Lumen
Lumen is an alternative Lumina server for IDA Pro. Lumen was developed as a side project for fun. The current public server is available for anybody to use. Lumen supports IDA 7.2+, no plugins required!
The server is open source, and can be found here.
Joining Lumen
Update ida.cfg
You will need to tell IDA to connect to our server. To do this, simply open $IDA_INSTALL_DIR$\cfg\ida.cfg
with your favorite editor, locate the commented “LUMINA_HOST” and “LUMINA_PORT” fields and set them to lumen.abda.nl and 1235 accordingly.
|
|
Get the certificate
IDA uses a self signed CA to connect to Lumina, you can replace the default CA with Lumen’s by downloading hexrays.crt and saving it to $IDA_INSTALL_DIR$\hexrays.crt
.
Restart IDA
IDA doesn’t auto-reload it’s configurations. You should restart IDA to load the new configurations, and that’s it - you’re done.
Contibuting
Running the Lumen server isn’t free. Please consider donating in order to keep lumen.abda.nl online.
Privacy Concerns
I have seen that some people1 online are concerned about the data collected by my server (lumen.abda.nl). While I understand the concern, there isn’t much I can do - I didn’t write the Lumina protocol. I can only say that I don’t intend to use the information I get for malicious purposes.
The following information that I would consider personal is sent by IDA to Lumina servers:
- All connections
- IDA Pro’s license.key file, which includes:
- email address
- license id(s)
- IDA Pro’s license.key file, which includes:
- When pushing function metadata:
- Absolute idb path (eg. C:\Research\firefox\firefox.idb64)
- Absolute original file path (eg. C:\Research\firefox\firefox.exe)
- File MD5
- Hostname (eg. DESKTOP-ENT7IB9)
For more information about the Lumina protocol, please read my research.
Follow me on Twitter!
-
https://www.synacktiv.com/en/publications/investigating-ida-lumina-feature.html; See “Privacy Considerations” ↩︎