Reversing C++ Without Getting a Heart Attack – DEvirtualize VIrtual Calls With Devi

TLDR: This blogpost presents devi, a tool that can help you devirtualize virtual calls in C++ binaries. It uses Frida to trace the execution of a binary and uncover the call sources and destinations of virtual calls. The collected information can then be viewed in IDA Pro, Binary Ninja, or Ghidra. The plugin adds the respective control-flow edges allowing further analysis (using different plugins) or simply providing more comfort when analyzing C++ binaries.

c58K9s2c8@1M7s2y4Q4x3@1q4Q4x3V1k6Q4x3V1k6A6L8Y4y4A6L8Y4g2S2N6r3!0J5i4K6u0W2L8X3g2@1i4K6u0r3x3U0l9J5x3q4)9J5c8U0p5I4i4K6u0r3M7X3g2$3k6i4u0K6K9h3&6Y4i4K6u0V1j5#2)9J5k6s2N6A6N6r3S2G2N6i4c8Q4x3X3c8Y4k6i4c8@1K9h3&6Y4i4K6u0V1j5g2)9J5k6r3S2W2j5i4u0@1i4K6u0V1j5i4c8@1j5h3y4C8i4K6u0V1k6r3g2$3K9i4u0@1N6h3q4D9K9i4A6W2i4K6u0V1N6X3W2J5N6s2g2S2L8q4)9J5k6r3y4S2L8r3I4K6i4K6u0V1N6$3W2@1K9q4)9J5k6r3c8W2N6X3W2Q4x3V1j5`.

[培训]传播安全知识、拓宽行业人脉——看雪讲师团队等你加入！