Debugging IDAPython Scripts¶

While IDAPython is extremely useful, it can be a bit of a hassle to debug IDA Pro plugins. This tutorial will give get you started on debugging IDAPython scripts and plugins using Python Tools for Visual Studio.

And yes, it is completely free.

The Setup¶ For this tutorial, we will be using the following software: IDA Pro 6.8 Visual Studio Community Python Tools for Visual Studio, documentation can be found here. Python’s ptvsd module. Install using pip install ptvsd . The following plugin: # filename: ptvsd_enable.py import idaapi import ptvsd try : # Enable the debugger. Raises exception if called more than once. ptvsd . enable_attach ( secret = "IDA" ) except : pass class DebugPlugin ( idaapi . plugin_t ): flags = idaapi . PLUGIN_FIX comment = "PTVSD Debug Enable" help = "Enable debugging using PTVSD" wanted_name = "PTVSD" wanted_hotkey = "" def init ( self ): return idaapi . PLUGIN_KEEP def term ( self ): pass def run ( self , arg ): pass def PLUGIN_ENTRY (): return DebugPlugin () For the purposes of this tutorial, you can try and debug this plugin: # filename: sample_debuggee.py import idaapi def my_debugged_function (): # Set breakpoint here! pass class SamplePlugin ( idaapi . plugin_t ): flags = idaapi . PLUGIN_PROC comment = "Sample Debuggee" help = "Sample Debuggee" wanted_name = "Sample Debuggee" wanted_hotkey = "Shift+D" def init ( self ): return idaapi . PLUGIN_KEEP def term ( self ): pass def run ( self , arg ): my_debugged_function () def PLUGIN_ENTRY (): return SamplePlugin ()

Debugging¶ Put ptvsd_enable.py (provided above) in IDA’s plugins directory. If you want to use the sample debuggee, put it in the plugins directory as well. Start IDA and load an IDB (otherwise weird issues arise) Load the code you want to debug into Visual Studio and set breakpoints. In Visual Studio (with the plugin file open), use DEBUG->Attach to process In the dialog, select idaq.exe and click Attach We are now attached. Once a breakpoint is hit, Visual Studio will break and let you debug. Have fun debugging!