For the sake of readability, I often color junk code with some dark color.
This makes the disassembly much more readable as shown below.
However, coloring instructions in IDA Pro is not very handy.
One has to go through menus ("Edit"->"Other"->"Color instruction...") and pick up a color for every single block to be colored.
That's why I wrote a very simple IDC script which can help with this and save some time. It simply colors the current instruction (at the cursor location) or the selected instructions, if any.
Running the script on an instruction that's been colored already sets its color back to the default value.
Also, a new hotkey ("j" in this case) is defined.
#include <idc.idc>
#define JUNK_COLOR 0x7f5555
static ColorJunkCode()
{
auto start, end;
if ((start = SelStart()) == BADADDR)
start = end = ScreenEA();
else
end = SelEnd();
do {
if (GetColor(start, CIC_ITEM) == JUNK_COLOR)
SetColor(start, CIC_ITEM, DEFCOLOR);
else
SetColor(start, CIC_ITEM, JUNK_COLOR);
start = NextAddr (start);
} while (start < end);
Refresh();
}
static main()
{
AddHotkey ("j", "ColorJunkCode");
}
Run the script in IDA ("File"->"Script file...") and you're ready to go.
Hitting <j> will now color current/selected instructions.
If you want IDA to load this script automatically, follow these steps:
- Store this script in IDA/idc (not mandatory but it makes sense to keep all scripts in the same directory)
- Edit IDA/idc/ida.idc:
- Add the line "#include <colorjunk.idc>" (or whatever filename you like) at the top of the file
- Copy/paste the AddHotkey instruction into the function "main"
- Remove the function "main" from colorjunk.idc
Nice job.
ReplyDeleteCould be quite neat to add auto functions also for math functions (massive rol,add,xor,or,sub,mul, etc), and some memory functions too (module loading -> VirtualAlloc -> indirect jmp -> VirtualFree) etc