Web-integration

[thesourcerer8]

I would like to add a web-integration, to have ScratchABit open a web-browser with a dynamic URL that gets the current position in the file, and preferrably also the filename or project name. The goal is to enhance the static disassembler with dynamic information about actual traces, data-flows and statistics about the data and registers used. You can try it at the address 0x574

I tried a proof-of-concept by adding the following in ScratchABit.py:

elif key == b"w":
  self.show_status("Opening the current address on the Web...")
  os.system("lynx http://www2.futureware.at/cgi-bin/ssd/searchlog?q=0x"+("%08x" % (self.get_cur_line().ea))+"-\>")
  self.show_status("Done.")

It works great for me, but for an official feature, we should make the URL configurable (in the Configuration, or in the def file, which do you prefer?), and I would like your opinion on whether we should use "w" or some other hotkey for it. (I thought "w" for "web" might be a good idea.)

[pfalcon]

Well, how I see it is that it's a perfect example of where "UI" plugins should be used.

Unfortunately, such aren't yet supported per se, and until they're, doing it the way you did it above is exactly the suitable way, I have couple of such myself too, which I don't consider worthy being pushed upstream.

Now, to get forward with UI plugins: ScratchABit takes IDAPython as an API affinity. So, we'd need to find a simple, open-source plugin (which adds an entry to menu, assigns itself to a key), and add needed functions to make it run. If you have any ideas of such a sample plugin, please let me know.

[pfalcon]

Actually, I can also ask around: https://github.com/williballenthin/python-idb/issues/32#issuecomment-360535604

[thesourcerer8]

Hmm, from my point of view, the integration of web-applications should be native functionality. It has been so incredibly useful for me in the past, that I am wondering how anyone can live without it :-) Technically, I don't mind that we implement it as a Plugin, if we always load it.

[pfalcon]

Hmm, from my point of view, the integration of web-applications should be native functionality.

Sorry, but there's a gazillion of web applications, you don't mean Facebook/Instagram integration, do you? ;-)

Then what kind of web applications do you mean? http://www2.futureware.at/cgi-bin/ssd/searchlog - what's that? Is it https://github.com/thesourcerer8/CrowdRE ? What's that again? We're switching roles here - you know there're not enough docs for SABit, but at least there's a README, your project lacks even that ;-).

All in all, when it'll come to that, we'll need to show people that plugins exist and what they can do, and can ship "your" plugin as an example. But you'd still need to think why your plugin would be useful to every ScratchABit user, and explain them what it does ;-).

[thesourcerer8]

I mean web-applications that provide contextual information relevant to the currently selected instruction or address, or perhaps even provide the ability to do actions on them, bridging the gap from static binary analysis to dynamic execution, tracing, statistics and analytics, ... It could be memory viewers: http://www2.futureware.at/cgi-bin/ssd/showmem?addr=0x008010DC (the black&white&gray images on the right side) Or trace visualization tools like e.g. https://youtu.be/SYYZjTx92KU?t=17m32s Or it could be workload management tools, where you can define tracing workloads to be queued executed later on, to investigate the behavior of your target around the given address. It could be also tools that are running a webserver locally, or perhaps even statically published websites or just a directory with static images. Yes, searchlog is part of CrowdRE. I paused updating(publishing) the CrowdRE software some time ago, and concentrated more on developing and improving it for my own needs, but I think I will soon have more time to publish it again and document it. The readme was meant to be in "The missing manual", but it seems that this isn't a good way to document it. I am currently thinking about doing some video(s) to show how to actually work with it, since the concepts and workflows are likely new to most reverse-engineers. But the main idea is that everyone should be able to develop his or her own tools for visualization, analysis and be able to integrate them with disassemblers and decompilers. CrowdRE is just one example, and I think different RE projects will require different tools, different visualizations, ... Web-Applications should have a first-class integration into other tools like disassemblers and decompilers. The interface between the disassemblers/decompilers and the web-applications should be a configurable dynamic URL that gets the instruction address, so that the web-application can provide information directly relevant for the specific address or instruction. For larger project with asymmetric multi-processing (AMP), it is necessary to also add the