Tool for PDB generation from IDA Pro database
Supports:
- IDA >= 7.4
- Linux support
- GHIDRA support
- Function arguments support
- Download latest release from release page: https://github.com/Mixaill/FakePDB/releases
- Or compile it from sources:
- run
<repository_root>/build.ps1
- grab
fakepdb.zip
from<repository_root>/~build/deploy
- run
- IDA
- copy content of
fakepdb.zip/ida
to<IDA_directory>/plugins
- copy content of
There are several features in this plugin:
- Open target executable in IDA
Edit
->FakePDB
->Generate .PDB file
(orCtrl
+Shift
+4
)- get PDB file from the IDA database directory
The PDB can optionally include symbols for function labels: use Generate .PDB file (with function labels)
(or Ctrl
+Shift
+5
).
- Open target executable in IDA
Edit
->FakePDB
->Generate .LIB file
- get LIB file from the IDA database directory
- Open target executable in IDA >= 7.0
Edit
->FakePDB
->Dump info to .json
(orCtrl
+Shift
+1
)- it will generate
filename.json
near the.idb
file
- Open target executable in IDA >= 7.0
- Set cursor on start of the target function
Edit
->FakePDB
->Find signature
(orCtrl
+Shift
+2
)- signature will be displayed in IDA console
- Open target executable in IDA >= 7.0
Edit
->FakePDB
->Import offset from .json
(orCtrl
+Shift
+3
)
required file format:
{
"function_name_1": "0001:123456",
"function_name_2": "0001:254646",
"function_name_X": "XXXX:YYYYYY",
"function_name_Y": "0x0124567AF",
}
where:
XXXX
: number of the PE sectionYYYY
: offset from the begining of the section in decimal numbers- 0x0124567AF: IDA effective address
- Disable PDB validation in WinDbg http://ntcoder.com/bab/2012/03/06/how-to-force-symbol-loading-in-windbg/
Inspired by:
Based on:
- LLVM project https://llvm.org/
- LLD project https://lld.llvm.org/
Also take look at: