From Collaborative RCE Tool Library
Reveal Imports
| Tool name: | Reveal Imports |
|
||
|---|---|---|---|---|
| Author: | ZaiRoN | |||
| Website: | http://zairon.wordpress.com/2007/02/18/approaching-ida-plugin-reveal-imports/ | |||
| Current version: | 1.0 | |||
| Last updated: | February 18, 2007 | |||
| Direct D/L link: | Locally archived copy | |||
| License type: | Free | |||
| Description: | Boring rainy day, I decided to fill some spare time writing my first IDA plugin. I have never tried before but I have to admit it’s a powerful tool after all. The idea of the plugin comes from a malware I was analysing in these days, it’s packed… As the name suggests the plugin reveals imports of a dumped process. It will come in handy when you need to analyze a dump without rebuilding the file using an external tool. The plugin could be bugged, it seems to work fine with simple packers but I didn’t test it too much. I don’t want to test the plugin for days (I don’t have to sell it :p), I’ll just use the plugin and when a bug will come out I’ll try to fix it. Usage: put the plugin inside IDA plugin directory and to run the plugin hit ALT+Z. Here is a screeshot. As you can see the plugin creates a new window filled with revealed imports. |
|||
| Related URLs: | No related URLs have been submitted for this tool yet | |||
| Screenshot: |
|---|
 |
Feed containing all updates for this tool.
Here below you will find useful notes about this tool, left by other users.
You are welcome to add your own useful notes here, or edit any existing notes to improve or extend them.
(please also edit it if you think it fits well in some additional category, since this can also be controlled)
Bugged
On Windows XP SP2 + IDA 5.2 it caused a segfault when called from disassembly of idag.exe, and displayed an empty list when called from disassembly of notepad.exe.
Ehtyar.