A private Lumina server that can be used with IDA Pro 7.2+.
lumen.abda.nl runs this server.
You can read about the protocol research here.
- Stores function signatures so you (and your team) can quickly identify functions that you found in the past using IDA's built-in Lumina features.
- Backed by PostgreSQL
- Experimental HTTP API that allows querying the database for comments by file or function hash.
Pre-built binaries are not distributed at the moment, you will have to build lumen on your own.
git clone https://github.com/naim94a/lumen.git
- Get a rust toolchain: https://rustup.rs/
cd lumen
- Setup a Postgres database and execute src/schema.sql on it
cargo +nightly build --release
- Install
docker-engine
anddocker-compose
. - If using a custom TLS certificate, copy the private key (
.p12
/.pfx
extension) to./dockershare
and set the key password in.env
asPKCSPASSWD
. - If using a custom Lumen config, copy it to
./dockershare/config.toml
. - Otherwise, or if you have finished these steps, just run
docker-compose up
. - Regardless, if TLS is enabled in the
config.toml
, ahexrays.crt
will be generated in./dockershare
to be copied to the IDA install directory.
./lumen -c config.toml
You will need IDA Pro 7.2 or above in order to use lumen.
The following information may get sent to lumen server: IDA key, Hostname, IDB path, original file path, file MD5, function signature, stack frames & comments.
- In your IDA's installation directory open "cfg\ida.cfg" with your favorite text editor (Example: C:\Program Files\IDA Pro 7.5\cfg\ida.cfg)
- Locate the commented out
LUMINA_HOST
,LUMINA_PORT
, and change their values to the address of your lumen server. - If you didn't configure TLS, Add "LUMINA_TLS = NO" after the line with
LUMINA_PORT
.
Example:
LUMINA_HOST = "192.168.1.1";
LUMINA_PORT = 1234
// Only if TLS isn't used:
LUMINA_TLS = NO
IDA Pro uses a pinned certificate for Lumina's communcation, so adding a self-signed certificate to your root certificates won't work. Luckily, we can override the hard-coded public key by writing a DER-base64 encoded certificate to "hexrays.crt" in IDA's install directory.
You may find the following commands useful:
# create a certificate
openssl req -x509 -newkey rsa:4096 -keyout lumen_key.pem -out lumen_crt.pem -days 365 -nodes
# convert to pkcs12 for lumen; used for `lumen.tls` in config
openssl pkcs12 -export -out lumen.p12 -inkey lumen_key.pem -in lumen_crt.pem
# export public-key for IDA; Copy hexrays.crt to IDA installation folder
openssl x509 -in lumen_crt.pem -out hexrays.crt
No attempt is made to merge function data - this may casuse a situation where metadata is inconsistent. Instead, the metadata with the highest calculated score is returned to the user.
sudo docker exec --env PGPASSWORD=1 -it lumina-postgres psql -A -U lumina -d lumina --no-password -P pager=off -c "select encode(files.chksum, 'hex'), file_path, funcs.name from funcs join dbs on funcs.db_id = dbs.id join files on dbs.file_id = files.id where funcs.name like 'sm_%' ;" -F';'
Developed by Naim A.; License: MIT.