About
Articles
Book Store
Distributed RCE
Downloads
Event Calendar
Forums
Live Discussion
Reference Library
RSS Feeds
Search
Users
What's New
Customize Theme
bluegrey
blackgreen
metal
simple
Flag:
Tornado!
Hurricane!
Login:
Password:
Remember Me
Register
IDA Scripts
: Microsoft VC++ Reversing Helpers
File Information
Category
Open Source
# Downloads
Version
IDA Scripts
Yes
15,354
3.0
Download from OpenRCE
MD5 Sum: 97D61B13B327EEEC63D3204A606AE3C9
Last updated on Sep 21, 2006 with the following description: Added scripts from second article "Reversing Microsoft Visual C++ Part II: Classes, Methods and RTTI" for parsing RTTI structures and vftables. Renamed project more appropriately.
Author Information
Username
Name
E-Mail
URL
igorsk
Igor Skochinsky
skochinsky
mail
ru
http://igorsk.blogspot.com
Description
These IDC scripts help with the reversing of MSVC programs. One script scans the whole program for typical SEH/EH code sequences and comments all related structures and fields. Commented are stack variables, exception handlers, exception types and other. It also tries to fix function boundaries that are sometimes incorrectly determined by IDA. The script to run is ms_ehseh.idc.
The other script scans the whole program for RTTI structures and vftables. For some simple cases, identifies and renames constructors and destructors. Outputs a file with the list of all vftables with referencing functions and class hierarchy. The script to run is ms_rtti4.idc.
For more information see the following OpenRCE articles written in conjunction with these scripts:
Reversing Microsoft Visual C++ Part I: Exception Handling
Reversing Microsoft Visual C++ Part II: Classes, Methods and RTTI
Active in Last 5 Minutes
phifli
There are
28,212
total registered users.
Recently Created Topics
Reverse Engineering ...
Jan/23
Career: DoD Agency I...
Jan/22
"Disappearing&q...
Jan/17
Career: Software Sec...
Jan/11
Where is the call st...
Jan/07
IDA Pro 6.1 Breakpoi...
Jan/01
How to create data s...
Dec/30
can i search all mod...
Dec/23
IDA symbol table exp...
Dec/20
An anti-attach trick
Dec/17
Recent Forum Posts
Reverse Engineering ...
NirIzr
"Disappearing&q...
NirIzr
Reverse Engineering ...
charlie
"Disappearing&q...
charlie
An anti-attach trick
Bass
An anti-attach trick
waleeda...
An anti-attach trick
Bass
An anti-attach trick
waleeda...
An anti-attach trick
Bass
Looking for value in...
NirIzr
Recent Blog Entries
Ludwig
Feb/04
chi on sale
Ludwig
Feb/04
Monster In The Vicinity Of ...
Ludwig
Feb/04
Supra footwear Online
waleedassar
Jan/31
Yet Another Anti-Debug Trick
RolfRolles
Jan/22
Finding Bugs in VMs with a ...
More ...
Recent Blog Comments
waleedassar
on:
Feb/01
Yet Another Anti-Debug Trick
NirIzr
on:
Jan/31
Yet Another Anti-Debug Trick
jackchen
on:
Jan/10
nike mercurial vapor iii
waleedassar
on:
Dec/27
A new Anti-Olly trick.
PeterFerrie
on:
Dec/27
A new Anti-Olly trick.
More ...
Imagery
SoySauce Blueprint
Jun 6, 2008
[+] expand
View Gallery
(11) /
Submit
![[+] expand](/imagery/files/soysauce_blueprint.gif){kind=link}