{"id":13754807,"url":"https://github.com/psxvoid/idapython-debugging-dynamic-enrichment","last_synced_at":"2025-05-10T00:31:11.829Z","repository":{"id":163414663,"uuid":"213150056","full_name":"psxvoid/idapython-debugging-dynamic-enrichment","owner":"psxvoid","description":null,"archived":false,"fork":false,"pushed_at":"2019-10-18T05:44:36.000Z","size":325,"stargazers_count":8,"open_issues_count":0,"forks_count":2,"subscribers_count":1,"default_branch":"master","last_synced_at":"2024-11-16T08:33:14.714Z","etag":null,"topics":["fallout-4","ida-pro","ida7","idapro","idapython","idapython-plugin","msvc","reverse-engineering"],"latest_commit_sha":null,"homepage":null,"language":"Python","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"mit","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/psxvoid.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":"LICENSE","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null,"roadmap":null,"authors":null}},"created_at":"2019-10-06T10:41:03.000Z","updated_at":"2023-09-15T15:46:23.000Z","dependencies_parsed_at":"2024-01-13T02:52:05.899Z","dependency_job_id":"d8e63568-683f-4b45-9992-c36409efe4d5","html_url":"https://github.com/psxvoid/idapython-debugging-dynamic-enrichment","commit_stats":null,"previous_names":[],"tags_count":0,"template":false,"template_full_name":null,"repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/psxvoid%2Fidapython-debugging-dynamic-enrichment","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/psxvoid%2Fidapython-debugging-dynamic-enrichment/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/psxvoid%2Fidapython-debugging-dynamic-enrichment/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/psxvoid%2Fidapython-debugging-dynamic-enrichment/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/psxvoid","download_url":"https://codeload.github.com/psxvoid/idapython-debugging-dynamic-enrichment/tar.gz/refs/heads/master","host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":253346377,"owners_count":21894263,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["fallout-4","ida-pro","ida7","idapro","idapython","idapython-plugin","msvc","reverse-engineering"],"created_at":"2024-08-03T10:00:34.391Z","updated_at":"2025-05-10T00:31:11.236Z","avatar_url":"https://github.com/psxvoid.png","language":"Python","funding_links":[],"categories":["\u003ca id=\"c39a6d8598dde6abfeef43faf931beb5\"\u003e\u003c/a\u003e未分类"],"sub_categories":[],"readme":"# IDAPython Debugging Dynamic Enrichment (DDE) + Fallout 4 Helpers\n\n## Basic use-case scenario:\n1. Clone the repository\n2. Start debugging session in IDA\n3. Press Alt+F7 or go to File-\u003e\"Script file...\"\n4. Select `debugger_dynamic_enrichment.py` and press \"OK\"\n\nIt will install the debugger hook. Now, each time the breakpoint be hit (or \"step into\"/\"step over\"/\"run to\") additional info about data in registers will be printed to the debug output window if found.\n\nIf you know a data structure's address (e.g. TESForm) in Fallout 4 then you can inspect it by creating a TESForm (or any other, available in tesobjects.py) object and passing an address to the constructor:\n````python\nTESForm(0x000000000)\n````\n\nBut to make TES objects available run `tesobjects.py` at least once.\n\nKnown limitations:\n1. Works only on x64 platforms and only helpful with MSVC++\n2. Very limited support of Fallout 4\n\n## Quick Start Guide\n\n### Advanced usage of TESObjects\n\nLet's consider the following example: you've loaded `debugger_dynamic_enrichment.py`, added a breakpoint to a sub_xxx, and that breakpoint hit.\nAnd assume, that sub_xxx uses some known TES objects from `tesobjects.py`. In that case you may see something like that:\n\n![](./resources/readme/quick-start/debugger-dynamic-enrichment-output.png)\n\nWe can see that RSI register points to `TESObjectREFR` and it has `BGSInventoryList` at address 0x10EFAEA00.\n\n\u003e Notice:\n\u003e TESObjectREFR has inventory list but you only see an address where it is located in memory. When you click on this address\n\u003e you'll jump to that address in IDA. Sometimes it's useful but you can do much more.\n\nNow, let's say you'd like to see which items are in this inventory. The easiest way is to create BGSInventoryList object and assign its items\nto, let's say, `items` variable. The following IDAPython commands will do the trick:\n\n`````python\nitems = BGSInventoryList(0x10EFAEA00).Items.Entries\nrepr(items)\n`````\n\n\nYou'll see something like that:\n\n![](./resources/readme/quick-start/inventory-list-items-output.png)\n\n\u003e Notice 1: at that point be sure that you ran `tesobject.py` (File \u003e Script file...). If you dont then you'll see an exception saying \n\u003e \"NameError: name 'BGSInventoryList' is not defined.\n\n\u003e Notice 2: For now the API of tesobject is not very consistent, so you may open `tesobject.py` and use it as a reference. For example, if you\n\u003e don't know what you can do with `BGSInventoryList` object, just open `tesobject.py`, search for \"BGSInventoryItem\" and see which properties and\n\u003e methods it has. You can call each one for getting an additional output.\n\n\u003e Notice 3: You can omit `repr` and just enter `items` after the assignment. The output will be the same.\n\n\u003e Notice 4: In order to understand what the first line does and why we didn't used `BGSInventoryList` directly you may take a look at\nits implementation in `tesobjects.py`. In two words, property `Items` of BGSInventoryList is `tArray` which is object and it's not iterable.\nBut we can access `Entries` property of `tArray` which is array of `BGSInventoryItem`.\n\nBut the most useful part comes when you want to find a particular item or group of items. For example, you'd like to get only items that\nhave \"nuke\" in their names. In that case the following commands will do the trick:\n\n`````python\nitems = BGSInventoryList(0x10EFAEA00).Items.Entries\nnukedItems = [item for item in items if \"nuke\" in item.name.lower()]\nrepr(nukedItems)\n`````\n\nIf the inventory list contains those items (like mine) you'll see an output similar to that:\n\n![](./resources/readme/quick-start/filtering-items-by-name-example.png)\n\nNow, let's say, you'd like to see which types of extra data \"Mini Nuke\" has. In that case you can access the second item in \n\"nukedItems\" list and then get all extra data names using the following commands:\n\n`````python\nitems = BGSInventoryList(0x10EFAEA00).Items.Entries\nnukedItems = [item for item in items if \"nuke\" in item.name.lower()]\nstacksWithExtraData = [stack for stack in nukedItems[1].stack.toArray() if stack.hasExtraDataList()]\nextraDataNames = [name for names in [stack.ExtraDataList.getExtraDataTypeNames() for stack in stacksWithExtraData] for name in names]\nrepr(extraDataNames)\n`````\n\nWhich will print all extra data type names in all stacks beloning to \"Mini Nuke\":\n\n![](./resources/readme/quick-start/printing-extra-data-from-all-stacks-output.png)\n\nIt's much simpler to print extra data names for a particular stack. For example, we can print\nextra data type names for the second stack of \"Mini Nuke\" by running the following commands:\n\n`````python\nitems = BGSInventoryList(0x10EFAEA00).Items.Entries\nnukedItems = [item for item in items if \"nuke\" in item.name.lower()]\nextraDataNames = nukedItems[1].stack.toArray()[1].ExtraDataList.printExtraDataTypes()\n`````\n\nAnd the ouput will look like:\n\n![](./resources/readme/quick-start/printing-extra-data-from-one-stack.png)\n\n## Analysis Examples\n\n### Function Analysis Examples\n\n![](./resources/readme/analyser-examples/func-analyser-examples/Example-Analysis-Func.png)\n\n### TES Objects Analysis Examples\n\nBSFixedString:\n\n![](./resources/readme/analyser-examples/tes-analyser-examples/Example-Analysis-BSFixedString.png)\n\n\n## Scripts description\n\n### vftable_renamer.py\n\nThis simple script can be used for renaming a range of subs with default names in vftable.\n\nUsage:\n1. Select a range of subs, run the script\n2. Enter a prefix that will be added to selected subs (e.g. \"MyClass::\") in a popup\n3. Press \"Enter\"\n\nSubs with default names will be renamed into \"MyClass::sub_xxxxxxxx\"\n\n### hightlight_local_calls.py\n\nThis simple script can be used for highlighting local calls inside a currently opened function.\nMuch more powerful alternatives exist on the internet but they often run for too long for big executables.\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fpsxvoid%2Fidapython-debugging-dynamic-enrichment","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fpsxvoid%2Fidapython-debugging-dynamic-enrichment","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fpsxvoid%2Fidapython-debugging-dynamic-enrichment/lists"}