How to port function names from one exe to another?

[schrodinger]

Hello,
I have two executable elf files for one program but with 2 different version.
IDA can resolve the function names in one of them while not for the other.
Bindiff is the tool of choice I think but it is not working for 64 bit.What can be done to solve this issue?

[Apuromafo]

Use a vm example oracle vm virtualbox, put a windows xps3 or windows 7 /8 x86 and you must will done ...

[Naides]

If you are analyzing 32 bit elf files you can use IDA 32 bit even in a 64 OS environment. And Bindiff should work. If the elf files are 64 bit, then trying the analysis on a x86 system will not help. Try a earlier version 3.x of Bindiff. Not all the bells and whistles, but I remember IDA x64 module did not crash.

[schrodinger]

Quote:

Originally Posted by Naides

If you are analyzing 32 bit elf files you can use IDA 32 bit even in a 64 OS environment. And Bindiff should work. If the elf files are 64 bit, then trying the analysis on a x86 system will not help. Try a earlier version 3.x of Bindiff. Not all the bells and whistles, but I remember IDA x64 module did not crash.

can you please upload older bindiff (I want to try 4.01 or 3x)
Do you know if 4.0 works for 64 bit ?

[Naides]

Alternative solution found in a chinese Hacking place.

http://www.h4ck.org.cn/2014/08/ida64-fatal-error-before-kernel-init/

Rename the file: Zynamics_binexport_8.p64, found in IDA\plugins to something else. IDA will now work. I have not tested the functionality though.

[Naides]

Files too big to upload. I have Ver 4.0

[Naides]

ver 4.01 works. PM if you need a link.