In addition to the previously
covered features
we’ve already added, we took the opportunity to get to the bottom of it and add even more scripting facilities where possible along with minor but convenient UI enhancements.
In this blog entry, we will introduce some of the new features in the coming version of IDA Pro.
We received many requests from our clients to make the output window a text control so users select portions of text instead of a whole line.
The output window is now a rich text control instead of a listbox, allowing the users to:
The Alt-click will work not just for numerical addresses but also for identifiers which are location names in the database or even registers during debugging.
We have replaced the “File / IDC file” menu with “File / Script file”, allowing the user a unified way to run any supported script file.
IDA Pro will match the file’s extension with a registered extlang (or the built-in IDC engine or Python plugin) and run the file with it.
We have dropped the “Recent IDC Scripts” toolbar and replaced it with a script list (similar to IDAPython’s Alt-7).
This dialog is common to the text and the graphical interfaces of IDA Pro, and will remember any script (not just IDC). It is accessible via the Windows menu or the Alt-F7 hotkey:
Recent scripts will be displayed in a chooser:
(Note that the history has both Python and IDC scripts)
The standard chooser hotkeys can be used: Ctrl-E to edit the script, Ins to browse for a new script, Del to remove it and Alt-T to search.
This switch will start IDA Pro with a temporary database. This is useful if you want to run scripts that do not neccesarily need a specific input file.
For example, a script can use the debugger to attach to a process, gather some information and detach.
In the future blog entries we will show how to use this in real life scenarios.
The -S switch can now run not just IDC but any supported script file (again, based on the script file extension).
It now supports passing arguments to the script:
idag -t -S"hello.idc arg1 arg2 \"arg 3\" arg4"
With hello.idc:
#include <idc.idc> static main() { auto i; for (i=0;i<ARGV.count;i++) Message("ARG[%d]=%s\n", i, ARGV[i]); }
After IDA Pro runs, such an output will be displayed:
ARG[0]=hello.idc ARG[1]=arg1 ARG[2]=arg2 ARG[3]=arg 3 ARG[4]=arg4
In case you’re wondering, the same can be accomplished with IDAPython:
import idc for i in xrange(0, len(idc.ARGV)): print "ARG[%d]=%s" % (i, idc.ARGV[i])
The ARGV array is stored in the idc module.
A small but often irritating pecularity of IDA’s script boxes (Shift-F2 for IDC and Alt-8 for Python) is that it they don’t auto-indent.
This is particularly annoying for Python which requires proper indentation.
In the new version we have implemented auto-indent, so writing Python script snippets is not an excercise in frustration anymore.
We hope that these new features, while minor, will make your work more productive.