IDA Processor module for SUBLEQ
Switch branches/tags
Nothing to show
Clone or download
Fetching latest commit…
Cannot retrieve the latest commit at this time.
Permalink
Type Name Latest commit message Commit time
Failed to load latest commit information.
.gitignore
LICENSE
README.md
flareon2018-ch12.sl
subleq-emu.py
subleq-ida.py

README.md

IDA Pro processor module for SUBLEQ

Proof of concept implementation of an IDA Processor module for SUbtract and Branch if Less than or EQual to zero (SUBLEQ) machines. Written for IDA Pro 7 and tested on IDA Pro 7.1.

This module was written to solve Suspicious Floppy Disk---the last challenge---of Flare-On 2018 reverse engineering competition. The aim of this IDA processor is to translate subleq instructions to an higher level interpretation. You can find a quick explanation of the implemented macro at this blog post.

Please, take it as it is and bear in mind this processor is strongly built on top of the SUBLEQ macros created by the challenge author.

Content:

  • subleq-ida.py, IDA processor module. Move it to /<IDA installation path>/procs/
  • subleq-emu.py, a Subleq emulator written in Python
  • flareon2018-ch12.sl, the Subleq payload extracted from last challenge of Flare-On 2018