Skip to content

ida ¤

Talks to an XMLRPC server running inside of an active IDA Pro instance, in order to query it about the database. Allows symbol resolution and interactive debugging.

Classes:

Functions:

Attributes:

ida_rpc_host module-attribute ¤

ida_rpc_host = add_param(
    "ida-rpc-host", "127.0.0.1", "ida xmlrpc server address"
)

ida_rpc_port module-attribute ¤

ida_rpc_port = add_param('ida-rpc-port', 31337, 'ida xmlrpc server port')

ida_timeout module-attribute ¤

ida_timeout = add_param(
    "ida-timeout", 2, "time to wait for ida xmlrpc in seconds"
)

P module-attribute ¤

P = ParamSpec('P')

T module-attribute ¤

T = TypeVar('T')

colored_pc module-attribute ¤

colored_pc = None

idc module-attribute ¤

idc = IDC()

ida_replacements module-attribute ¤

ida_replacements = {
    "__int64": "signed long long int",
    "__int32": "signed int",
    "__int16": "signed short",
    "__int8": "signed char",
    "__uint64": "unsigned long long int",
    "__uint32": "unsigned int",
    "__uint16": "unsigned short",
    "__uint8": "unsigned char",
    "_BOOL_1": "unsigned char",
    "_BOOL_2": "unsigned short",
    "_BOOL_4": "unsigned int",
    "_BYTE": "unsigned char",
    "_WORD": "unsigned short",
    "_DWORD": "unsigned int",
    "_QWORD": "unsigned long long",
    "__pure": "",
    "__hidden": "",
    "__return_ptr": "",
    "__struct_ptr": "",
    "__array_ptr": "",
    "__fastcall": "",
    "__cdecl": "",
    "__thiscall": "",
    "__userpurge": "",
}

IDC ¤

IDC()

Attributes:

query class-attribute instance-attribute ¤

query = (
    "{k:v for k,v in globals()['idc'].__dict__.items() if isinstance(v, int)}"
)

IdaProvider ¤

Bases: IntegrationProvider

Methods:

get_symbol ¤

get_symbol(addr: int) -> str | None

get_versions ¤

get_versions() -> tuple[str, ...]

is_in_function ¤

is_in_function(addr: int) -> bool

get_comment_lines ¤

get_comment_lines(addr: int) -> list[str]

decompile ¤

decompile(addr: int, lines: int) -> list[str] | None

get_func_type ¤

get_func_type(addr: int) -> Function | None

get_stack_var_name ¤

get_stack_var_name(addr: int) -> str | None

Gets the name of a stack variable based on only the address of the variable.

init_ida_rpc_client ¤

init_ida_rpc_client() -> None

withIDA ¤

withIDA(func: Callable[P, T]) -> Callable[P, T | None]

withHexrays ¤

withHexrays(func: Callable[P, T]) -> Callable[P, T | None]

takes_address ¤

takes_address(
    function: Callable[Concatenate[int, P], T],
) -> Callable[Concatenate[int, P], T]

returns_address ¤

returns_address(function: Callable[P, int]) -> Callable[P, int]

available ¤

available() -> bool

can_connect ¤

can_connect() -> bool

l2r ¤

l2r(addr: int) -> int

r2l ¤

r2l(addr: int) -> int

remote ¤

remote(function) -> None

Runs the provided function in IDA's interpreter.

The function must be self-contained and not reference any global variables.

base ¤

base()

Comment ¤

Comment(addr: int)

Name ¤

Name(addr: int)

GetFuncOffset ¤

GetFuncOffset(addr: int)

GetFuncAttr ¤

GetFuncAttr(addr: int, attr: int)

GetType ¤

GetType(addr: int)

here ¤

here() -> int

Jump ¤

Jump(addr: int)

Anterior ¤

Anterior(addr: int)

GetBreakpoints ¤

GetBreakpoints()

GetBptQty ¤

GetBptQty()

GetBptEA ¤

GetBptEA(i: int) -> int

UpdateBreakpoints ¤

UpdateBreakpoints() -> None

SetColor ¤

SetColor(pc, color)

Auto_Color_PC ¤

Auto_Color_PC() -> None

Auto_UnColor_PC ¤

Auto_UnColor_PC() -> None

LocByName ¤

LocByName(name) -> int

PrevHead ¤

PrevHead(addr)

NextHead ¤

NextHead(addr)

GetFunctionName ¤

GetFunctionName(addr)

GetFlags ¤

GetFlags(addr)

isASCII ¤

isASCII(flags)

ArgCount ¤

ArgCount(address) -> None

SaveBase ¤

SaveBase(path: str)

GetIdbPath ¤

GetIdbPath()

has_cached_cfunc ¤

has_cached_cfunc(addr)

decompile ¤

decompile(addr)

decompile_context ¤

decompile_context(pc, context_lines)

get_ida_versions ¤

get_ida_versions() -> dict[str, str]

GetStrucQty ¤

GetStrucQty()

GetStrucId ¤

GetStrucId(idx)

GetStrucName ¤

GetStrucName(sid)

GetStrucSize ¤

GetStrucSize(sid)

GetFrameId ¤

GetFrameId(addr)

GetMemberQty ¤

GetMemberQty(sid)

GetMemberSize ¤

GetMemberSize(sid, offset)

GetMemberId ¤

GetMemberId(sid, offset)

GetMemberName ¤

GetMemberName(sid, offset)

GetMemberOffset ¤

GetMemberOffset(sid, member_name)

GetMemberFlag ¤

GetMemberFlag(sid, offset)

GetStrucNextOff ¤

GetStrucNextOff(sid, offset)

print_member ¤

print_member(sid, offset) -> None

print_structs ¤

print_structs() -> None