Gepetto is a Python script which uses OpenAI's gpt-3.5-turbo, gpt-4-turbo, gpt-4o models and more to provide meaning to functions decompiled by IDA Pro. At the moment, it can explain what a function does, and automatically rename its variables. Here is a simple example of what results it can provide in mere seconds:

Setup

Simply drop this script (gepetto.py, as well as the gepetto/ folder) into your IDA plugins folder ($IDAUSR/plugins). By default, on Windows, this should be %AppData%\Hex-Rays\IDA Pro\plugins (you may need to create it).

You will need to add the required packages to IDA's Python installation for the script to work. Find which interpreter IDA is using by checking the following registry key: Computer\HKEY_CURRENT_USER\Software\Hex-Rays\IDA (default on Windows: %LOCALAPPDATA%\Programs\Python\Python39). Finally, with the corresponding interpreter, simply run:

[/path/to/python] -m pip install -r requirements.txt

⚠️ You will also need to edit the configuration file (found as gepetto/config.ini) and add your own API keys. For OpenAI, it can be found on this page. Please note that API queries are usually not free (although not very expensive) and you will need to set up a payment method with the corresponding provider.

• OpenAI
  • gpt-3.5-turbo-1106
  • gpt-4-turbo
  • gpt-4o (recommended for beginners)
• Groq
  • llama3-70b-8192
• Together
  • mistralai/Mixtral-8x22B-Instruct-v0.1 (does not support renaming variables)

Once the plugin is installed properly, you should be able to invoke it from the context menu of IDA's pseudocode window, as shown in the screenshot below:

Switch between models supported by Gepetto from the Edit > Gepetto menu:

You can also use the following hotkeys:

• Ask the model to explain the function: Ctrl + Alt + H
• Request better names for the function's variables: Ctrl + Alt + R