Skip to content

Instantly share code, notes, and snippets.

Avatar
🐢

Dennis Elser patois

🐢
View GitHub Profile
@patois
patois / ctopy.py
Last active Oct 14, 2020
hexrays pseudo-c to python (stupid poc based on "ctopy", https://github.com/pfalcon/ctopy)
View ctopy.py
#!/usr/bin/env python
"""
ctopy -- a quick and dirty C-to-Python translator.
Libraries not mapped that theoretically could be: curses.panel, dbm,
md5, popen2, pty, resource, sha, subprocess, syslog, time. Some of these
would need more elaborate machinery for method translation.
Python library bindings are as of 2.6a0.
"""
@patois
patois / shuffle.py
Last active Jun 27, 2020
IDAPython script that modifies the decompiler's output (Python3)
View shuffle.py
moved to https://github.com/patois/hexrays_scripts
View jmplog.asm
.386
.model flat,stdcall
option casemap:none
include include\windows.inc
include include\kernel32.inc
include include\comdlg32.inc
include include\user32.inc
includelib lib\kernel32.lib
includelib lib\comdlg32.lib
includelib lib\user32.lib
@patois
patois / config.t32
Last active Mar 26, 2020
ARM(32) Code Snippet debugging with GDB Lauterbach Trace32 Simulator
View config.t32
PBI=SIM
PRINTER=WINDOWS
SCREEN=
HEADER=TRACE32 ARM SIMULATOR
@patois
patois / klop.py
Last active Jun 14, 2020
IDAPython script (Python3)
View klop.py
moved to https://github.com/patois/hexrays_scripts
@patois
patois / README
Last active May 19, 2020
Configuration files for debugging Renesas V850/RH850 Binaries with IDA 7.4 and TRACE32 Simulator
View README
1. Install TRACE32 for V850/RH80 from https://www.lauterbach.com/frames.html?download_demo.html
2. copy *.cmm to the TRACE32 installation folder
3. overwrite config.t32 found in the TRACE32 installation folder with the one provided, edit "SYS variable
4. add the content provided with "gdb_arch.cfg" to the existing %IDADIR%\cfg\gdb_arch.cfg file
5. open the file "ghv850.cfe" from the TRACE32 installation folder with IDA
6. In IDA, go to "Debugger -> Select debugger", pick "Remote GDB debugger"
7. Go to "Debugger -> Debugger options -> Set specific options", tick the
"Run a program..." checkbox, then click "choose a configuration", pick the configuration
named "TRACE32: Renesas RH850 (ELF)" and confirm.
8. Go to "Debugger -> Process options...", fill the hostname (127.0.0.1) and port (30000)
@patois
patois / README
Last active Feb 3, 2021
Configuration files for debugging Tricore Binaries with IDA 7.4 and TRACE32 Simulator
View README
1. Install TRACE32 for Tricore from https://www.lauterbach.com/frames.html?download_demo.html
2. place ida.cmm into the TRACE32 installation folder
3. overwrite config.t32 found in the TRACE32 installation folder with the one provided
4. change the "SYS" variable of this config.t32 file to point to your TRACE32 install folder
5. edit %IDADIR%\cfg\gdb_arch.cfg as described in the provided "gdb_arch.cfg" file
6. open the file "demo.elf" from the TRACE32 installation folder with IDA
7. In IDA, go to "Debugger -> Select debugger", pick "Remote GDB debugger"
8. Go to "Debugger -> Debugger options -> Set specific options", tick the
"Run a program..." checkbox, then click "choose a configuration" (which should fill
the "command line" edit field) and confirm.
View a.idc
#include <idc.idc>
static GetExtfunFlags(flags)
{
auto s = 0;
if ((flags & 1) == 1)
s = "EXTFUN_BASE";
if ((flags & 2) == 2)
{
@patois
patois / listkmods.py
Last active Dec 16, 2020
ida/vmware kernel debugging helper
View listkmods.py
from idaapi import *
# with code taken from
# - http://hexblog.com/idapro/vmware_modules.py
# - HexRays forum
# - https://gist.github.com/nmulasmajic/f90661489f858237bcd68fbde5516abd#file-find_nt_imagebase_x64-py
class LoadedModulesList(Choose2):
def __init__(self, title, modlistEA=BADADDR, flags=0, width=None, height=None, embedded=False, modal=False):