Home

Awesome

Lumen

A private Lumina server that can be used with IDA Pro 7.2+.

lumen.abda.nl runs this server.

You can read about the protocol research here.

Features

Getting Started

Docker Method (Recommended)

In this method precompiled docker images will be downloaded, All you need is docker-compose.yml.

  1. Install docker-engine and docker-compose.
  2. If using a custom TLS certificate, copy the private key (.p12/.pfx extension) to ./dockershare and set the key password in .env as PKCSPASSWD.
  3. If using a custom Lumen config, copy it to ./dockershare/config.toml.
  4. Otherwise, or if you have finished these steps, just run docker-compose up.
  5. Regardless, if TLS is enabled in the config.toml, a hexrays.crt will be generated in ./dockershare to be copied to the IDA install directory.

Building from source with Rust

  1. git clone https://github.com/naim94a/lumen.git

  2. Get a rust toolchain: https://rustup.rs/

  3. cd lumen

  4. Setup a the database

    • install postgres

    • install diesel-cli and run migrations:

      cargo install diesel_cli --no-default-features -Fpostgres
      diesel --config-file common/diesel.toml \
         --database-url postgres://postgres:password@localhost/lumen \
         migration run
      
  5. cargo build --release

Usage

./lumen -c config.toml

Configuring IDA

IDA Pro >= 8.1

If you used LUMEN in the past, remove the LUMINA settings in the ida.cfg or idauser.cfg files, otherwise you will get a warning about bad config parameters.

Setup under Linux :
#!/bin/sh
export LUMINA_TLS=false
$1
Setup under Windows :
set LUMINA_TLS=false
%1
Setup IDA

IDA Pro < 8.1

You will need IDA Pro 7.2 or above in order to use lumen.

The following information may get sent to lumen server: IDA key, Hostname, IDB path, original file path, file MD5, function signature, stack frames & comments.

Example:

LUMINA_HOST = "192.168.1.1";
LUMINA_PORT = 1234

// Only if TLS isn't used:
LUMINA_TLS = NO

Configuring TLS

IDA Pro uses a pinned certificate for Lumina's communcation, so adding a self-signed certificate to your root certificates won't work. Luckily, we can override the hard-coded public key by writing a DER-base64 encoded certificate to "hexrays.crt" in IDA's install directory.

You may find the following commands useful:

# create a certificate
openssl req -x509 -newkey rsa:4096 -keyout lumen_key.pem -out lumen_crt.pem -days 365 -nodes

# convert to pkcs12 for lumen; used for `lumen.tls` in config
openssl pkcs12 -export -out lumen.p12 -inkey lumen_key.pem -in lumen_crt.pem

# export public-key for IDA; Copy hexrays.crt to IDA installation folder
openssl x509 -in lumen_crt.pem -out hexrays.crt

No attempt is made to merge function data - this may cause a situation where metadata is inconsistent. Instead, the metadata with the highest calculated score is returned to the user.


Developed by Naim A.; License: MIT.