Bochs executable "bochsdbg.exe" is not found: Please install Bochs and/or specify the location of "b

Is there anyone know how to solve this

I will hopefully learn enough to submit a PR on this, but I wanted to open this issue to request ida/plugins/mipsrop/mipsrop.py be upgraded to the IDA 6.7+ Actions API.

Details, including code samples on what needs to be added, can be found here: http://www.hexblog.com/?p=886 There is also an open PR for a similar refactoring for a different plugin.

Basically, since IDA 6.7 onward, plugins are supposed to use the Actions API instead of the old menu APIs. Starting with IDA 7.0 onward, these old APIs have been completely removed. Anyone trying to use IDA 7.0+ will receive 2 errors when starting up IDA and trying to use mipsrop.py:

Failed while executing plugin_t.init():
Traceback (most recent call last):
  File "C:/Program Files/IDA 7.0/plugins/mipsrop.py", line 703, in init
    self.menu_context = idaapi.add_menu_item("Search/", "mips rop gadgets", "", 0, self.run, (None,))
AttributeError: 'module' object has no attribute 'add_menu_item'

And:

Failed while executing plugin_t.term():
Traceback (most recent call last):
  File "C:/Program Files/IDA 7.0/plugins/mipsrop.py", line 707, in term
    idaapi.del_menu_item(self.menu_context)
AttributeError: 'module' object has no attribute 'del_menu_item'

Cheers!

class AlleyCatCodePaths(AlleyCat):

    def __init__(self, start_ea, end_ea, quiet=False):
        end_func = idaapi.get_func(end_ea)
        start_func = idaapi.get_func(start_ea)

        if not start_func:
            raise AlleyCatException("Address 0x%X is not part of a function!" %
                                    start_ea)
        if not end_func:
            raise AlleyCatException("Address 0x%X is not part of a function!" %
                                    end_ea)

        start_func_ea = ida_shims.start_ea(start_func)
        end_func_ea = ida_shims.end_ea(end_func)  #  end_func_ea is wrong

The code should be corrected as follows:
end_func_ea = ida_shims.start_ea(end_func)

After putting misrop.py in the plugins directory and restarting in the ida7.5 version, the search does not show the plugins. What is going on?

I have tried to install plugin directory into IDA8.1 directory in Windows OS:

python install.py --install -d "c:\Program Files\IDA Pro 8.1"
But I got an error:

Installing plugins from c:\Users\xxxxx\Desktop\ida\plugins to c:\Program Files\IDA Pro 8.1\plugins...
Installing alleycat...alleycat is not a known plugin. Skipping copy...Done
Installing codatify...codatify is not a known plugin. Skipping copy...Done
Installing fluorescence...fluorescence is not a known plugin. Skipping copy...Done
Installing funcprofiler...funcprofiler is not a known plugin. Skipping copy...Done
Installing leafblower...leafblower is not a known plugin. Skipping copy...Done
Installing localxrefs...localxrefs is not a known plugin. Skipping copy...Done
Installing mipslocalvars...mipslocalvars is not a known plugin. Skipping copy...Done
Installing mipsrop...mipsrop is not a known plugin. Skipping copy...Done
Installing rizzo...rizzo is not a known plugin. Skipping copy...Done
Installing shims...Traceback (most recent call last):
  File "install.py", line 108, in <module>
    install_plugins(args.directory)
  File "install.py", line 50, in install_plugins
    open(os.path.join(shims_dir, '__init__.py'), 'a').close()
FileNotFoundError: [Errno 2] No such file or directory: 'c:\\Program Files\\IDA Pro 8.1\\plugins\\shims\\__init__.py'

https://github.com/tacnetsol/ida/blob/master/plugins/install.py#L50

Unable to use codatify with IDA 7.0, using any feature gives the following error on the output window:

Traceback (most recent call last):
File "C:/Program Files/IDA 7.0/plugins/codatify.py", line 451, in activate
cd = Codatify()
TypeError: 'NoneType' object is not callable

edit: can confirm its working with 7.2

Currently idc.ChooseFunction(...) only returns a list of functions compiled into the binary. This means that it is not possible to select an imported function (e.g. send) and have alleycat do it's thing.

It would be amazing if alleycat could iterate through imported functions and manage xrefs from them as well.

I had to uncomment the following lines to run the script correctly:

if name == 'main':
mipsrop = MIPSROPFinder()

Great work! Congrats! ;)

If the first entry in the data section is a string Fixup Data will not convert it to a string and instead will force it to a DWORD.

Is it possible / this is a request for enhancement / to create riz signatures without having to load up IDA?

Basically the idea is to be able to create many signatures on systems without having to go the way to singlehandedly every file.
e.g. create riz-signatures of all my linux so files.

They're broken, I tell you, broken!!!

https://github.com/devttys0/ida/tree/master/plugins/mipsrop

after i copy the plugin py file and start IDA pro, this message box just show up, what should i do?

mipsrop code(line 391-392):

        for xref in idautils.XrefsTo(idc.LocByName('system')):
            ea = xref.frm
            if ea >= start_ea and ea <= end_ea and idc.GetMnem(ea)[0] in ['j', 'b']:

in line 391,392, ea value might is Elf32_Sym addr of the function system, so index out of bound error occurred while executing idc.GetMnem(ea)[0]. I think we should judge idc.GetMnem(ea) return value whether is null.

add:

        for xref in idautils.XrefsTo(idc.LocByName('system')):
            ea = xref.frm
            if ea >= start_ea and ea <= end_ea:
                if idc.GetMnem(ea) != "" and idc.GetMnem(ea)[0] in ['j',  'b']:

please remove

Segment selection or address range...

A really small scan takes too long I wait for hours for the scan to complete.
The biggest reason for this is, of course, that IDA software runs a single core for the plugin.
So some features can make this plugin more useful

Traceback (most recent call last):
File "D:/IDA 7.0/plugins/mipsrop.py", line 721, in activate
mipsrop = MIPSROPFinder()
File "D:/IDA 7.0/plugins/mipsrop.py", line 208, in init
self._initial_find()
File "D:/IDA 7.0/plugins/mipsrop.py", line 226, in _initial_find
self.system_calls += self._find_system_calls(start, end)
File "D:/IDA 7.0/plugins/mipsrop.py", line 393, in _find_system_calls
if ea >= start_ea and ea <= end_ea and idc.GetMnem(ea)[0] in ['j', 'b']:
IndexError: string index out of range

IDA PRO 7.5
Windows 10 1607
Python 3.8

Traceback (most recent call last):
File "C:/IDA Pro 7.5/plugins/localxrefs.py", line 198, in activate
show_local_xrefs()
File "C:/IDA Pro 7.5/plugins/localxrefs.py", line 167, in show_local_xrefs
r = LocalXrefs()
File "C:/IDA Pro 7.5/plugins/localxrefs.py", line 64, in init
self._profile_function()
File "C:/IDA Pro 7.5/plugins/localxrefs.py", line 77, in _profile_function
self.highlighted = ida_shims.get_highlighted_identifier()
File "C:/IDA Pro 7.5/plugins\shims\ida_shims.py", line 723, in get_highlighted_identifier
return fn()
File "C:\IDA Pro 7.5\python\3\ida_kernwin.py", line 201, in get_highlight
return _ida_kernwin.get_highlight(*args)
TypeError: get_highlight() takes exactly one argument (0 given)

On windows you can't run a python script as argv[0] using shebang. Update script to not harcode offsets to argv as script parameters

https://github.com/tacnetsol/ida/blob/a0a064ed0e3890dfa1bbbfa062d50d5ad25b0442/plugins/install.py#L8

Error output from user:

C:\python27-x64>python.exe E:\ida-master\plugins\install.py "E:\IDA 7.1" --install
Installing plugins from E:\ida-master\plugins to E:\IDA 7.1\plugins...
Installing DLLs...
Traceback (most recent call last):
  File "E:\ida-master\plugins\install.py", line 42, in <module>
    shutil.copyfile(src, dst)
  File "C:\python27-x64\lib\shutil.py", line 82, in copyfile
    with open(src, 'rb') as fsrc:
IOError: [Errno 2] No such file or directory: 'E:\\ida-master\\plugins\\DLLs\\DLLs.py'

Take big PE file (70+ MB) start codatify code fixup -> get crashed due to out of memory error

Hello, it seems that Rizzo is not able to load completely in IDA 7.4. I placed the rizzo.py file in the /plugins directory and fixed some missing "()" (I'm running Python 3) but it doesn't load in the File -> Load File and File -> Produce File menus.

Hello, I'm using leafblower on IDA 7.0 and noticed that it fails to load due to a missing positional argument in the method declaration as seen here

    def run(self):
        pass

It seems the correct declaration is

    def run(self, arg):  # or _arg, if you like to keep your linter happy ...
        pass

If you'd like a PR for this I'm happy to send one, the patch is obviously very small:

+++ w/plugins/leafblower/leafblower.py
@@ -642,7 +646,8 @@ class leaf_blower_t(idaapi.plugin_t):
                 idaapi.del_menu_item(context)
         return None
 
-    def run(self):
+    def run(self, arg):
+        print(arg)
         pass

Thanks for sharing these plugins and scripts publicly, they've been tremendously helpful to me

please add IDA 7.0 build

Hello, Im using ida pro 7.7. I used the install.py script and it works fine, however when I try to load a .riz, I get this error log:

Applying Rizzo signatures, this may take a few minutes...
Generated 12802 formal signatures and 7800 fuzzy signatures for 19384 functions in 24.65 seconds.
Loading signatures from C:\Users***\Desktop\myfile.riz... Traceback (most recent call last):
File "F:/ida77/ida77/IDAPro7.7/plugins/rizzo.py", line 535, in activate
rizzo_load()
File "F:/ida77/ida77/IDAPro7.7/plugins/rizzo.py", line 515, in rizzo_load
RizzoApply(fname)
File "F:/ida77/ida77/IDAPro7.7/plugins/rizzo.py", line 498, in RizzoApply
s = r.load()
^^^^^^^^
File "F:/ida77/ida77/IDAPro7.7/plugins/rizzo.py", line 163, in load
sigs = pickle.load(fp)
^^^^^^^^^^^^^^^
AttributeError: Can't get attribute 'RizzoSignatures' on <module 'main' (built-in)>

https://github.com/devttys0/ida/blob/8b94e920b1d971808fa4ebcb84b0b120677be320/scripts/wpsearch.py#L58

find_imm in IDA 7.0+ API expects the third argument (value to search) as a uval_t instead of sval_t. FindImmediate can take immediate without getting its two's complement.

Change the line to
(ea, n) = idc.FindImmediate(ea, idc.SEARCH_DOWN, immediate)