IDA 7.2 – The Mac Rundown

We posted an addendum to the release notes for IDA 7.2: The Mac Rundown. It dives much deeper into the Mac-specific features introduced in 7.2, and should be great reference material for users interested in reversing the latest Apple binaries. It’s packed full of hints, tricks, and workarounds. We hope you will find it quite useful! […]

IDAPython: wrappers are only wrappers

Intended audience IDAPython developers who enjoy the occasional headache, leaky abstraction enthousiasts, or simply the curious. TL;DR IDAPython wraps C++ types, and the lifecycle of C++ objects (and in particular members of larger objects) is not necessarily the same as that of the Python wrapper object that is wrapping it. The problem One of our users reported IDA crashes when […]

IDAPython: namespacing for plugins, loaders & processor modules.

Intended audience IDAPython plugins, loaders or processor modules developers. The problem Until now, IDAPython would load all loaders, processor modules & plugins in the ‘__main__’ module. This causes namespace pollution, which can sometimes leads to very obscure errors. The solution Starting with version 7.1, IDA will import plugins, loaders & processor modules in their own, separate Python modules. The names of those […]

IDA and common Python issues

With IDA 7.0 switching fully to native x64 architecture, we also switched to the x64 Python which brought some new issues but also exposed some we’ve seen before. This post tries to summarize the most common issues we’ve seen our users encounter as well as suggestions about how to fix them or at […]

IDAPython: migrating PySide code to PyQt5

Background Contrary to previous versions that shipped with Qt 4.8.4, IDA 6.9 ships with Qt 5.4.1 and as we announced some time ago, this will force some changes for plugin writers who were using IDAPython + PySide in order to build custom interfaces. What’s more, in addition to the Qt4 -> Qt5 switch, we have also […]

Augmenting IDA UI with your own actions.

Intended audience Plugin writers, either using the C SDK or IDAPython, who would like to add actions/commands to IDA UI in order to augment its capabilities. Rationale: before 6.7 APIs galore Depending on what type of context you were in, various APIs were available to you: Want to add a main menu item? add_menu_item(const char *menupath, const char *name, const char […]

Loading your own modules from your IDAPython scripts with idaapi.require()

TL;DR If you were using import to import your own “currently-in-development” modules from your IDAPython scripts, you may want to use idaapi.require(), starting with IDA 6.5. Rationale When using IDAPython scripts, users were sometimes facing the following issue Specifically: User loads script Script imports user’s module mymodule Script ends User modifies code of mymodule (Note: the module is modified, not the script) User […]

Calling IDA APIs from IDAPython with ctypes

IDAPython provides wrappers for a big chunk of IDA SDK. Still, there are some APIs that are not wrapped because of SWIG limitations or just because we didn’t get to them yet. Recently, I needed to test the get_loader_name() API which is not available in IDAPython but I didn’t want to write a full plugin […]