mixaill / fakepdb Goto Github PK

View Code? Open in Web Editor NEW

496.0 23.0 54.0 555 KB

Tool for PDB generation from IDA Pro database

License: Apache License 2.0

Python 5.04% CMake 0.36% C++ 94.11% PowerShell 0.49%

llvm pdb ida idapython cpp debugging

fakepdb's People

Contributors

Stargazers

Watchers

Forkers

pavel3333 crackercat fengjixuchui freemanzyq kmwin fcccode patrix9999 raystyle kernullist eipp4ssenger killvxk wbaby bb33bb zhuhuibeishadiao matrixkung heruix forkproj yang-zhiyuan tzf-omkey codingman waterman178 dcmjid gitmesam trass3r wyrover jarlob kitokyo thalium clayne limkokholefork tge-was-taken p0358 hugmyndakassi snyiu100 southdy pirulax bia10 darkersquirrel carlosgprado inno157 tuantmb mminwan gmh5225 asdyxcyxc shonker soulxhades withmorten tempaccountnull twist84 iemnur qazxsw1597532018 sapphonie insanemode

fakepdb's Issues

Three executables instead of one, broken command line, silent failures.

The project build doesn't match the release output.
If you build it you will get three separate executables: "fakepdb_coff.exe", "fakepdb_pdb.exe", "fakepdb_pe.exe", rather than a single "fakepdb.exe" executable.
Not a problem for me, but was unexpected. Are you sure you pushed up the same code that you used to build the distributed release?
The argument parsing for the "fakepdb_pdb" project is broken @ [command_pdb_generate.h line #41].
(https://github.com/Mixaill/FakePDB/blob/master/src_cpp/src_pdb/commands/command_pdb_generate.h#L41)
The "Available commands" output says "pdb_generate [-l] ". But is no way to actually supply the "-l" as it will always be parsed as the json input path regardless. Also the code looks for an optional "exe" command line option but this is not mentioned in the usage text.
Also none of the arguments are sanity checked. If a parsing fail is detected at all it will output ".json file does not exists" regardless of the actual problem.
I suggest a more robust argument parser that does a lot of the work automatically for you. Since you go the heavy OOP route, maybe one of the options on this page 3-ways-to-parse-command-line-arguments or similar.
Finally why require "pdb_generate" at all since it's a single executable anyhow? We are missing the master OOP "main.cpp".
If something goes wrong during PDB creation, the tool silently exists with no error or warning messages at all.
A minor thing, you refer to all executable modules as "exe", when the IDA input could be DLL files to. It would be better to use a more encompassing term like "module" avoid confusion.

Some humble suggestions:
Why structure your code this way with so many levels and redundancy? Unless you really do want three sperate executables?
Why not then just make one "main.cpp" that just parses all possible options (again using a more robust command line argument parser)? You just need to architect it such that you break each command down.

P.S. Like the Fallout game reference. I'm one of the original developers of the game.

pdb file not generated

I'm using IDA 7.6, to generate pdb of an executable but it is just creating the json only.
I have tried to create using fakepdb.exe also but that also doesn't works

please help with this issue
thanks

FakePDB -> Generate .PDB file does not works for .DLL files

Describe the bug
FakePDB -> Generate .PDB file does not works for .DLL files

To Reproduce
Steps to reproduce the behavior:

Open .IDA project which is created from .dll file
Edit -> FakePDB -> Generate .PDB file
Only .json file is generated

Additional context
https://www.youtube.com/watch?v=5JYv7ynSxsM

Some PDBs are shifted by 0x1000

The .pdbs I generated had addresses shifted by 0x1000. It looked like they should be relative to the image base instead of the section offset.

Requested in: https://twitter.com/j00ru/status/1176238722150555649

some exceptions

sometimes , there is no 'align' in segments
2 sometimes, the segment type can be null:
` {
"name": ".tls",
"start_rva": 5021696,
"type": null,
"selector": 5
}

add debug section to exe

referencing the newly created pdb.

PE32+ support

Add support for 64-bit executable files.

Requested in: https://twitter.com/j00ru/status/1176238005746634754

Identify Lumina and library functions in JSON export

Is your feature request related to a problem? Please describe.
I want to filter the JSON to extract the function names/addresses of the functions that I have explicitly manually named with the N button.

The problem is that Lumina functions (green label) and library functions (blue label) get in the way, there's lots of them and they're impossible to tell apart from the manual names. In current implementation of the JSON export, they both have is_public:false and is_autonamed:false, despite arguably being autonamed (especially the detected library functions).

Describe the solution you'd like
I think it would make sense to include library functions as autonamed and to add an additional field that indicates whether the name comes from Lumina, so it's possible to easily filter those out if needed.

Describe alternatives you've considered
Filtering the JSON like this:

data.functions.filter(f => !f.is_autonamed && !f.name.startsWith('sub_') && !f.name.startsWith('?') && !f.name.startsWith('j_'))

still yields 800+ results that include functions from Lumina.

Additional context

The ability to export all manual names would be useful to merge names from multiple databases.

Windows driver Sys file pdb

Hi every one,
I tried fakepdb to produce pdb file for a driver in Ida Pro, I says pdb is generated but nothing happens only jason file is there, even I tried fixed version v 0.31, but still same, any Idea, Please?
My Ida Pro version is: 7.7 SP1

my file:

UDST7000Bda.zip

One-step PDB creation from IDA

Requested in: https://twitter.com/j00ru/status/1176238722150555649

Feature Request: export local types from IDA into PDB

Hey, thank you for this amazing plugin.

Use case: In Visual Studio, if a PDB is loaded for a DLL or EXE, you can in the debugger watch window cast any piece of memory to a struct/class from that DLL. For example, say we have a DLL loaded nvse_1_4.dll you can do:
(nvse_1_4!Script**) (epb - 0x8) and see all the members of that struct in the debugger window.

It would be amazing if it could do that for types exported from IDA into a FakePDB as well since our IDBs are loaded with types not included in our compiled C++ projects.
I.e. if we generate a FakePDB for FalloutNV.exe, you could do (FalloutNV!TileManager**) ecx in the watch window if we had that defined in IDA in local types.

Incorrect file extension parsing

When i trying to get pdb for dll module it failing with throwing no error

Think bug here :
https://github.com/Mixaill/FakePDB/blob/master/src_ida/fakepdb/generation.py#L85

File extension getted from IDA filepath but no from analyzing file

Possible way around for 7.4+ versions

Played around with different versions of fakepdb and could finally make an .pdb file. I'm using IDA PRO 7.7

Steps:

Use fakepdb 0.3 to dump info into json file (might work with 0.2 dump, haven't tested)
Get fakepdb 0.2 and copy .json file and original exe file into fakepdb/win32/ folder or just take pdbgen.exe and place somewhere with those files
run cmd.exe-> pdbgen.exe generate -l "path to your app\app.exe" "path to json file\app.json" "path to .pdb file that will saved"

worked like a charm, got pdb,VS recognized functions

Function typinfo issue

The issue at hand is that, stack arguments and return value are messed up, the mangled name is used, and calling convention is "unknown (or incorrect, eg.: __fastcall instead of __thiscall).

Example:

"start_rva": 1689872,
"name": "_ZN7CVector9NormaliseEv",
"is_public": false,
"is_autonamed": false,
"calling_convention": "unknown",
"return_type": "int",
"arguments": [],
"labels": [
    {
        "offset": 52,
        "name": "loc_59C944",
        "is_public": false,
        "is_autonamed": true
    }
]

I'd expect the above to be:

"start_rva": 1689872,
"name": "CVetor::Normalise",
"is_public": false,
"is_autonamed": false,
"calling_convention": "__fastcall",
"return_type": "void",
"arguments": [],
"labels": [
   {
       "offset": 52,
       "name": "loc_59C944",
       "is_public": false,
       "is_autonamed": true
   }
]

I presume this is the offending line:

FakePDB/src_plugins/ida/fakepdb/dumpinfo.py

Lines 165 to 168 in 85a0351

    
           if ida_pro.IDA_SDK_VERSION >= 740: 
        
               ida_typeinf.guess_tinfo(tinfo,func.start_ea) 
        
           else: 
        
               ida_typeinf.guess_tinfo(func.start_ea,tinfo)

crash in GetPdbGuid

Because DebugInfo is null. With this hack it runs but does not generate any pdb:

 src_pdbgen/pefile.cpp | 4 ++++
 1 file changed, 4 insertions(+)

diff --git a/src_pdbgen/pefile.cpp b/src_pdbgen/pefile.cpp
index 80b1443..caedd2d 100644
--- a/src_pdbgen/pefile.cpp
+++ b/src_pdbgen/pefile.cpp
@@ -32,6 +32,10 @@ std::vector<uint8_t> PeFile::GetPdbGuid()
     llvm::StringRef PDBFileName;
 
     _obj->getDebugPDBInfo(DebugInfo, PDBFileName);
+    if (DebugInfo == nullptr)
+        return {0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0};
     return std::vector<uint8_t>(&DebugInfo->PDB70.Signature[0], &DebugInfo->PDB70.Signature[16]);
 }

gcc compilation problems

diff --git a/src_pdbgen/guidhelper.h b/src_pdbgen/guidhelper.h
index 8faffb1..cdb9327 100644
--- a/src_pdbgen/guidhelper.h
+++ b/src_pdbgen/guidhelper.h
@@ -6,19 +6,19 @@
 #include <sstream>
 #include <vector>
 
-static struct GUID {
+struct GUID {
 	unsigned long  Data1;
 	unsigned short Data2;
 	unsigned short Data3;
 	unsigned char  Data4[8];
 };
 
-std::string guidToHex(std::vector<uint8_t>& vec)
+std::string guidToHex(const std::vector<uint8_t>& vec)
 {
 	std::ostringstream oss;
 	oss << std::hex << std::uppercase;
 
-	auto* guid = reinterpret_cast<GUID*>(vec.data());
+	auto* guid = reinterpret_cast<const GUID*>(vec.data());
 	oss << std::setw(2) << std::setfill('0') << guid->Data1;
 	oss << std::setw(2) << std::setfill('0') << guid->Data2;
 	oss << std::setw(2) << std::setfill('0') << guid->Data3;
diff --git a/src_pdbgen/pdbcreator.cpp b/src_pdbgen/pdbcreator.cpp
index 84807ab..b81b3af 100644
--- a/src_pdbgen/pdbcreator.cpp
+++ b/src_pdbgen/pdbcreator.cpp
@@ -104,7 +104,8 @@ void PdbCreator::ImportIDA(IdaDb& ida_db)
 bool PdbCreator::Commit(std::filesystem::path& path)
 {
 	std::filesystem::create_directories(path.parent_path());
-    if (_pdbBuilder.commit(path.string(), &_pdbBuilder.getInfoBuilder().getGuid())) {
+    auto guid = _pdbBuilder.getInfoBuilder().getGuid();
+    if (_pdbBuilder.commit(path.string(), &guid)) {
         return false;
     }

Info on how to force load generated PDB's in WinDbg

I think it would be useful to link/mention/incorporate these methods (especially the latter one imo) somewhere in the readme, for people looking to make some use out of these PDBs:
http://ntcoder.com/bab/2012/03/06/how-to-force-symbol-loading-in-windbg/

Chinese fix

FakePDB_CN_v3.zip
Offical 'Edit' not support, just use for IDA_ChineseEdition

Add support for using generated pdb files with Visual Studio

Is your feature request related to a problem? Please describe.
I would love to use the generated pdb files while debugging with Visual Studio 2022, but it does not recognize the pdb file

Additional context
I am using IDA 7.6 and tested the v0.3 release

建议把依赖的LLVM文件也上传上来。

LLVM太大了，光下载都半天，更不用说编译了。

有点遗憾：还没支持PE2+。

Is your feature request related to a problem? Please describe.
A clear and concise description of what the problem is. Ex. I'm always frustrated when [...]

Describe the solution you'd like
A clear and concise description of what you want to happen.

Describe alternatives you've considered
A clear and concise description of any alternative solutions or features you've considered.

Additional context
Add any other context or screenshots about the feature request here.

Problem with the installation.

Hello.
I've followed what the instruction says: what the instruction says: copy content of fakepdb.zip/ida to <IDA_directory>/plugins BUT unfortunately when i open the IDA the plugin seems NOT to installed - there is no FakePDB option under the Edit.
What I'm doing wrong?

Thx for help in advance!

P.S.
I'm using the IDA Pro 7.5 SP3

dll-based pdb files are not created

I'm trying to export pdb from PE with the .dll extension. Also i think only .exe is supported because .exe.json is generated...

Version: FakePDB 0.2 (on a compatible version of ida)

*i see that in 0.3 it is fixed
but version 0.3 does not work, and the declared support is "IDA> = 7.4"

Build instruction

Easier compilation on both Windows and Linux, perhaps some specific instructions what packages are needed etc.

Requested in: https://twitter.com/j00ru/status/1176238005746634754

Version of LLVM

Which version of LLVM need for building? With LLVM 9 it fail:

make[1]: Entering directory '/home/sr_team/Projects/FakePDB/src_pdbgen/build'
make[2]: Entering directory '/home/sr_team/Projects/FakePDB/src_pdbgen/build'
Scanning dependencies of target pdbgen_common
make[2]: Leaving directory '/home/sr_team/Projects/FakePDB/src_pdbgen/build'
make[2]: Entering directory '/home/sr_team/Projects/FakePDB/src_pdbgen/build'
[ 12%] Building CXX object CMakeFiles/pdbgen_common.dir/pefile.cpp.o
[ 25%] Building CXX object CMakeFiles/pdbgen_common.dir/pdbcreator.cpp.o
/home/sr_team/Projects/FakePDB/src_pdbgen/pefile.cpp: In member function 'uint32_t PeFile::GetImageSize()':
/home/sr_team/Projects/FakePDB/src_pdbgen/pefile.cpp:118:38: error: no matching function for call to 'llvm::object::COFFObjectFile::getPE32Header()'
  118 |     auto* pe32 = _obj->getPE32Header();
      |                                      ^
In file included from /home/sr_team/Projects/FakePDB/src_pdbgen/pefile.h:26,
                 from /home/sr_team/Projects/FakePDB/src_pdbgen/pefile.cpp:17:
/usr/include/llvm/Object/COFF.h:975:19: note: candidate: 'std::error_code llvm::object::COFFObjectFile::getPE32Header(const llvm::object::pe32_header*&) const'
  975 |   std::error_code getPE32Header(const pe32_header *&Res) const;
      |                   ^~~~~~~~~~~~~
/usr/include/llvm/Object/COFF.h:975:19: note:   candidate expects 1 argument, 0 provided
/home/sr_team/Projects/FakePDB/src_pdbgen/pefile.cpp:123:46: error: no matching function for call to 'llvm::object::COFFObjectFile::getPE32PlusHeader()'
  123 |     auto* pe32plus = _obj->getPE32PlusHeader();
      |                                              ^
In file included from /home/sr_team/Projects/FakePDB/src_pdbgen/pefile.h:26,
                 from /home/sr_team/Projects/FakePDB/src_pdbgen/pefile.cpp:17:
/usr/include/llvm/Object/COFF.h:976:19: note: candidate: 'std::error_code llvm::object::COFFObjectFile::getPE32PlusHeader(const llvm::object::pe32plus_header*&) const'
  976 |   std::error_code getPE32PlusHeader(const pe32plus_header *&Res) const;
      |                   ^~~~~~~~~~~~~~~~~
/usr/include/llvm/Object/COFF.h:976:19: note:   candidate expects 1 argument, 0 provided
make[2]: *** [CMakeFiles/pdbgen_common.dir/build.make:63: CMakeFiles/pdbgen_common.dir/pefile.cpp.o] Error 1
make[2]: *** Waiting for unfinished jobs....
/home/sr_team/Projects/FakePDB/src_pdbgen/pdbcreator.cpp: In member function 'bool PdbCreator::Commit(std::filesystem::__cxx11::path&)':
/home/sr_team/Projects/FakePDB/src_pdbgen/pdbcreator.cpp:108:81: error: taking address of rvalue [-fpermissive]
  108 |     if (_pdbBuilder.commit(path.string(), &_pdbBuilder.getInfoBuilder().getGuid())) {
      |                                                                                 ^
make[2]: *** [CMakeFiles/pdbgen_common.dir/build.make:89: CMakeFiles/pdbgen_common.dir/pdbcreator.cpp.o] Error 1
make[2]: Leaving directory '/home/sr_team/Projects/FakePDB/src_pdbgen/build'
make[1]: *** [CMakeFiles/Makefile2:81: CMakeFiles/pdbgen_common.dir/all] Error 2
make[1]: Leaving directory '/home/sr_team/Projects/FakePDB/src_pdbgen/build'
make: *** [Makefile:84: all] Error 2

Doesn't work for IDA Pro 7.5?

I can't seem to figure out how to get this plugin to work, it doesn't show up in IDA at all for me. I've tried in other exe's with processors and still no dice.

Example: https://i.imgur.com/ghAUg7Q.png

fail to generate user32.dll pdb

fail to generate user32.dll pdb , but user32.dll.json was generated successfully

Is the Release still the latest version?

I saw that the code was updated 8 months ago. Do I need to Releasecompile it again? , emmmm How can I compile it? I see a src for the plugin and a src for cpp。Should I compile the exe file from src_cpp and put it in the src_plugins/ida/fakepdb folder?

Export local types (enums, structs) with dumpinfo

Is your feature request related to a problem? Please describe.
Export local types (enums, structs) with dumpinfo

Describe the solution you'd like
I'm willing to write the code for it. I'd like to add a new section to the json, like so:

"local_types": {
    "structs": [
    	{
    		"name": "CPed",
    		"name_demangled": "CPed",
    		"size": 128,
    		"members": [
				{
					"type": "ePedType",
					"name": "m_nPedType",
					"offset": 4,
				}
    		]
    	}
    ],
    "enums": [
    	{
    		"name": "ePedType",
    		"name_demangled": "ePedType",
    		"values": [
    			["PED_TYPE_PLAYER", 1]
    		]
    	}
    ]
}

Describe alternatives you've considered
I do have another tool to do this job, but I'd rather have it here.

fakepdb crash when I generate .PDB file

I compile it from sources, and fakepdb crashed when I generate .PDB file, Since there are no fakepdb symbol file, I can't easily analyze dump files. Could you please tell me how to generate symbol files when compiling fakepdb .

IDA .idb and crash dump file have been uplaod to Google Drive
https://drive.google.com/file/d/1yfHaLg0KIJkB7JeYDKdyPvhOlL0fl4z3/view

Thanks in advance

Switch to Github Actions

Is your feature request related to a problem? Please describe.
AppVeyor is killing the build task as it exceeds 60 minutes of runtime.

Describe the solution you'd like
We should switch to Github Actions as it allows 6 hours of runtime. https://docs.github.com/en/actions/learn-github-actions/usage-limits-billing-and-administration

Describe alternatives you've considered
N/A

Additional context
N/A

	if ida_pro.IDA_SDK_VERSION >= 740:
	ida_typeinf.guess_tinfo(tinfo,func.start_ea)
	else:
	ida_typeinf.guess_tinfo(func.start_ea,tinfo)