ida-images：IDA反汇编程序的图像预览插件

共18个文件

py：12个

rgb：1个

gitignore：1个

python

data-visualization

forensics

ida-pro

5星 · 超过95%的资源需积分: 9 73 浏览量 2021-02-05 06:21:08 上传评论收藏 14KB ZIP 举报

资源详情

资源评论

资源推荐

收起资源包目录

ida-images-master.zip （18个子文件）

ida-images-master

librgb

shortcut_manager.py 3KB

window_adapter.py 6KB

renderer.py 4KB

pixel_formats.py 2KB

reader.py 516B

__init__.py 255B

file_reader.py 823B

memory_reader.py 3KB

qt_shims.py 336B

renderer_params.py 2KB

.pylintrc 289B

LICENSE 1KB

setup.py 169B

README.md 3KB

rgb 3KB

rgb-ida.py 3KB

.gitignore 7B

pyproject.toml 165B

# ida-images Image preview plugin for Ida disassembler. ## Application I made this plugin to ease finding image decoding routines - I can run some complex code and see if the memory contains the image I'm looking for afterwards. ## Features - Standalone frontend for analyzing plain files - Multiple pixel formats to choose from: RGB, BGR, alpha channels, etc. - Saving as PNG - Adjusting brightness (useful for searching for images using palettes) - Flipping vertically (useful for analyzing images using BMP-like layout) - Convenient keyboard shortcuts: - <kbd>G</kbd> - go to address (supports input such as `edi`) - <kbd>Q</kbd> - close - <kbd>Ctrl</kbd> + <kbd>S</kbd> - save as… - <kbd>Ctrl</kbd> + <kbd>F</kbd> - toggle vertical flip - <kbd>H</kbd> - shrink size horizontally by 1 pixel - <kbd>J</kbd> - expand size vertically by 1 pixel - <kbd>K</kbd> - shrink size vertically by 1 pixel - <kbd>L</kbd> - expand size horizontally by 1 pixel - <kbd>Shift</kbd> + <kbd>H</kbd> - shrink size horizontally by 25 pixels - <kbd>Shift</kbd> + <kbd>J</kbd> - expand size vertically by 25 pixels - <kbd>Shift</kbd> + <kbd>K</kbd> - shrink size vertically by 25 pixels - <kbd>Shift</kbd> + <kbd>L</kbd> - expand size horizontally by 25 pixels - <kbd>←</kbd> - go backward by one byte - <kbd>→</kbd> - go forward by one byte - <kbd>Shift</kbd> + <kbd>←</kbd> - go backward by 25 bytes - <kbd>Shift</kbd> + <kbd>→</kbd> - go forward by 25 bytes - <kbd>Ctrl</kbd> + <kbd>←</kbd> - go backward by 1/10 a "page" - <kbd>Ctrl</kbd> + <kbd>→</kbd> - go forward by 1/10 a "page" - <kbd>Ctrl</kbd> + <kbd>Shift</kbd> + <kbd>←</kbd> - go backward by one "page" - <kbd>Ctrl</kbd> + <kbd>Shift</kbd> + <kbd>→</kbd> - go forward by one "page" Additionally, I'm open to feature requests, as long as they won't make the code too bloated. ## Installing IDA plugin Either drop the `rgb-ida.py` file and `librgb` directory in `C:\Program Files\IDA 7.0\plugins` (or similar) and then run it via <kbd>Ctrl</kbd> + <kbd>3</kbd>, or run the script manually with <kbd>Alt</kbd> + <kbd>F9</kbd>. Tested on: IDA Pro 6.6, 6.8, 7.0 ## Installing standalone version In this case you can either directly use `./rgb`, or install it globally with `sudo python setup.py install`. ## Seeing it in action #### Viewing program code ![A piece of code](https://cloud.githubusercontent.com/assets/1045476/10188909/5caf5f88-6763-11e5-9398-eae1df05b941.png) I have no idea what the gradients are there for, but it's certainly interesting! ![Are you LZSS?](https://cloud.githubusercontent.com/assets/1045476/10188952/9f488f36-6763-11e5-91cf-76fd63d47c0d.png) More mysterious data. #### Viewing actual bitmap ![A bitmap](https://cloud.githubusercontent.com/assets/1045476/10188916/65e391be-6763-11e5-8388-967cde0c7c6e.png) Now all that's left is to localize the exact function that allocated this segment... and voilà.