Downloads, Firmware, Hacking Tools, IDA, IDA Pro, Python, uEmu, Unicorn, Windows

uEmu – Tiny Cute Emulator Plugin For IDA Based On Unicorn.

uEmu is a tiny cute emulator plugin for IDA based on unicorn engine.

Supports following architectures out of the box: x86, x64, ARM, ARM64, MIPS, MIPS64

What is it GOOD for?

  • Emulate bare metal code (bootloaders, embedded firmware etc)
  • Emulate standalone functions

What is it BAD for?

  • Emulate complex OS code (dynamic libraries, processes etc)
  • Emulate code with many syscalls

What can be improved?

  • Find a way to emulate vendor specific register access (like MSR S3_x, X0 for ARM64)
  • Add more registers to track

Installation

  • brew install unicorn to install Unicorn binaries
  • pip install unicorn to install Unicorn python bindings
  • Use File / Script file... or ALT+F7 in IDA to load uEmu.py

Optionally uEmu can be loaded automatically as IDA plugin. In this case put it into [IDA]/Plugins folder and change USE_AS_SCRIPT to False inside uEmu.py

Note: on Windows you might need to add IDA Pro Qt5 path

import sys
sys.path.append('D:\\Soft\\IDA Pro 7.x\\python\\3\\PyQt5')

Source : KitPloit – PenTest Tools!

Previous ArticleNext Article
Send this to a friend