From 5b3bbaac9ae520cbdc91cda2857fa5c98c250ded Mon Sep 17 00:00:00 2001 From: vm-packages Date: Tue, 7 May 2024 13:35:05 +0000 Subject: [PATCH] Add ida.plugin.comida.vm Closes https://github.com/mandiant/VM-Packages/issues/1026. --- .../ida.plugin.comida.vm/ida.plugin.comida.vm.nuspec | 12 ++++++++++++ .../ida.plugin.comida.vm/tools/chocolateyinstall.ps1 | 8 ++++++++ .../tools/chocolateyuninstall.ps1 | 6 ++++++ 3 files changed, 26 insertions(+) create mode 100644 packages/ida.plugin.comida.vm/ida.plugin.comida.vm.nuspec create mode 100644 packages/ida.plugin.comida.vm/tools/chocolateyinstall.ps1 create mode 100644 packages/ida.plugin.comida.vm/tools/chocolateyuninstall.ps1 diff --git a/packages/ida.plugin.comida.vm/ida.plugin.comida.vm.nuspec b/packages/ida.plugin.comida.vm/ida.plugin.comida.vm.nuspec new file mode 100644 index 000000000..6e5b6069b --- /dev/null +++ b/packages/ida.plugin.comida.vm/ida.plugin.comida.vm.nuspec @@ -0,0 +1,12 @@ + + + + ida.plugin.comida.vm + 0.0.0.20240507 + Airbus CERT + IDA Plugin that help analyzing modules using COM. + + + + + diff --git a/packages/ida.plugin.comida.vm/tools/chocolateyinstall.ps1 b/packages/ida.plugin.comida.vm/tools/chocolateyinstall.ps1 new file mode 100644 index 000000000..2fc9c8718 --- /dev/null +++ b/packages/ida.plugin.comida.vm/tools/chocolateyinstall.ps1 @@ -0,0 +1,8 @@ +$ErrorActionPreference = 'Stop' +Import-Module vm.common -Force -DisableNameChecking + +$pluginName = 'comida.py' +$pluginUrl = 'https://raw.githubusercontent.com/airbus-cert/comida/177ea45f98b153552dc13545dda64a6a26fab0a0/comida.py' +$pluginSha256 = '95e33b6b8afd44a4c924ae2bd8779c645751926f9312a99d3332066388d55be6' + +VM-Install-IDA-Plugin -pluginName $pluginName -pluginUrl $pluginUrl -pluginSha256 $pluginSha256 diff --git a/packages/ida.plugin.comida.vm/tools/chocolateyuninstall.ps1 b/packages/ida.plugin.comida.vm/tools/chocolateyuninstall.ps1 new file mode 100644 index 000000000..29056fe28 --- /dev/null +++ b/packages/ida.plugin.comida.vm/tools/chocolateyuninstall.ps1 @@ -0,0 +1,6 @@ +$ErrorActionPreference = 'Continue' +Import-Module vm.common -Force -DisableNameChecking + +$pluginName = 'comida.py' +VM-Uninstall-IDA-Plugin -pluginName $pluginName +