Interactive IPython Shell for IDA Python
Esteban Guillardoy (sagar) <sagarboygmailcom> Tuesday, October 13 2009 13:36.01 CDT


(post updated)

We all use IDA Python and it kicks ass!

But sometimes opening scripts all the time by hitting ALT+9 is annoying.
So why don't we have an interactive console with all IDA Python features?

I've created an IDA Python script that creates an interactive console based on IPython.
This console lets you run any IDA Python function but interactively.
Since it's based on IPython you can also take advantage of its cool features, like tab autocompletion, magic commands, command history, aliases, etc (http://ipython.scipy.org/doc/manual/html/interactive/tutorial.html).

Some screenshots:






You can get the script at:
http://www.ribadeohacklab.com.ar/tools/scripts/IPythonShell/IPythonShellGTK.py

Requirements:
- pyGTK, pyGobject and pyCairo (http://www.pygtk.org/)
- IPython (http://ipython.scipy.org/moin/FrontPage)

A minor problem this still has is that you must close the IPython Console before closing IDA Pro or it will give an access violation. I'll work on that in another release.

I've been told this blocks IDA. So far I only had problems while running the debugger. If the console is used when doing a static analysis it seems nothing is blocked.
If you find issues, please let me know.

Some ideas for the future:
- create a nicer console with some built-in things you can run just pressing buttons in a toolbar.
- another version but using pyQT.

Hope you enjoy it!

Sagar (RibadeoHackLab)


Comments
lallous Posted: Wednesday, October 14 2009 03:11.06 CDT
Good work Sagar!

If you can make it not block IDA while the console is showing it would be even nicer.

ero Posted: Wednesday, October 14 2009 04:36.18 CDT
Very cool!

Although it's probably worth mentioning that since IDA 5.5 one can use IDA's command-line with Python, interactively. Definitely not as cool as using IPython, but it doesn't block and gets the job done.

sagar Posted: Wednesday, October 14 2009 06:34.16 CDT
Thanks for the feedback guys.

@lallous: Honestly, I did this very quickly, so I didn't notice it was blocking IDA :(
I'll see if I can fix that.

@ero: I knew about the command-line, but as you said, is much cooler having IPython features (magic commands, autocomplete, full CMD shell, etc).

Any ideas to include in this console will be appreciated!

QvasiModo Posted: Wednesday, October 14 2009 11:58.54 CDT
Very good work! :)

Just out of curiosity, how feasible would it be to do this without GTK, using a normal Windows console only?

sagar Posted: Wednesday, October 14 2009 22:05.12 CDT
I have an IPython shell running embedded in a windows console.
The main thing here is that in order to do that we would need to run the window console in other process, so the python enviroment (which is running in idag.exe process) won't be the same.
The good thing about running this with pyGTK is that it is really running in ida process and that is why you can do things interactively.

I thought about creating a simple XMLRPC server which exposes an IPython shell running so you could connect any console (with any GUI you like) and use it.

I haven't tested this too much but so far it seems that a basic XMLRPC server doesn't block IDA. But if I try to run an RPYC server it does.

Another option might be to patch the IDAPython plugin to be able to run the embedded python interpreter in a different thread without blocking anything.

I don't have much experience developing IDA plugins so these are just random thoughts.

Thanks everyone!

lallous Posted: Thursday, October 15 2009 02:35.22 CDT
sagar: Note that IDA does not support multi-threading yet, so any call to IDA's API must be carried from the main thread.

There is a new function in 5.5 called execute_sync() that will  execute instructions in IDA's main thread context.

NCR Posted: Thursday, October 15 2009 11:34.06 CDT
Great script! Thanks!.

forgot Posted: Wednesday, January 20 2010 20:10.26 CST
nonblock in 5.2 but not work in 5.5

sagar Posted: Saturday, December 18 2010 16:28.57 CST
Script updated to work with IDA Pro 5.5 and IDAPython 1.2 or greater :)