Quote:
Originally Posted by sh3dow
|
Thanks for the links.
Sorry for forgetting to mention earlier that I have had and tried the
FindCrypt and
FindCrypt2 plugins already.
They were mostly useless in detecting cryptos in most of the apps I have tried them on, so I rarely use them.
FindCrypt3 is for v7.x so I can't test it right now.
I downloaded and tried to use the
ida-sigsearch plugin without success.
It turned out it was not compatible to the IDA 6.1, which was the version I was using until now.
I managed to get a v6.8 (as the author of the plugin had stated that it was tested on v6.5) and was able to invoke it.
However the result wasn’t all that promising.
There was even a false positive for a TEA hit on a modified MD5 Init Table with the TEA key schedule const 0x9E3779B9
Running
Idascope.py script gives errors on line 41 in idscope.py, and subsequently in WinApiProvider.py (on line 36) and Downloader.py (on line 32).
If am able to resolve the issues to run it successfully, I will report back with my findings.