About
Articles
Book Store
Distributed RCE
Downloads
Event Calendar
Forums
Live Discussion
Reference Library
RSS Feeds
Search
Store
Users
What's New
Customize Theme
bluegrey
blackgreen
metal
simple
Flag:
Tornado!
Hurricane!
Login:
Password:
Remember Me
Register
Blogs
>>
Sirmabus
's Blog
Created: Thursday, January 22 2009 03:42.28 CST
Modified: Tuesday, June 16 2009 00:57.15 CDT
Printer Friendly ...
Class Informer IDA plug-in
Author:
Sirmabus
# Views:
6998
My new IDA plug-in based on Igorsk's excellent
article
and IDC scripts.
[Download]
------------------------------------------------------------
Scans an MSVC 32bit target IDB for vftables with C++ RTTI, and MFC RTCI type data.
Places structure defs, names, labels, and comments to make more sense of class vftables ("Virtual Function Table") and make them read
easier as an aid to reverse engineering.
Creates a list window with found vftables for browsing.
RTTI ("Run-Time Type Identification"):
http://en.wikipedia.org/wiki/RTTI
RTCI ("Run Time Class Information") the MFC forerunner to "RTTI":
http://msdn.microsoft.com/en-us/library/fych0hw6(VS.80).aspx
------------------------------------------------------------
Example vftable output list:
.
.
Example vftable info set by plug-in:
.
.
Blog Comments
neoxfx
Posted: Thursday, January 22 2009 04:22.52 CST
great work!, thanks for sharing to the community.
camus
Posted: Thursday, January 22 2009 06:55.11 CST
Very nice, thanks!
RvaZero
Posted: Monday, January 26 2009 02:12.19 CST
Very valuable. Thanks.
Add New Comment
Comment:
Active in Last 5 Minutes
timtoady
There are
21,677
total registered users.
Recently Created Topics
PyEmu error when cal...
Sep/02
Restore Themida/Winl...
Sep/02
Anti-olly technique
Aug/30
RAR Password
Aug/29
Heap protection on W...
Aug/23
Why Inline asm in C+...
Aug/20
Bypassing OllyAdvance
Aug/17
Error in logic for g...
Aug/17
Has anyone seen this...
Aug/17
ARM Executable - Pat...
Aug/16
Recent Forum Posts
reverse engineering ...
raiden56
pydbg, memory breakp...
Researc...
RAR Password
Ineedhelp
RAR Password
cod
Heap protection on W...
voila
Heap protection on W...
j00ru
Heap protection on W...
voila
Heap protection on W...
j00ru
Heap protection on W...
psylocn
Why Inline asm in C+...
ronnie2...
Recent Blog Entries
meshmesh
Sep/01
Is it legal??
waleedassar
Aug/30
Anti-olly technique
QvasiModo
Aug/24
WinAppDbg 1.4 is out!
artemblagodarenko
Aug/18
Dataflow-0.2.0 released. Ne...
grzonu
Aug/17
Bypassing OllyAdvanced
More ...
Recent Blog Comments
tosanjay
on:
Sep/02
PyEmu 0.0.2
GynvaelColdwind
on:
Sep/01
Is it legal??
PeterFerrie
on:
Aug/31
Anti-olly technique
dennis
on:
Aug/26
Dr. Gadget IDAPython plugin
halsten
on:
Aug/19
Dataflow-0.2.0 released. Ne...
More ...
Imagery
SoySauce Blueprint
Jun 6, 2008
[+] expand
View Gallery
(11) /
Submit
Printer Friendly ...
![[+] expand](/imagery/files/soysauce_blueprint.gif){kind=link}