are only a few bytes, four or five.

111
00:08:43,970 --> 00:08:45,380
Some are even longer.

112
00:08:46,430 --> 00:08:54,530
So the bikes are not the same for every the no different, so you can just go to shooting going on general

113
00:08:54,920 --> 00:08:55,990
antisemite.

114
00:08:56,030 --> 00:08:58,840
So you go on a set of six, I can put succinctly.

115
00:08:58,850 --> 00:09:00,140
OK, then.

116
00:09:00,380 --> 00:09:00,650
Sure.

117
00:09:00,680 --> 00:09:01,490
And you see some bikes.

118
00:09:02,600 --> 00:09:08,090
So this for this video will continue with the rest in the next week.

119
00:09:08,300 --> 00:09:09,260
Thank you for watching.