as you probably have noticed my blog-post frequence went down a little bit during the past 4 to 6 months, since I am super busy… I am still alive though :). Today I want to share an interesting IDA Pro plugin that I ‘ve been testing for awhile called idapathfinder. Once you installed it ( $ ./install.py /path/to/ida/install/directory ) you’ll se a brand new sub-menu in the “view Graphs” menu named “Find all path to…“.
Immediatly after your selection a new window form will ask you what target function you want to look for. From the original graph the plugin will highlight the the path to the function you’ve just selecteed. The following image (from idapathfinder documentation) shows the path to strcpy.
idapathfinder is a great plugin, pretty useful for vulnerability hunting. However I would like to see something a little bit more automated such as: a procedure to look for the path to known vulnerable functions, a procedure to look for path to null pointers and a procedure to look for path to wrong input checking functions.. and so forth.