The structures recovered can be used to help dynamic analysis via a debuger. But actually tehre is no easy way to import the recovered structure in radare2 or IDA.
So adding the possible to create script for both of this tool which will import the structure recovered. When a call to an allocation routine always allocate the same structure (or array) the scripts may also a breakpoint and run a comand to automatically type the return of the routine to the detected struct.
The scripys mays also add comm on malloc call to say what structure or array they are allocating and to the accessing instruction to say what structure of what memebr the instruction is writting reading.
IDA:
[ ] Import structure
[ ] comment accessing instructions
[ ] auto-typing return of allocator
Radare2:
[ ] Import structure
[ ] comment accessing instructions
[ ] auto-typing return of allocator
For both script an option to create them from the command line must be add and the possibility to download them via the web_ui must be add as well.
ampotos
commented
7 years ago
The structures recovered can be used to help dynamic analysis via a debuger. But actually tehre is no easy way to import the recovered structure in radare2 or IDA.
So adding the possible to create script for both of this tool which will import the structure recovered. When a call to an allocation routine always allocate the same structure (or array) the scripts may also a breakpoint and run a comand to automatically type the return of the routine to the detected struct.
The scripys mays also add comm on malloc call to say what structure or array they are allocating and to the accessing instruction to say what structure of what memebr the instruction is writting reading.
IDA:
Radare2:
For both script an option to create them from the command line must be add and the possibility to download them via the web_ui must be add as well.