An interface to the insides of IDA!
Project description
# idalink
idalink arose of the need to easily use IDA's API for analysis without wanting
to be stuck in the IDA interface. It's rather hackish still and and we provide
no warranty of any kind (express or implied), but we are doing our best to fix
any issues you find. Pull requests are -of course- also encouraged!
idalink works by spawning an IDA CLI session in the background (in a detached
screen session), and connects to it using RPyC.
## Requirements
idalink requires the following:
- Python 2 (ida does not support python 3)
- IDA Pro >= 7.0
- libssl0.9.8:i386 (for IDA's Python version)
idalink uses:
- rpyc in your Python environment outside of IDA
- rpyc in your IDA Python environment.
## Usage
To use idalink, put it in a place where you can import it and do, in any python
session (ie, outside of IDA):
```python
#!/usr/bin/env python
# -*- coding: utf-8 -*-
from idalink import IDALink
# We want debug messages for now
import logging
logging.basicConfig()
logging.getLogger('idalink').setLevel('DEBUG')
# Let's do some testing with idalink!
with IDALink("idat64", "./tests/bash") as ida:
# use idc
s = ida.idc.ScreenEA()
print("Default ScreenEA is {:x}".format(s))
# use idautils
print("All segments")
for s in ida.idautils.Segments():
print(" - Segment at {:x} is named {}".format(s, ida.idc.SegName(s)))
# use idaapi
print("First byte for each function")
for i, s in enumerate(ida.idautils.Functions()):
print(" - Byte at {:x} is {:02x}".format(s, ida.idaapi.get_byte(s)))
# access IDA memory in a dict way
print("Accessing memory directly")
functions = next(ida.idautils.Functions())
print(" - Byte at {:x} is {}".format(s, ida.memory[s]))
```
And that's that. Basically, you get access to the IDA API from outside of IDA.
Good stuff.
## Issues
- A random port between 40000 and 49999 is chosen for communication, with no
error-checking for failed IDA startups or if the port is already in use.
- IDA-backed memory is not really tested, and uses Heads for getting the
"mapped" list, which is slow and incomplete
idalink arose of the need to easily use IDA's API for analysis without wanting
to be stuck in the IDA interface. It's rather hackish still and and we provide
no warranty of any kind (express or implied), but we are doing our best to fix
any issues you find. Pull requests are -of course- also encouraged!
idalink works by spawning an IDA CLI session in the background (in a detached
screen session), and connects to it using RPyC.
## Requirements
idalink requires the following:
- Python 2 (ida does not support python 3)
- IDA Pro >= 7.0
- libssl0.9.8:i386 (for IDA's Python version)
idalink uses:
- rpyc in your Python environment outside of IDA
- rpyc in your IDA Python environment.
## Usage
To use idalink, put it in a place where you can import it and do, in any python
session (ie, outside of IDA):
```python
#!/usr/bin/env python
# -*- coding: utf-8 -*-
from idalink import IDALink
# We want debug messages for now
import logging
logging.basicConfig()
logging.getLogger('idalink').setLevel('DEBUG')
# Let's do some testing with idalink!
with IDALink("idat64", "./tests/bash") as ida:
# use idc
s = ida.idc.ScreenEA()
print("Default ScreenEA is {:x}".format(s))
# use idautils
print("All segments")
for s in ida.idautils.Segments():
print(" - Segment at {:x} is named {}".format(s, ida.idc.SegName(s)))
# use idaapi
print("First byte for each function")
for i, s in enumerate(ida.idautils.Functions()):
print(" - Byte at {:x} is {:02x}".format(s, ida.idaapi.get_byte(s)))
# access IDA memory in a dict way
print("Accessing memory directly")
functions = next(ida.idautils.Functions())
print(" - Byte at {:x} is {}".format(s, ida.memory[s]))
```
And that's that. Basically, you get access to the IDA API from outside of IDA.
Good stuff.
## Issues
- A random port between 40000 and 49999 is chosen for communication, with no
error-checking for failed IDA startups or if the port is already in use.
- IDA-backed memory is not really tested, and uses Heads for getting the
"mapped" list, which is slow and incomplete
Download files
Download the file for your platform. If you're not sure which to choose, learn more about installing packages.
Source Distribution
idalink-0.12.tar.gz
(8.1 kB
view details)
File details
Details for the file idalink-0.12.tar.gz.
File metadata
- Download URL: idalink-0.12.tar.gz
- Upload date:
- Size: 8.1 kB
- Tags: Source
- Uploaded using Trusted Publishing? No
- Uploaded via: twine/1.12.1 pkginfo/1.4.2 requests/2.18.4 setuptools/39.0.1 requests-toolbelt/0.8.0 tqdm/4.26.0 CPython/2.7.15rc1
File hashes
| Algorithm | Hash digest | |
|---|---|---|
| SHA256 | 1422b19b6581861c9935742598c0731d7cb4edb7288d5f8de8e1843e282ee6cf |
|
| MD5 | 389422a15caf753aa505fc32fca7b95e |
|
| BLAKE2b-256 | e7e56bb8d736fdc29e7d10b40c5992fae4bfe8db30476ff527d38a87eb12446e |
