Description
Well I got nsisdump.py to run and made some improvements
NSIS Reversing Suite history
0.2.4 [30 Nov 2017 by Djamana]
* nrs.strings expanding strings
- Fixed problem with no expanding anything for NSIS Version 2
- NS_SHELL_CODE: added expanding for CSIDLs
- NS_VAR_CODE change some names so be more NSIS conform
* Decompression layer
- added support for uncompressed scripts (tests/samples/example_none.exe)
- added support for lzma that is just included since Python3.3
* Dumping section
- error handler for case where section is bigger than the file
As well as I got 'test_fileform.py' running after having pytest installed - it even works in Wing IDE.
But the files can't stay inside 'tests'. I have to move them one dir up.
-> Hmm I'm just curious how to get these executed from the test Dir?
from ..nrs import fileform is not allowed
also running it like python.exe tests\test_fileform.py doesn't work.
Okay I used all these experience to finally get it running inside IDA but failed.
The Readme is really rough. Please write I little more about the background and the why + general plan. Just slamming the commands written there into the console - works sometimes but sometimes there are errors.
Well pip install nrs works partly 'error: command 'swig.exe' failed: No such file or directory'
(so like this only zlib will work)
Not written in the readme but 'pip install virtualenv' worked out
"virtualenv -p python2 venv" doesn't work but
virtualenv venv does
Now there is some new folder f:----\IDAPro6.6\venv with some files
I can't riddle out what the "source venv/bin/activate" should accomplish.
but I ran \IDAPro6.6\venv\Scripts\activate.bat and now got a prompt with
(venv) F:...\IDAPro6.6>
python -c "import nrs.ida;nrs.ida.install()" fails but getting what the script should do I copy these two files by hand:
.copy ..nrs-0.2.4\nrs\ida\loader.py => ida/loaders/nsis.py
.copy ..nrs-0.2.4\nrs\ida\proc.py => ida/procs/nsis_script.py
and also
xcopy ..nrs-0.2.4\nrs\ => ida/procs/
Now it hardly works:
Warning
F:...\IDAPro6.6\loaders\nsis.py: Traceback (most recent call last):
File "F:/I..../IDAPro6.6/loaders/nsis.py", line 39, in load_file
nsis_netnode.hashset('VERSION_MAJOR', nsis.version_major)
File "F:\I.....\IDAPro6.6\python\idaapi.py", line 5608, in hashset
return _idaapi.netnode_hashset(self, *args)
TypeError: in method 'netnode_hashset', argument 3 of type 'void const *'
Anyway gotta got.
I'll try more later.