Ecosyste.ms: Awesome

An open API service indexing awesome lists of open source software.

Awesome Lists | Featured Topics | Projects

https://github.com/darx0r/stingray

IDAPython plugin for finding function strings recursively
https://github.com/darx0r/stingray

ida-plugin ida-pro idapython idapython-plugin reverse-engineering static-analysis string-search

Last synced: 3 months ago
JSON representation

IDAPython plugin for finding function strings recursively

Host: GitHub
URL: https://github.com/darx0r/stingray
Owner: darx0r
License: gpl-3.0
Created: 2015-10-05T14:34:20.000Z (about 9 years ago)
Default Branch: master
Last Pushed: 2022-05-17T12:55:59.000Z (over 2 years ago)
Last Synced: 2024-02-11T15:55:40.108Z (9 months ago)
Topics: ida-plugin, ida-pro, idapython, idapython-plugin, reverse-engineering, static-analysis, string-search
Language: Python
Homepage:
Size: 45.9 KB
Stars: 129
Watchers: 12
Forks: 48
Open Issues: 2
Metadata Files:
- Readme: README.md
- License: LICENSE

Awesome Lists containing this project

README

        

# Stingray ![](images/Stingray.png)

Stingray is an IDAPython plugin for finding function strings. The search is from the current position onwards in the current function.

It can do it recursively also with configurable search depth. 

The results order is the natural order of strings in the BFS search graph. 

For each found string it displays the xref address, the string address, 

the string type and the of course the string itself.

## Stingray by Example

```C

#include 

void bar()

{

	printf("hello from bar\n");

}

void foo()

{

	wprintf(L"hello from foo\n");

	bar();

}

void foo2()

{

	wprintf(L"hello from foo2\n");

	bar();

}

void main()

{

	printf("hello from main\n");

	foo();

	foo2();

	getchar();

}

```

My Stingray was configured to recursive search we depth of 3.

I put the cursor on main function and hit Shift+S.

We get the following Stingray output:

![Example Output](examples/images/example_0_output.png)

Notice the Xrefs are clickable !

:)

## Requirements

- IDA (Hex Rays Interactive Disassembler) version >= 6 with IDAPython

- tested on IDA 6.1.1, 7.0, **7.2**

- IDA 7.4 support was added in branch **7.4** (kudos to @0xricksanchez)

Tell us about your experience on higher versions!

## Installation

1. Copy src/Stingray.py file to the plugins directory of IDA (%IDAPATH%\plugins) 

and restart IDA.

2. You are ready to go :)

## Usage and Menus

load your favourite binary with IDA. 

To find strings in the current function from your position onwards 

hit **Shift+s**.

Stingray can also be found in Edit/Plguins/Stingray menu.

Stingray finds strings recursively ! you can configure the search depth in

the Stingray Config menu.

### Stingray Config

You can configure Stingray anytime from Options\Stingray Config menu.

You can configure the search depth. For non-recursive search mode

choose 0 depth.

By default, Stingray is in non-recursive mode.