ALIEN: idA Local varIables rEcogNizer
ALIEN is an IDA Pro plugin that allows the user to get more information about ida local variables with the help of corresponding DWARF information.
Usage
python3 dwarf_parser.py
This script will analysis the DWARF information of the given ELF file, and will produce .dwarf.json file contains the analytical result in the same folder.
">
-A -c -S"ida_parse_f5.py"
This IDA-python script will produce .ida.json file contains the analytical result of IDA in the same folder.
python3 module_analysis.py
If you run the first two steps and successfully get .dwarf.json as well as .ida.json file, then this module_analysis.py script will perform comprehensive analysis of these two. The result will be stored in .ans.json file.
This is an example of the .ans.json file:
{
"ModuleInfo": {
"ida_num_total": 4831,
"ida_none_num_total": 683,
"ida_has_dwarf_total": 306,
"ida_reg_num_total": 4357,
"ida_stack_num_total": 474,
"dwarf_num_total": 2156,
"dwarf_none_num_total": 585,
"dwarf_reg_num_total": 1128,
"dwarf_stack_num_total": 215,
"dwarf_poly_num_total": 78,
"dwarf_unknown_num_total": 150,
"ans_ida_identified_num_total": 194
},
"FunctionInfo": [
{
"func_name": "errorlimit",
"ida_num": 6,
"ida_none_num": 1,
"ida_has_dwarf": 0,
"ida_reg_num": 6,
"ida_stack_num": 0,
"dwarf_num": 0,
"dwarf_none_num": 0,
"dwarf_reg_num": 0,
"dwarf_stack_num": 0,
"dwarf_poly_num": 0,
"dwarf_unknown_num": 0,
"ans_ida_identified_num": 0
}
···
]
1 Jan 04, 2022
2 Feb 10, 2022
0 Oct 08, 2022
2 Jan 19, 2022
29 Dec 15, 2022
33 Nov 21, 2022
73 Dec 12, 2022
28 Oct 20, 2022
1 Jan 08, 2022
4 Dec 07, 2022
4 Aug 22, 2022
2 Feb 01, 2022
41 Jun 24, 2022
3 Nov 24, 2021
23 Nov 13, 2022
1 Nov 21, 2021
21 Dec 30, 2022
2 May 24, 2022
5 Jan 14, 2022
7 Jan 03, 2023