ALIEN: idA Local varIables rEcogNizer
ALIEN is an IDA Pro plugin that allows the user to get more information about ida local variables with the help of corresponding DWARF information.
Usage
python3 dwarf_parser.py
This script will analysis the DWARF information of the given ELF file, and will produce .dwarf.json file contains the analytical result in the same folder.
">
-A -c -S"ida_parse_f5.py"
This IDA-python script will produce .ida.json file contains the analytical result of IDA in the same folder.
python3 module_analysis.py
If you run the first two steps and successfully get .dwarf.json as well as .ida.json file, then this module_analysis.py script will perform comprehensive analysis of these two. The result will be stored in .ans.json file.
This is an example of the .ans.json file:
{
"ModuleInfo": {
"ida_num_total": 4831,
"ida_none_num_total": 683,
"ida_has_dwarf_total": 306,
"ida_reg_num_total": 4357,
"ida_stack_num_total": 474,
"dwarf_num_total": 2156,
"dwarf_none_num_total": 585,
"dwarf_reg_num_total": 1128,
"dwarf_stack_num_total": 215,
"dwarf_poly_num_total": 78,
"dwarf_unknown_num_total": 150,
"ans_ida_identified_num_total": 194
},
"FunctionInfo": [
{
"func_name": "errorlimit",
"ida_num": 6,
"ida_none_num": 1,
"ida_has_dwarf": 0,
"ida_reg_num": 6,
"ida_stack_num": 0,
"dwarf_num": 0,
"dwarf_none_num": 0,
"dwarf_reg_num": 0,
"dwarf_stack_num": 0,
"dwarf_poly_num": 0,
"dwarf_unknown_num": 0,
"ans_ida_identified_num": 0
}
···
]
4 May 27, 2022
2.6k Jan 05, 2023
18 Jul 15, 2022
6 Apr 11, 2022
10 Nov 21, 2022
329 Dec 16, 2022
1 Oct 29, 2021
3 Jan 08, 2022
30 Dec 14, 2022
17 Jan 13, 2022
2 Dec 02, 2021
0 Jan 20, 2022
2 Mar 01, 2022
1.3k Jan 01, 2023
13 Sep 29, 2022
119 Oct 23, 2022
103 Dec 19, 2022
10 Jul 18, 2022
3 Nov 12, 2021
3 Jun 27, 2022