How to Generate DarunGrim DGF files from Command Line

Using DarunGrim doesn’t mean that you always need to use DarunGrim GUI to generate and analyze files. Everything can be scriptable from generating DGF files and initiating diffing process to consuming diffing data. Most of the data is saved in SQLite format and the schema of the tables used are pretty simple to understand and use.

So, first of all, today I’ll go through basic process of generating DGF files from IDB files. The DarunGrim plugin (DarunGrimPlugin.plw) exposes some useful functions to IDC scripts and it will enable you to do some custom operations.

First, write a IDC script like following. You can replace log file name used in SetLogFile function and the output filename used in SaveAnalysisData function to whatever of your choice. The 2nd and 3rd argument for SaveAnalysisData function is start and end EA (effective address). Just passing 0s for them will generate DGF file for whole code sections in the file.

 

 

 

 

 

After saving this file, you can simply run following command from the console. In this case, I assume that you saved the file as “DarunGrim.idc” file.

 

“C:\Program Files (x86)\IDA 6.5\idaq.exe” -A -L”IDALog.txt” -S”DarunGrim.idc” sample.idb

 

The IDALog.txt file will have the same log messages displayed on the log pane of the IDA GUI program. The DarunGrimLog.txt file will contain DarunGrim specific logs in it.

Depending on the IDB file size, it will take some time to generate output.dgf file.