Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

IDA 7.7 support #145

Draft
wants to merge 1 commit into
base: master
Choose a base branch
from
Draft
Show file tree
Hide file tree
Changes from all commits
Commits
File filter

Filter by extension

Filter by extension


Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
2 changes: 1 addition & 1 deletion 3rdparty/README.txt
Original file line number Diff line number Diff line change
@@ -1 +1 @@
To build the IDA plugin, extract the contents of idasdk695.zip in the directory "idasdk"
To build the IDA plugin, extract the contents of idasdk77.zip into idasdk folder.
8 changes: 4 additions & 4 deletions Documentation/ScyllaHideDocumentation.tex
Original file line number Diff line number Diff line change
Expand Up @@ -60,7 +60,7 @@ \section{Description}
\begin{itemize}
\item OllyDbg v1 and v2 \url{http://www.ollydbg.de}
\item x64dbg \url{http://x64dbg.com} or \url{https://github.com/x64dbg/x64dbg}
\item Hex-Rays IDA v6 \url{https://www.hex-rays.com/products/ida}
\item Hex-Rays IDA v7.7 \url{https://www.hex-rays.com/products/ida}
\item TitanEngine v2 \url{https://bitbucket.org/mrexodia/titanengine-update} and \url{http://www.reversinglabs.com/open-source/titanengine.html}
\end{itemize}

Expand All @@ -85,14 +85,14 @@ \subsection{OllyDbg v1}
\subsection{OllyDbg v2}
Copy scylla\_hide.ini, HookLibraryx86.dll and ScyllaHideOlly2.dll to your specific plugins directory.

\subsection{IDA v6}
\subsection{IDA v7.7}
\textbf{32-bit:}
Copy scylla\_hide.ini, HookLibraryx86.dll and ScyllaHideIDA.plw to your IDA plugins directory.

\textbf{64-bit:}
Copy scylla\_hide.ini, HookLibraryx64.dll, ScyllaHideIDASrvx64.exe and ScyllaHideIDA.p64 to your IDA plugins directory.
Copy ScyllaHideIDAProPlugin64.dll and scylla\_hide.ini to your IDA plugins directory.

Note: \\Start ScyllaHideIDASrvx64.exe to debug 64bit applications remotely. \\Start ScyllaHideIDASrvx86.exe to debug 32bit applications remotely.
Note: \\Start ScyllaHideIDAServerx64.exe to debug 64bit applications remotely. \\Start ScyllaHideIDASrvx86.exe to debug 32bit applications remotely.

Command line: ScyllaHideIDASrvxXX.exe <port>\\
For example: ScyllaHideIDASrvxXX.exe 1345
Expand Down
2 changes: 1 addition & 1 deletion PluginGeneric/AttachDialog.cpp
Original file line number Diff line number Diff line change
Expand Up @@ -27,7 +27,7 @@ extern HWND hwmain; // Handle of main OllyDbg window
#elif OLLY2
HWND hwmain = hwollymain;
#elif __IDP__
HWND hwmain = (HWND)callui(ui_get_hwnd).vptr;
HWND hwmain = GetForegroundWindow();
#elif X64DBG
extern HWND hwndDlg;
HWND hwmain;
Expand Down
9 changes: 5 additions & 4 deletions PluginGeneric/OptionsDialog.cpp
Original file line number Diff line number Diff line change
Expand Up @@ -642,8 +642,9 @@ INT_PTR CALLBACK OptionsDlgProc(HWND hDlg, UINT message, WPARAM wParam, LPARAM l
break;
wstrNewProfileName.resize(lstrlenW(wstrNewProfileName.c_str()));

#elif defined(__IDP__)
auto szNewProfileName = askstr(0, "", "New profile name?");
#elif defined(__IDP__)
qstring empty;
auto szNewProfileName = ask_str(&empty, 0, "New profile name?");
if (!szNewProfileName)
break;
wstrNewProfileName = scl::wstr_conv().from_bytes(szNewProfileName);
Expand Down Expand Up @@ -871,7 +872,7 @@ INT_PTR CALLBACK OptionsDlgProc(HWND hDlg, UINT message, WPARAM wParam, LPARAM l
break;

EndDialog(hDlg, NULL);
DialogBoxW(hinst, MAKEINTRESOURCE(IDD_ATTACH), (HWND)callui(ui_get_hwnd).vptr, &AttachProc);
DialogBoxW(hinst, MAKEINTRESOURCE(IDD_ATTACH), GetForegroundWindow(), &AttachProc);
break;
}

Expand All @@ -880,7 +881,7 @@ INT_PTR CALLBACK OptionsDlgProc(HWND hDlg, UINT message, WPARAM wParam, LPARAM l
if (HIWORD(wParam) != BN_CLICKED)
break;

scl::ShowAboutBox((HWND)callui(ui_get_hwnd).vptr);
scl::ShowAboutBox(GetForegroundWindow());
break;
}
#endif
Expand Down
15 changes: 8 additions & 7 deletions ScyllaHideIDAProPlugin/ScyllaHideIDAProPlugin.cpp
Original file line number Diff line number Diff line change
Expand Up @@ -5,7 +5,7 @@
//for 64bit - p64
#ifdef BUILD_IDA_64BIT
#define __EA64__
#pragma comment(lib, "x86_win_vc_64/ida.lib")
#pragma comment(lib, "x64_win_vc_32/ida.lib") // TODO: I only found this in IDA 7.7 SDK, but x64_win_vc_64 exists on 8.0
#else
//for 32bit - plw
#pragma comment(lib, "x86_win_vc_32/ida.lib")
Expand Down Expand Up @@ -64,14 +64,14 @@ static void AttachProcess(DWORD dwPID)
switch (res) {
case -1:
{
MessageBoxA((HWND)callui(ui_get_hwnd).vptr,
MessageBoxA(GetForegroundWindow(),
"Can't attach to that process !",
"ScyllaHide Plugin", MB_OK | MB_ICONERROR);
break;
}
case -2:
{
MessageBoxA((HWND)callui(ui_get_hwnd).vptr,
MessageBoxA(GetForegroundWindow(),
"Can't find that PID !",
"ScyllaHide Plugin", MB_OK | MB_ICONERROR);
break;
Expand Down Expand Up @@ -102,7 +102,7 @@ static bool SetDebugPrivileges()
}

//callback for various debug events
static int idaapi debug_mainloop(void *user_data, int notif_code, va_list va)
static ssize_t idaapi debug_mainloop(void *user_data, int notif_code, va_list va)
{
switch (notif_code)
{
Expand Down Expand Up @@ -295,13 +295,14 @@ static void idaapi IDAP_term(void)
}

//called when user clicks in plugin menu or presses hotkey
static void idaapi IDAP_run(int arg)
static bool idaapi IDAP_run(size_t arg)
{
DialogBoxW(hinst, MAKEINTRESOURCE(IDD_OPTIONS), (HWND)callui(ui_get_hwnd).vptr, &OptionsDlgProc);
DialogBoxW(hinst, MAKEINTRESOURCE(IDD_OPTIONS), GetForegroundWindow(), &OptionsDlgProc);
return true;
}

//init the plugin
static int idaapi IDAP_init(void)
static plugmod_t* idaapi IDAP_init(void)
{
//ensure target is PE executable
if (inf.filetype != f_PE) return PLUGIN_SKIP;
Expand Down
Loading