Реверсинг С++ и ООП


Соломенные сандалии
Всё, что касается реверсинга С++ и ООП:

Using OOAnalyzer to Reverse Engineer Object Oriented Code with Ghidra

Class Informer: Scans an MSVC 32bit target IDB for vftables with C++ RTTI, and MFC RTCI type data. Places structure defs, names, labels, and comments to make more sense of class vftables ("Virtual Function Table") and make them read easier as an aid to reverse engineering. Creates a list window with found vftables for browsing.

Classy: Helps users easily manage classes in IDA Pro. Vtables can be generated by selecting a range, functions can be assigned to classes, their signatures can be easily editing and mangled, IDA structs can be assigned, C headers can be generated, probably more.

HexRaysPyTools: Plugin assists in creation classes/structures and detection virtual tables. Best to use with Class Informer plugin, because it helps to automatically get original classes names.

HexRaysCodeXplorer by Aleksandr Matrosov and Eugene Rodionov
Hex-Rays Decompiler plugin for better code navigation Here is the features list for first release:
  • navigation through virtual function calls in Hex-Rays Decompiler window;
  • automatic type reconstruction for C++ constructor object;
  • useful interface for working with objects & classes;
SusanRTTI - https://github.com/nccgroup/SusanRTTI
Another RTTI Parsing IDA plugin
  • All ida-python
  • Class based design, error logging
  • RTTI parsing algorithm scanning for vtables first (instead of bruteforcing the entire rdata/data sections)
  • Graphing of class hierarchy (using transitive reduction for clarity)
  • Export functionality to GraphViz (.dot) format
  • Handles RTTI and C++ name demangling for:
    • X86 GCC
    • X86 MSVC
    • X64 GCC
    • X64 MSVC
IDA Pro ClassInformer Tutorial - https://www.unknowncheats.me/wiki/IDA_Pro_ClassInformer_Tutorial

Reverse Engineering of Object Oriented Code (2004, Springer)

Для просмотра содержимого вам необходимо Войти в систему.
How to Reverse a Class using IDA Pro - https://www.youtube.com/watch?v=9aZMXCqk-wk ( GTA SA reversing project: https://github.com/saml1er/gta-reversed )

Object-oriented reengineering patterns -

Для просмотра содержимого вам необходимо Войти в систему.
Верх Низ