IDAPython plugin for finding function strings recursively
Switch branches/tags
Nothing to show
Clone or download
Fetching latest commit…
Cannot retrieve the latest commit at this time.
Permalink
Failed to load latest commit information.
examples Stingray in action examples Oct 5, 2015
images added fancy Stingray logo Oct 6, 2015
src proper label name Jan 13, 2018
.gitignore updated gitignore Oct 5, 2015
LICENSE Initial commit Oct 5, 2015
README.md Update README.md Jul 8, 2018

README.md

Stingray

Stingray is an IDAPython plugin for finding function strings. The search is from the current position onwards in the current function. It can do it recursively also with configurable search depth. The results order is the natural order of strings in the BFS search graph.

For each found string it displays the xref address, the string address, the string type and the of course the string itself.

Stingray by Example

#include <stdio.h>

void bar()
{
	printf("hello from bar\n");
}

void foo()
{
	wprintf(L"hello from foo\n");
	bar();
}

void foo2()
{
	wprintf(L"hello from foo2\n");
	bar();
}

void main()
{
	printf("hello from main\n");
	foo();
	foo2();

	getchar();
}

My Stingray was configured to recursive search we depth of 3. I put the cursor on main function and hit Shift+S. We get the following Stingray output:

Example Output

Notice the Xrefs are clickable ! :)

Requirements

  • IDA (Hex Rays Interactive Disassembler) version >= 6 with IDAPython
  • tested on IDA 6.1.1, 7.0 (Tell me about your experience on higher versions!)

Installation

  1. Copy src/Stingray.py file to the plugins directory of IDA (%IDAPATH%\plugins) and restart IDA.

  2. You are ready to go :)

Usage and Menus

load your favourite binary with IDA. To find strings in the current function from your position onwards hit Shift+s.

Stingray can also be found in Edit/Plguins/Stingray menu.

Stingray finds strings recursively ! you can configure the search depth in the Stingray Config menu.

Stingray Config

You can configure Stingray anytime from Options\Stingray Config menu.

You can configure the search depth. For non-recursive search mode choose 0 depth.

By default, Stingray is in non-recursive mode.