Skip to content

Instantly share code, notes, and snippets.

@nlitsme
Created March 13, 2023 12:14
Show Gist options
  • Save nlitsme/6f773f6debfac005aa2062a57775ceae to your computer and use it in GitHub Desktop.
Save nlitsme/6f773f6debfac005aa2062a57775ceae to your computer and use it in GitHub Desktop.
scripts for doing bulk disasm / decompile in IDA
#!/bin/bash
# This script is useful when you are not sure about which processor your binary is.
# the script makes sure there are not more than 8 simultaneous ida processes active.
for cpu in ARMB ARM alphab alphal ad218x kr1878 arcmpct arc arcv2 AVR oakdsp PDP11 dalvik ebc F2MC16L F2MC16LX fr h8300a h8300 h8s300a h8s300 h8sxa h8sx h8sxm h8sxn h8368 h8500 s390 s390x 80196 80196NP 80251b 80251s 8051 8051mx 80930b 80930s athlon k62 80286p 80286r 80386p 80386r 80486p 80486r 8086 p4 p2 p3 80686p 80586p 80586r metapc 860xp 860xr i960b i960l i960 java octeonb octeonl mipsr mipsrl r5900b r5900l mipsb mipsl psp tx19ab tx19al m65816 m65c816 M6502 M65C02 PIC12Cxx PIC16Cxx PIC18Cxx PIC24 PIC30 PIC33 cli net m7700 m7750 m32r m32rx m740 m7900 dsp56k dsp561xx dsp563xx dsp566xx hcs08 6301 6303 68330 ColdFire HCS12 HCS12X 6800 68000 6801 68010 68020 68851 68882 68020EX 6803 68030 68040 6805 6808 6809 6811 6812 6816 68K 78k0s 78k0 V850 V850E V850E1 V850E2M RH850 hppa 51XA-G3 PPC PPCL QDSP6 SH2A SH3B SH3 SH4B SH4 RL78 m16c20 m16c60 m16c80 m16ctiny m32c80 r32c r8c rx riscv st20 st20c4 st7 sparcb sparcl spu st9 SAM8 st10 c166 c166V1 c166V2 super10 spc700 unsp tms320c1x TMS32028 TMS320C3 TMS32054 TMS32055 TMS320C2 TMS320C5 TMS320C6 TRICORE XTENSA msp430 gb 64180 8085 z80 z180 z380 Z8; do
while [[ $(ps aux | grep -cw "ida\|ida64" ) -gt 8 ]]; do
sleep 1
done
ida -32 -p$cpu -B -o "$f-32$cpu.idb" "$f"
done
#!/bin/bash
# Decompile all files specified on the commandline.
# They will need to be disassembled first using the idadis.sh script.
# Specify the name of the binary, not the .idb file.
# the script makes sure there are not more than 8 simultaneous ida processes active.
for f in "$@"; do
while [[ $(ps aux | grep -cw "ida\|ida64" ) -gt 8 ]]; do
sleep 1
done
if file "$f" | grep -q ", ARM"; then
hex32=hexarm
hex64=hexarm64
elif file "$f" | grep -q "arm64"; then
# apple files
hex32=hexarm
hex64=hexarm64
elif file "$f" | grep -q ", Intel"; then
hex32=hexrays
hex64=hexx64
fi
if [[ -n $hex32 ]]; then
if [[ -e "$f.idb" ]]; then
ida -A -O$hex32:"$(basename "$f").c":ALL "$f.idb"
elif [[ -e "$f.i64" ]]; then
ida -A -O$hex64:"$(basename "$f").c":ALL "$f.i64"
fi
fi
done
#!/bin/bash
# specify a list of binaries, they will all be disassembled.
# the script makes sure there are not more than 8 simultaneous ida processes active.
for f in "$@"; do
while [[ $(ps aux | grep -cw "ida\|ida64" ) -gt 8 ]]; do
sleep 1
done
ida -B -c "$f"
done
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment