i am a complete beginner with IDA and I have just tried to follow a tutorial on how to unpack UPX.
In the tutorial IDA looks like this:
When I try to get the graphical view like in the tutorial an error message appears:
I cannot find the Names window too, please help me.
Here is how IDA Pro looks like at the moment:
https://i.stack.imgur.com/cWAQa.png
Version: IDA Pro 6.5
Sorry for those noob questions, but I am confused.
IDA can only display functions in graphical mode if they have a well-defined start and end address. Normally, the start and end address are determined from the disassembly - the start address is the target address of call instructions, the end address is where the code has a ret instruction (*).
In your case, IDA failed to make a function from your code, probably because there is no call to start, and maybe there's not even a ret at the end. You can try to fix that by moving the cursor to the start label and pressing the P key. Once your code is defined as a function, the space key should switch between graphical view and assembly view just like your tutorial says.
(*) Actually, it's a bit more complicated; some parts of the function may be behind the ret; but IDA detects this from jumps within the function.
UPX1:00486DA3: The function has undefined instruction/data at the specified address. Your request has been put in the autoanalysis queue. Thank you for your answer so far, interesting!
– L. Resnik
Sep 04 '15 at 07:20
I realize this is very old, but in most cases this is solved easily - check if you are under a procedure context, for example if you searched for a string value then go to the place the label is used (pressing x) and then it will show the graphical view
