Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Trouble getting IDACode to work #11

Closed
OevreFlataeker opened this issue Aug 2, 2020 · 3 comments
Closed

Trouble getting IDACode to work #11

OevreFlataeker opened this issue Aug 2, 2020 · 3 comments

Comments

@OevreFlataeker
Copy link
Contributor

Hello, I've got some trouble getting idacode to work.
Using IDA Pro 7.5 SP1, Python 3.6 x64, latest VS Code and IDACode

Installed VSCode extension, IDA Plugin pip prerequisites, IDA Plugin. Verified settings. Loaded binary in IDA to analyze. Started Plugin in IDA:

[IDACode] Plugin version 0.1.4
[IDACode] Plugin loaded, use Edit -> Plugins -> IDACode to start the server
[IDACode] Listening on 127.0.0.1:7065

Then loading a small IDA Python script ("POP POP RET" gadget finder) in VSCode


breakpoint(name==".text", f"Lets get started")  <-- Added according to instructions

def disp(a,b,c,d): 			
	mnem1 = GetOpnd(a,0)  	
	mnem2 = GetOpnd(int(a+1),0) 	
	print( "0x%08x:" % a,b,mnem1,"|",c,mnem2,"|",d,"-",) 	
	y = Assemble(a, str(b+" "+mnem1))[1]  	
	a = a+1  	
	z = Assemble(a, str(c+" "+mnem2))[1]  	

	print ("\\x%x\\x%x\\xc3")%(ord(y[0]),ord(z[0]))  	

addr = SegByBase(SegByName(".text")) 	
end = SegEnd(addr)  		

while addr < end and addr != BADADDR:  	
	addr = NextAddr(addr)  	
	op1 = GetMnem(addr)  	
	if str(op1) == "pop":  	
		x = addr + 1  		
		op2 = GetMnem(x) 	
		if str(op2) == "pop":  	
			y = x + 1  		
			ret = GetMnem(y) 	
			if str(ret) == "retn":  	
				z = GetOperandValue(y,0)	
				if z == -1:	
					disp(addr,op1,op2,ret)  
				
print( "\n\nScript Finished!")

IDACode -> Connect and attach..., select folder "D:"

Message in IDA:

[IDACode] Client connected
[IDACode] Set workspace folder to d:\

Now IDACode -> Execute Script in IDA

gives me in IDA:

ERROR:tornado.application:Uncaught exception GET /ws (127.0.0.1)
HTTPServerRequest(protocol='http', host='127.0.0.1:7065', method='GET', uri='/ws', version='HTTP/1.1', remote_ip='127.0.0.1')
Traceback (most recent call last):
  File "C:\Python36\lib\site-packages\tornado\websocket.py", line 649, in _run_callback
    result = callback(*args, **kwargs)
  File "D:/Program Files/IDA Pro 7.5/plugins\idacode_utils\socket_handler.py", line 35, in on_message
    start_debug_server()
  File "D:/Program Files/IDA Pro 7.5/plugins\idacode_utils\socket_handler.py", line 20, in start_debug_server
    debugpy.listen((settings.HOST, settings.DEBUG_PORT))
  File "C:\Python36\lib\site-packages\debugpy\__init__.py", line 113, in listen
    return api.listen(address)
  File "C:\Python36\lib\site-packages\debugpy\server\api.py", line 141, in debug
    log.reraise_exception("{0}() failed:", func.__name__, level="info")
  File "C:\Python36\lib\site-packages\debugpy\server\api.py", line 139, in debug
    return func(address, settrace_kwargs, **kwargs)
  File "C:\Python36\lib\site-packages\debugpy\server\api.py", line 232, in listen
    raise RuntimeError(str(endpoints["error"]))
RuntimeError: Can't listen for client connections: [WinError 10048] Only one usage of each socket address (protocol/network address/port) is normally permitted
[IDACode] Client disconnected

Did I miss something?
@OevreFlataeker
Copy link
Contributor Author

debugpy.server-23864.log
debugpy.adapter-16784.log

@OevreFlataeker
Copy link
Contributor Author

I got it working. There was a rogue python.exe process still running in the background from a previous(?) run. After killing that process that blocked port 7066\tcp, the debugger could be started and I was able to debug the script. It seems everything is still quite fragile, but it is a VERY promising project! Thrilled to see where it will progress into!

@ioncodes
Copy link
Owner

ioncodes commented Aug 3, 2020

I'm glad you got it working! That is indeed a bug and I'm not quite sure what the reason for it is. It seems like debugpy isn't able to terminate the process under certain circumstances but I wasn't able to track the issue back neither was I able to consistently reproduce the bug. I was looking at an API in debugpy to terminate the server but it seems like such functionality isn't implemented. As a possible fix I had the idea to hook the process creation function and make a copy of the process ID. Once IDA terminates I would then force kill that process but that might introduce other issues. I will close this issue and create a new one to track the progress on this bug.

That being said: Thank you for showing interest in the project. I've been quite busy currently but it's starting to get better and I'll be able to address the issues and implement new features soon! 🎉

@ioncodes ioncodes closed this as completed Aug 3, 2020
@ioncodes ioncodes mentioned this issue Aug 3, 2020
Open
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@OevreFlataeker @ioncodes