giantbranch / Mipsaudit
IDA MIPS静态扫描脚本,汇编审计辅助脚本
Stars: ✭ 101
Programming Languages
python
139335 projects - #7 most used programming language
Labels
Projects that are alternatives of or similar to Mipsaudit
Hyara
Yara rule making tool (IDA Pro & Binary Ninja & Cutter Plugin)
Stars: ✭ 142 (+40.59%)
Mutual labels: ida-plugin, idapython
ida migrator
IDA Migrator is an IDA Pro plugin which helps migrate existing work from one database instance to another. It Conveniently migrates function names, structures and enums.
Stars: ✭ 65 (-35.64%)
Mutual labels: ida-plugin, idapython
Heap Viewer
An IDA Pro plugin to examine the glibc heap, focused on exploit development
Stars: ✭ 574 (+468.32%)
Mutual labels: ida-plugin, idapython
Hexrayspytools
IDA Pro plugin which improves work with HexRays decompiler and helps in process of reconstruction structures and classes
Stars: ✭ 873 (+764.36%)
Mutual labels: ida-plugin, idapython
DriverBuddyReloaded
Driver Buddy Reloaded is an IDA Pro Python plugin that helps automate some tedious Windows Kernel Drivers reverse engineering tasks
Stars: ✭ 210 (+107.92%)
Mutual labels: ida-plugin, idapython
ida-embed-arch-disasm
Allows IDA PRO to disassemble x86-64 code (WOW64) in 32-bit database
Stars: ✭ 22 (-78.22%)
Mutual labels: ida-plugin, idapython
Idangr
Use angr in the IDA Pro debugger generating a state from the current debug session
Stars: ✭ 214 (+111.88%)
Mutual labels: ida-plugin, idapython
Necromancer
IDA Pro V850 Processor Module Extension
Stars: ✭ 21 (-79.21%)
Mutual labels: ida-plugin, idapython
Dereferencing
IDA Pro plugin that implements more user-friendly register and stack views
Stars: ✭ 336 (+232.67%)
Mutual labels: ida-plugin, idapython
Nao
Simple No-meaning Assembly Omitter for IDA Pro (This is just a prototype)
Stars: ✭ 228 (+125.74%)
Mutual labels: ida-plugin, idapython
Ipyida
IPython console integration for IDA Pro
Stars: ✭ 358 (+254.46%)
Mutual labels: ida-plugin, idapython
Uefi retool
A tool for UEFI firmware reverse engineering
Stars: ✭ 227 (+124.75%)
Mutual labels: ida-plugin, idapython
Pytest Idapro
A pytest module for The Interactive Disassembler and IDAPython; Record and Replay IDAPython API, execute inside IDA or use mockups of IDAPython API.
Stars: ✭ 44 (-56.44%)
Mutual labels: ida-plugin, idapython
Awesome Reverse Engineering
Reverse Engineering Resources About All Platforms(Windows/Linux/macOS/Android/iOS/IoT) And Every Aspect! (More than 3500 open source tools and 2300 posts&videos)
Stars: ✭ 2,954 (+2824.75%)
Mutual labels: ida-plugin, idapython
DrGadget
dr.rer.oec.gadget IDAPython plugin for the Interactive Disassembler <ABANDONED PROJECT>
Stars: ✭ 61 (-39.6%)
Mutual labels: ida-plugin, idapython
Flare Ida
IDA Pro utilities from FLARE team
Stars: ✭ 1,374 (+1260.4%)
Mutual labels: ida-plugin, idapython
Stingray
IDAPython plugin for finding function strings recursively
Stars: ✭ 110 (+8.91%)
Mutual labels: ida-plugin, idapython
obfDetect
IDA plugin to pinpoint obfuscated code
Stars: ✭ 99 (-1.98%)
Mutual labels: ida-plugin, idapython
Scratchabit
Easily retargetable and hackable interactive disassembler with IDAPython-compatible plugin API
Stars: ✭ 369 (+265.35%)
Mutual labels: ida-plugin, idapython
IDAPython mipsAudit
简介
这是一个简单的IDAPython脚本。
进一步来说是MIPS静态汇编审计辅助脚本。
可能会有bug,欢迎大家完善。
功能
辅助脚本功能如下:
-
找到危险函数的调用处,并且高亮该行(也可以下断点,这个需要自己去源码看吧)
-
给参数赋值处加上注释
-
最后以表格的形式输出函数名,调用地址,参数,还有当前函数的缓冲区大小
大家双击addr那一列的地址,即可跳到对应的地址处
审计的危险函数如下
dangerous_functions = [
"strcpy",
"strcat",
"sprintf",
"read",
"getenv"
]
attention_function = [
"memcpy",
"strncpy",
"sscanf",
"strncat",
"snprintf",
"vprintf",
"printf"
]
command_execution_function = [
"system",
"execve",
"popen",
"unlink"
]
使用
File - Script file
选择mipsAudit.py
即可看到效果
双击地址即可跳到对应的代码处
Note that the project description data, including the texts, logos, images, and/or trademarks,
for each open source project belongs to its rightful owner.
If you wish to add or remove any projects, please contact us at [email protected].