Intended audience IDA C++ plugin authors, who wish to link such plugins against Qt 5.x libraries. The problem One of our customers, Aliaksandr Trafimchuk, recently reported that whenever IDA was run with a plugin of his that links against the Qt libraries that we ship, IDA would crash at exit-time (at least on Windows.) Aliaksandr already did most of […]
Read MoreBackground Contrary to previous versions that shipped with Qt 4.8.4, IDA 6.9 ships with Qt 5.4.1 and as we announced some time ago, this will force some changes for plugin writers who were using IDAPython + PySide in order to build custom interfaces. What’s more, in addition to the Qt4 -> Qt5 switch, we have also […]
Read MoreA handful of our users have already requested information regarding the Qt 5.4.1 build, that is shipped with IDA 6.9. Configure options Here are the options that were used to build the libraries on: Windows: …\5.4.1\configure.bat “-debug-and-release” “-nomake” “tests” “-qtnamespace” “QT” “-confirm-license” “-accessibility” “-platform” “win32-msvc2015” “-opengl” “desktop” “-force-debug-info” “-prefix” “C:/Qt/5.4.1” Note that you will have […]
Read MoreIDA is still, as of this writing (December 23rd, 2015), a 32-bit application and both IDA & its installer(*) require certain 32-bit libraries to be present on your Linux system before they can run. Here is the list of commands you will have to run in order to install those dependencies, for the following systems: […]
Read MoreThe problem As you may already know1, Hex-Rays decompilers can generate HTML files from pseudocode windows. That feature, however, is limited to generating HTML for a single function, or a portion of a function. Recently, one of our customers asked us whether there was a way to generate HTML files for multiple functions all at once. I […]
Read MoreIntended audience IDAPython plugin writers who are using the PySide Qt bindings. PySide: some background For some time now it has been possible, through IDAPython, to use PySide bindings to the Qt libraries that are shipped with IDA. Those PySide bindings were first placed on Hex-Rays’s website and, since we noticed a considerable interest for them, we later […]
Read MoreIntended audience Plugin writers, either using the C SDK or IDAPython, who would like to add actions/commands to IDA UI in order to augment its capabilities. Rationale: before 6.7 APIs galore Depending on what type of context you were in, various APIs were available to you: Want to add a main menu item? add_menu_item(const char *menupath, const char *name, const char […]
Read MoreOne of the new features of IDA 6.6 is the Dalvik debugger, which allows us to debug Dalvik binaries on the bytecode level. Let us see how it can help when analysing Dalvik files. Encoded strings Let us consider the package with the encrypted strings: STRINGS:0001F143 unk_1F143:.byte 0x30 # 0 # DATA XREF: STR_IDS:off_70 STRINGS:0001F144 aFda8sohchnidgh: .string “FDA8sOhCHNidghM2hzFxMXUsivl2k7hFOhkJrW7O2ml8qLVM”,0 STRINGS:0001F144 […]
Read MoreTarget audience You may want to read this if you have been writing an IDA C++ plugin, that itself uses the CPython runtime. Prior art In 2010, Elias Bachaalany wrote a blog post about extending IDAPython: http://www.hexblog.com/?p=126 Note that this is not about writing your own plugins in Python. Rather, that blog post instruct on how you may […]
Read MoreJust a short post to show you the current state of the x64 decompiler. In fact, it already mostly works but we still have to solve some minor problems. Let us consider this source code: struct color_t { short red; short green; short blue; short alpha; }; extern color_t lighten(color_t c); color_t func(int red, int green, […]
Read More