lumen: Can't connect on 8.3.230608

Describe the bug I tried to replicate the steps on https://abda.nl/lumen/#ida--80 under Windows as best as possible, however, I can’t get IDA to connect to the server.

To Reproduce Download socat for windows and place the hexrays.crt into the same folder and run it with command given on the website. Create a BAT file that does the same thing the instructions say but uses SET instead of export and runs ida64.exe after. Have IDA try to connect to the Lumen server via localhost port 1234. Bug appears.

Expected behavior Should connect to the Lumen server.

Server (please complete the following information): Whatever abda.nl is running.

Client (please complete the following information):

  • OS: Windows 11 22H2
  • Architecture: x64
  • IDA Version: 8.3.230608

Additional context Here are the errors socat and IDA generate:

lumina: recv: An existing connection was forcibly closed by the remote host.
2023/11/27 20:01:21 socat[41484] E SSL_connect(): error:14090086:SSL routines:ssl3_get_server_certificate:certificate verify failed
2023/11/27 20:01:21 socat[41484] E no peer certificate
2023/11/27 20:02:10 socat[32636] E SSL_connect(): error:14090086:SSL routines:ssl3_get_server_certificate:certificate verify failed
2023/11/27 20:02:10 socat[32636] E no peer certificate
2023/11/27 20:11:11 socat[32164] E SSL_connect(): error:14090086:SSL routines:ssl3_get_server_certificate:certificate verify failed
2023/11/27 20:11:11 socat[32164] E no peer certificate
2023/11/27 20:11:21 socat[28128] E SSL_connect(): error:14090086:SSL routines:ssl3_get_server_certificate:certificate verify failed
2023/11/27 20:11:21 socat[28128] E no peer certificate

About this issue

  • Original URL
  • State: closed
  • Created 7 months ago
  • Comments: 39 (1 by maintainers)

Most upvoted comments

You can try this little plugin I made. Just place those dll’s into your IDA’s plugins folder and try to connect to lumen.abda.nl port 1235 by configuring it in IDA settings. No need for LUMINA_TLS, socat or anything, only this plugin. luminafix.zip

+5
tomrus88 on Dec 16, 2023

Glad it works for you.

+1
tomrus88 on Mar 4, 2024

I don’t have plans to open-source it at this time, but plugin is super simple, all it does is pattern search and replace of few bytes in memory.

Why not? It is pretty simple indeed and someone could reproduce it, but why duplicate the effort?

+1
p0358 on Jan 14, 2024

Also you can try with this build of socat, i’ve compiled it myself and tested connection using it and it worked fine for me. It is different from other socat builds that you can find because it is configured and compiled with –enable-openssl option (you can check what compile options are used by running socat with -V switch).

socat-1.8.0.0.zip

How to use: unpack all files from this achieve, start run.cmd file, in IDA options set lumina server to localhost and port 12345, user guest, password guest. LUMINA_TLS=false environment variable is required obviously.

To make sure you are starting IDA with LUMINA_TLS=false, you can create bat/cmd file in your IDA folder with following content:

@echo off
set LUMINA_TLS=false
set LUMINA_PRIMARY=guest:guest@localhost:12345
set LUMINA_PRIMARY_TLS=false
set LUMINA_SECONDARY=guest:guest@localhost:12345
set LUMINA_SECONDARY_TLS=false
ida64.exe

And use this batch file to start IDA instance.

+1
tomrus88 on Dec 28, 2023
Read more comments on GitHub
← StompProtocolAndroid: OnErrorNotImplementedException in StompClient.java
firebirdsql: db.Ping() returns Error op_response:92 for Firebird 3.0 →