A python library for comparing folders and generate ida & bindiff files in batch mode.

These details have not been verified by PyPI

Project links

Project description

Batch-IDA

A python library for comparing folders and generate ida and bindiff files in batch mode.

Purpose

Batch generation of idb files from binary files
Use bindiff to batch compare idb files
Roughly read the comparison results

Notice

IDA pro 7 and Bindiff 7 requires pre-installation. (Only tested on IDA pro 7.7 and bindiff 7)

Install

pip install --upgrade batch-ida

Usage

BI_Dircmp

Compare files in dirA & dirB, and move different files to dst_a & dst_b.

# 1. BI_Dircmp比较原文件夹，并复制哈希不同的文件到目标文件夹
from batch_ida import BI_Dircmp

# 原始文件夹dirA，dirB，包含需要比较的二进制
dirA = r'\\wsl.localhost\Ubuntu-22.04\home\zzh\fw_project/d9_idrac/_5.00.10.20.d9.extracted/squashfs-root/usr/lib/'
dirB = r'\\wsl.localhost\Ubuntu-22.04\home\zzh\fw_project/d9_idrac/_5.00.20.00.d9.extracted/squashfs-root/usr/lib/'

# 目标文件夹dstA，dstB，用来存放哈希值不同的二进制，是空文件夹
dst_a = r'C:\Users\zzhihan\Desktop\36347\1020'
dst_b = r'C:\Users\zzhihan\Desktop\36347\2000'

# 使用Dircmp比较两个文件夹中文件的差异，并将哈希不同的文件复制到目标文件夹
bid = BI_Dircmp(dirA, dirB, dst_a, dst_b)
bid.cmp()

BI_Bindiff

Generate .ida and .bindiff files in batch mode.

# 使用Bindiff批量分析二进制文件
from batch_ida import BI_Bindiff

bib = BI_Bindiff()

# 设置ida和bindiff路径
bib.set_ida_path('C:\Tools\IDA Pro')
bib.set_bindiff_path('C:\Program Files\BinDiff')
bib.max_subprocess = 16

# 开始比较，结果输出到output文件夹，批量生成idb比较慢
output = bib.batch_bindiff(dst_a, dst_b)

BI_Analyzer

Analyze Bindiff files (sqlite3 file format) in batch mode and print the results.

# 使用Analyzer批量读输出的Bindiff文件，其实就是sqlite3数据库文件
from batch_ida import BI_Analyzer

bia = BI_Analyzer(r'C:\Users\zzhihan\Desktop\test\4_4010_vs_4_4040')
# bia.print_base_info()

# 输出存在不匹配函数的文件，和相似度小于0.95的文件
info_list = bia.get_info_list()
for i in info_list:
    if i['total_func'] & i['func_dif'] & i['libfunc_dif']:
        print("%.02f\t%.2f\t%d\t%d\t%d\t%s" % (i['similarity'], i['confidence'], i['total_func'], i['func_dif'], i[
            "libfunc_dif"], i['name']))
    elif i['similarity'] < 0.95 and i['similarity'] != 0.0:
        print("%.02f\t%.2f\t%d\t%d\t%d\t%s" % (i['similarity'], i['confidence'], i['total_func'], i['func_dif'], i[
            "libfunc_dif"], i['name']))

Project details

These details have not been verified by PyPI

Project links

Release history Release notifications | RSS feed

0.1.6

Sep 19, 2024

0.1.5

Feb 5, 2024

0.1.4

Oct 20, 2023

This version

0.1.3

Feb 20, 2023

0.1.2

Jan 31, 2023

0.1.1

Jan 30, 2023

Download files

Download the file for your platform. If you're not sure which to choose, learn more about installing packages.

Source Distribution

batch_ida-0.1.3.tar.gz (5.9 kB view details)

Uploaded Feb 20, 2023 Source

Built Distribution

batch_ida-0.1.3-py3-none-any.whl (6.9 kB view details)

Uploaded Feb 20, 2023 Python 3

File details

Details for the file batch_ida-0.1.3.tar.gz.

File metadata

Download URL: batch_ida-0.1.3.tar.gz
Upload date: Feb 20, 2023
Size: 5.9 kB
Tags: Source
Uploaded using Trusted Publishing? No
Uploaded via: poetry/1.3.1 CPython/3.10.9 Windows/10

File hashes

Hashes for batch_ida-0.1.3.tar.gz
Algorithm	Hash digest
SHA256	`fca50df195b6ae2f62e9262e615c66b69320b2948fe5d26703043f3462ee6cb6`
MD5	`1373703d1568683b67ae60c6d8f8eae0`
BLAKE2b-256	`b3efb0c54eee5045d47e91478bf3a0906ba9eb6326174edd0bf51176444a43de`

See more details on using hashes here.

Provenance

File details

Details for the file batch_ida-0.1.3-py3-none-any.whl.

File metadata

Download URL: batch_ida-0.1.3-py3-none-any.whl
Upload date: Feb 20, 2023
Size: 6.9 kB
Tags: Python 3
Uploaded using Trusted Publishing? No
Uploaded via: poetry/1.3.1 CPython/3.10.9 Windows/10

File hashes

Hashes for batch_ida-0.1.3-py3-none-any.whl
Algorithm	Hash digest
SHA256	`42adc9ca31a250c7cab04b24e419d95dda9630c0a2f25aaf68fbfd4040258d2d`
MD5	`a1664b2b0330669bf2600f62840b2325`
BLAKE2b-256	`b72aa73d042d0dd5ed1b5628403af34b34b8a5a9320e863c82ffb5d56e560a97`