AI suggested IDAPython.
I don't have the intention to use IDAPython any more, since GPL tools are 10-100 times faster (!), they don't give timeouts due to demo restrictions, and they don't crash as often. Also, no more floating point errors when importing SymPy!
The GPL Tools/ARM console script includes a small compatibility layer for IDAPython. Not 100% compatible, but it helps porting existing scripts quite a bit.
This page will remain as a starting point for anyone who wants to try IDAPython. </Notice>
Tutorials[edit | edit source]
How to decode an instruction, call an IDC function...
Just a bit beyond the basics
Advanced stuff[edit | edit source]
This is going to be similar to Brainfuck :)
... how about a Brainfuck decompiler in SymPy?
Code[edit | edit source]
My experimental code is here. Feel free to improve it.
Resources[edit | edit source]
- ASM introduction
- IDAPython home page: http://code.google.com/p/idapython/
- IDAPython docs: http://www.hex-rays.com/idapro/idapython_docs/
- IDC docs: http://www.hex-rays.com/idapro/idadoc/162.shtml
- Examples: http://code.google.com/p/idapython/wiki/ExampleScripts
- Requirements: IDA 5.x and Python 2.5 (some versions use 2.6). Works with IDA Demo and Wine :)
- Optional IPython support (does't work for me, I get a black window): https://www.openrce.org/blog/view/1509/Interactive_IPython_Shell_for_IDA_Python