0xgalz / virtuailor Goto Github PK
View Code? Open in Web Editor NEWIDAPython tool for creating automatic C++ virtual tables in IDA Pro
License: GNU General Public License v3.0
IDAPython tool for creating automatic C++ virtual tables in IDA Pro
License: GNU General Public License v3.0
I keep getting the following warning box when running the dynamic pass (debugger):
[BP Address here]: breakpoint condition:
Traceback (most recent call last):
File "", line 119, in __Python_7748
NameError: global name 'rdx' is not defined
Is this a problem? There are many, many of these warnings when I run the debugger.
Hi,
I get this error trying to use the module on IDA Pro 7.5, has anyone encountered it or able to provide any help?
Thanks!
C:\Users\user\Documents\code\Virtuailor\Main.py: DLL load failed while importing sip: The specified module could not be found.
Traceback (most recent call last):
File "D:\tools\IDA Pro 7.5\python\3\ida_idaapi.py", line 616, in IDAPython_ExecScript
exec(code, g)
File "C:/Users/user/Documents/code/Virtuailor/Main.py", line 9, in <module>
idaapi.require("GUI")
File "C:\tools\IDA Pro 7.5\python\3\ida_idaapi.py", line 161, in require
m = importlib.import_module(modulename, package)
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
File "C:\Program Files\Python311\Lib\importlib\__init__.py", line 126, in import_module
return _bootstrap._gcd_import(name[level:], package, level)
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
File "<frozen importlib._bootstrap>", line 1206, in _gcd_import
File "<frozen importlib._bootstrap>", line 1178, in _find_and_load
File "<frozen importlib._bootstrap>", line 1149, in _find_and_load_unlocked
File "<frozen importlib._bootstrap>", line 690, in _load_unlocked
File "<frozen importlib._bootstrap_external>", line 940, in exec_module
File "<frozen importlib._bootstrap>", line 241, in _call_with_frames_removed
File "C:\Users/user/Documents/code/Virtuailor\GUI.py", line 3, in <module>
from PyQt5 import QtCore, QtGui, QtWidgets
ImportError: DLL load failed while importing sip: The specified module could not be found.
File "C:\Users\ZHEFOX\Desktop\IDA\IDA7.7\python\3\ida_idaapi.py", line 580, in IDAPython_ExecScript
exec(code, g)
File "C:/Users/ZHEFOX/Desktop/Virtuailor-master/Main.py", line 56, in <module>
add_bp_to_virtual_calls(int(gui.start_line.text(),16), int(gui.stop_line.text(), 16))
File "C:/Users/ZHEFOX/Desktop/Virtuailor-master/Main.py", line 35, in add_bp_to_virtual_calls
cond, bp_address = vtableAddress.write_vtable2file(cur_addr)
File "C:\Users/ZHEFOX/Desktop/Virtuailor-master\vtableAddress.py", line 133, in write_vtable2file
opnd = get_con2_var_or_num(reg, start_addr)
File "C:\Users/ZHEFOX/Desktop/Virtuailor-master\vtableAddress.py", line 65, in get_con2_var_or_num
dct_arch = get_arch_dct()
File "C:\Users/ZHEFOX/Desktop/Virtuailor-master\vtableAddress.py", line 39, in get_arch_dct
arch, is_64 = get_processor_architecture()
File "C:\Users/ZHEFOX/Desktop/Virtuailor-master\vtableAddress.py", line 19, in get_processor_architecture
if info.procName == "ARM":
Please use "procname" instead of "procName" ("procName" is kept for backward-compatibility, and will be removed soon.)
Warning! At address 0x16a60bf3e: The vtable assignment might be in another function (Maybe ?SafeAddRef@?$TCntPtr@VCRdpWinClosedCaptionSettingsMonitor@WindowsRemoteAppLib@@@@AEAAXXZ), could not place BP.
Warning! At address 0x16a615cc3: The vtable assignment might be in another function (Maybe memset_0), could not place BP.
Warning! At address 0x16a617727: The vtable assignment might be in another function (Maybe WPP_SF_Sd), could not place BP.
Warning! At address 0x16a617825: The vtable assignment might be in another function (Maybe memset_0), could not place BP.
....
Why could not place BP?
Hi, I have a binary that use a DLL who is compiled in CPP. How to use your tool to recreate vtable ?
IDA Version: 7.5
Python Version: 3.9.6
I get this error message in the IDA console when running the Main.py script:
Virtuailor - Started update_bpt failed: ('invalid non-printable character U+FEFF', ('<string>', 1, 1, '\ufeffdef __Python_0():')) update_bpt failed: ('invalid non-printable character U+FEFF', ('<string>', 1, 1, '\ufeffdef __Python_1():')) update_bpt failed: ('invalid non-printable character U+FEFF', ('<string>', 1, 1, '\ufeffdef __Python_2():')) update_bpt failed: ('invalid non-printable character U+FEFF', ('<string>', 1, 1, '\ufeffdef __Python_3():')) Virtuailor - Finished
Any idea why this happening?
as soon as I load the script the error pops up:
IDA has encountered a problem
a minidump has been created
update:
tried IDA 7.3 "finished" is shown but there are so many:
Warning! At address 0xXXXXX: The vtable assignment might be in another function (Maybe sub_XXXXXX), could not place BP.
in the log.
I am using ida6.8
When I run main.py, it report error: no module named ida_ida.
Would be awesome to port it to Ghidra, so it can be used there too
Hi, trying this out with IDA 8.0 but getting limited results and some errors on BP's while executing the sample. Is IDA 8.0 supported or not currently?
Thanks!
Is this mipsel supported ?
What versions of IDA is this expected to work with?
With a stock install of IDA 7.4 the script fails with errors like:
Main.py: 'module' object has no attribute 'MinEA'
Traceback (most recent call last):
File "C:\Program Files\IDA Pro 7.4\python\2\ida_idaapi.py", line 622, in IDAPython_ExecScript
exec(code, g)
File "Main.py", line 47, in <module>
start_addr_range = idc.MinEA() # You can change the virtual calls address range
AttributeError: 'module' object has no attribute 'MinEA'
(and similar errors with undefined names in the idc module if I manually specify an EA range)
It seems like this was build using a pretty old version of ida?
Here's the result when I execute the main.py. I can't figure out what's wrong but there's nothing output but these errors.
ERROR at address 0x7ffbd68bd37c: the vtable pointer was assigned outside of function, could not place BP
ERROR at address 0x7ffbd68bdce8: the vtable pointer was assigned outside of function, could not place BP
ERROR at address 0x7ffbd68be0dc: the vtable pointer was assigned outside of function, could not place BP
@0xgalz @joxeankoret Very meaningful work!ย Are there any papers that can be cited for this work
A declarative, efficient, and flexible JavaScript library for building user interfaces.
๐ Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
An Open Source Machine Learning Framework for Everyone
The Web framework for perfectionists with deadlines.
A PHP framework for web artisans
Bring data to life with SVG, Canvas and HTML. ๐๐๐
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
Some thing interesting about web. New door for the world.
A server is a program made to process requests and deliver data to clients.
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
Some thing interesting about visualization, use data art
Some thing interesting about game, make everyone happy.
We are working to build community through open source technology. NB: members must have two-factor auth.
Open source projects and samples from Microsoft.
Google โค๏ธ Open Source for everyone.
Alibaba Open Source for everyone
Data-Driven Documents codes.
China tencent open source team.