Overview
What is the Lumina server?
The Lumina server is a "functions metadata" repository.
It is a place where IDA users can push, and pull such metadata, to ease their reverse-engineering work: metadata can be extracted from existing projects, and re-applied effortlessly to new projects, thereby reducing (sometimes dramatically) the amount of time needed to analyze binaries.
Public vs. Private Lumina
IDA supports both Public and Private Lumina servers.
The Public Lumina server, maintained and operated by Hex-Rays, is shared across the entire IDA community. It enables collaborative function recognition by a global knowledge base contributed by users worldwide.
Alternatively, you can deploy a Private Lumina server. Available as an add-on for IDA Pro subscriptions, Private Lumina provides the same rapid function recognition capabilities as Public Lumina, but within your controlled infrastructure.
With Private Lumina, your organization’s knowledge base remains accessible only to authorized users: IDA Pro instances configured with the Private Lumina add-on and connected to your self-hosted server.
Accessing the Lumina Server
Lumina features are accessible from the Lumina menu in the IDA main menu bar.
Functions metadata
The Lumina server associates "function metadata" to functions, by means of a (md5) hash of those functions: whenever it wants to push information to, or pull information from the server, IDA will first have to compute hashes of the functions it wants to retrieve metadata for, and send those hashes to the Lumina server.
Similarly, when IDA pushes information to the Lumina server, it will first compute hashes for the corresponding functions, extract the metadata corresponding to those from the .idb file, and send those hash+metadata pairs to the server.
Metadata contents
Metadata about functions can include:
function name
function address
function size
function prototype
function [repeatable] comments
instruction-specific [repeatable] comments
anterior/posterior (i.e., "extra") comments
user-defined "stack points" in the function’s frame
the function frame description and stack variables
instructions operands representations
Pushing & overriding metadata
When a user pushes metadata about a function whose md5 hash isn’t present in the database, the Lumina server will simply create a new record for it.
However, when a user pushes metadata about a function whose md5 hash (and associated metadata) is already present in the database, the Lumina server will attempt to "score" the quality of the old metadata and the quality of the new metadata. If the score of the new metadata is higher, the new function metadata will override the previous one.
When a user asks IDA to push all functions to the Lumina server, IDA will automatically skip some functions: those that still have a "dummy" name (e.g., sub_XXXX), or that are below a certain size threshold (i.e., 32 bytes) will be ignored.
Metadata history
The Lumina server retains a history of the metadata associated to functions. Using the lc utility, it is possible to dig into that history, and view changes (detailed diffs, too.)
File contents
It’s worth pointing out that when pushing metadata to the Lumina server, IDA will not push the binary file itself. Only the following metadata about the file itself will be sent:
the name of the input file
the name of the IDB file
a
md5hash of the input file
The Lumina server cannot therefore be used as a backup/repository for binary files & IDBs (that is the role of the vault_server)
Supported architectures
Lumina in IDA Pro is currently available only for binaries compiled for the following architectures:
PC (x86/x64)
ARM
PPC
MIPS
RISC-V
For unsupported architectures, the Lumina menu is not shown in IDA, and pushing or pulling metadata is not available.
Last updated
Was this helpful?