uEmu - Tiny Cute Emulator Plugin For IDA Based On Unicorn.

uEmu is a tiny cute emulator plugin for IDA based on unicorn engine. Supports following architectures out of the box: x86, x64, ARM, ARM64, MIPS, MIPS64 What is it GOOD for? Emulate bare metal code (bootloaders, embedded firmware etc) Emulate standalone functions What is it BAD for? Emulate complex OS code (dynamic libraries, processes etc) Emulate code with many syscalls What can be improved? Find a way to emulate vendor specific register access (like MSR S3_x, X0 for ARM64) Add more registers to track Installation brew install unicorn to install Unicorn binaries pip install unicorn to install Unicorn python bindings Use File / Script file... or ALT+F7 in IDA to load uEmu.py Optionally uEmu can be loaded automatically as IDA plugin. In this case put it into [IDA]/Plugins folder and change USE_AS_SCRIPT to False inside uEmu.py Note: on Windows you might need to add IDA Pro Qt5 path import syssys.path.append('D:\\Soft\\IDA Pro 7.x\\python\\3\\PyQt5') Download uEmu

uEmu - Tiny Cute Emulator Plugin For IDA Based On Unicorn.


uEmu is a tiny cute emulator plugin for IDA based on unicorn engine.

Supports following architectures out of the box: x86, x64, ARM, ARM64, MIPS, MIPS64


What is it GOOD for?
  • Emulate bare metal code (bootloaders, embedded firmware etc)
  • Emulate standalone functions

What is it BAD for?
  • Emulate complex OS code (dynamic libraries, processes etc)
  • Emulate code with many syscalls

What can be improved?
  • Find a way to emulate vendor specific register access (like MSR S3_x, X0 for ARM64)
  • Add more registers to track

Installation
  • brew install unicorn to install Unicorn binaries
  • pip install unicorn to install Unicorn python bindings
  • Use File / Script file... or ALT+F7 in IDA to load uEmu.py

Optionally uEmu can be loaded automatically as IDA plugin. In this case put it into [IDA]/Plugins folder and change USE_AS_SCRIPT to False inside uEmu.py

Note: on Windows you might need to add IDA Pro Qt5 path

import sys
sys.path.append('D:\\Soft\\IDA Pro 7.x\\python\\3\\PyQt5')