- Reads keywords from IDA-generated pseudocode, and formats them into a form that is friendly for server encodes
- Options for varying the accuracy of packet structure pulls
- Shows the structure of packets
- Writes all packet structures to an identically named output file in
MaplePacketPuller/IDA Maple Script/FuncOutput/
- Ability to search for InHeader opcodes
while()
loops aren't properly handled, i.e. whether a decode is in the scope of one well- Possible circumvention: may be rectified if
GET_ALL_DECODES = true
- Possible circumvention: may be rectified if
- The constant
GET_ALL_DECODES
when set toTrue
for increased accuracy, has major aesthetic drawbacks - This script assumes that you have named the disassembled function in IDA according to the function you want to pull packet structures from
- This script does not display switch cases - can be added by user
Target | Tested | |
---|---|---|
Python | 3.8.5 | 3.6.12 & 3.8.6 |
IDA Pro 32-bit | 7.0 | 7.0 |
Editor | Atom | Atom |
CLI Interpretor | cmd | pwsh 7.0 |
Other variants for contributors to test:
- Python 2.7
- NOT COMPATIBLE: use of os.scandir() makes it non-backwards compatible with versions older than 3.6
- Python 3.6
NOT COMPATIBLE: probably a result of how f-strings handle backslashes- Update: Fixed as of commit 10a9fd86c4da264ef6d1d73a6aca248343cf63f6
- IDA 6.8
- IDA 7.5
- IDLE
- PyCharm Community Edition 2020.1.1 (or later)
- COMPATIBLE Tested as of commit
dfef676d4897dbc8195120f6f803a8810420d319
- COMPATIBLE Tested as of commit
INPUT: .txt
file containing C-pseudocode from IDA disassembly
OUTPUT: .txt
file containing packet structure & console output
- NOTE: You will have to create a
.txt
file in theFunctions
directory with the copy-pasted pseudocode from IDA (examples in there)MaplePacketPuller/IDA Maple Script/Functions
-
Navigate to
MaplePacketPuller/IDA Maple Script/src/main/python
inCLI
and runmain.py
- Alternatively use a Python IDE like PyCharm
-
Input the type of Analysis you want to do
-
Input the name of the file you want to analyze, i.e. the txt file you've just created
-
Let the program analyze it.
-
Now packet structure should be yours!
- see
MaplePacketPuller/IDA Maple Script/FuncOutput/
- see
The console output should look a little something like this: