Export `binexport` file via command line

google / binexport

Export disassemblies into Protocol Buffers

Apache License 2.0

1.05k stars 204 forks source link

Export `binexport` file via command line #35

Closed wangshuai901 closed 5 years ago

wangshuai901 commented 5 years ago

Hello,

I am using IDA 7.3 on Linux and the latest version of Bindiff (Bindiff ver. 5 and BinExport 10). And I am writing to inquire the procedure to export a binExport database from the commandline.

So after installing the BinDiff and IDA-Pro, I am using the following command:

sudo ./idat64 -A -S"/export/d1/idaedu-7.3/bin_export.idc" -OExportModule:"/export/d1/idaedu-7.3/mcf.binExport" "/export/d1/idaedu-7.3/mcf_base.i386-m32-gcc42-nn.i64"

And the bin_export.idc script is like this:

#include <idc.idc>
static main()
{
        Batch(0);
        Wait();
        Exit(1 - RunPlugin("zynamics_binexport_8", 2));
}

However, after executing the command, somehow it is hanging there, and cannot proceed any further.. Am I doing anything wrong? Thank you.

wangshuai901 commented 5 years ago

@cblichmann thank you for taking care of this. Any comments or suggestions? Thanks a lot.

cblichmann commented 5 years ago

There are several things going on here:

You're using zynamics_binexport_8 as the plugin name in the IDC, which is the old name (BinDiff 4.x). The curent version uses just binexport10.
The IDC script you're using is using syntax that predates IDA 7 IDC.
idat64 is entirely untested with BinDiff 5. I don't recommend using it.

So the correct script would be

static main() {
  batch(0);
  auto_wait();
  qexit(1 - load_and_run_plugin("binexport10", 2));
}

However, you can do without an IDC script:

TVHEADLESS=1 /opt/idapro-7.3/ida64 \
    -OBinExportModule:<DIRECTORY_OR_BINEXPORT_FILENAME>
    -OBinExportAlsoLogToStdErr:TRUE \
    -OBinExportAutoAction:BinExportBinary \
    <PATH_TO_YOUR_EXE_OR_IDB>

Note that TVHEADLESS=1 is optional, as is -OBinExportAlsoLogToStdErr:TRUE.

wangshuai901 commented 5 years ago

@cblichmann Thanks a lot for the comments. I am connecting a remote server with no X so ida64 is not working. Here are what I have been doing so far:

./idat64, click the File -> Load File -> Script File and load the script you provided. It shows that "exporting Database; Please wait", but after it is finished, I still cannot find the exported .BinExport file.
I tried the second option without IDC script:

Somehow it is still hanging there.. I guess I will try to setup the X and use ida64. Will keep you posted.

cblichmann commented 5 years ago

Did you strace/debug the IDA process to see where it is hanging? Maybe it's just waiting for user input (you didn't specify -A).

cblichmann commented 5 years ago

Closing. Feel free to reopen if you still need help.