danigargu / dereferencing Goto Github PK

View Code? Open in Web Editor NEW

498.0 498.0 50.0 83 KB

IDA Pro plugin that implements more user-friendly register and stack views

License: GNU General Public License v3.0

Python 100.00%

ida-plugin ida-pro idapython idapython-plugin python

dereferencing's People

Contributors

Stargazers

Watchers

dereferencing's Issues

Registers/Stack don't update when using Pseudo-code window

The title pretty much explains it all it seems that the stack/register window updates by triggering a single step on the assembly view ONLY

Debugger window resets

Ida always reset the debugger window layout and don't load the plugin automatically

unable to find disassembly on x64

The plugin is not able to find disassembly window when running a x64 sample.
Solution is as follows - patch function find_disass_view in file custom.py:

 def find_disass_view(self):
        ip_name: str = dbg.registers.pc
        # if on x64 arch, the ip register is called RIP, but the view is NOT called IDA View-RIP, but IDA View-EIP
        # thus need to change RIP to EIP, for this purpose
        if ip_name == "RIP":
            ip_name = "EIP"

        widget = idaapi.find_widget("IDA View-%s" % ip_name)
        if widget:
            return widget

        for c in map(chr, range(65, 75)):
            widget = idaapi.find_widget("IDA View-%s" % c)
            if widget:
                return widget
        return None

Feel free to pull request / update code, I'm too lazy to pull request.

Can't read registers

Using gdbserver, IDA 7.3 and a x86_64-bit ELF binary, I can't get the plugin registers window to load. It gets initialized with zeros for everything but RSP and RIP:

*RAX 0000000000000000
*RBX 0000000000000000
*RCX 0000000000000000
*RDX 0000000000000000
*RDI 0000000000000000
*RSI 0000000000000000
*R8  0000000000000000
*R9  0000000000000000
*R10 0000000000000000
*R11 0000000000000000
*R12 0000000000000000
*R13 0000000000000000
*R14 0000000000000000
*R15 0000000000000000
*RBP 0000000000000000
*RSP 00007FFFFFFFDAE0 (MEMORY)
*RIP 00007FFFF7DD6090 (MEMORY) -> mov rdi, rsp
*EFL 0000000000000200

The following errors are in the output window:

IDAPython: Error while calling Python callback <OnCreate>:
Traceback (most recent call last):
  File "C:/ida73/plugins\dereferencing\views\registers.py", line 374, in OnCreate
    self.PopulateForm()
  File "C:/ida73/plugins\dereferencing\views\registers.py", line 424, in PopulateForm
    self.reload_view()
  File "C:/ida73/plugins\dereferencing\views\registers.py", line 383, in reload_view
    self.flags_view.reload_info()
  File "C:/ida73/plugins\dereferencing\views\registers.py", line 307, in reload_info
    value = idc.GetRegValue(flag)
  File "C:\ida73\python\idc_bc695.py", line 88, in GetRegValue
    def GetRegValue(name): return get_reg_value(name)
  File "C:\ida73\python\idc.py", line 5656, in get_reg_value
    return ida_dbg.get_reg_val(name)
  File "C:\ida73\python\ida_dbg.py", line 3813, in get_reg_val
    return _ida_dbg.get_reg_val(*args)
Exception: Failed to retrieve register value

Crash when starting remote debug session

When starting remote debugging session (IDA on Linux, debug server on Windows 7) IDA Pro crashes. I managed to isolate the conditions to:

IDA Pro is being run with file as an argument /opt/idapro-7.4/ida FILE
vt-ida-plugin and deREferencing plugins are installed

When IDA Pro is run without argument and file is opened later using the File menu, the crash does not occur. I managed to reproduce this issue on clean Xubuntu 19.10 with no additional software installed only packages updated to latest versions as of 12. 3. 2020.

I created same issue for the other plugin as well - VirusTotal/vt-ida-plugin#9.

Xubuntu 19.10
IDA Pro 7.4.191112 Linux x86_64
vt-ida-plugin v0.8
deREferencing plugin as of 12. 3. 2020 (65eb1a1)

DLL load failed while importing sip

on IDA PRO 7.4.191112, Windows 10 with only python 3.8.2 installed, I have this error in output window on starting IDA x86/x64 :

C:\Program Files\IDA Pro 7.4\python\3\idc.py:5121: SyntaxWarning: "is not" with a literal. Did you mean "!="?
  if newtype is not '':
C:\Program Files\IDA Pro 7.4\plugins\dereferencing.py: DLL load failed while importing sip: The specified module could not be found.
Traceback (most recent call last):
  File "C:\Program Files\IDA Pro 7.4\python\3\ida_idaapi.py", line 593, in IDAPython_ExecScript
    exec(code, g)
  File "C:/Program Files/IDA Pro 7.4/plugins/dereferencing.py", line 14, in <module>
    from dereferencing.views import *
  File "C:/Program Files/IDA Pro 7.4/plugins\dereferencing\views\__init__.py", line 8, in <module>
    from dereferencing.views.registers import RegsFlagsViewer
  File "C:/Program Files/IDA Pro 7.4/plugins\dereferencing\views\registers.py", line 12, in <module>
    from PyQt5 import QtGui, QtCore, QtWidgets
ImportError: DLL load failed while importing sip: The specified module could not be found.

Dark theme support

This is what the registers window currently looks like on dark theme:

Very difficult to read. Is there any way to pick a less bright background color for this widget?

[Enhancement] Add support to deREference locals

Hello it would be so nice if Debugger Windows ->Locals of ida could implement this great plugin.
Thanks.

IDA 7.4 support

When loading deREferencing into an IDA 7.4 + py3 session, I encounter the following stack trace:

Traceback (most recent call last):
  File "C:/Program Files/IDA Pro 7.4/plugins/dereferencing.py", line 39, in activate
    w = RegsFlagsViewer()
  File "C:/Program Files/IDA Pro 7.4/plugins\dereferencing\views\registers.py", line 373, in __init__
    dbg.initialize()
  File "C:/Program Files/IDA Pro 7.4/plugins\dereferencing\dbg.py", line 207, in initialize
    m.get_ptr = idc.Dword
AttributeError: module 'idc' has no attribute 'Dword'
Traceback (most recent call last):
  File "C:/Program Files/IDA Pro 7.4/plugins/dereferencing.py", line 45, in activate
    w = StackViewer()
  File "C:/Program Files/IDA Pro 7.4/plugins\dereferencing\views\stack.py", line 24, in __init__
    dbg.initialize()
  File "C:/Program Files/IDA Pro 7.4/plugins\dereferencing\dbg.py", line 207, in initialize
    m.get_ptr = idc.Dword
AttributeError: module 'idc' has no attribute 'Dword'

deREferencing the extention doesnt work for me please check it out

bro it doesnt Work

Can't display register flag values, no horizontal scrollbar available

I'm running this plugin on IDA 7.6 latest. The value of register flags is not displayed and there's no horizontal scrollbar.
I've tried to drag the left bar to enlarge the right pane, but it's not draggable.

When I manually scroll horizontally, the register value is visible:

Was it a bug?

Single-stepping very slow

When having the stack or the register window open, "step into" and "step over" take a lot of time.

I suppose this is something that can't be helped, but thought I'd put it here just so other people could find it.

Closing the windows helps, then there aren't any delays.

deREferencing not updating view when changing registers manually

Hello,
thanks for this plugin.

If I pause a process and issue a python command like

ida_dbg.set_reg_val("r0", 0xDEAD)

idas own "General registers" window is updated immediately, but "deREferencing - Registers" window is not.
Also when I choose "Modify value..." in "General registers" window context menu, "deREferencing - Registers" window doesn't get updated. The other way around it works.

Thanks

[Enhancement] Add support to "F5"（Pseudocode window）

As a noob，I like using "F5" to debug , but I find this plugin is not synchronize with original ida stack and registers in "F5" ( Pseudocode window ) when step_into or step_over 。So I read the “dbg.py” and "IDADoc"，try to find a "srcdbg_step_over" and "srcdbg_step_into" hook to "reload_info"，but I failed。I really appreciate it if you can add this synchronous ability。

danigargu / dereferencing Goto Github PK

dereferencing's People

Contributors

Stargazers

Watchers

Forkers

dereferencing's Issues

Recommend Projects

Recommend Topics

Recommend Org

Jobs