def decode_archive(): try: print 'decoding archive...' encoded_archive_bytes = FileUtils.readFileToByteArray( File(node_archive_path)) decoded_archive_bytes = Base64.getMimeDecoder().decode( encoded_archive_bytes) FileUtils.writeByteArrayToFile(File(archive_name), decoded_archive_bytes) print 'successfully decoded archive' except: print 'Decoding application archive failed' print dumpStack() apply(traceback.print_exception, sys.exc_info()) exit(exitcode=1)
def getYaraTargetFromGhidra(): yaraTargetPath = askFile('Choose a file where Ghidra Program bytes will be saved.', 'Choose file:') if yaraTargetPath is None: sys.exit(1) if os.path.exists(yaraTargetPath.getPath()): os.remove(yaraTargetPath.getPath()) CHUNK_SIZE = 4096 buf = jarray.zeros(CHUNK_SIZE,"b") fBytes = currentProgram.getMemory().getAllFileBytes().get(0) sizeFBytes = fBytes.getSize() for k in range(0, sizeFBytes+1, CHUNK_SIZE): count = fBytes.getOriginalBytes(k,buf,0,CHUNK_SIZE) if count == 0: break buf2 = buf[0:count] FileUtils.writeByteArrayToFile(yaraTargetPath, buf2, True) return yaraTargetPath.getPath()