Anyone used Desquirr plugin for IDA? - General Discussion and Assistance - CHDK Forum supplierdeeply

Anyone used Desquirr plugin for IDA?

  • 2 Replies
  • 8011 Views
*

Offline RyeBrye

  • **
  • 73
  • SD-870
Anyone used Desquirr plugin for IDA?
« on: 30 / January / 2008, 16:23:38 »
Advertisements
In poking around the net, I found this pdf on ARM reverse engineering:

http://www.blackhat.com/presentations/bh-europe-04/bh-eu-04-dehaas/bh-eu-04-dehaas.pdf

It's basically slides from a presentation... and talks about some specific applications in relation to phone unlocking...

One thing that was interesting was it mentioned Desquirr - a decompiler plugin for IDA that does data-flow analysis. The original version just did x86, but ARM was added to it shortly after it was introduced.

Desquirr is hosted on sourceforge:

http://desquirr.sourceforge.net/desquirr/

It looks like it might be interesting to try out - but I was wondering if anyone else had tried it before I went through the hoops of downloading it and trying to compile / run it with IDA 5.2 (the last version it mentions on the page is IDA 4.6)

I don't know how in-depth the decompiler functionality is - but I think decompiling into C could be very helpful in making it easier to quickly identify what some functions / subroutines are doing.

*

Offline kwf

  • **
  • 72
Re: Anyone used Desquirr plugin for IDA?
« Reply #1 on: 30 / January / 2008, 17:37:55 »
Yes. But i just downloaded the binary version for 5.0 , the homepage does not mention it, but there is a binary in the download section. But the features are quite limited, t does not work for all function, it does not generate compilable code, does not know all instruction, basically it decompiles one function and e.g. is quite helpful to summarize several assembler commands one register into one line of C-Code, which makes it a bit more readable.

*

Offline RyeBrye

  • **
  • 73
  • SD-870
Re: Anyone used Desquirr plugin for IDA?
« Reply #2 on: 30 / January / 2008, 17:47:35 »
Yes. But i just downloaded the binary version for 5.0 , the homepage does not mention it, but there is a binary in the download section. But the features are quite limited, t does not work for all function, it does not generate compilable code, does not know all instruction, basically it decompiles one function and e.g. is quite helpful to summarize several assembler commands one register into one line of C-Code, which makes it a bit more readable.

Cool. I'll have to try it out... might at least help get a quick picture of what a function is trying to do. Too bad hex-rays only does x86 assembly...

 

Related Topics


SimplePortal 2.3.6 © 2008-2014, SimplePortal