Dependencies:
- IDAPro with the Python integration working
- See idapython
- Python Imports: idautils, idaapi, idc, sys, os
- This tool uses Python 2.7 for compatibility with IDA
- If there's an issue with libpython 2.7, you may need to install it
sudo apt-get install libpython2.7
- Make a directory to store the text outputs (currently coded as
./outputs)- If exes are not in the same folder as the scripts, also add that directory name (ex.
./outputs/exedir)
- If exes are not in the same folder as the scripts, also add that directory name (ex.
- Modify the file path at the end of ida_util.sh to match your system
Usage: ./ida_util.sh path/file.exe
- This will automatically call the Python script after creating the .64 database
- To run on a full directory of exes, use a Bash loop:
for f in exedir/*; do ./ida_util.sh $f; done
Notes:
- Currently this tool only works with PE32 executables
- If the executable is packed, the tool will quit
- Ostensibly there's a universal unpacker plugin, couldn't figure out how to automate it
- This tool was created as part of a college independent study for academic purposes