转自：http://hexblog.com/2008/10/bochs_emulator_and_ida.html

The next version of IDA will be released with a bochs debugger plugin, and what is nice about is that you will be able to use it easily by just downloading bochs executables and telling IDA where to find it.

IDA's bochs debugger is a plugin that allow you to use bochs' emulation/debugger inside IDA's interface, but not just only that, but to make your debugging experience easier.

The plugin will come with three of the what we dubbed as "bochs loaders", so here is a brief explanation:

The first loader, disk image loader, is probably the most simple but yet the most powerful one. It allows you to debug any bochs image of your choice. For example, you could debug boot sector, 16 bit code, and perhaps debug 32 bit code all in the same debugging session. We actually use this bochs loader to debug other bochs loaders!

The second, idb loader, is a 32bit mode loader that allow you to debug anything within the database. The database will be your input file, thus whatever segments exist in the database, will be loaded and mapped into bochs' virtual memory. The idb loader understands and catches raw cpu exceptions and allows you to specify the startup stack segment's size.

Finally comes the pe loader, which is a specialized bochs loader, that will read your PE file and create a virtual environment similar to windows environment, trying to mimic basic demands for a PE file (import resolution, SEH, api emulation backed by IDC scripts).

This plugin is still under development, however we put a small video demonstrating the IDB loader.

[CTF入门培训]顶尖高校博士及硕士团队亲授《30小时教你玩转CTF》，视频+靶场+题目！助力进入CTF世界