uEmu – Tiny Cute Emulator Plugin For IDA Based On Unicorn.
uEmu is a tiny cute emulator plugin for IDA based on unicorn engine.
Supports following architectures out of the box: x86, x64, ARM, ARM64, MIPS, MIPS64
What is it GOOD for?
- Emulate bare metal code (bootloaders, embedded firmware etc)
- Emulate standalone functions
What is it BAD for?
- Emulate complex OS code (dynamic libraries, processes etc)
- Emulate code with many syscalls
What can be improved?
- Find a way to emulate vendor specific register access (like
MSR S3_x, X0for ARM64) - Add more registers to track
Installation
brew install unicornto install Unicorn binariespip install unicornto install Unicorn python bindings- Use
File / Script file...orALT+F7in IDA to load uEmu.py
Optionally uEmu can be loaded automatically as IDA plugin. In this case put it into [IDA]/Plugins folder and change USE_AS_SCRIPT to False inside uEmu.py
Note: on Windows you might need to add IDA Pro Qt5 path
import sys
sys.path.append('D:\Soft\IDA Pro 7.x\python\3\PyQt5')
Download uEmu
If you like the site, please consider joining the telegram channel or supporting us on Patreon using the button below.
