zlacker

Diaphora: an open-source program diffing IDA plugin

submitted by Dyslex+(OP) on 2023-06-21 20:58:39 | 122 points 25 comments
[view article] [source] [go to bottom]

NOTE: showing posts with links only show all posts
6. antonk+rN6[view] [source] 2023-06-23 18:25:06
>>Dyslex+(OP)
If you need to compare (and merge) an arbitrary number of files side-by-side, I recommend diffuse https://github.com/MightyCreak/diffuse
7. glonq+iR6[view] [source] 2023-06-23 18:47:08
>>Dyslex+(OP)
On a related note, can anybody recommend a effective, portable, lightweight, open/free app for diffing and patching artibrary binary files (not just executables) ?

My long-time fave is JojoDiff https://jojodiff.sourceforge.net

...but I'm always curious to know what else is out there.

◧◩
8. hpb42+nX6[view] [source] [discussion] 2023-06-23 19:23:12
>>pestat+W5
Wikipedia entry for IDA Pro: https://en.wikipedia.org/wiki/Interactive_Disassembler

I'm curious to know how much a license costs, I couldn't find easily on their website.

◧◩
9. muxato+027[view] [source] [discussion] 2023-06-23 19:48:23
>>antonk+rN6
Thanks, just today I decided that the current status of Meld (https://meldmerge.org/) was untenable for me.

It used to be a fast program, with a reasonable interface.

For a long time now its interface has been "simplifed" following GNOME 3's User Interface Guidelines, and everything ended up being hidden inside a hamburger menu.

But what definitely made it untenable was not the UX, but its tendency to crash and being really slow under the slightest load.

I was considering contributing to the project, but honestly a better engineered alternative would be welcome.

Thanks for the info (and thanks Kai Willadsen for Meld).

◧◩
10. mdanie+k77[view] [source] [discussion] 2023-06-23 20:19:49
>>debate+7o6
I didn't try to run it to see what it would do, but FWIW it does have "I am running outside of IDA" guards, and the comments further down in the file also mention "when running outside of IDA ..." https://github.com/joxeankoret/diaphora/blob/3.0/diaphora.py...
◧◩◪
12. crimso+mc7[view] [source] [discussion] 2023-06-23 20:54:29
>>hpb42+nX6
Depends what you want to do with it really.

https://www.hex-rays.com/cgi-bin/quote.cgi/products

17. westur+EP7[view] [source] 2023-06-24 01:24:55
>>Dyslex+(OP)
What would it take to add an adapter to or port Diaphora to Ghidra?

A bunch of open source Ghidra plugins, some ported from IDA: https://github.com/fr0gger/awesome-ida-x64-olly-plugin/blob/... ctrl-f 'diff', 'bindiff'

ghidra-patchdiff-correlator#how-does-it-work: https://github.com/threatrack/ghidra-patchdiff-correlator#ho...

https://ghidra.re/ghidra_docs/api/ghidra/python/PythonPlugin...

ghidra-jython-kernel + jupyter_console: https://github.com/AllsafeCyberSecurity/ghidra-jython-kernel

ghidrathon https://www.mandiant.com/resources/blog/ghidrathon-snaking-g... :

> Ghidrathon replaces the existing Python 2 extension implemented via Jython. This includes the interactive interpreter window, integration with the Ghidra Script Manager, and script execution in Ghidra headless mode. You can build and install Ghidrathon using the steps outlined in our README to start using the features described below [...]

> Alternatives: Ghidrathon is one of multiple solutions, including Ghidraal, Ghidra Bridge, and pyhidra, that enables Python 3 scripting in Ghidra. Each solution is implemented differently with accompanying benefits and limitations. We encourage you to explore all solutions and choose which best fits your needs.

18. xvilka+Q18[view] [source] 2023-06-24 03:30:28
>>Dyslex+(OP)
Rizin[1][2] provides basic diffing capabilities out of the box with the `rz-diff` tool. We plan to expose it in our GUI, Cutter, too, in the near future.

[1] https://rizin.re

[2] https://github.com/rizinorg/rizin

25. serito+J19[view] [source] 2023-06-24 14:43:14
>>Dyslex+(OP)
Since I don't see it mentioned so far, BinDiff is an alternative: https://www.zynamics.com/bindiff.html https://www.zynamics.com/software.html
[go to top]