Change 2 scripts - Githubissues

mandiant / flare-floss

FLARE Obfuscated String Solver - Automatically extract obfuscated strings from malware.

Apache License 2.0

3.24k stars 452 forks source link

Change 2 scripts #939

Open HongThatCong opened 9 months ago

HongThatCong commented 9 months ago

In my opinion, I think it is necessary to change/addition the following 2 scripts, or maybe merge those 2 scripts into 1.

render-ida-import-script.py: Runs as an IDAPython script, allowing users to select floss json result file to apply stacks/functions comments directly into IDA. No need to generate an intermediate script.
idaplugin.py Added parse language for Go/Rust files
Combine the above two scripts into a new IDAPython script, running entirely in IDA

Tks and brgds HTC

mr-tz commented 9 months ago

Thanks for the suggestions. There's definitely room for improvement and potential to combine the scripts.

Ananthavijay commented 8 months ago

Can I work on this issue?

williballenthin commented 8 months ago

go for it @Ananthavijay

Atlas-64 commented 8 months ago

hi @HongThatCong @williballenthin , if it hasn't been assigned yet I would love taking a hack at it

mr-tz commented 8 months ago

Go for it 👍

Atlas-64 commented 7 months ago

Hi @mr-tz sorry for my confusion but I think eventually I would have to have access to IDA Pro to run the prewritten tests after making changes to these plugins(i.e making them one ). Asking cuz I am trying to currently start working on a personal IDA plython plugin and hit this wall. And on searching found that the free version doesn't let me interact with plugins or build IDA Python. Correct me if I am wrong, thanks for everyone's time .

mr-tz commented 7 months ago

Yes, correct, you need a non-free version of IDA Pro to run IDAPython scripts.

HongThatCong commented 7 months ago

Someone build IDAPython for IDA Free 8.3. I found this link on ExeTools forum. @Atlas-64 you can try with it. Uses idapyswitch to correct it with your Python version.

https://www.mediafire.com/file/8xeuzp14dhov4vd/idapython83.zip/file

Or you can up the source file to here, I can test.

Atlas-64 commented 7 months ago

thanks a lot @HongThatCong I will check the build out if I face issues or I end up needing help on testing I will reply here . Thanks for the help. Also if you still have the ExeTools post associated with the free IDAPython build do link it here if possible . Thanks again :D .

HongThatCong commented 7 months ago

https://forum.exetools.com/showpost.php?p=127922&postcount=14