a1ext / labeless

Labeless is a multipurpose IDA Pro plugin system for labels/comments synchronization with a debugger backend, with complex memory dumping and interactive Python scripting capabilities.
Other
514 stars 82 forks source link

ida7 x64dbg sync failing #40

Closed ed4wg closed 6 years ago

ed4wg commented 6 years ago

The environment: win10x64 labeless1.1.2.65 - release binary ida7.1 x64dbg - Jul 1 2018

The main issue is nothing is syncing properly. I don't see any specific errors when running the sync manually, i just don't see anything flowing over to x64dbg.

Here's an example of what i see in the output window in ida: Labeless: do sync all now... Labels: 142, comments: 3 RPC Thread: OK, tasks left: 0 in x64dbg log window LL: Labeless::onClientSockAccept: Connected from: 127.0.0.1:51869 LL: socket 00000848 accepted LL: Labeless::onClientSockRead: Received 8 bytes of 8. LL: Labeless::onClientSockRead: Received 89 bytes of 89. LL: Labeless::onClientSockBufferReceived: new request pushed { jobId: 9, bkg: 0, finished: 0 } LL: Labeless::serverThread: jobId 9 socket 00000848 Response sent, len: 0x0000000A LL: Labeless::serverThread: jobId 9 is removed

When running the "test connection" button inside of the ida plugin, i get: "Test failed, error: Invalid version response:"

I've setup and installed this for both x64 and x86 ida/x64dbg and i get the same result in both setups.

One other thing to note. The 1.1.2.65 release code doesn't have the setup.py in the deploy directory so i just pulled that from master to run the python setup.py install.

a1ext commented 6 years ago

Hi @MalPunch3r ,

You have to reinstall labeless python module:

pip uninstall labeless
pip install --upgrade labeless

the second one - using prebuilt one from the release archive:

image

pip install deploy\labeless-1.1.2.65-py2.py3-none-any.whl
a1ext commented 6 years ago

I'll add these instructions to the README.md, forgot that, sorry :)

ed4wg commented 6 years ago

So i did find the old version in the site-packages folder, and removed it, but i'm still having the same problem. I also completely removed python and started fresh, then reinstalled labeless. Still no luck though. I can also see in the version of the ida plugin and x64dbg plugin that it's reporting the latest version.

Any other suggestions?

a1ext commented 6 years ago

@MalPunch3r Could you show me the error message fully?

a1ext commented 6 years ago

Some of parts IDA PRO or x64dbg has old plugin

ed4wg commented 6 years ago

The error simply states: "Test failed, error: Invalid version response:" when clicking the "Test connection" button in the IDA labeless configuration dialog.

I did see an older version of the binary installed in ida and removed that. That didn't work though.

I also tested by installing the latest version on a fresh machine with no prior labeless installed. In this case, it worked as expected, no issues noticed.

So i went back to my non-working VM and i cannot find any references to old versions of labeless anywhere. python, ida, x64. Also, all of these show to be using the 1.1.2.65 version.

I tried syncing labels even though the invalid version response error shows and that seems to be working. So, it'd be cool to figure out why that invalid version shows up when hitting the test connection button, but not enough for me to re-setup my analysis vm. If you end up thinking of any other places to look to remove the older versions of labeless please let me know.

a1ext commented 6 years ago

Hi @MalPunch3r I created the Discord channel, you could reach me faster there and we could quicker solve the issue.

a1ext commented 6 years ago

Hi @MalPunch3r If you have an old version in IDA you have to copy corresponding plugins to IDA plugins directory, make sure you point to the right location of the IDA in case you have more than one copy.

In case the older version is on your VM then to point out labeless python module location do the following:

ed4wg commented 6 years ago

So i took a step back and tried to see if it was IDA or x64dbg. I ended up removing other plugins to see if that was it. The problem seems to be having x64dbgpy and labeless both installed in x64dbg. After removing x64dbgpy the test connection with labeless works.

However, even then, when i run the test you mentioned above to run the remote python, i don't get any data back. Just looks like this. Not sure if that's an issue or not. The Test Connection is still successful now though.

request #10

request #9

a1ext commented 6 years ago

It will be solved soon, I've already made a PR to the x64dbgpy and currently waiting when it is merged. I'll update you.

a1ext commented 6 years ago

Done, @MalPunch3r bring the latest x64dbgpy from here https://ci.appveyor.com/project/mrexodia/x64dbg-python/build/artifacts and install it into your x64dbg. Let me know it this won't fix the issue.

ed4wg commented 6 years ago

It's working great now. Thanks for getting this resolved so quickly!