Search in book...
Toggle Font Controls
Create new playlist

Name your new playlist

Playlist description (optional)
Sign In

Email address

Password

Forgot Password?

or

Continue with Facebook

Continue with Google
Sign Up

Full Name

Email address

Confirm Email Address

Password

or

Continue with Facebook

Continue with Google

Scripted Plug-ins

IDA 5.6 introduced support for scripted loader modules. In IDA 5.7, support was added for scripted plug-ins ^[127] and processor modules. While this does not necessarily allow for the development of more powerful plug-ins, it does somewhat lower the barrier to entry for potential plug-in developers and allows for a somewhat faster development cycle because the complex build process is eliminated.

Although scripted plug-ins can be created using either IDC or Python, Python is probably the most appropriate choice given that it exposes so much of IDA’s SDK. Given this fact, there is no reason why Python plug-ins can’t be just as powerful as compiled C++ plug-ins.

Creating a Python plug-in is a straightforward process. The primary requirement is to define a function named PLUGIN_ENTRY that returns an instance of plugin_t (defined in module idaapi). The plugin_t class contains members that mirror the members of the SDK’s C++ plugin_t class. Example 17-4 shows a simple Python plug-in that defines a class named idabook_plugin_t, which inherits from plugin_t; initializes all required members; and defines init, term, and run functions that implement the plug-in behavior.

Example 17-4. A minimal Python plug-in

from idaapi import *

class idabook_plugin_t(plugin_t):
   flags = 0
   wanted_name = "IdaBook Python Plugin"
   wanted_hotkey = "Alt-8"
   comment = "IdaBook Python Plugin"
   help = "Something helpful"

   def init(self):
      msg("IdaBook plugin init called.
")
      return PLUGIN_OK

   def term(self):
      msg("IdaBook plugin term called.
")

   def run(self, arg):
      warning("IdaBook plugin run(%d) called.
" % arg)

   def PLUGIN_ENTRY():
      return idabook_plugin_t()

Installation of the plug-in script is accomplished by copying the script to <IDADIR>/plugins.

The same plug-in written in IDC appears in Example 17-5. Since IDC does not define a plug-in–related base class, our obligation is to create a class that defines all the elements expected of a plug-in, ensuring that we name each element properly.

Example 17-5. A minimal IDC plug-in

#include <idc.idc>

class idabook_plugin_t {

   idabook_plugin_t() {
      this.flags = 0;
      this.wanted_name = "IdaBook IDC Plugin";
      this.wanted_hotkey = "Alt-9";
      this.comment = "IdaBook IDC Plugin";
      this.help = "Something helpful";
   }

   init() {
      Message("IdaBook plugin init called.
");
      return PLUGIN_OK;
   }

   term() {
      Message("IdaBook plugin term called.
");
   }

   run(arg) {
      Warning("IdaBook plugin run(%d) called.
", arg);
   }
}

static PLUGIN_ENTRY() {
   return idabook_plugin_t();
}

As with the Python example, the PLUGIN_ENTRY function serves to create and return an instance of our plug-in class. Installation, once again, involves copying the .idc file to <IDADIR>/plugins.

^[127]See http://www.hexblog.com/?p=120

..................Content has been hidden....................

You can't read the all page of ebook, please click here login for view all page.

Table of Contents for Scripted Plug-ins

Create new playlist

Sign In

Sign Up

Scripted Plug-ins

Table of Contents for
Scripted Plug-ins