Posted by Aaron Portnoy
…so I reversed your reversing tool to help you reverse better.
MindshaRE is our periodic look at some simple reverse engineering tips and tricks. The goal is to keep things small and discuss every day aspects of reversing. You can view previous entries by going through our blog history or querying a search engine for dvlabs mindshare.
So, apparently, sometimes there are bugs in code. One in particular was thwarting some of my attempts at getting access to some previously unavailable IDA functionality: http://bugs.pyside.org/show_bug.cgi?id=816.
Specifically, I was running into this problem when trying to get access to IDA’s QCoreApplication instance.
Pythonfrom PySide import QtCore
Pythonqapp = QtCore.QCoreApplication.instance()
Pythonqapp.children()
Traceback (most recent call last):
File “”, line 1, in
RuntimeError: Internal C++ object (PySide.QtCore.QCoreApplication) already deleted.
The reason I wanted to access the application object was fairly trivial: I wanted to be able to hook the GraphColor1 action that you can specify in your idagui.cfg:
“GraphColor1″ = 0 // Set node color 1
As far as I could tell, there was no way to color a basic block in IDA programmatically without traversing (continue reading…)
Article source: http://feedproxy.google.com/~r/TheSecurityBlog/~3/K8WZHbz3aVI/
View full post on National Cyber Security