hexrays_tools&CrowdDetox Rebuild for IDA 6.x

structures_graph

Milan’s useful functions for Hex-Rays decompiler
================================================

New hexrays features:

Assist in creation of new structure definitions / virtual calls detection
===========================================================================

1) use “Reset pointer type” on all variables that you want to scan.

2) Select one of these variables and choose “Scan variable (S)”
Plugin deals with simple assignments “v1 = this;” automatically.

3) Again right click on such variable and choose open structure builder.
Ajdust the structure to your likings.

In Structure builder you can open a list of functions you scanned so far and
functions that were added from virtual function tables.

Open some of the functions and scan other variables that are of the same
type. Be carefull there is no undo yet.

As you gather more evidence structure builder will show you guessed substructure sizes
and guessed types.

Colliding types have yellow background. Use delete to solve the ambiguity.

With red colour is marked current master offset into structure being created.

Use “*” to change master offset. But you should not need this too often,
because basic situations are detected automatically.

下载地址
https://www.hex-rays.com/contests/2013/hexrays_tools.zip
演示
https://www.hex-rays.com/contests/2013/milan_videos.7z

重建版链接:

http://pan.baidu.com/share/link?shareid=2736195585&uk=3188888025

CrowdStrike CrowdDetox Plugin for Hex-Rays

CrowdDetox version 1.0.2 Beta
by Jason Geffner (jason@crowdstrike.com)

The CrowdDetox plugin for Hex-Rays automatically removes junk code and variables from Hex-Rays function decompilations.

下载地址
https://www.hex-rays.com/contests/2013/CrowdDetox.zip

原文链接
https://www.hex-rays.com/contests/2013/index.shtml

重建版链接:

http://pan.baidu.com/share/link?shareid=2746706555&uk=3188888025

☆版权☆

* 网站名称:obaby@mars
* 网址:https://h4ck.org.cn/
* 个性:https://oba.by/
* 本文标题: 《hexrays_tools&CrowdDetox Rebuild for IDA 6.x》
* 本文链接:https://h4ck.org.cn/2013/10/5367
* 短链接:https://oba.by/?p=5367
* 转载文章请标明文章来源,原文标题以及原文链接。请遵从 《署名-非商业性使用-相同方式共享 2.5 中国大陆 (CC BY-NC-SA 2.5 CN) 》许可协议。


猜你喜欢:

4 comments

  1.  Level 3
    Google Chrome 29 Google Chrome 29 Mac OS X 10.9 Mac OS X 10.9 cn广西南宁市 联通

    大哥发个6.1编译版的吧,我机子上没有2012,tools要2012编译

  2. Level 1
    Google Chrome 32 Google Chrome 32 Windows Server 2003 Windows Server 2003 dk丹麦

    This does not work with IDA 6.1. Any chance to support the 6.1 version?

    1. 公主 Queen 
      Google Chrome 33 Google Chrome 33 Windows 7 Windows 7 cn山东省青岛市 联通

      I have tested it with ida pro 6.1,will u plz post the error message here?

发表回复

您的电子邮箱地址不会被公开。 必填项已用*标注