ALIEN: idA Local varIables rEcogNizer
ALIEN is an IDA Pro plugin that allows the user to get more information about ida local variables with the help of corresponding DWARF information.
Usage
python3 dwarf_parser.py
This script will analysis the DWARF information of the given ELF file, and will produce .dwarf.json file contains the analytical result in the same folder.
">
-A -c -S"ida_parse_f5.py"
This IDA-python script will produce .ida.json file contains the analytical result of IDA in the same folder.
python3 module_analysis.py
If you run the first two steps and successfully get .dwarf.json as well as .ida.json file, then this module_analysis.py script will perform comprehensive analysis of these two. The result will be stored in .ans.json file.
This is an example of the .ans.json file:
{
"ModuleInfo": {
"ida_num_total": 4831,
"ida_none_num_total": 683,
"ida_has_dwarf_total": 306,
"ida_reg_num_total": 4357,
"ida_stack_num_total": 474,
"dwarf_num_total": 2156,
"dwarf_none_num_total": 585,
"dwarf_reg_num_total": 1128,
"dwarf_stack_num_total": 215,
"dwarf_poly_num_total": 78,
"dwarf_unknown_num_total": 150,
"ans_ida_identified_num_total": 194
},
"FunctionInfo": [
{
"func_name": "errorlimit",
"ida_num": 6,
"ida_none_num": 1,
"ida_has_dwarf": 0,
"ida_reg_num": 6,
"ida_stack_num": 0,
"dwarf_num": 0,
"dwarf_none_num": 0,
"dwarf_reg_num": 0,
"dwarf_stack_num": 0,
"dwarf_poly_num": 0,
"dwarf_unknown_num": 0,
"ans_ida_identified_num": 0
}
···
]
6 May 16, 2022
1 Dec 07, 2021
1 Dec 19, 2022
1 Oct 24, 2021
1 Dec 26, 2021
329 Dec 16, 2022
3.2k Jan 04, 2023
1 Dec 18, 2021
3 Mar 14, 2022
8 May 18, 2022
2 Aug 08, 2022
34 May 19, 2021
4 Aug 02, 2022
4 Feb 18, 2022
5 Dec 27, 2022
59 Dec 04, 2022
1 Dec 14, 2022
2 Jan 18, 2022
126 Oct 16, 2022
4 Oct 18, 2022