[IDA Plug] Keypatch

Posted: September 16, 2016 in IDA Pro section, Keypatch, Uncategorized
Tags: ,

Keypatch is a plugin of IDA Pro for Keystone Assembler Engine.Keypatch consists of 3 tools inside.

  • Patcher & Fill Range: these allow you to type in assembly to directly patch your binary.
  • Assembler: this interactive tool let you enter assembly & get back instruction encoding.

Keypatch is confirmed to work on IDA Pro version 6.4, 6.6, 6.8, 6.9, 6.95 but should work flawlessly on older versions. If you find any issues, please report.

Keypatch offers some nice features:

  • Cross-architecture: support Arm, Arm64 (AArch64/Armv8), Hexagon, Mips, PowerPC, Sparc, SystemZ & X86 (include 16/32/64bit).
  • Cross-platform: work everywhere that IDA works, which is on Windows, MacOS, Linux.
  • Based on Python, so it is easy to install as no compilation is needed.
  • User-friendly: automatically add comments to patched code, and allow reverting (undo) modification.
  • Open source under GPL v2.

keypatch_patcher2

Version 2.0.1

@aquynh aquynh released this 20 hours ago

  • Fix an off-by-one bug in Fill-Range function.
  • Log more information when padding NOP

Download: https://github.com/keystone-engine/keypatch/archive/2.0.1.zip

Advertisements

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s