It was released recently and I became curious about it and wanted to check it out. Ghidra, is a software reverse engineering (SRE) suite of tools developed by NSA’s Research Directorate in support of the Cybersecurity mission. Macro expansion using a scripting language of your choice and not just Python.Import/Export macros: to be able to transfer macros with users.Macros profiles: to have a set of macros that one can switch between them quickly.If this plugin is well received, I think people will ask for features like: You can also grab the Windows binaries from here. No more copy/paste in order to get the current address from the disassembly view! □Ĭlimacros is written in C++ and is opensource. With this basic idea, I set about implementing all the default macros that I think are useful for my daily work with WinDbg’s CLI. I opted for something simple inspired by the PHP/ASP syntax, something like $$ (anything between those special tags is evaluated in Python). The only thing I hardcoded was how to embed an expression in the CLI text. I don’t have to hardcode anything, instead just let the users define their own macros backed by Python expressions. I woke up one day with the solution to this dilemma. In all cases, since IDA is highly programmable and I have access to the awesome IDA support team (thank you guys!), the ball is now in my court and all I had to do is write a plugin. How many hardcoded macros should we have and what should they do? The biggest issue we were discussing is how to format numbers: 0xHEXNUM, HEXNUM, #HEXNUM, …? Instead the macros should remain un-expanded as they get stored in the history. I don’t want the expanded text (macros) to be part of the history.I don’t want the text to be replaced on the fly.Unfortunately, the QT approach did not work for me due to many reasons: Please see Hack of the day #2: Command-Line Interface helpers. Finally, Arnaud kindly wrote a quick IDAPython script to show me how I can intercept the CLI text before it gets executed. After a few email exchanges with Arnaud from Hex-Rays, we could not agree on how to best do it and still accommodate to everyone’s needs. A few weeks ago, I proposed an IDA features to improve the CLI and add macros support.
0 Comments
Leave a Reply. |