-->

uEmu - Tiny Cute Emulator Plugin For IDA Based On Unicorn.


uEmu is a tiny cute emulator plugin for IDA based on unicorn engine.

Supports following architectures out of the box: x86, x64, ARM, ARM64, MIPS, MIPS64


What is it GOOD for?
  • Emulate bare metal code (bootloaders, embedded firmware etc)
  • Emulate standalone functions

What is it BAD for?
  • Emulate complex OS code (dynamic libraries, processes etc)
  • Emulate code with many syscalls

What can be improved?
  • Find a way to emulate vendor specific register access (like MSR S3_x, X0 for ARM64)
  • Add more registers to track

Installation
  • brew install unicorn to install Unicorn binaries
  • pip install unicorn to install Unicorn python bindings
  • Use File / Script file... or ALT+F7 in IDA to load uEmu.py

Optionally uEmu can be loaded automatically as IDA plugin. In this case put it into [IDA]/Plugins folder and change USE_AS_SCRIPT to False inside uEmu.py

Note: on Windows you might need to add IDA Pro Qt5 path

import syssys.path.append('D:\\Soft\\IDA Pro 7.x\\python\\3\\PyQt5')


Disqus Comments