Home

Awesome

Pinokio

Pinokio is a Python script which uses OpenAI's davinci-003 model to help with vulnerabilities research on functions decompiled by IDA Pro. At the moment, it can ask davinci-003 to find vulnerabilities in function and it will add comments on the top of the function. Here is a simple example of what results it can provide in mere seconds:

Setup

Simply drop this script into your IDA plugins folder ($IDAUSR/plugins). By default, on Windows, this should be %AppData%\Hex-Rays\IDA Pro\plugins (you may need to create the folder).

You will need to add the required packages to IDA's Python installation for the script to work. Find which interpreter IDA is using by checking the following registry key: Computer\HKEY_CURRENT_USER\Software\Hex-Rays\IDA (default on Windows: %LOCALAPPDATA%\Programs\Python\Python39). Finally, with the corresponding interpreter, simply run:

[/path/to/python] -m pip install -r requirements.txt

⚠️ You will also need to edit the script and add your own API key, which can be found on this page. Please note that davinci-003 queries are not free (although not very expensive) and you will need to set up a payment method.

Usage

Once the plugin is installed properly, you should be able to invoke it from the context menu of IDA's pseudocode window, as shown in the screenshot below:

You can also use the following hotkeys:

Initial testing shows that asking for better names works better if you ask for an explanation of the function first – I assume because davinci-003 then uses its own comment to make more accurate suggestions. There is an element of randomness to the AI's replies. If for some reason the initial response you get doesn't suit you, you can always run the command again.

Limitations

Inspiration and credit

this tool is based on Gepetto, which is another greate IDA plugin based on Chat-GPT (https://github.com/JusticeRage/Gepetto)

Acknowledgements