Skip to content

Champ-Goblem/IDAPython-Load-Joker-Symbols

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

8 Commits
import_sym
import_sym
 
 
.gitignore
.gitignore
 
 
LICENSE
LICENSE
 
 
README.md
README.md
 
 
ida_load_joker_sym.py
ida_load_joker_sym.py
 
 
ida_load_joker_sym_reload.py
ida_load_joker_sym_reload.py
 
 

Repository files navigation

About

Takes the symbol file produced by joker -j <kernelcache> and imports any of the symbols that have been discovered by the program.

It does not import symbols labeled as _func_

Usage

Generate the symbol file using:

joker -j <kernelcache>

with a decrypted kernelcache

Then ensure that that file produced by is in the current working directory where IDA is analysing the kernelcache
Advised to rename the file to kernelcache.sym or something easier to remember

Now load the script into IDA with File->Script File and select ida_load_joker_sym.py

The python utility will be imported as imp

Now run the script using imp.import_symbols("<kernelcache.sym File>")

Reloading the module after change

If you have altered the python script while the file was already imported into IDA you can simply import it again using File->Script File and select ida_load_joker_sym_reload.py

About

Load symbols produced by Jonathan Levin's tool Joker into IDA

Resources

Readme

License

GPL-3.0 license
Activity

Stars

0 stars

Watchers

2 watching

Forks

0 forks
Report repository

Releases

No releases published

Packages

No packages published

Languages