<!doctype html><html lang=en><head><title>Lumen 路 Naim A. </title><meta charset=utf-8><meta name=viewport content="width=device-width,initial-scale=1"><meta name=color-scheme content="light dark"><meta name=author content="Naim A."><meta name=description content="Alternative Lumina server for IDA Pro - Allows users to pull function metadata from function signatures"><meta name=keywords content="Naim A.,Portfolio,Blog,Security,Software,Networking,Reverse Engineering"><meta name=twitter:card content="summary_large_image"><meta name=twitter:image content="https://abda.nl/lumen/cover.png"><meta name=twitter:title content="Lumen"><meta name=twitter:description content="Alternative Lumina server for IDA Pro - Allows users to pull function metadata from function signatures"><meta property="og:title" content="Lumen"><meta property="og:description" content="Alternative Lumina server for IDA Pro - Allows users to pull function metadata from function signatures"><meta property="og:type" content="article"><meta property="og:url" content="https://abda.nl/lumen/"><meta property="og:image" content="https://abda.nl/lumen/cover.png"><meta property="article:section" content><meta property="article:published_time" content="2022-01-20T00:00:00+00:00"><meta property="article:modified_time" content="2025-04-04T00:33:44+03:00"><link rel=canonical href=https://abda.nl/lumen/><link rel=preload href=/fonts/fa-brands-400.woff2 as=font type=font/woff2 crossorigin><link rel=preload href=/fonts/fa-regular-400.woff2 as=font type=font/woff2 crossorigin><link rel=preload href=/fonts/fa-solid-900.woff2 as=font type=font/woff2 crossorigin><link rel=stylesheet href=/css/coder.min.7763f8bc6341ecf82378e867c285e1549abb063a899be313ccd25dbfcd24fa7d.css integrity="sha256-d2P4vGNB7PgjeOhnwoXhVJq7BjqJm+MTzNJdv80k+n0=" crossorigin=anonymous media=screen><link rel=stylesheet href=/css/coder-dark.min.a00e6364bacbc8266ad1cc81230774a1397198f8cfb7bcba29b7d6fcb54ce57f.css integrity="sha256-oA5jZLrLyCZq0cyBIwd0oTlxmPjPt7y6KbfW/LVM5X8=" crossorigin=anonymous media=screen><link rel=icon type=image/svg+xml href=/images/favicon.svg sizes=any><link rel=icon type=image/png href=/images/favicon-32x32.png sizes=32x32><link rel=icon type=image/png href=/images/favicon-16x16.png sizes=16x16><link rel=apple-touch-icon href=/images/apple-touch-icon.png><link rel=apple-touch-icon sizes=180x180 href=/images/apple-touch-icon.png><link rel=manifest href=/site.webmanifest><link rel=mask-icon href=/images/safari-pinned-tab.svg color=#5bbad5></head><body class="preload-transitions colorscheme-auto"><div class=float-container><a id=dark-mode-toggle class=colorscheme-toggle><i class="fa-solid fa-adjust fa-fw" aria-hidden=true></i></a></div><main class=wrapper><nav class=navigation><section class=container><a class=navigation-title href=https://abda.nl/>Naim A. </a><input type=checkbox id=menu-toggle> <label class="menu-button float-right" for=menu-toggle><i class="fa-solid fa-bars fa-fw" aria-hidden=true></i></label><ul class=navigation-list><li class=navigation-item><a class=navigation-link href=/posts/>Blog</a></li><li class=navigation-item><a class=navigation-link href=/projects/>Projects</a></li></ul></section></nav><div class=content><section class="container page"><article><header><h1 class=title><a class=title-link href=https://abda.nl/lumen/>Lumen</a></h1></header><p>Lumen is an alternative <a href=https://www.hex-rays.com/products/ida/lumina/ class=external-link target=_blank rel=noopener>Lumina</a> server for IDA Pro. Lumen was developed as a side project for fun. The current public server is available for anybody to use. Lumen supports IDA 7.2+, no plugins required!</p><p>The server is open source, and can be found <a href=https://github.com/naim94a/lumen class=external-link target=_blank rel=noopener>here</a>.</p><h2 id=joining-lumen>Joining Lumen <a class=heading-link href=#joining-lumen><i class="fa-solid fa-link" aria-hidden=true title="Link to heading"></i> <span class=sr-only>Link to heading</span></a></h2><h3 id=ida--80>IDA >= 8.0 <a class=heading-link href=#ida--80><i class="fa-solid fa-link" aria-hidden=true title="Link to heading"></i> <span class=sr-only>Link to heading</span></a></h3><p>Starting with IDA 8.0 it is no longer possible to override IDA&rsquo;s CA and Lumina&rsquo;s configuration is no longer in <code>ida.cfg</code>. Until a plugin is developed to patch the CA, you can use the following workaround:</p><ol><li><p>Start a socat server that encapsulates lumina over TLS. Download <a href=hexrays.crt>hexrays.crt</a>, and execute the following command:</p><div class=highlight><div style=color:#f8f8f2;background-color:#282a36;-moz-tab-size:4;-o-tab-size:4;tab-size:4><table style=border-spacing:0;padding:0;margin:0;border:0><tr><td style=vertical-align:top;padding:0;margin:0;border:0><pre tabindex=0 style=color:#f8f8f2;background-color:#282a36;-moz-tab-size:4;-o-tab-size:4;tab-size:4><code><span style="white-space:pre;-webkit-user-select:none;user-select:none;margin-right:.4em;padding:0 .4em;color:#7f7f7f">1 </span></code></pre></td><td style=vertical-align:top;padding:0;margin:0;border:0;width:100%><pre tabindex=0 style=color:#f8f8f2;background-color:#282a36;-moz-tab-size:4;-o-tab-size:4;tab-size:4><code class=language-bash data-lang=bash><span style=display:flex><span>socat -s -dd tcp4-listen:1234,fork,reuseaddr openssl:lumen.abda.nl:1235,cafile<span style=color:#ff79c6>=</span>hexrays.crt </span></span></code></pre></td></tr></table></div></div></li><li><p>Configure IDA to use the local server for Lumina using environment variables:</p><div class=highlight><div style=color:#f8f8f2;background-color:#282a36;-moz-tab-size:4;-o-tab-size:4;tab-size:4><table style=border-spacing:0;padding:0;margin:0;border:0><tr><td style=vertical-align:top;padding:0;margin:0;border:0><pre tabindex=0 style=color:#f8f8f2;background-color:#282a36;-moz-tab-size:4;-o-tab-size:4;tab-size:4><code><span style="white-space:pre;-webkit-user-select:none;user-select:none;margin-right:.4em;padding:0 .4em;color:#7f7f7f">1 </span><span style="white-space:pre;-webkit-user-select:none;user-select:none;margin-right:.4em;padding:0 .4em;color:#7f7f7f">2 </span><span style="white-space:pre;-webkit-user-select:none;user-select:none;margin-right:.4em;padding:0 .4em;color:#7f7f7f">3 </span></code></pre></td><td style=vertical-align:top;padding:0;margin:0;border:0;width:100%><pre tabindex=0 style=color:#f8f8f2;background-color:#282a36;-moz-tab-size:4;-o-tab-size:4;tab-size:4><code class=language-bash data-lang=bash><span style=display:flex><span><span style=color:#8be9fd;font-style:italic>export</span> <span style=color:#8be9fd;font-style:italic>LUMINA_TLS</span><span style=color:#ff79c6>=</span><span style=color:#8be9fd;font-style:italic>false</span> </span></span><span style=display:flex><span><span style=color:#8be9fd;font-style:italic>export</span> <span style=color:#8be9fd;font-style:italic>LUNINA_HOST</span><span style=color:#ff79c6>=</span>localhost </span></span><span style=display:flex><span><span style=color:#8be9fd;font-style:italic>export</span> <span style=color:#8be9fd;font-style:italic>LUMINA_PORT</span><span style=color:#ff79c6>=</span><span style=color:#bd93f9>1234</span> </span></span></code></pre></td></tr></table></div></div></li></ol><h3 id=update-idacfg-ida--80>Update <code>ida.cfg</code> (IDA &lt; 8.0) <a class=heading-link href=#update-idacfg-ida--80><i class="fa-solid fa-link" aria-hidden=true title="Link to heading"></i> <span class=sr-only>Link to heading</span></a></h3><div class="notice note"><div class=notice-title><i class="fa-solid fa-sticky-note" aria-hidden=true></i>Note</div><div class=notice-content>The original certificate to lumen.abda.nl had expired on October 2, 2021. Therefore, a new certificate was issued with a 5 year validity and the port had changed from 1234 to 1235.</div></div><p>You will need to tell IDA to connect to our server. To do this, simply open <code>$IDA_INSTALL_DIR$\cfg\ida.cfg</code> with your favorite editor, locate the commented &ldquo;LUMINA_HOST&rdquo; and &ldquo;LUMINA_PORT&rdquo; fields and set them to lumen.abda.nl and 1235 accordingly.</p><div class=highlight><div style=color:#f8f8f2;background-color:#282a36;-moz-tab-size:4;-o-tab-size:4;tab-size:4><table style=border-spacing:0;padding:0;margin:0;border:0><tr><td style=vertical-align:top;padding:0;margin:0;border:0><pre tabindex=0 style=color:#f8f8f2;background-color:#282a36;-moz-tab-size:4;-o-tab-size:4;tab-size:4><code><span style="white-space:pre;-webkit-user-select:none;user-select:none;margin-right:.4em;padding:0 .4em;color:#7f7f7f">1 </span><span style="white-space:pre;-webkit-user-select:none;user-select:none;margin-right:.4em;padding:0 .4em;color:#7f7f7f">2 </span></code></pre></td><td style=vertical-align:top;padding:0;margin:0;border:0;width:100%><pre tabindex=0 style=color:#f8f8f2;background-color:#282a36;-moz-tab-size:4;-o-tab-size:4;tab-size:4><code class=language-c data-lang=c><span style=display:flex><span>LUMINA_HOST <span style=color:#ff79c6>=</span> <span style=color:#f1fa8c>&#34;lumen.abda.nl&#34;</span>; <span style=color:#6272a4>// This semicolon is important! </span></span></span><span style=display:flex><span><span style=color:#6272a4></span>LUMINA_PORT <span style=color:#ff79c6>=</span> <span style=color:#bd93f9>1235</span> </span></span></code></pre></td></tr></table></div></div><h3 id=get-the-certificate>Get the certificate <a class=heading-link href=#get-the-certificate><i class="fa-solid fa-link" aria-hidden=true title="Link to heading"></i> <span class=sr-only>Link to heading</span></a></h3><p>IDA uses a self signed CA to connect to Lumina, you can replace the default CA with Lumen&rsquo;s by downloading <a href=hexrays.crt>hexrays.crt</a> and saving it to <code>$IDA_INSTALL_DIR$\hexrays.crt</code>.</p><h3 id=restart-ida>Restart IDA <a class=heading-link href=#restart-ida><i class="fa-solid fa-link" aria-hidden=true title="Link to heading"></i> <span class=sr-only>Link to heading</span></a></h3><p>IDA doesn&rsquo;t auto-reload it&rsquo;s configurations. You should restart IDA to load the new configurations, and that&rsquo;s it - you&rsquo;re done.</p><h2 id=contibuting>Contibuting <a class=heading-link href=#contibuting><i class="fa-solid fa-link" aria-hidden=true title="Link to heading"></i> <span class=sr-only>Link to heading</span></a></h2><p>Running the Lumen server isn&rsquo;t free. Please consider donating in order to keep lumen.abda.nl online.</p><form action=https://www.paypal.com/donate method=post target=_top><input type=hidden name=hosted_button_id value=MY6BP9XQ8UN2E> <input type=image src=https://www.paypalobjects.com/en_US/IL/i/btn/btn_donateCC_LG.gif border=0 name=submit title="PayPal - The safer, easier way to pay online!" alt="Donate with PayPal button"> <img alt border=0 src=https://www.paypal.com/en_IL/i/scr/pixel.gif width=1 height=1></form><h2 id=privacy-concerns>Privacy Concerns <a class=heading-link href=#privacy-concerns><i class="fa-solid fa-link" aria-hidden=true title="Link to heading"></i> <span class=sr-only>Link to heading</span></a></h2><p>I have seen that some people<sup id=fnref:1><a href=#fn:1 class=footnote-ref role=doc-noteref>1</a></sup> online are concerned about the data collected by my server (lumen.abda.nl). While I understand the concern, there isn&rsquo;t much I can do - I didn&rsquo;t write the Lumina protocol. I can only say that I don&rsquo;t intend to use the information I get for malicious purposes.</p><p>The following information that I would consider personal is sent by IDA to Lumina servers:</p><ul><li>All connections<ul><li>IDA Pro&rsquo;s license.key file, which includes:<ul><li>email address</li><li>license id(s)</li></ul></li></ul></li><li>When pushing function metadata:<ul><li>Absolute idb path (eg. C:\Research\firefox\firefox.idb64)</li><li>Absolute original file path (eg. C:\Research\firefox\firefox.exe)</li><li>File MD5</li><li>Hostname (eg. DESKTOP-ENT7IB9)</li></ul></li></ul><p>For more information about the Lumina protocol, please read my <a href=https://abda.nl/posts/introducing-lumen/>research</a>.</p><p>Follow me on <a href=https://twitter.com/naim94a class=external-link target=_blank rel=noopener>Twitter</a>!</p><div class=footnotes role=doc-endnotes><hr><ol><li id=fn:1><p><small><a href=https://www.synacktiv.com/en/publications/investigating-ida-lumina-feature.html class=external-link target=_blank rel=noopener>https://www.synacktiv.com/en/publications/investigating-ida-lumina-feature.html</a>; See &ldquo;Privacy Considerations&rdquo;</small>&#160;<a href=#fnref:1 class=footnote-backref role=doc-backlink>&#8617;&#xfe0e;</a></p></li></ol></div></article></section></div><footer class=footer><section class=container>漏 2017 - 2025 Naim A. 路 Powered by <a href=https://gohugo.io/ target=_blank rel=noopener>Hugo</a> & <a href=https://github.com/luizdepra/hugo-coder/ target=_blank rel=noopener>Coder</a>.</section></footer></main><script src=/js/coder.min.6ae284be93d2d19dad1f02b0039508d9aab3180a12a06dcc71b0b0ef7825a317.js integrity="sha256-auKEvpPS0Z2tHwKwA5UI2aqzGAoSoG3McbCw73gloxc="></script><script defer src=https://static.cloudflareinsights.com/beacon.min.js data-cf-beacon='{"token": "ab65f54b645543b39ebdad5d950cb576"}'></script><!-- Cloudflare Pages Analytics --><script defer src='https://static.cloudflareinsights.com/beacon.min.js' data-cf-beacon='{"token": "0e69108a09a74afba599132f3277a715"}'></script><!-- Cloudflare Pages Analytics --></body></html>