IDA 创建段

快捷键：SHIFT + F7 呼出创建段

把一个立即数当作某段的偏移：

ALT+R（选择段）

CTRL+O（当前段）

O 切换偏移和立即数

CTRL+R暂时还没研究

T 按指定结构体偏移

创建一个段（我们这里只说说明X86环境，以下示例转载自IDA PRO手册）：

Create segment - simple case

 

IBM PC case

Suppose we need to create a segment occupying addresses F000:1000..F000:2000 Let's calculate linear addresses:

        start = (0xF000 << 4) + 0x1000 = 0xF1000
        end   = (0xF000 << 4) + 0x2000 = 0xF2000

The segment base must be selected so that the first offset in our segment will be 0x1000. Let's find it using the following equation:

        VirtualAddress = LinearAddress - (SegmentBase << 4);
        0x1000         = 0xF1000 - (base << 4);

After solving this equation, we see that the segment base is equal to 0xF000. (you see, this is really a very simple case :) )

Now, we can create a segment entering:

        segment start address:  0xF1000
        segment end address:    0xF2000
        segment base:           0xF000