OpenRCE

About Articles Book Store Distributed RCE Downloads Event Calendar Forums Live Discussion Reference Library RSS Feeds Search Store Users What's New

Customize Theme

Flag: Tornado! Hurricane!

File Information

Category	Open Source	# Downloads	Version
IDA Plugins	No	N/A	1.0.10

Download Page

Last updated on Oct 21, 2008 with the following description:
v1.0.10
------

- Adds support for NDR version 0x50004

v1.0.9
------

- Really fix FC_XSTRUCT with FC_ALIGNMX element (Thanks to Cody Pierce)
- Add debug statements if the key "HKLM\SOFTWARE\Tenable\mIDA - Debug" is set to 1

v1.0.8
------

- Display [ref] if set
- Fix FC_XSTRUCT with FC_ALIGNMX element (Thanks to Cody Pierce)

v1.0.7
------

- Add support for FC_CVSTRUCT
- Ndr version 0x10001 can be an interpreted stub too
- Fix encapsulated union display to work with midl.exe

v1.0.6
------

- Fix an access violation error if the NDR version is not supported (Thanks to Alexander Sotirov)
- Fix Union if multiple cases refer to the same element
- Fix field reference if the structure contains an encapsulated union
- Add support for FC_USER_MARSHAL attribute (just display the size to send)
- Add support for NDR version 0x60001 used in Vista:
* Add support for FC_SUPPLEMENT
* Add support for FC_FORCED_BOGUS_STRUCT
* Add support for FC_EXPR (complex size_is/length_is are now encoded using a Reverse Polish Notation)
* Add support for new range type

v1.0.5
------

- Bugfix for special return values for inline stubs

v1.0.4
------
- Display FC_CALLBACK address instead of '?'
- Generated IDL code can now be compiled with a midl compiler
- FC_ENUM16 is now displayed as a short
- Add support for obsolete keywords FC_ALIGNMX
- Add support for FC_BYTE_COUNT_POINTER
- Fix function name if a pdb file is used in IDA
- Fix the address of the argument structure in the edit box
- Wait that IDA has processed enerything in the queues before scanning
- If RPC functions are not defined as function, ask IDA to define them (useful for inline functions)
- Raise an Exception if the loop recursion limit is reached
- Display information about the RPC stub in the decompilation window
- Added ofile option for bash mode
- Ported to IDA5.0

Author Information

Username	Name	E-Mail	URL
nicoP		nicolaspouveslegmailcom	http://

Description mIDA is a plugin for the IDA disassembler that can extract RPC interfaces from a binary file and recreate the associated IDL definition. mIDA is free and fully integrates with the latest version of IDA (5.2 or later).
This plugin can be used to :

    * Navigate to RPC functions in IDA
    * Analyze RPC function arguments
    * Understand RPC structures
    * Reconstruct an IDL definition file

The IDL code generated by mIDA can be, most of the time, recompiled with the MIDL compiler from Microsoft (midl.exe).

mIDA is freely distributed to the community by Tenable in the hope it will be useful to you and help research engineers to work more effectively on RPC programs. However, Tenable does not provide support for this tool and offers no garantee regarding its use or output. Please read the end-user license agreement before using this program.

Screenshot

There are 21,677 total registered users.

Recently Created Topics
PyEmu error when cal...	Sep/02
Restore Themida/Winl...	Sep/02
Anti-olly technique	Aug/30
RAR Password	Aug/29
Heap protection on W...	Aug/23
Why Inline asm in C+...	Aug/20
Bypassing OllyAdvance	Aug/17
Error in logic for g...	Aug/17
Has anyone seen this...	Aug/17
ARM Executable - Pat...	Aug/16

Recent Forum Posts
reverse engineering ...	raiden56
pydbg, memory breakp...	Researc...
RAR Password	Ineedhelp
RAR Password	cod
Heap protection on W...	voila
Heap protection on W...	j00ru
Heap protection on W...	voila
Heap protection on W...	j00ru
Heap protection on W...	psylocn
Why Inline asm in C+...	ronnie2...

Recent Blog Entries
	meshmesh	Sep/01
Is it legal??
	waleedassar	Aug/30
Anti-olly technique
	QvasiModo	Aug/24
WinAppDbg 1.4 is out!
	artemblagodarenko	Aug/18
Dataflow-0.2.0 released. Ne...
	grzonu	Aug/17
Bypassing OllyAdvanced
More ...

Recent Blog Comments
	tosanjay on:	Sep/02
PyEmu 0.0.2
	GynvaelColdwind on:	Sep/01
Is it legal??
	PeterFerrie on:	Aug/31
Anti-olly technique
	dennis on:	Aug/26
Dr. Gadget IDAPython plugin
	halsten on:	Aug/19
Dataflow-0.2.0 released. Ne...
More ...

Imagery

SoySauce Blueprint
Jun 6, 2008

[+] expand

View Gallery (11) / Submit