IDA Compare Updates


Author: David Zimmer
Date: 03.21.25 - 3:23am


So after like a decade of being out of commission, I finally found some time last weekend to resurrect IDA Compare. It is now included in the IDA_JScript installer with support for IDA 7/8/9.

The exporter UI used to run in the 32bit IDA process. Once IDA was no longer 32 bit..my vb6 UI got hosed. Now the exporter is built into IDA Compare main exe and uses the IDASrvr IPC plugin to do its work. It wasnt actually that much work, I have just been lazy.

The IDASrvr plugin for IDA 9 now adds some Edit/IdaCompare/ menu options that allow you to launch IDA compare directly as well as start the export process from the menu such as Export A, Export B and Export Fname. These options will use the last used database ida compare saved. (no streamline way to set the db from the menu)

The export fname option will allow you to save the compare data to the database into a table with the base file name. So one ida compare database can hold multiple tables now. btw the database engine was now switched to sqllite over access. You will need to manually install the 32bit sqllite drivers

The plugin can also be run from the command line something like:

C:IDA9>ida -A -Oidacompare:export_a bad.exe_

In this scenario ida will disassemble bad.exe_, the plugin will wait for disassembly to be complete, then it will launch ida compare with the /export_a argument. Ida compare will start up, connect to the specified ida hwnd, do the importing, then close down IDA.

In this convoluted way we now have command line based automated exporting. the args it accepts are export_a, export_b, export_fname.

Since IDA Compare was built to diff tables a/b there is now a new table manager that allows you to rename and copy around tables to prep them for diffing. I might streamline this some more but it is what it is for now.



I will port these plugin extras over to the IDA 7/8 plugins soon. IDA JScript and IDA Compare now work seamlessly with IDA 7/8/9.

I will also add in the ability to run ida jscript scripts from the command line when shelling out IDA in automation mode.




Comments: (0)

 
Leave Comment:
Name:
Email: (not shown)
Message: (Required)
Math Question: 46 + 68 = ? followed by the letter: E 



About Me
More Blogs
Main Site
Posts: (year)
2025 (3)
     upside down pyramid
     IDA Compare Updates
     Bindiff Niceity
2024 (1)
     MAP Update
2023 (4)
     Yara Workbench Automation
     VS linker versions
     IDA decompiler comments
     DispCallFunc
2022 (5)
     VB6 Implements
     VB6 Stubs BS
     VB6 TypeInfo
     VB6 VTable Layout
     Yara isPCode rule
2021 (2)
     rtcTypeName
     VB6 Gosub
2020 (5)
     AutoIT versions
     IDA JScript 2
     Using VB6 Obj files from C
     Yara Corrupt Imports
     Yara Undefined values
2019 (6)
     Yara WorkBench
     SafeArrayGetVartype
     vb6 API and call backs
     PrintFile
     ImpAdCallNonVirt
     UConnect Disable Cell Modem
2017 (5)
     IDA python over IPC
     dns wildcard blocking
     64bit IDA Plugins
     anterior lines
     misc news/updates
2016 (4)
     KANAL Mod
     Decoders again
     CDO.Message Breakpoints
     SysAnalyzer Updates
2015 (5)
     SysAnalyzer and Site Updates
     crazy decoder
     ida js w/dbg
     flash patching 2
     JS Graphing
2014 (5)
     Delphi IDA Plugin
     scdbg IDA integration
     API Hash Database
     Winmerge plugin
     IDACompare Updates
2013 (9)
     Guest Post @ hexblog
     TCP Stream Reassembly
     SysAnalyzer Updates
     Apilogger Video
     Shellcode2Exe trainer
     scdbg updates
     IDA Javascript w/IDE
     Rop Analysis II
     scdbg vrs ROP
2012 (13)
     flash patching
     x64 Hooks
     micro hook
     jmp api+5 *2
     SysAnalyzer Updates
     InjDll runtime config
     C# Asm/Dsm Library
     Shellcode Hook Detection
     Updates II
     findDll
     Java Hacking
     Windows 8
     Win7 x64
2011 (19)
     Graphing ideas
     .Net Hacking
     Old iDefense Releases
     BootLoaders
     hll shellcode
     ActionScript Tips
     -patch fu
     scdbg ordinal lookup
     scdbg -api mode
     Peb Module Lists
     scdbg vrs Process Injection
     GetProcAddress Scanner
     scdbg fopen mode
     scdbg findsc mode
     scdbg MemMonitor
     demo shellcodes
     scdbg download
     api hashs redux
     Api hash gen
2010 (11)
     Retro XSS Chat Codes
     Exe as DLL
     Olly Plugins
     Debugging Explorer
     Attach to hidden process
     JS Refactoring
     Asm and Shellcode in CSharp
     Fancy Return Address
     PDF Stream Dumper
     Malcode Call API by Hash
     WinDbg Cheat Sheet
2009 (1)
     GPG Automation