IDA 8.4

Debugging Linux Applications locally

Debugging Linux Applications with IDA Pro, locally

Last updated on July 29, 2020 — v0.1

You may already know that IDA lets you debug an application from an already existing IDB, by selecting the debugger using the drop-down debugger list.

drop down debugger list

However, it is also possible to start IDA in a way that it will initially create an empty IDB, and then either:

  • start a new process under its control

  • attach to an existing process

Launch IDA with a fresh new process

To do so, you will have to launch IDA from the command line, like so:

ida64 -rlinux /bin/ls

IDA will then launch the /bin/ls program, and break at its entrypoint

starting new process

Attaching IDA to an existing process

For this example, we’ll launch, from a shell, a /usr/bin/yes process, and attach to.

Now, we’ll launch IDA so it offers a selection of processes to (and use quick filtering (Ctrl+F) to quickly find our process):

ida64 -rlinux+
attaching to process

IDA will then attach to the selected process, and leave it suspended at the place it was when it was attached to:

attached to process

Last updated