This is a guest entry written by Elias Bachaalany. His views and opinions are his own, and not those of Hex-Rays. Any technical or maintenance issues regarding the code herein should be directed to him.
ida-qscripts or QScripts is a productivity plugin for better/faster scripting and coding workflow/experience for IDA.
IDA provides two […]
The Hex-Rays plugin Contest was an initiative by the experts behind IDA Pro,
the state-of-the-art binary analysis tool. The contest, still taking place each year,
encourages IDA users to create innovative and useful extensions for IDA and/or the Decompiler.
2019 marked its 10-year celebration.
Hex-Rays deeply appreciates all participants for spending time and making this contest
an incredible journey. […]
As several of our users have noticed, IDA 7.4 Windows installer refuses to use Python 3.8.0 if you installed it. You can usually observe output similar to following:
———-
Checking installs from “Python Software Foundation”
Checking “Python 3.8 (64-bit)” (3.8)
Found: “C:\Program Files\Python38\” (version: 3.8.0 (’38’))
Ignoring unusable Python 3.8.0
No Python installations were found
———-
So why exactly is 3.8.0 “unusable”? Well, […]
Intended audience
IDA 7.2 users, who have experience with IDAPython and/or the decompiler.
The problem
As you may already know, the decompilers allow not only decompiling the current function (shortcut F5) but also all the functions in the database (shortcut Ctrl+F5).A somewhat less-well known feature of the “multiple” decompilation, is that if a range is selected (for example […]
Intended audience
Plugin writers, either using the C SDK or IDAPython, who would like to add actions/commands to IDA UI in order to augment its capabilities.
Rationale: before 6.7
APIs galore
Depending on what type of context you were in, various APIs were available to you:
Want to add a main menu item?
add_menu_item(const char *menupath, const char *name, const char […]
Target audience
You may want to read this if you have been writing an IDA C++ plugin, that itself uses the CPython runtime.
Prior art
In 2010, Elias Bachaalany wrote a blog post about extending IDAPython: http://www.hexblog.com/?p=126
Note that this is not about writing your own plugins in Python. Rather, that blog post instruct on how you may […]
TL;DR
If you were using import to import your own “currently-in-development” modules from your IDAPython scripts, you may want to use idaapi.require(), starting with IDA 6.5.
Rationale
When using IDAPython scripts, users were sometimes facing the following issue
Specifically:
User loads script
Script imports user’s module mymodule
Script ends
User modifies code of mymodule (Note: the module is modified, not the script)
User […]
This year I again was lucky to present at Recon in Montreal. There were many great talks as usual. I combined the topic of my last year’s talk on C++ reversing and my OpenRCE article on Visual C++ internals. New material was implementation of exceptions and RTTI in MSVC x64 and GCC (including Apple’s […]
In this post I’ll present some new things in IDA 6.2. There’s a new control, the code viewer, some additions to forms and the introduction of timers to discuss. All these new features have been exposed to the SDK, so that our users can benefit from them too. 😉