InsHelper - Documentation
[ InsHelper v0.1 - The Ourea Build:111119 ]
[ An IDA Pro Plugin ]
< All Rights Reserved (C) 2019- >
[ An IDA Pro Plugin ]
< All Rights Reserved (C) 2019- >
InsHelper is a simple IDA Pro plugin that allows you to web-search for x86 API names, x86 mnemonic documentation and selected/highlighted text. Additionally, it defaults to regular Google search for all non-x86 processor modules. All happens with one click (hotkey Ctrl-Shift-Q) of a button, depending on the current context.
Inshelper
[ Motivation ]
Too repetitive of a task to select and copy an API name and other strings, open your browser, paste API name, and hit enter.
[ Installation ]
1. Copy "\InsHelper\InsHelper32.dll" to "\IDA\plugins"
2. Copy "\InsHelper\InsHelper64.dll" to "\IDA\plugins"
2. Copy "\InsHelper\InsHelper64.dll" to "\IDA\plugins"
[ How it Works ]
All of the plugin's functionality is controlled via one shortcut key (Ctrl-Shift-Q) that functions differently depending on the current context.
A. Search for API names: If the cursor is on the line of a call instruction, pressing Ctrl-Shift-Q will lead to getting the API name, cleaning it if it starts with either of the strings, "ds:" or "j_", and then opening the default browser, with the search query set to "https://www.google.com/search?q=<api_name>"
Usually, the first result on Google points to the proper MSDN link.
Note: It's not possible to point directly to the proper API documentation link on Microsoft site, since different APIs live under different paths, and it would be too much work just to account for all of them. Thus, why I chose to Google search the API name instead.
B. x86 Mnemonic Help: If the cursor is on the line of an instruction other than call, pressing Ctrl-Shift-Q will lead to getting the instruction mnemonic and then opening the default browser, with the link https://www.felixcloutier.com/x86/<mnemonic>.
Note that Felix Cloutier parsed the Intel® 64 and IA-32 Architectures Software Developer’s Manual, converted it to HTML, and made most of the mnemonics live under different HTML pages.
Mind you, some of the mnemonics do not map to an HTML page with the menmonic's name only, but rather, they point to a page with a name that consists of multiple mnemonics. For example, for the mnmemonic "cwde", it would point to the page "cbw:cwde:cdqe". InsHelper accounts for all of these cases, with an internal array that takes into consideration such mapping.
C. String Search: Whatever is highlighted or selected (one line only) in the IDA-View or Output Windows, will lead to a regular Google search query of the h/s text.
(thanks to Joxean Koret @matalaz for the help on the API for getting selected text from the IDA-View window.)
D. Non-x86 Mnemonic Help: In case currently set processor is anything other than Intel x86, InsHelper will construct a Google search query pertaining to the currently set processor as follows:
<processor_name> processor instruction "<mnemonic>" help
For example,
hppa processor instruction "stw" help
A. Search for API names: If the cursor is on the line of a call instruction, pressing Ctrl-Shift-Q will lead to getting the API name, cleaning it if it starts with either of the strings, "ds:" or "j_", and then opening the default browser, with the search query set to "https://www.google.com/search?q=<api_name>"
Usually, the first result on Google points to the proper MSDN link.
Note: It's not possible to point directly to the proper API documentation link on Microsoft site, since different APIs live under different paths, and it would be too much work just to account for all of them. Thus, why I chose to Google search the API name instead.
B. x86 Mnemonic Help: If the cursor is on the line of an instruction other than call, pressing Ctrl-Shift-Q will lead to getting the instruction mnemonic and then opening the default browser, with the link https://www.felixcloutier.com/x86/<mnemonic>.
Note that Felix Cloutier parsed the Intel® 64 and IA-32 Architectures Software Developer’s Manual, converted it to HTML, and made most of the mnemonics live under different HTML pages.
Mind you, some of the mnemonics do not map to an HTML page with the menmonic's name only, but rather, they point to a page with a name that consists of multiple mnemonics. For example, for the mnmemonic "cwde", it would point to the page "cbw:cwde:cdqe". InsHelper accounts for all of these cases, with an internal array that takes into consideration such mapping.
C. String Search: Whatever is highlighted or selected (one line only) in the IDA-View or Output Windows, will lead to a regular Google search query of the h/s text.
(thanks to Joxean Koret @matalaz for the help on the API for getting selected text from the IDA-View window.)
D. Non-x86 Mnemonic Help: In case currently set processor is anything other than Intel x86, InsHelper will construct a Google search query pertaining to the currently set processor as follows:
<processor_name> processor instruction "<mnemonic>" help
For example,
hppa processor instruction "stw" help
________________________________________________________________________________
[ Comments | Questions ]
---------------------------------------------------------------------------------
Please feel free to send your comments, or any questions you may have my way.
=================================================================================
END OF DOCUMENTATION
=================================================================================
[ Comments | Questions ]
---------------------------------------------------------------------------------
Please feel free to send your comments, or any questions you may have my way.
=================================================================================
END OF DOCUMENTATION
=================================================================================