Questions tagged [automation]
The use of executable programs or scripts to achieve well-defined sequences of operations without human interaction.
24 questions
1
vote
0
answers
71
views
Automatically rename known functions from libraries in IDA
I have a binary file written in c and c++ which uses some libraries. The C/C++ source code of these libraries is publicly accessible online (github). Is there a way in IDA to somehow import this ...
- 11
2
votes
1
answer
2k
views
J1939 message payload checksum
I am attempting to reverse engineer some proprietary J1939 CAN traffic so that I can remotely control some actions on a vehicle. I have collected a number of traces covering the events I want to ...
- 51
1
vote
1
answer
116
views
Automated instruction analysis of dynamic memory
Introduction to problem: I have a binary executable with an unknown network packet protocol. I want to reverse engineer this packet protocol. My current way of doing it is to send some data and step ...
- 301
5
votes
1
answer
214
views
Review a collection of executable binaries to determine similarity
I have a collection of different binaries I want to review for code similarity and classification, but I would rather not have to open each of them in IDA and manually review the code in 15 different ...
- 173
0
votes
1
answer
249
views
x64dbgpy: application unresponsive when trying to automate inside breakpoint callback
When a breakpoint callback is triggered trying to automate the debugger inside the callback causes the application to become unresponsive. x64dbg continues functioning but the application itself doesn'...
- 203
3
votes
2
answers
3k
views
(MacOS) disable codesign check / run codesign on multiple files
so I have two questions, I'll try to keep it short (also, im a noob):
I run logic pro x and other software to make music, and some third party plugins make program crash if they get a:
Exception ...
- 41
2
votes
2
answers
8k
views
Automating bypassing anti-debug checks
I'm working on bypassing the anti-debug checks of an unpacker in x64dbg. My end goal is to bypass all of the checks so that I can run the (unmodified) process with a debugger attached without any ...
- 180
7
votes
1
answer
10k
views
How to automatically rename some IDA functions from a given list?
I have a text file which contains a list of function name and address pairs, structured like this :
194C:841B LoadMessage
194C:8429 ShowDialog
...
Is there a way (eg: script, automation, ...) to ...
- 381
3
votes
0
answers
143
views
Automating a custom QGraphicsObject control in an external QT based process
I have injected a DLL into an external application that is based on the QT framework. I, then, use the method QApplication::allWidgets() and iterate through the list of widgets to find a QGraphicsView ...
- 63
0
votes
1
answer
4k
views
IDAPython load PDB-file of analysed binary
in a python-script which I'm writing I need the possibility to load via IDA-Python the PDB-File of the analysed binary (PE-File).
I know how to load a PDB-File via GUi but I need this scripted.
Has ...
- 1
2
votes
2
answers
845
views
Force IDA starter 6.5 to disassemble encrypted in autonomous mode
I'm using IDA Starter 6.5 on linux. (Debian Wheezy 32bit)
I would like to perform batch analysis on a bunch of iOS apps with an IDAPython script.
To do so, I use command as such, to call text ...
- 31
2
votes
0
answers
94
views
Opinions and suggestions regarding malware sandboxes [closed]
I'm relatively new in the field of automatic malware analysis and I'd like to ask about hands-on opinions about sandboxes in the following aspects:
extensibility of the product - adding your own ...
- 3,082