ALIEN: idA Local varIables rEcogNizer
ALIEN is an IDA Pro plugin that allows the user to get more information about ida local variables with the help of corresponding DWARF information.
Usage
python3 dwarf_parser.py
This script will analysis the DWARF information of the given ELF file, and will produce .dwarf.json file contains the analytical result in the same folder.
">
-A -c -S"ida_parse_f5.py"
This IDA-python script will produce .ida.json file contains the analytical result of IDA in the same folder.
python3 module_analysis.py
If you run the first two steps and successfully get .dwarf.json as well as .ida.json file, then this module_analysis.py script will perform comprehensive analysis of these two. The result will be stored in .ans.json file.
This is an example of the .ans.json file:
{
"ModuleInfo": {
"ida_num_total": 4831,
"ida_none_num_total": 683,
"ida_has_dwarf_total": 306,
"ida_reg_num_total": 4357,
"ida_stack_num_total": 474,
"dwarf_num_total": 2156,
"dwarf_none_num_total": 585,
"dwarf_reg_num_total": 1128,
"dwarf_stack_num_total": 215,
"dwarf_poly_num_total": 78,
"dwarf_unknown_num_total": 150,
"ans_ida_identified_num_total": 194
},
"FunctionInfo": [
{
"func_name": "errorlimit",
"ida_num": 6,
"ida_none_num": 1,
"ida_has_dwarf": 0,
"ida_reg_num": 6,
"ida_stack_num": 0,
"dwarf_num": 0,
"dwarf_none_num": 0,
"dwarf_reg_num": 0,
"dwarf_stack_num": 0,
"dwarf_poly_num": 0,
"dwarf_unknown_num": 0,
"ans_ida_identified_num": 0
}
···
]
111 Dec 23, 2022
1 Jan 05, 2022
3 Sep 24, 2022
1 Dec 26, 2021
2 Dec 13, 2021
3 Feb 15, 2022
1 Jan 14, 2022
1.5k Jan 08, 2023
0 Feb 20, 2022
4 Apr 03, 2022
349 Jan 06, 2023
80 Dec 29, 2022
8 May 25, 2022
3 Sep 08, 2021
38 Jul 17, 2022
21 Jun 08, 2022
2 Jan 20, 2022
8 Nov 30, 2022
1.3k Jan 04, 2023
6 Aug 12, 2022