About Articles Book Store Distributed RCE Downloads Event Calendar Forums Live Discussion Reference Library RSS Feeds Search Store Users What's New


Customize Theme

Flag: Tornado! Hurricane!

Blogs >> ohjeongwook's Blog

Created: Friday, June 19 2009 19:35.45 CDT Modified: Friday, June 19 2009 19:37.08 CDT
Direct Link, View / Make / Edit Comments
Exporting IDA function for IDC Script Usage
Author: ohjeongwook # Views: 1542

Sometimes you want to specify additional options or to call internal function of IDA plugin that you wrote. You can use "set_idc_func" API to achive this. Here's a sample skeleton code that is showing how to make a custom function that idc script can call.
char *OutputFilename;
static const char SendDiassemblyInfoArgs[]={VT_STR,0 };
static error_t idaapi SendDiassemblyInfo(value_t *argv,value_t *res)
{
msg("%s is called with arg0=%s\n",argv[0].str);
OutputFilename=strdup(argv[0].str);
run(2);
res->num=1;
return eOk;
}

int idaapi init(void)
{
if ( inf.filetype == f_ELF ) return PLUGIN_SKIP;

set_idc_func("SendDiassemblyInfo",SendDiassemblyInfo,SendDiassemblyInfoArgs);
return PLUGIN_KEEP;
}

void idaapi term(void)
{
set_idc_func("SendDiassemblyInfo",NULL,NULL);
}
From idc script, you can call the defined function as if it's a builtin API like following.
static main()
{
RunPlugin("DarunGrim2",1);
SendDiassemblyInfo("disassembly.info");
Exit(0);
}
Simple!

Created: Saturday, February 7 2009 19:03.18 CST Modified: Saturday, February 7 2009 19:05.28 CST
Direct Link, View / Make / Edit Comments
DarunGrim2 is up
Author: ohjeongwook # Views: 1667

Check this out: http://www.darungrim.org/
I also setup google groups to talk about darungrim and binary diffing related topics.

Created: Wednesday, December 31 2008 15:43.57 CST Modified: Thursday, January 1 2009 13:28.58 CST
Direct Link, View / Make / Edit Comments
DarunGrim2 is coming!
Author: ohjeongwook # Views: 2846

I'm preparing DarunGrim2 release these days.
It's in C++ so using less memory and CPU than original DarunGrim which is implemented in Python. The original DarunGrim is always available at origianl page(http://research.eeye.com/html/tools/RT20060801-1.html). And it's stable and opensource.

During the time you can evaluate Binary Differ(http://code.google.com/p/binarydiffer/), which is opensource and implemented in C and has no external GUI. It's been there for few months and it's in GPL, so you can do whatever you want with it.

Here's some screenshots from Binary Differ.
http://lh5.ggpht.com/_WcidANaFFi4/RZXSkUB6pJI/AAAAAAAAAHE/9shuhWqEQHA/s800/MS06-070.jpg


BTW, DarunGrim2 will be provided as binary only. Basically the only differences between DarunGrim2 and "Binary Differ" are the language used(C/C++) and GUI parts, and also whether they are opensource or not.

Enjoy diffing and happy new year!

PS. I'm giving you some Korean tips here.
    DarunGrim=Darun+Grim
        Darun=Different
        Grim=Pictures


Archived Entries for ohjeongwook
Subject # Views Created On
No archived blog entries found.
Active in Last 5 Minutes
timtoady

There are 21,677 total registered users.


Recently Created Topics
PyEmu error when cal...
Sep/02
Restore Themida/Winl...
Sep/02
Anti-olly technique
Aug/30
RAR Password
Aug/29
Heap protection on W...
Aug/23
Why Inline asm in C+...
Aug/20
Bypassing OllyAdvance
Aug/17
Error in logic for g...
Aug/17
Has anyone seen this...
Aug/17
ARM Executable - Pat...
Aug/16


Recent Forum Posts
reverse engineering ...
raiden56
pydbg, memory breakp...
Researc...
RAR Password
Ineedhelp
RAR Password
cod
Heap protection on W...
voila
Heap protection on W...
j00ru
Heap protection on W...
voila
Heap protection on W...
j00ru
Heap protection on W...
psylocn
Why Inline asm in C+...
ronnie2...


Recent Blog Entries
meshmesh
Sep/01
Is it legal??
waleedassar
Aug/30
Anti-olly technique
QvasiModo
Aug/24
WinAppDbg 1.4 is out!
artemblagodarenko
Aug/18
Dataflow-0.2.0 released. Ne...
grzonu
Aug/17
Bypassing OllyAdvanced
More ...


Recent Blog Comments
tosanjay on:
Sep/02
PyEmu 0.0.2
GynvaelColdwind on:
Sep/01
Is it legal??
PeterFerrie on:
Aug/31
Anti-olly technique
dennis on:
Aug/26
Dr. Gadget IDAPython plugin
halsten on:
Aug/19
Dataflow-0.2.0 released. Ne...
More ...


Imagery
SoySauce Blueprint
Jun 6, 2008

[+] expand

View Gallery (11) / Submit