patois/HRDevHelper patois/HRDevHelper

  • Stars
    star
    349
  • Rank 120,793 (Top 3 %)
  • Language
    Python
  • License
    Other
  • Created over 5 years ago
  • Updated over 1 year ago
Twitter logo Share LinkedIn logo Share Facebook logo Share
patois/HRDevHelper
github

patois

Reviews

There are no reviews yet. Be the first to send feedback to the community and the maintainers!

Repository Details

HexRays ctree visualization plugin

HRDevHelper

HRDevHelper is an extension for the Hexrays decompiler written in IDAPython and is meant to be a helpful tool for debugging and developing your own Hexrays plugins and scripts. The plugin draws its usefulness from displaying a graph of a decompiled function's respective ctree and creating visual links between its underlying decompiled code and the graphs' individual items.

HRDevHelper animated gif

When invoked, HRDevHelper creates and attaches a ctree graph to the currently active decompiler widget and centers the graph's view on the current ctree item. Subsequently navigating the decompiled code visually highlights corresponding ctree items in the graph.

The plugin's default colors and other settings (zoom, dock position etc.) can be configured by editing the plugin's configuration file that is created after running the plugin for the first time. The HRDevhelper.cfg configuration file can be found in the IDA user directory.

Installation

Copy hrdevhelper.py and the hrdh folder to ./IDA/plugins/ and restart IDA.

Plugin Usage & Shortcuts

The plugin's functionality is accessible via right-click in a decompiler view or otherwise via keyboard shortcuts:

  • "show ctree" creates a graph of all ctree items of the current decompiled function.
  • "show sub-tree" creates a graph of ctree items that belong to the current expression. The subgraph's root is determined via the current decompiler view's text cursor.
  • "show context" opens a context viewer that, among other information, displays the current sub-tree's citems as a lambda expression. This expression can be used with and directly copy-pasted into hxtb-shell that comes with the HexraysToolbox script.

By default, HRDevHelper visually highlights all ctree items in a graph that correspond to a current single decompiled line of code. Making a selection of multiple lines highlights nodes accordingly.

The two screenshots below show the context viewer.

HRDevHelper context view

HRDevHelper context view

In addition to the keyboard shortcuts that are made available in decompiler views, the graphs created by HRDevHelper have additional keyboard shortcuts in place as shown below.

Graph Hotkeys (focus on any HRDevHelper graph/subgraph):

  • C: Toggle "center on current item/node" functionality (switches synchronization on/off).
  • D: Increase debug/verbosity of particular nodes

More Repositories

1

dsync

IDAPython plugin that synchronizes disassembler and decompiler views
Python
438
star
2

HexraysToolbox

Hexrays Toolbox - Find code patterns within the Hexrays ctree
Python
422
star
3

abyss

abyss - augmentation of Hexrays decompiler output
Python
315
star
4

IDACyber

Data Visualization Plugin for IDA Pro
Python
285
star
5

genmc

Display Hex-Rays Microcode
Python
220
star
6

IDAPyHelper

IDAPyHelper is a script for the Interactive Disassembler that helps writing IDAPython scripts and plugins.
Python
163
star
7

xray

Hexrays decompiler plugin that colorizes and filters the decompiler's output based on regular expressions
Python
114
star
8

mrspicky

MrsPicky - An IDAPython decompiler script that helps auditing memcpy() and memmove() calls
Python
108
star
9

RETracker

Reverse Engineering Framework for the Polyend Tracker
Python
93
star
10

FuncScanner

Collects extended function properties from IDA Pro databases
Python
91
star
11

hexrays_scripts

Various scripts for the Hexrays decompiler
Python
87
star
12

DrGadget

dr.rer.oec.gadget IDAPython plugin for the Interactive Disassembler <ABANDONED PROJECT>
Python
62
star
13

nesldr

Nintendo Entertainment System (NES) ROM loader module for IDA Pro (for IDA 4.9)
C++
46
star
14

NDSLdr

Nintendo DS ROM loader module for IDA Pro
C++
34
star
15

NECromancer

IDA Pro V850 Processor Module Extension
Python
30
star
16

idaplugins

Old and probably outdated IDA plugins
C++
24
star
17

NTRDisasm

Annotated disassembly of the NTR 2.x custom firmware for the Nintendo N3DS
Assembly
24
star
18

BFS2019

Bluefrost Exploitation Challenge 2019 - Exploit and Writeup
Assembly
21
star
19

zohocorp_dc

Zoho ManageEngine Desktop Central CVEs
Python
15
star
20

winmagic_sd

Technical Write-Up on and PoC Exploit for CVE-2020-11519 and CVE-2020-11520
Python
13
star
21

iOS-stuff

tools, hacks and stuff for iOS (this is old stuff based on an old iOS version and wasn't tested for functioning on recent iOS devices)
Python
13
star
22

MadNES

IDA plugin to export symbols and names from IDA db so they can be loaded into FCEUXD SP
C++
12
star
23

ida_vs2017

IDA 7.x VisualStudio 2017 Sample Project for IDA and HexRays plugins (works with Community Edition)
C++
11
star
24

bankswitch

IDA Pro plugin module for NES ROMs, simulates bank switching/paging
C++
10
star
25

A5Pack

Firmware Utility for ASM Hydrasynth Synthesizers
Python
8
star
26

NESTrainers

NES Game Hacking examples (adding cheating functionality/trainers)
Assembly
8
star
27

tools

various tools
Python
8
star
28

vds5plugin

vds5plugin - vds5.py script taken from IDAPython and turned into a plugin
Python
6
star
29

3DSProjects

Nintendo 3DS Projects
C
5
star
30

CTFs

Write-ups and solutions for CTF challenges
Python
5
star
31

FEZ

FEZ tools and stuff
Python
3
star
32

nesdbg

Failed attempt in creating an IDA Pro debugger plugin for NES ROMs
C++
2
star
33

touchosc-templates

Templates / Layouts for the touchosc iOS app
2
star
34

FancyVote

My solution to the BFS Ekoparty Exploitation Challenge
Python
2
star