Exetools  

Go Back   Exetools > General > General Discussion

Notices

Reply
 
Thread Tools Display Modes
  #1  
Old 08-24-2014, 16:23
Storm Shadow's Avatar
Storm Shadow Storm Shadow is offline
Family
 
Join Date: Jun 2014
Posts: 277
Rept. Given: 191
Rept. Rcvd 191 Times in 78 Posts
Thanks Given: 134
Thanks Rcvd at 244 Times in 96 Posts
Storm Shadow Reputation: 100-199 Storm Shadow Reputation: 100-199
Lightbulb Ideas for plugins

Having a plugin block.
Its become a hobby making plugins, for ida pro mainly.
Maybe the board have some suggestions of plugins to make.

Android debugging normally needs two commands promts and alot of writing.
I thought of making a QT app for android that deploys the android server.
So android_server would be install on phone and you would hook any program running.
Well maybe i need some help on that one. to much c++.Im a python guy.

Also though of making a version for ida of https://code.google.com/p/volatility/

but its more fun to make totally new stuff.
So any ideas ? nothing is to crazy for me.
__________________
The devil whispered in my ear, "you're not strong enough to withstand the storm."

Today I whispered in the devils ear, "I am the storm."

Last edited by Storm Shadow; 08-24-2014 at 16:36.
Reply With Quote
The Following 2 Users Gave Reputation+1 to Storm Shadow For This Useful Post:
ahmadmansoor (08-25-2014), Artic (08-26-2014)
  #2  
Old 08-25-2014, 04:41
ahmadmansoor's Avatar
ahmadmansoor ahmadmansoor is offline
Exetools Team Manager
 
Join Date: Feb 2006
Location: Syria
Posts: 1,010
Rept. Given: 464
Rept. Rcvd 361 Times in 134 Posts
Thanks Given: 204
Thanks Rcvd at 288 Times in 100 Posts
ahmadmansoor Reputation: 300-399 ahmadmansoor Reputation: 300-399 ahmadmansoor Reputation: 300-399 ahmadmansoor Reputation: 300-399
for Android :I like progarm's that hack Games and make some changes for memory and get some point's or coin's .
for example Game Guardian .
but main problem is that u need a root for phone ,which is very bad and need a lot of step's to do .
so what could could help is to do a program do this without phone root.
__________________
Ur Best Friend Ahmadmansoor
Always My Best Friend: Aaron & JMI & ZeNiX
Reply With Quote
The Following User Gave Reputation+1 to ahmadmansoor For This Useful Post:
Storm Shadow (08-25-2014)
  #3  
Old 08-25-2014, 22:10
sendersu sendersu is offline
VIP
 
Join Date: Oct 2010
Posts: 852
Rept. Given: 324
Rept. Rcvd 216 Times in 110 Posts
Thanks Given: 168
Thanks Rcvd at 354 Times in 201 Posts
sendersu Reputation: 200-299 sendersu Reputation: 200-299 sendersu Reputation: 200-299
One (very simple) plugin idea
usually, when you are doing long reversing you are having lots of BPs inside hte DB
eg: http://prntscr.com/4gauad
now, at some moment some are active, some are disabled....
The need it so have a kind of push/pop or save/restore the BP's list + it's state.
Also (not sure thats possible) it'd be nice to add one more column into <Breakpoints> window - Function name. Usually you do renaming of routines, eg
sub_5DFB70 proc near -> readDbTable
and so on.....
Reply With Quote
The Following 3 Users Gave Reputation+1 to sendersu For This Useful Post:
Artic (08-26-2014), s0me0n3 (08-30-2014), Storm Shadow (08-25-2014)
  #4  
Old 09-03-2014, 02:05
sendersu sendersu is offline
VIP
 
Join Date: Oct 2010
Posts: 852
Rept. Given: 324
Rept. Rcvd 216 Times in 110 Posts
Thanks Given: 168
Thanks Rcvd at 354 Times in 201 Posts
sendersu Reputation: 200-299 sendersu Reputation: 200-299 sendersu Reputation: 200-299
More ideas that come to my head
maybe not that powerfull as the 1st one

1) http://prntscr.com/4j0ndg you see that IDA is smart enough to make a lot of types of strings!
but there is one also very popular string from well-known x-platform lirbrary, the QT library
QString
so it has some very tricky structure in memory and you need to spend some time looking over each and every string! would be nice to somehow automate the QString type analysis by some handy IDA plugin (TBD the goas of it)
2) not sure where, but I do recall some MSDN like plugin - that when you hover over some API you could use that plugin and go to MSDN API help page
so same idea for QT related APIs which are pretty thousands so far.....

ideas over for today
Reply With Quote
The Following User Gave Reputation+1 to sendersu For This Useful Post:
Storm Shadow (09-03-2014)
  #5  
Old 09-03-2014, 04:17
mr.exodia's Avatar
mr.exodia mr.exodia is offline
Super Moderator
 
Join Date: Nov 2011
Posts: 859
Rept. Given: 499
Rept. Rcvd 1,155 Times in 309 Posts
Thanks Given: 94
Thanks Rcvd at 757 Times in 359 Posts
mr.exodia Reputation: 1100-1299 mr.exodia Reputation: 1100-1299 mr.exodia Reputation: 1100-1299 mr.exodia Reputation: 1100-1299 mr.exodia Reputation: 1100-1299 mr.exodia Reputation: 1100-1299 mr.exodia Reputation: 1100-1299 mr.exodia Reputation: 1100-1299 mr.exodia Reputation: 1100-1299
An idea from my side: export/import databases into JSON or a similar open format. This allows easier sharing of database files + everybody can see what's inside.

Greetings,

Mr. eXoDia
__________________
x64dbg: http://x64dbg.com
My Blog: http://mrexodia.cf
Reply With Quote
The Following User Gave Reputation+1 to mr.exodia For This Useful Post:
Storm Shadow (09-03-2014)
  #6  
Old 09-03-2014, 16:07
Carbon Carbon is offline
VIP
 
Join Date: Sep 2013
Posts: 113
Rept. Given: 7
Rept. Rcvd 189 Times in 48 Posts
Thanks Given: 0
Thanks Rcvd at 58 Times in 18 Posts
Carbon Reputation: 100-199 Carbon Reputation: 100-199
I really like the MSDN idea from sendersu. This is really helpful for all debuggers.

Add some information about the parameters like this: https://github.com/x64dbg/x64dbg-StaticAnalysis
but also add a general description for the api. It should be possible to automatically parse the information from the microsoft website.
__________________
My blog: https://ntquery.wordpress.com
Reply With Quote
The Following User Gave Reputation+1 to Carbon For This Useful Post:
Storm Shadow (09-03-2014)
Reply

Tags
ida pro, plugin

Thread Tools
Display Modes

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
Any ideas about executing phpinfo() in this code snippet XnHandt General Discussion 0 12-28-2012 00:46


All times are GMT +8. The time now is 15:58.


Always Your Best Friend: Aaron, JMI, ahmadmansoor, ZeNiX
( 1998 - 2021 )