def actionPerformed(self, e): # Count the configured databases and the loaded databases databases = self.pi.databaseManager.databases loaded_databases = filter(lambda db : db.isLoaded(), databases) # Count the modules that can be found in the loaded databases modules = sum(map(lambda db : db.modules, loaded_databases), []) loaded_modules = filter(lambda m : m.isLoaded(), modules) # Count the views that can be found in the loaded modules views = sum(map(lambda m : m.views, loaded_modules), []) loaded_views = filter(lambda v : v.isLoaded(), views) # Find the functions by filtering the views (this is just an # example, in real scripts use module.functions please) functions = filter(lambda v : v.type == ViewType.Native and v.graphType == GraphType.Flowgraph, views) if views == []: largest_function_name = "-" else: functions.sort(lambda f1, f2: f2.nodeCount - f1.nodeCount) largest_function = functions[0] largest_function_name = "%s (%d nodes / %d edges)" % (largest_function.name, largest_function.nodeCount, largest_function.edgeCount) db_str = "%d databases configured (%d loaded)." % (len(databases), len(loaded_databases)) mod_str = "%d modules in the loaded databases (%d loaded)." % (len(modules), len(loaded_modules)) view_str = "%d views in the loaded modules (%d loaded)." % (len(views), len(loaded_views)) largest_function_str = "Largest Function: %s" % largest_function_name MessageBox.showInformation(self.pi.mainWindow.frame, "%s\n%s\n%s\n%s" % (db_str, mod_str, view_str, largest_function_str))
def actionPerformed(self, e): fc = JFileChooser() returnValue = fc.showSaveDialog(self.pi.mainWindow.frame) if returnValue == JFileChooser.APPROVE_OPTION: fileName = fc.selectedFile.absolutePath createIdcFile(fileName, self.module) MessageBox.showInformation(self.pi.mainWindow.frame, "Module information was successfully written to the selected IDC file. Please run the IDC file in IDA Pro now.")
def actionPerformed(self, e):
# The monotone framework only works on REIL graphs so we have to translate
# the current view to REIL first.
reilGraph = self.frame.view2D.view.reilCode
# Generally the monotone framework works on graphs where each node represents
# a REIL instruction. For this reason there is a helper function that creates
# this instruction graph from a REIL graph.
graph = InstructionGraph.create(reilGraph.graph)
# Define the lattice used by the monotone framework.
lattice = SkeletonLattice()
# Generate the initial state vector.
startVector = generateStartVector(graph)
# Define the transformations used by the monotone framework.
transformationProvider = SkeletonTransformationProvider()
# Register tracking starts at the beginning of a function and moves
# downwards, so we use the default DownWalker class to move through
# the graph.
walker = DownWalker()
# Use the monotone framework to find what registers are defined by the current function.
solver = MonotoneSolver(graph, lattice, startVector,
transformationProvider, walker)
results = solver.solve()
# Process and display the results
used_register_set = Set()
for node in graph:
used_register_set = used_register_set.union(
results.getState(node).written_registers)
register_list = list(used_register_set)
register_list.sort()
joinedString = ", ".join(register_list)
MessageBox.showInformation(
self.frame.window.frame,
"This function modifies the registers %s." % joinedString)
def actionPerformed(self, e): # The monotone framework only works on REIL graphs so we have to translate # the current view to REIL first. reilGraph = self.frame.view2D.view.reilCode # Generally the monotone framework works on graphs where each node represents # a REIL instruction. For this reason there is a helper function that creates # this instruction graph from a REIL graph. graph = InstructionGraph.create(reilGraph.graph) # Define the lattice used by the monotone framework. lattice = SkeletonLattice() # Generate the initial state vector. startVector = generateStartVector(graph) # Define the transformations used by the monotone framework. transformationProvider = SkeletonTransformationProvider() # Register tracking starts at the beginning of a function and moves # downwards, so we use the default DownWalker class to move through # the graph. walker = DownWalker() # Use the monotone framework to find what registers are defined by the current function. solver = MonotoneSolver(graph, lattice, startVector, transformationProvider, walker) results = solver.solve() # Process and display the results used_register_set = Set() for node in graph: used_register_set = used_register_set.union(results.getState(node).written_registers) register_list = list(used_register_set) register_list.sort() joinedString = ", ".join(register_list) MessageBox.showInformation(self.frame.window.frame, "This function modifies the registers %s." % joinedString)
def actionPerformed(self, e):
# Count the configured databases and the loaded databases
databases = self.pi.databaseManager.databases
loaded_databases = filter(lambda db: db.isLoaded(), databases)
# Count the modules that can be found in the loaded databases
modules = sum(map(lambda db: db.modules, loaded_databases), [])
loaded_modules = filter(lambda m: m.isLoaded(), modules)
# Count the views that can be found in the loaded modules
views = sum(map(lambda m: m.views, loaded_modules), [])
loaded_views = filter(lambda v: v.isLoaded(), views)
# Find the functions by filtering the views (this is just an
# example, in real scripts use module.functions please)
functions = filter(
lambda v: v.type == ViewType.Native and v.graphType == GraphType.
Flowgraph, views)
if views == []:
largest_function_name = "-"
else:
functions.sort(lambda f1, f2: f2.nodeCount - f1.nodeCount)
largest_function = functions[0]
largest_function_name = "%s (%d nodes / %d edges)" % (
largest_function.name, largest_function.nodeCount,
largest_function.edgeCount)
db_str = "%d databases configured (%d loaded)." % (
len(databases), len(loaded_databases))
mod_str = "%d modules in the loaded databases (%d loaded)." % (
len(modules), len(loaded_modules))
view_str = "%d views in the loaded modules (%d loaded)." % (
len(views), len(loaded_views))
largest_function_str = "Largest Function: %s" % largest_function_name
MessageBox.showInformation(
self.pi.mainWindow.frame, "%s\n%s\n%s\n%s" %
(db_str, mod_str, view_str, largest_function_str))
def actionPerformed(self, e):
console.log("Hello from the python sample script")
MessageBox.showInformation(self.pi.mainWindow.frame,
"Hello from the python sample script")
def actionPerformed(self, e):
console.log("Hello from the python sample script")
MessageBox.showInformation(self.pi.mainWindow.frame, "Hello from the python sample script")
