IDA 6.6 is finally out

**homer91** · 01-14-2015

Originally Posted by Torpedoes

Yeah, somehow I doubt they would sell to any old Chinese hacker.

Zhou Tao, Jiangsu Australia Sinuo Network Technology Co., Ltd.

Hahaha, looks like they did

**namreeb** · 01-14-2015

Originally Posted by homer91

Zhou Tao, Jiangsu Australia Sinuo Network Technology Co., Ltd.

Hahaha, looks like they did

Which is "Acme Chinese Pirate" when translated into Chinese and back into English.

**aeo** · 01-14-2015

Originally Posted by namreeb

Do any of you know of a patch for this leak allowing the loading of IDB files from previously cracked versions of IDA?

I didnt have this issue with the version I posted above. I was able to open and upgrade my cracked 6.1 dbs.

**TOM_RUS** · 01-14-2015

Originally Posted by namreeb

Do any of you know of a patch for this leak allowing the loading of IDB files from previously cracked versions of IDA?

dbfix.plw "plugin" similar to one used for IDA 6.1 updated for IDA 6.6.141224.

**Natrist** · 01-14-2015

Or you could do like I do and use a genuine header.

**namreeb** · 01-14-2015

Originally Posted by Natrist

Or you could do like I do and use a genuine header.

Can you retroactively insert a 'genuine header' into an existing IDA file?

**Natrist** · 01-14-2015

Originally Posted by namreeb

Can you retroactively insert a 'genuine header' into an existing IDA file?

Yes, of course!
The following blog article describes how you can achieve such a thing: How to create an anonymous IDA PRO database (.IDB) - 0xEBFE

**Torpedoes** · 01-14-2015

Originally Posted by Natrist

The following blog article describes how you can achieve such a thing: How to create an anonymous IDA PRO database (.IDB) - 0xEBFE

I feel like writing a quick drag and drop IDB anonymizer now :-/

EDIT: Okay I followed the blog post and came up with a quick solution. Just run this python script with IDA (File > Script File) and it should anonymize the IDB for you.

Code:

import idaapi, binascii;

u1 = idaapi.netnode ("$ user1",         0, False);
u2 = idaapi.netnode ("$ original user", 0, False);

code = "ca75b28848ea06bcae409699fa2510a03bbaf43bd167eecb17d52918187133a793ebf8d3270230c7164d7a79b53c2c3edd611ede975690784cf2c254abe8b587140d19a3f46b2be109bde1da1b7ed4d7c9f7b58135f2c296db4e86ad29b6f0b999b5599d40c3bae8b29d2cc06ecef63cba0e1b9a9505c1efe9019a7020127e100000000000000000000000000000000000000000000000000000000000000000";

print ("Attempting IDB Anonymization...");
print ("Old code: " + binascii.hexlify (u2.supval(0)));

u1.kill(); # Delete plain text user code
u2.supset (0, binascii.unhexlify (code));

print ("New code: " + binascii.hexlify (u2.supval(0)));

**Natrist** · 01-14-2015

Originally Posted by Torpedoes

I feel like writing a quick drag and drop IDB anonymizer now :-/

EDIT: Okay I followed the blog post and came up with a quick solution. Just run this python script with IDA (File > Script File) and it should anonymize the IDB for you.

Code:

import idaapi, binascii;

u1 = idaapi.netnode ("$ user1",         0, False);
u2 = idaapi.netnode ("$ original user", 0, False);

code = "ca75b28848ea06bcae409699fa2510a03bbaf43bd167eecb17d52918187133a793ebf8d3270230c7164d7a79b53c2c3edd611ede975690784cf2c254abe8b587140d19a3f46b2be109bde1da1b7ed4d7c9f7b58135f2c296db4e86ad29b6f0b999b5599d40c3bae8b29d2cc06ecef63cba0e1b9a9505c1efe9019a7020127e100000000000000000000000000000000000000000000000000000000000000000";

print ("Attempting IDB Anonymization...");
print ("Old code: " + binascii.hexlify (u2.supval(0)));

u1.kill(); # Delete plain text user code
u2.supset (0, binascii.unhexlify (code));

print ("New code: " + binascii.hexlify (u2.supval(0)));

Good job. I'll give reputation when I can again.

**TOM_RUS** · 01-15-2015

That trick doesn't work if you can't open IDB in IDA, unless you know how to patch IDB file on disk...
Edit: stupid and slow, but patching idb files on disk seems to work - http://paste2.org/dtH4A9Bz

**Midi12** · 01-15-2015

Originally Posted by namreeb

Do any of you know of a patch for this leak allowing the loading of IDB files from previously cracked versions of IDA?

Originally Posted by aeo

I didnt have this issue with the version I posted above. I was able to open and upgrade my cracked 6.1 dbs.

Same as aeo, which version you got ? Because I heard there is an installer version and a preinstalled version. No issue about loading a 6.1 idb to 6.6 with the preinstalled one.

**TOM_RUS** · 01-15-2015

Originally Posted by Midi12

Same as aeo, which version you got ? Because I heard there is an installer version and a preinstalled version. No issue about loading a 6.1 idb to 6.6 with the preinstalled one.

IDA 6.1 had legit key, IDA 5.5 did not. Ofc 6.1 idb's will work in 6.6.

**Natrist** · 01-15-2015

Or you could always change the header and/or read entire threads before posting questions...
Just a heads up

**Torpedoes** · 01-15-2015

Originally Posted by TOM_RUS

That trick doesn't work if you can't open IDB in IDA, unless you know how to patch IDB file on disk...
Edit: stupid and slow, but patching idb files on disk seems to work - Paste2.org - Viewing Paste dtH4A9Bz

Does this work on deflated idb's?

**TOM_RUS** · 01-15-2015

Originally Posted by Torpedoes

Does this work on deflated idb's?

Probably not? Never used compressed idb's.

Shout-Out

User Tag List

Thread: IDA 6.6 is finally out

Thread Tools

Search Thread

Similar Threads

[Buying] ╫ Buying Final Fantasy Gil [NA/EU] ╫ √Fast Payment√Live Chat24/7√High Pay-Out√

[Tips]Make IDA display all function's adress as rebased (maybe i'm out of date)

Xd Xd Xd Tbc Is Finally Out Xd Xd Xd

Beyond the Deadmines Exploit (check it out! trippy)

AFK Out of BG without deserter buff

OwnedCore Forums

casino

CoreCoins

My OwnedCore

About Us

Casino