├── .gitignore ├── LICENSE ├── Nmakefile ├── README.md ├── debug.bat ├── demo ├── build.bat ├── demo.vcxproj ├── demo.vcxproj.filters └── test.cpp ├── ida-splode.sln ├── ida-splode.vcxproj ├── py ├── idapython_script.py ├── idasplode │ ├── __init__.py │ ├── addr.py │ ├── analysis │ │ ├── __init__.py │ │ ├── branch.py │ │ ├── memory.py │ │ ├── meta.py │ │ ├── reconstruct.py │ │ ├── struct.py │ │ └── xref.py │ ├── color.py │ ├── comment.py │ ├── database.py │ ├── dynamic.py │ ├── font_table.py │ ├── help.py │ ├── hotkeys.py │ ├── ida.py │ ├── main.py │ ├── name.py │ ├── pymongoloader.py │ ├── query.py │ ├── readercrash.py │ ├── scan.py │ ├── segment.py │ ├── settings.py │ ├── stack.py │ ├── test.py │ ├── vftable.py │ └── virt.cc └── pymongoloader.py ├── rebuild.bat ├── release.bat ├── run.bat ├── slides ├── demo.idb └── slides.pdf └── src ├── address-instrumenter.h ├── allocator.cpp ├── allocator.h ├── common.h ├── data-type.cpp ├── data-type.h ├── heap-handle.cpp ├── heap-handle.h ├── hook.cpp ├── hook.h ├── ida-splode.cpp ├── ida-splode.h ├── image-logger.cpp ├── image-logger.h ├── image-symbol-loader.cpp ├── image-symbol-loader.h ├── image-whitelister.cpp ├── image-whitelister.h ├── instruction-logger.cpp ├── instruction-logger.h ├── instrumenter.h ├── knobs.cpp ├── knobs.h ├── log-branch.cpp ├── log-branch.h ├── log-memory.cpp ├── log-memory.h ├── log.cpp ├── log.h ├── logfile.h ├── md5.cpp ├── md5.h ├── memory-metadata.cpp ├── memory-metadata.h ├── named-image-instrumenter.cpp ├── named-image-instrumenter.h ├── page-heap.cpp ├── page-heap.h ├── pinlock.h ├── sortable-mixin.h ├── stack-instrumenter.cpp ├── stack-instrumenter.h ├── stack.cpp ├── stack.h ├── stringutil.h ├── symbol.cpp ├── symbol.h ├── symbolic-heap.cpp ├── symbolic-heap.h ├── symbolic-resolver.h ├── thread.cpp ├── thread.h ├── timearray.h ├── whitelist-instrumenter.h ├── whitelist.cpp ├── whitelist.h └── win.h /.gitignore: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/zachriggle/ida-splode/HEAD/.gitignore -------------------------------------------------------------------------------- /LICENSE: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/zachriggle/ida-splode/HEAD/LICENSE -------------------------------------------------------------------------------- /Nmakefile: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/zachriggle/ida-splode/HEAD/Nmakefile -------------------------------------------------------------------------------- /README.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/zachriggle/ida-splode/HEAD/README.md -------------------------------------------------------------------------------- /debug.bat: -------------------------------------------------------------------------------- 1 | windbg32 -g -G -o -Q cmd.exe /C run.bat Debug 2 | -------------------------------------------------------------------------------- /demo/build.bat: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/zachriggle/ida-splode/HEAD/demo/build.bat -------------------------------------------------------------------------------- /demo/demo.vcxproj: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/zachriggle/ida-splode/HEAD/demo/demo.vcxproj -------------------------------------------------------------------------------- /demo/demo.vcxproj.filters: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/zachriggle/ida-splode/HEAD/demo/demo.vcxproj.filters -------------------------------------------------------------------------------- /demo/test.cpp: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/zachriggle/ida-splode/HEAD/demo/test.cpp -------------------------------------------------------------------------------- /ida-splode.sln: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/zachriggle/ida-splode/HEAD/ida-splode.sln -------------------------------------------------------------------------------- /ida-splode.vcxproj: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/zachriggle/ida-splode/HEAD/ida-splode.vcxproj -------------------------------------------------------------------------------- /py/idapython_script.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/zachriggle/ida-splode/HEAD/py/idapython_script.py -------------------------------------------------------------------------------- /py/idasplode/__init__.py: -------------------------------------------------------------------------------- 1 | #!/usr/bin/env python 2 | # -*- coding: latin-1 -*- 3 | -------------------------------------------------------------------------------- /py/idasplode/addr.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/zachriggle/ida-splode/HEAD/py/idasplode/addr.py -------------------------------------------------------------------------------- /py/idasplode/analysis/__init__.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/zachriggle/ida-splode/HEAD/py/idasplode/analysis/__init__.py -------------------------------------------------------------------------------- /py/idasplode/analysis/branch.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/zachriggle/ida-splode/HEAD/py/idasplode/analysis/branch.py -------------------------------------------------------------------------------- /py/idasplode/analysis/memory.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/zachriggle/ida-splode/HEAD/py/idasplode/analysis/memory.py -------------------------------------------------------------------------------- /py/idasplode/analysis/meta.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/zachriggle/ida-splode/HEAD/py/idasplode/analysis/meta.py -------------------------------------------------------------------------------- /py/idasplode/analysis/reconstruct.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/zachriggle/ida-splode/HEAD/py/idasplode/analysis/reconstruct.py -------------------------------------------------------------------------------- /py/idasplode/analysis/struct.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/zachriggle/ida-splode/HEAD/py/idasplode/analysis/struct.py -------------------------------------------------------------------------------- /py/idasplode/analysis/xref.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/zachriggle/ida-splode/HEAD/py/idasplode/analysis/xref.py -------------------------------------------------------------------------------- /py/idasplode/color.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/zachriggle/ida-splode/HEAD/py/idasplode/color.py -------------------------------------------------------------------------------- /py/idasplode/comment.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/zachriggle/ida-splode/HEAD/py/idasplode/comment.py -------------------------------------------------------------------------------- /py/idasplode/database.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/zachriggle/ida-splode/HEAD/py/idasplode/database.py -------------------------------------------------------------------------------- /py/idasplode/dynamic.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/zachriggle/ida-splode/HEAD/py/idasplode/dynamic.py -------------------------------------------------------------------------------- /py/idasplode/font_table.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/zachriggle/ida-splode/HEAD/py/idasplode/font_table.py -------------------------------------------------------------------------------- /py/idasplode/help.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/zachriggle/ida-splode/HEAD/py/idasplode/help.py -------------------------------------------------------------------------------- /py/idasplode/hotkeys.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/zachriggle/ida-splode/HEAD/py/idasplode/hotkeys.py -------------------------------------------------------------------------------- /py/idasplode/ida.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/zachriggle/ida-splode/HEAD/py/idasplode/ida.py -------------------------------------------------------------------------------- /py/idasplode/main.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/zachriggle/ida-splode/HEAD/py/idasplode/main.py -------------------------------------------------------------------------------- /py/idasplode/name.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/zachriggle/ida-splode/HEAD/py/idasplode/name.py -------------------------------------------------------------------------------- /py/idasplode/pymongoloader.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/zachriggle/ida-splode/HEAD/py/idasplode/pymongoloader.py -------------------------------------------------------------------------------- /py/idasplode/query.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/zachriggle/ida-splode/HEAD/py/idasplode/query.py -------------------------------------------------------------------------------- /py/idasplode/readercrash.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/zachriggle/ida-splode/HEAD/py/idasplode/readercrash.py -------------------------------------------------------------------------------- /py/idasplode/scan.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/zachriggle/ida-splode/HEAD/py/idasplode/scan.py -------------------------------------------------------------------------------- /py/idasplode/segment.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/zachriggle/ida-splode/HEAD/py/idasplode/segment.py -------------------------------------------------------------------------------- /py/idasplode/settings.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/zachriggle/ida-splode/HEAD/py/idasplode/settings.py -------------------------------------------------------------------------------- /py/idasplode/stack.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/zachriggle/ida-splode/HEAD/py/idasplode/stack.py -------------------------------------------------------------------------------- /py/idasplode/test.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/zachriggle/ida-splode/HEAD/py/idasplode/test.py -------------------------------------------------------------------------------- /py/idasplode/vftable.py: -------------------------------------------------------------------------------- 1 | -------------------------------------------------------------------------------- /py/idasplode/virt.cc: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/zachriggle/ida-splode/HEAD/py/idasplode/virt.cc -------------------------------------------------------------------------------- /py/pymongoloader.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/zachriggle/ida-splode/HEAD/py/pymongoloader.py -------------------------------------------------------------------------------- /rebuild.bat: -------------------------------------------------------------------------------- 1 | del /F /S /Q Debug Release > NUL 2 | build.bat 3 | -------------------------------------------------------------------------------- /release.bat: -------------------------------------------------------------------------------- 1 | run.bat Release 2 | -------------------------------------------------------------------------------- /run.bat: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/zachriggle/ida-splode/HEAD/run.bat -------------------------------------------------------------------------------- /slides/demo.idb: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/zachriggle/ida-splode/HEAD/slides/demo.idb -------------------------------------------------------------------------------- /slides/slides.pdf: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/zachriggle/ida-splode/HEAD/slides/slides.pdf -------------------------------------------------------------------------------- /src/address-instrumenter.h: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/zachriggle/ida-splode/HEAD/src/address-instrumenter.h -------------------------------------------------------------------------------- /src/allocator.cpp: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/zachriggle/ida-splode/HEAD/src/allocator.cpp -------------------------------------------------------------------------------- /src/allocator.h: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/zachriggle/ida-splode/HEAD/src/allocator.h -------------------------------------------------------------------------------- /src/common.h: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/zachriggle/ida-splode/HEAD/src/common.h -------------------------------------------------------------------------------- /src/data-type.cpp: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/zachriggle/ida-splode/HEAD/src/data-type.cpp -------------------------------------------------------------------------------- /src/data-type.h: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/zachriggle/ida-splode/HEAD/src/data-type.h -------------------------------------------------------------------------------- /src/heap-handle.cpp: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/zachriggle/ida-splode/HEAD/src/heap-handle.cpp -------------------------------------------------------------------------------- /src/heap-handle.h: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/zachriggle/ida-splode/HEAD/src/heap-handle.h -------------------------------------------------------------------------------- /src/hook.cpp: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/zachriggle/ida-splode/HEAD/src/hook.cpp -------------------------------------------------------------------------------- /src/hook.h: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/zachriggle/ida-splode/HEAD/src/hook.h -------------------------------------------------------------------------------- /src/ida-splode.cpp: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/zachriggle/ida-splode/HEAD/src/ida-splode.cpp -------------------------------------------------------------------------------- /src/ida-splode.h: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/zachriggle/ida-splode/HEAD/src/ida-splode.h -------------------------------------------------------------------------------- /src/image-logger.cpp: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/zachriggle/ida-splode/HEAD/src/image-logger.cpp -------------------------------------------------------------------------------- /src/image-logger.h: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/zachriggle/ida-splode/HEAD/src/image-logger.h -------------------------------------------------------------------------------- /src/image-symbol-loader.cpp: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/zachriggle/ida-splode/HEAD/src/image-symbol-loader.cpp -------------------------------------------------------------------------------- /src/image-symbol-loader.h: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/zachriggle/ida-splode/HEAD/src/image-symbol-loader.h -------------------------------------------------------------------------------- /src/image-whitelister.cpp: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/zachriggle/ida-splode/HEAD/src/image-whitelister.cpp -------------------------------------------------------------------------------- /src/image-whitelister.h: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/zachriggle/ida-splode/HEAD/src/image-whitelister.h -------------------------------------------------------------------------------- /src/instruction-logger.cpp: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/zachriggle/ida-splode/HEAD/src/instruction-logger.cpp -------------------------------------------------------------------------------- /src/instruction-logger.h: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/zachriggle/ida-splode/HEAD/src/instruction-logger.h -------------------------------------------------------------------------------- /src/instrumenter.h: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/zachriggle/ida-splode/HEAD/src/instrumenter.h -------------------------------------------------------------------------------- /src/knobs.cpp: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/zachriggle/ida-splode/HEAD/src/knobs.cpp -------------------------------------------------------------------------------- /src/knobs.h: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/zachriggle/ida-splode/HEAD/src/knobs.h -------------------------------------------------------------------------------- /src/log-branch.cpp: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/zachriggle/ida-splode/HEAD/src/log-branch.cpp -------------------------------------------------------------------------------- /src/log-branch.h: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/zachriggle/ida-splode/HEAD/src/log-branch.h -------------------------------------------------------------------------------- /src/log-memory.cpp: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/zachriggle/ida-splode/HEAD/src/log-memory.cpp -------------------------------------------------------------------------------- /src/log-memory.h: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/zachriggle/ida-splode/HEAD/src/log-memory.h -------------------------------------------------------------------------------- /src/log.cpp: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/zachriggle/ida-splode/HEAD/src/log.cpp -------------------------------------------------------------------------------- /src/log.h: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/zachriggle/ida-splode/HEAD/src/log.h -------------------------------------------------------------------------------- /src/logfile.h: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/zachriggle/ida-splode/HEAD/src/logfile.h -------------------------------------------------------------------------------- /src/md5.cpp: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/zachriggle/ida-splode/HEAD/src/md5.cpp -------------------------------------------------------------------------------- /src/md5.h: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/zachriggle/ida-splode/HEAD/src/md5.h -------------------------------------------------------------------------------- /src/memory-metadata.cpp: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/zachriggle/ida-splode/HEAD/src/memory-metadata.cpp -------------------------------------------------------------------------------- /src/memory-metadata.h: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/zachriggle/ida-splode/HEAD/src/memory-metadata.h -------------------------------------------------------------------------------- /src/named-image-instrumenter.cpp: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/zachriggle/ida-splode/HEAD/src/named-image-instrumenter.cpp -------------------------------------------------------------------------------- /src/named-image-instrumenter.h: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/zachriggle/ida-splode/HEAD/src/named-image-instrumenter.h -------------------------------------------------------------------------------- /src/page-heap.cpp: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/zachriggle/ida-splode/HEAD/src/page-heap.cpp -------------------------------------------------------------------------------- /src/page-heap.h: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/zachriggle/ida-splode/HEAD/src/page-heap.h -------------------------------------------------------------------------------- /src/pinlock.h: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/zachriggle/ida-splode/HEAD/src/pinlock.h -------------------------------------------------------------------------------- /src/sortable-mixin.h: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/zachriggle/ida-splode/HEAD/src/sortable-mixin.h -------------------------------------------------------------------------------- /src/stack-instrumenter.cpp: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/zachriggle/ida-splode/HEAD/src/stack-instrumenter.cpp -------------------------------------------------------------------------------- /src/stack-instrumenter.h: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/zachriggle/ida-splode/HEAD/src/stack-instrumenter.h -------------------------------------------------------------------------------- /src/stack.cpp: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/zachriggle/ida-splode/HEAD/src/stack.cpp -------------------------------------------------------------------------------- /src/stack.h: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/zachriggle/ida-splode/HEAD/src/stack.h -------------------------------------------------------------------------------- /src/stringutil.h: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/zachriggle/ida-splode/HEAD/src/stringutil.h -------------------------------------------------------------------------------- /src/symbol.cpp: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/zachriggle/ida-splode/HEAD/src/symbol.cpp -------------------------------------------------------------------------------- /src/symbol.h: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/zachriggle/ida-splode/HEAD/src/symbol.h -------------------------------------------------------------------------------- /src/symbolic-heap.cpp: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/zachriggle/ida-splode/HEAD/src/symbolic-heap.cpp -------------------------------------------------------------------------------- /src/symbolic-heap.h: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/zachriggle/ida-splode/HEAD/src/symbolic-heap.h -------------------------------------------------------------------------------- /src/symbolic-resolver.h: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/zachriggle/ida-splode/HEAD/src/symbolic-resolver.h -------------------------------------------------------------------------------- /src/thread.cpp: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/zachriggle/ida-splode/HEAD/src/thread.cpp -------------------------------------------------------------------------------- /src/thread.h: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/zachriggle/ida-splode/HEAD/src/thread.h -------------------------------------------------------------------------------- /src/timearray.h: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/zachriggle/ida-splode/HEAD/src/timearray.h -------------------------------------------------------------------------------- /src/whitelist-instrumenter.h: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/zachriggle/ida-splode/HEAD/src/whitelist-instrumenter.h -------------------------------------------------------------------------------- /src/whitelist.cpp: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/zachriggle/ida-splode/HEAD/src/whitelist.cpp -------------------------------------------------------------------------------- /src/whitelist.h: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/zachriggle/ida-splode/HEAD/src/whitelist.h -------------------------------------------------------------------------------- /src/win.h: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/zachriggle/ida-splode/HEAD/src/win.h --------------------------------------------------------------------------------