anatolikalysch / vmattack Goto Github PK

View Code? Open in Web Editor NEW

773.0 773.0 165.0 1.67 MB

VMAttack PlugIn for IDA Pro

License: MIT License

Python 100.00%

vmattack's People

Contributors

Stargazers

Watchers

Forkers

techlord-rce uxmal chubbymaggie melbshark chaojianhu zdzhjx jinyu00 amanaksu wflk amesianx jackbro kernullist cacker holinder4s idkwim fatgrass nsxz tobiaskrauss vnclouds fatenocaster 453483289 pboy0922 xtxwy jack51706 deki0r gitcollect whb224117 fjh658 jothatron dbsod orgepaladin bianchengnan coolboy4me zbx91 b1gw00d kursh zcddtb obaby apkhook bitefoo knooow genihoust chinapathbreaker ytnbfirewings sbkiller leyf lpcdma heruix cydiakk ouguochong njseclab hackmycontrolsystem sakamaki-izayoi bjblcracked cryzlasm cutem blacktrace brian-scardina sirhcx0 undefinedidentifier cydia5530 secice derez0 louwangzhiyuy mayl8822 anhkggfork oldhoe avaudioplayer jeffli678 nbg0x1 qldxsun snyiu100 steve007iii yangboyd bjzz p0prxx adspro15 pharazone chinatiny explife0011 mmg1 seth1002 yuknight wgwjifeng ming-hai binlmmhc fadiashen basketwill fengjixuchui waterman178 woozoo86 superf0sh l9sk sandromelobrazil modulexcite gitmesam levisre hacker-steroids egoistj rickycga

vmattack's Issues

IOError: [Errno 2] No such file or directory: 'VMAttack_plugin_stub.py'

I installed python2.7.10 32bit and vmattack, but when I input the ida plugin folder,it prompts an error IOError: [Errno 2] No such file or directory: 'VMAttack_plugin_stub.py'

C:\Users\Administrator>python D:\IDAPro6.6\VMAttack\setup.py install
[] Starting dependency handling!
You are using pip version 7.0.1, however version 9.0.1 is available.
You should consider upgrading via the 'pip install --upgrade pip' command.
Requirement already satisfied (use --upgrade to upgrade): distorm3 in c:\python27\lib\site-packages
You are using pip version 7.0.1, however version 9.0.1 is available.
You should consider upgrading via the 'pip install --upgrade pip' command.
Requirement already satisfied (use --upgrade to upgrade): idacute in c:\python27\lib\site-packages
[] Setting up environment and installing Plugin.

Success: The specified value has been saved.
Please input full path to the IDA plugin folder (e.g. X:\IDA\plugins): D:\IDAPro6.6\plugins
Traceback (most recent call last):
File "D:\IDAPro6.6\VMAttack\setup.py", line 58, in
copyfile(stub_name, ida_dir+stub_name)
File "C:\Python27\Lib\shutil.py", line 82, in copyfile
with open(src, 'rb') as fsrc:
IOError: [Errno 2] No such file or directory: 'VMAttack_plugin_stub.py'

Problems with python librarys.

File "C:\Program Files\IDA Pro 7.4\plugins\VMAttack.py", line 2, in <module> from lib.Logging import get_log ImportError: No module named Logging

I tried even "pip install Logging", "pip install lib", and more, nothing on the internet.
any solution?

Small problem while opening a trace.

Dear developers,

Good morning. How are you?

I started to use this plugin and, at first time, everything seems having worked so well. However, today I had a small issue while opening a trace:

Python 2.7.6 (default, Nov 10 2013, 19:24:18) [MSC v.1500 32 bit (Intel)]

IDAPython v1.7.0 final (serial 0) (c) The IDAPython Team [email protected]

A Problem occured with the file selector dialog, first *.txt file in the current working directory was choosen!A Problem occured with the file selector dialog, first *.txt file in the current working directory was choosen!A Problem occured with the file selector dialog, first *.txt file in the current working directory was choosen!'NoneType' object is not iterable.

The image follows:

It is a small problem, but I thought that, eventually, you would like to know. In the other times, the dialog was perfectly shown.

For workarounding it, I copied the trace file to the same directory of the obfuscated code (and IDA database).

I hope you have a nice day and thank your for the attention.

Alexandre Borges.

Version compatibility

Does the plug-in support the new version? IDA-7.0

Win32?

D:\Software\IDAPortable\App\IDA\plugins\VMAttack_plugin_stub.py: [Error 193] %1 is not a valid Win32 application
Traceback (most recent call last):
File "D:\Software\IDAPortable\App\IDA\python\ida_idaapi.py", line 553, in IDAPython_ExecScript
execfile(script, g)
File "D:/Software/IDAPortable/App/IDA/plugins/VMAttack_plugin_stub.py", line 14, in
plugin = imp.load_source(name, plugin_path)
File "C:\Users\noobz\Desktop\VMAttack-master\VMAttack.py", line 9, in
from static.static_deobfuscate import *
File "C:\Users\noobz\Desktop\VMAttack-master\static\static_deobfuscate.py", line 8, in
from lib.Instruction import Instruction
File "C:\Users\noobz\Desktop\VMAttack-master\lib\Instruction.py", line 6, in
import distorm3
File "C:\Python27\lib\site-packages\distorm3_init_.py", line 57, in
_distorm = load_distorm()
File "C:\Python27\lib\site-packages\distorm3_init.py", line 54, in _load_distorm
return cdll.LoadLibrary(distorm_file)
File "C:\Python27\Lib\ctypes_init.py", line 444, in LoadLibrary
return self.dlltype(name)
File "C:\Python27\Lib\ctypes_init.py", line 366, in init
self._handle = _dlopen(self._name, mode)
WindowsError: [Error 193] %1 is not a valid Win32 application

No module named cute

Ican't solve it ，plz help me:)

Warning

VMAttack_plugin_stub.py: No module named cute
Traceback (most recent call last):
File "D:\Program Files (x86)\IDA 6.8\python\idaapi.py", line 601, in IDAPython_ExecScript
execfile(script, g)
File "D:/Program Files (x86)/IDA 6.8/plugins/VMAttack_plugin_stub.py", line 14, in
plugin = imp.load_source(name, plugin_path)
File "C:\Users\Administrator\Desktop\VMAttack-master\VMAttack.py", line 7, in
from dynamic.dynamic_deobfuscate import *
File "C:\Users\Administrator\Desktop\VMAttack-master\dynamic\dynamic_deobfuscate.py", line 7, in
from ui.UIManager import GradingViewer
File "C:\Users\Administrator\Desktop\VMAttack-master\ui\UIManager.py", line 9, in
from cute import QtGui, QtCore, QtWidgets, form_to_widget, use_qt5
ImportError: No module named cute

OK

vma_mgr Error

While Opening a .NET Application Or DLL In The IDA Pro It Give Me A Error.... Looks Like This...

http://imgur.com/a/E5NHm

Other install deps

The installer won't die, but theres an error message when trying to install distorm3. If you run pip by itself to install distorm3, it tells you something about not being able to find vcvarsall.bat. Turns out you need to install https://www.microsoft.com/en-us/download/details.aspx?id=44266 .
Worked fine for me using python 2.7.10 windows 7 x64.
Might want to put this in the install instructions.

Requirement already satisfied: idacute in C:\Python27\lib\site-packages (1.0.1)

However, when I launched IDA Pro, the plugin kept stating that it could not find the module. Is there any way to resolve this?

[EDIT 6 May 2020]

I managed to resolve the issue mentioned but now I am seeing another error

VMAttack_plugin_stub.py: Error loading the diStorm dynamic library (or cannot load library into process).
Traceback (most recent call last):
  File "C:\Program Files (x86)\IDA 6.95\python\ida_idaapi.py", line 509, in IDAPython_ExecScript
    execfile(script, g)
  File "C:/Program Files (x86)/IDA 6.95/plugins/VMAttack_plugin_stub.py", line 14, in <module>
    plugin = imp.load_source(__name__, plugin_path)
  File "E:\vmattack\VMAttack.py", line 8, in <module>
    from static.static_deobfuscate import *
  File "E:\vmattack\static\static_deobfuscate.py", line 8, in <module>
    from lib.Instruction import Instruction
  File "E:\vmattack\lib\Instruction.py", line 6, in <module>
    import distorm3
  File "C:\Python27\lib\site-packages\distorm3\__init__.py", line 62, in <module>
    _distorm = _load_distorm()
  File "C:\Python27\lib\site-packages\distorm3\__init__.py", line 60, in _load_distorm
    raise ImportError("Error loadi
Traceback (most recent call last):
  File "<string>", line 1, in <module>
NameError: name 'print_banner' is not defined

I also tried the modification here (https://groups.google.com/forum/#!msg/rekall-discuss/AVRub4gk0-w/BHVhkc7qJvIJ) to modify distorm3's init.py but it still does not work

Any advice is appreciated.