[General] IDA Scripting menu
Follow us:

User Tag List

Results 1 to 1 of 1
  1. 02-14-2012 #1
    J0llyGr33n's Avatar
    J0llyGr33n
    J0llyGr33n is offline
    Corporal
    Reputation
    1
    Join Date
    Sep 2011
    Posts
    20
    Thanks G/R
    0/0
    Trade Feedback
    0 (0%)
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)

    [General] IDA Scripting

    Hey guys I was looking up some IDA Scripting stuff and came past a few things I thought might be interesting for SOME people here. Although this will most likely be the people are newer to everything such as my self.

    Disclaimer: I have not used any of these before and I am not the author of any of these. I am just sharing resources I found!

    First up is:
    RubLib 0.04 - Programming stuff
    Version 0.04 of RubLib, a high-level API for writing IDA Pro scripts in Ruby, is here. It grew from 125 methods to 163 methods since version 0.03. The most important new features are:

    Support for function chunks
    The Instruction class was restructured a bit
    The behaviour of the [ ]-operator of the RubLib classes was standardized. It behaves like the [ ]-operator of the standard String class now.
    I personally don't use Ruby but if I recall Ruby is a rather easy scripting language to use, and is becoming quite popular with big use in the security field due to Metasploit. But that is to far off topic to discuss here.

    OpenRCE
    Creates pseudo-c code to aid you in the progress of decompiling a target. Of course, the script doesn't give you accurate results. It doesn't have any dataflow analysis nor doese it handle every mnemonic/code structure. My intention was to play a bit with the IDC scripting language.
    The above may be a nice substitute for IDAs actual plugin for those who can't afford it.


    OpenRCE
    C++ VTable reconstruction script, see screenshot.

    It works particularly well in this example because most of the functions are defined and thus have pretty names, it could at least be used as a starting point for creating the vtable then RE'ing the method(s) of interest.

    To be used in an injected DLL, etc., where you can get the THIS for the object(s) you want and then cast it using these reconstructed classes. And yes they don't have class data, you still have to RE that.
    http://www.openrce.org/reference_lib.../ida/idapw.pdf
    Ida Plugin Writing in C/C++

    Enjoy guys. Remember I have not used any of these before and I am not the author of any of these. I am just sharing resources I found!
    Reply With Quote Reply With Quote
    [General] IDA Scripting
« Previous Thread | Next Thread »

Similar Threads

  1. IDA script / plugin
    By violentmagician in forum WoW Memory Editing
    Replies: 5
    Last Post: 09-19-2012, 06:19 PM
  2. [4.2.2+][mac] IDA Scripts - Dump Descriptors + label DBCs
    By Tanaris4 in forum WoW Memory Editing
    Replies: 5
    Last Post: 09-28-2011, 12:55 AM
  3. [IDA Script][Mac][4.1] Marking LUA functions
    By Tanaris4 in forum WoW Memory Editing
    Replies: 2
    Last Post: 04-23-2011, 12:37 AM
  4. IDA Scripts
    By kynox in forum WoW Memory Editing
    Replies: 20
    Last Post: 08-13-2009, 10:51 AM
  5. [IDA Script] Label Packet Handlers
    By kynox in forum WoW Memory Editing
    Replies: 5
    Last Post: 07-26-2009, 08:08 AM
All times are GMT -5. The time now is 06:30 PM. Powered by vBulletin® Version 4.2.3
Copyright © 2025 vBulletin Solutions, Inc. All rights reserved. User Alert System provided by Advanced User Tagging (Pro) - vBulletin Mods & Addons Copyright © 2025 DragonByte Technologies Ltd.
Google Authenticator verification provided by Two-Factor Authentication (Free) - vBulletin Mods & Addons Copyright © 2025 DragonByte Technologies Ltd.
Digital Point modules: Sphinx-based search