Debugging IDAPython Scripts

While IDAPython is extremely useful, it can be a bit of a hassle to debug IDA Pro plugins. This tutorial will give get you started on debugging IDAPython scripts and plugins using Python Tools for Visual Studio.

And yes, it is completely free.

The Setup

For this tutorial, we will be using the following software:

  1. IDA Pro 6.8

  2. Visual Studio Community

  3. Python Tools for Visual Studio, documentation can be found here.

  4. Python’s ptvsd module. Install using pip install ptvsd.

  5. The following plugin:

    # filename: ptvsd_enable.py
    
    import idaapi
    import ptvsd
    
    try:
        # Enable the debugger. Raises exception if called more than once.
        ptvsd.enable_attach(secret="IDA")
    except:
        pass
    
    
    class DebugPlugin(idaapi.plugin_t):
        flags = idaapi.PLUGIN_FIX
        comment = "PTVSD Debug Enable"
        help = "Enable debugging using PTVSD"
        wanted_name = "PTVSD"
        wanted_hotkey = ""
    
        def init(self):
            return idaapi.PLUGIN_KEEP
    
        def term(self):
            pass
    
        def run(self, arg):
            pass
    
    
    def PLUGIN_ENTRY():
        return DebugPlugin()
    

For the purposes of this tutorial, you can try and debug this plugin:

# filename: sample_debuggee.py

import idaapi


def my_debugged_function():
    # Set breakpoint here!
    pass


class SamplePlugin(idaapi.plugin_t):
    flags = idaapi.PLUGIN_PROC
    comment = "Sample Debuggee"
    help = "Sample Debuggee"
    wanted_name = "Sample Debuggee"
    wanted_hotkey = "Shift+D"

    def init(self):
        return idaapi.PLUGIN_KEEP

    def term(self):
        pass

    def run(self, arg):
        my_debugged_function()


def PLUGIN_ENTRY():
    return SamplePlugin()

Debugging

  1. Put ptvsd_enable.py (provided above) in IDA’s plugins directory. If you want to use the sample debuggee, put it in the plugins directory as well.

  2. Start IDA and load an IDB (otherwise weird issues arise)

  3. Load the code you want to debug into Visual Studio and set breakpoints.

  4. In Visual Studio (with the plugin file open), use DEBUG->Attach to process

    _images/debugging_menu.PNG
  5. In the dialog, select idaq.exe and click Attach

    _images/attach_dialog.PNG
  6. We are now attached. Once a breakpoint is hit, Visual Studio will break and let you debug.

  7. Have fun debugging!

Important Notes

  1. When debugging (breaking and stepping), IDA will be frozen.
  2. Load your IDB prior to attaching the debugger.
  3. For easy debug-on-demand, keep ptvsd_enable.py in IDA’s plugins directory at all times.
  4. To set breakpoints, make sure you load into VS the files that are actually loaded by IDA.

If you find any issues with the tutorial, please submit them here.