IDA 9.0

How to create a plugin in C++?

How to create a plugin with C++ SDK?

Intro

The C++ SDK allows developers to create powerful plugins that can extend the IDA Pro capabilities, that enable deeper integration and more control over IDA's core functionality.

This guide will walk you through creating a basic plugin using the C++ SDK, demonstrating the structure and best practices for developing C++ plugins for IDA Pro.

Prerequistes

  • Installed the lastest C++ SDK. You can get it from our Download Center in My Hex-Rays portal.

  • A working C++ development environment (compiler, debugger, etc.). For the Windows Visual Studio users, a plugin template has been created that can be used to create plugin solutions. It can be found in the C++ SDK with a corresponding README file.

Before you start

  1. Check the C++ SDK Reference Documentation for a comprehensive list of classes, functions, and available APIs.

  2. Familiarize yourself with the plugin_t class and plugmod_t, that are fundamental for creating plugins using the C++ SDK.

  3. Ensure compatibility with the latest version of IDA Pro and refer to the C++ SDK Porting Guide for any recent changes that might affect your plugin.

Overview of the Plugin Structure

An IDA Pro plugin written in C++ typically involves:

  • A class that inherits from plugmod_t, this class will implement the actual plugin functionality.

  • An init() function that will return a pointer to the above mentioned class.

  • Flags that specify when and how the plugin should be loaded and unloaded.

Writing a plugin in C++—basic steps

Create a basic plugin structure

Start by creating a new C++ source file for your plugin. This file will contain the main logic and define the necessary classes and methods for your plugin.

Define base classes

When creating a plugin, it's recommended to create an instace of the class plugin_t with specific flags and a class inheriting from plugmod_t that performs the core functionality.

Example of `implementation:

#include <ida.hpp>
#include <idp.hpp>
#include <loader.hpp>
#include <funcs.hpp>

// Define the class that inherits from plugmod_t
class MyPlugmod : public plugmod_t 
{
public:
	// Constructor
	MyPlugmod() 
	{
		msg("MyPlugmod: Constructor called.\n");
	}

	// Destructor
	virtual ~MyPlugmod() 
	{
		msg("MyPlugmod: Destructor called.\n");
	}

	// Method that gets called when the plugin is activated
	virtual bool idaapi run(size_t arg) override
	{
		msg("MyPlugmod.run() called with arg: %d\n", arg);

		// Iterate through all functions and print their names and addresses
		int n = get_func_qty();
		for (int i = 0; i < n; i++) {
			func_t* pfn = getn_func(i);
			if (pfn == nullptr)
				continue;

			qstring name;
			get_func_name(&name, pfn->start_ea);
			msg("Function %s at address 0x%llX\n", name.length() ? name.c_str(): "-UNK-" , pfn->start_ea);
		}

		return true;
	}
};

static plugmod_t* idaapi init(void)
{
	return new MyPlugmod();
}

plugin_t PLUGIN =
{
  IDP_INTERFACE_VERSION,
  PLUGIN_MULTI,         // plugin flags
  init,                 // initialize
  nullptr,              // terminate. this pointer can be nullptr
  nullptr,              // invoke the plugin
  nullptr,              // long comment about the plugin
  nullptr,              // multiline help about the plugin
  "List functions",		// the preferred short name of the plugin
  ""					// the preferred hotkey to run the plugin
};

In our example:

  • MyPlugmod class: This class inherits from plugmod_t and overrides the run() method to perform the plugin's main functionality. The constructor and destructor provide initialization and cleanup messages.

  • PLUGIN exported plugin_t instance: This object sets the PLUGIN_MULTI flag to allow the plugin to be loaded multiple times if needed.

  • init function: This function is called by the by the kernel in order to initialize the plugin. It returns an instance of MyPlugmod.

Build and install your plugin

  1. Compile your plugin. Once your plugin code is ready, Use your C++ development environment to compile the plugin source code into a shared library (.dll on Windows, .so on Linux, or .dylib on macOS).

  2. Install your plugin. Copy the compiled plugin binary to the plugins directory in your IDA installation folder.

  3. Run your plugin. Execute the plugin via the specified hotkey or by selecting it from the Edit -> Plugins submenu.

Last updated