ida-pro-mcp
by: mrexodia
MCP Server for IDA Pro
📌Overview
Purpose: The IDA Pro MCP aims to simplify the process of reverse engineering by providing a user-friendly MCP (Model Context Protocol) server for the IDA Pro environment.
Overview: This MCP server enables seamless interaction with IDA Pro, facilitating various reverse engineering tasks through a straightforward plugin that requires minimal setup. Users can easily access and manipulate functions within the IDA database, improving the overall reversing workflow.
Key Features:
-
Function Retrieval: Methods like
get_function_by_name(name)
andget_function_by_address(address)
allow users to quickly locate specific functions, enhancing navigation and analysis efficiency. -
Decompilation and Disassembly: Features such as
decompile_function(address)
anddisassemble_function(address)
provide users with the ability to obtain high-level representation and assembly code respectively, aiding in detailed examination of code behavior. -
Manipulation Tools: Users can rename variables and functions, set prototypes, and adjust comments directly within IDA's pseudocode and disassembly through functions like
rename_function(function_address, new_name)
,set_decompiler_comment(address, comment)
, andset_disassembly_comment(address, comment)
, thereby streamlining the analysis process. -
Lightweight Setup: Requires only copying a single file (
mcp-plugin.py
) to the IDA plugin directory without additional dependencies, making installation straightforward. -
Extensibility: New functionalities can be added easily, allowing users to adapt the plugin to their specific needs with minimal overhead, encouraging rapid development and innovation in reverse engineering tools.
IDA Pro MCP
Simple MCP Server to allow vibe reversing in IDA Pro.
The binaries and prompt for the video are available in the mcp-reversing-dataset repository.
Available functionality
check_connection
: Check if the IDA plugin is running.get_metadata()
: Get metadata about the current IDB.get_function_by_name(name)
: Get a function by its name.get_function_by_address(address)
: Get a function by its address.get_current_address()
: Get the address currently selected by the user.get_current_function()
: Get the function currently selected by the user.convert_number(text, size)
: Convert a number (decimal, hexadecimal) to different representations.list_functions(offset, count)
: List all functions in the database (paginated).list_strings(offset, count)
: List all strings in the database (paginated).search_strings(pattern, offset, count)
: Search for strings containing the given pattern (case-insensitive).decompile_function(address)
: Decompile a function at the given address.disassemble_function(start_address)
: Get assembly code (address: instruction; comment) for a function.get_xrefs_to(address)
: Get all cross references to the given address.get_entry_points()
: Get all entry points in the database.set_comment(address, comment)
: Set a comment for a given address in the function disassembly and pseudocode.rename_local_variable(function_address, old_name, new_name)
: Rename a local variable in a function.rename_global_variable(old_name, new_name)
: Rename a global variable.set_global_variable_type(variable_name, new_type)
: Set a global variable's type.rename_function(function_address, new_name)
: Rename a function.set_function_prototype(function_address, prototype)
: Set a function's prototype.declare_c_type(c_declaration)
: Create or update a local type from a C declaration.set_local_variable_type(function_address, variable_name, new_type)
: Set a local variable's type.
Prerequisites
- Python (https://www.python.org/downloads/) (3.11 or higher)
Useidapyswitch
to switch to the newest Python version - IDA Pro (https://hex-rays.com/ida-pro) (8.3 or higher, 9 recommended)
- Supported MCP Client (pick one you like)
- Cline (https://cline.bot)
- Roo Code (https://roocode.com)
- Claude (https://claude.ai/download)
- Cursor (https://cursor.com)
- VSCode Agent Mode (https://github.blog/news-insights/product-news/github-copilot-agent-mode-activated/)
- Other MCP Clients (https://modelcontextprotocol.io/clients#example-clients)
Installation
Install (or upgrade) the IDA Pro MCP package:
pip install --upgrade git+https://github.com/mrexodia/ida-pro-mcp
Configure the MCP servers and install the IDA Plugin:
ida-pro-mcp --install
Important: Make sure you completely restart IDA/Visual Studio Code/Claude for the installation to take effect. Claude runs in the background and you need to quit it from the tray icon.
Prompt Engineering
LLMs are prone to hallucinations and you need to be specific with your prompting. For reverse engineering, the conversion between integers and bytes is especially problematic. Below is a minimal example prompt, feel free to start a discussion or open an issue if you have good results with a different prompt:
Your task is to analyze a crackme in IDA Pro. You can use the MCP tools to retrieve information. In general use the following strategy:
- Inspect the decompilation and add comments with your findings
- Rename variables to more sensible names
- Change the variable and argument types if necessary (especially pointer and array types)
- Change function names to be more descriptive
- If more details are necessary, disassemble the function and add comments with your findings
- NEVER convert number bases yourself. Use the convert_number MCP tool if needed!
- Do not attempt brute forcing, derive any solutions purely from the disassembly and simple python scripts
- Create a report.md with your findings and steps taken at the end
- When you find a solution, prompt to user for feedback with the password you found
This prompt was just the first experiment, please share if you found ways to improve the output!
Tips for Enhancing LLM Accuracy
Large Language Models (LLMs) are powerful tools, but they can sometimes struggle with complex mathematical calculations or exhibit "hallucinations" (making up facts). Make sure to tell the LLM to use the convert_number
MCP and you might also need math-mcp for certain operations.
LLMs will not perform well on obfuscated code. Before trying to use an LLM to solve the problem, take a look around the binary and spend some time (automatically) removing the following things:
- String encryption
- Import hashing
- Control flow flattening
- Code encryption
- Anti-decompilation tricks
You should also use a tool like Lumina or FLIRT to try and resolve all the open source library code and the C++ STL, this will further improve the accuracy.
Manual Installation
Note: This section is for LLMs and power users who need detailed installation instructions.
Manual MCP Server Installation (Cline/Roo Code)
To install the MCP server yourself, follow these steps:
- Install uv globally:
- Windows:
pip install uv
- Linux/Mac:
curl -LsSf https://astral.sh/uv/install.sh | sh
- Windows:
- Clone this repository, for this example
C:\MCP\ida-pro-mcp
. - Navigate to the Cline/Roo Code MCP Servers configuration.
- Click on the Installed tab.
- Click on Configure MCP Servers, which will open
cline_mcp_settings.json
. - Add the
ida-pro-mcp
server with the configuration shown in the original text.
To check if the connection works you can perform the following tool call:
<use_mcp_tool>
<server_name>github.com/mrexodia/ida-pro-mcp</server_name>
<tool_name>check_connection</tool_name>
<arguments></arguments>
</use_mcp_tool>
IDA Plugin installation
The IDA Pro plugin will be installed automatically when the MCP server starts. If you disabled the --install-plugin
option, use the following steps:
- Copy (not move)
src/ida_pro_mcp/mcp-plugin.py
into your plugins folder (%appdata%\Hex-Rays\IDA Pro\plugins
on Windows). - Open an IDB and click Edit -> Plugins -> MCP to start the server.
Comparison with other MCP servers
There are a few IDA Pro MCP servers available, but this one was created for the following reasons:
- Fully automated installation.
- Avoid unnecessary boilerplate and dependencies for easier adding of new features.
- Enjoy learning new technologies.
If you want to check others, here is a list:
- https://github.com/taida957789/ida-mcp-server-plugin (SSE protocol only, requires installing dependencies in IDAPython).
- https://github.com/fdrechsler/mcp-server-idapro (MCP Server in TypeScript, excessive boilerplate required).
- https://github.com/MxIris-Reverse-Engineering/ida-mcp-server (custom socket protocol, boilerplate).
Feel free to open a PR to add your IDA Pro MCP server here.
Development
Adding new features is easy. Just add a new @jsonrpc
function to mcp-plugin.py
and the functionality becomes available without extra boilerplate.
To test the MCP server:
uv run mcp dev src/ida_pro_mcp/server.py
This opens a web interface at http://localhost:5173 for interacting with MCP tools.
You can also POST a JSON-RPC request directly to http://localhost:13337/mcp
.
After enabling symbolic links on Windows, you can run:
uv run ida-pro-mcp --install
Generate the changelog of direct commits to main branch:
git log --first-parent --no-merges 1.2.0..main "--pretty=- %s"