A python library for generate ida pro files in batch mode & compare executable files use bindiff in batch mode.
- Fast generate idb/i64 files from binary files in batch mode (Multiprocess supported)
- IDA Pro Plugin Script support
- Use bindiff to batch compare idb files
- Roughly read the comparison results
- Windows environment (i don't know if it works on linux)
- IDA pro 7/8 (Only tested on IDA pro 7.7)
- BinDiff 7 (Optional, used to compare executable files in batch mode)
pip install --upgrade batch-ida
Generate .idb/.i64 files (and run plugin) in batch mode.
from batch_ida import BI_IDA
# create a BI_IDA object with ida pro path
bi = BI_IDA('C:\Tools\IDA Pro')
# optional
# bi.set_script(r'.\example_script.py') # run IDA script
# bi.max_subprocess = 8 # set max subprocess
bi.batch_idb_fromdir('your/binary/files/dir') # generate idb files from binary files
Compare files in dir_a & dir_b, and move different files to dst_a & dst_b.
from batch_ida import BI_Dircmp
dir_a = r'ver_A.rom/squashfs-root/usr/lib/'
dir_b = r'ver_B.rom/squashfs-root/usr/lib/'
dst_a = r'compare/ver_A'
dst_b = r'compare/ver_B'
bid = BI_Dircmp(dir_a, dir_b, dst_a, dst_b)
bid.cmp()
Generate .idb and .bindiff files in batch mode.
from batch_ida import BI_Bindiff
bib = BI_Bindiff()
# Set ida pro and bindiff path
bib.set_ida_path('C:\Tools\IDA Pro')
bib.set_bindiff_path('C:\Program Files\BinDiff')
dst_a = r'compare/ver_A'
dst_b = r'compare/ver_B'
# dst_a and dst_b are the directories where the binary files to be compared are located
output = bib.batch_bindiff(dst_a, dst_b)
# output is a directory containing bindiff files(sqlite3)
Analyze Bindiff files (sqlite3 file format) in batch mode and print the results.
from batch_ida import BI_Analyzer
bia = BI_Analyzer(r'C:\Users\zzhihan\Desktop\test\4_4010_vs_4_4040')
# bia.print_base_info()
# print the comparison results
info_list = bia.get_info_list()
for i in info_list:
if i['total_func'] & i['func_dif'] & i['libfunc_dif']:
print("%.02f\t%.2f\t%d\t%d\t%d\t%s" % (i['similarity'], i['confidence'], i['total_func'], i['func_dif'], i[
"libfunc_dif"], i['name']))
# print the comparison results that are not 95% similar
elif i['similarity'] < 0.95 and i['similarity'] != 0.0:
print("%.02f\t%.2f\t%d\t%d\t%d\t%s" % (i['similarity'], i['confidence'], i['total_func'], i['func_dif'], i[
"libfunc_dif"], i['name']))