def setUpClass(cls):
super(SmdaIntegrationTestSuite, cls).setUpClass()
disasm = Disassembler(config)
with open(
os.path.join(config.PROJECT_ROOT, "tests",
"asprox_0x008D0000_xored"), "rb") as f_binary:
binary = f_binary.read()
decrypted = bytearray()
for index, byte in enumerate(binary):
if isinstance(byte, str):
byte = ord(byte)
decrypted.append(byte ^ (index % 256))
cls.asprox_disassembly = disasm.disassembleBuffer(
bytes(decrypted), 0x8D0000)
def setUpClass(cls):
super(SmdaIntegrationTestSuite, cls).setUpClass()
disasm = Disassembler(config)
# load encrypted Asprox
with open(
os.path.join(config.PROJECT_ROOT, "tests",
"asprox_0x008D0000_xored"), "rb") as f_binary:
binary = f_binary.read()
decrypted_asprox = bytearray()
for index, byte in enumerate(binary):
if isinstance(byte, str):
byte = ord(byte)
decrypted_asprox.append(byte ^ (index % 256))
cls.asprox_binary = decrypted_asprox
cls.asprox_disassembly = disasm.disassembleBuffer(
bytes(decrypted_asprox), 0x8D0000)
# load encrypted Cutwail
with open(os.path.join(config.PROJECT_ROOT, "tests", "cutwail_xored"),
"rb") as f_binary:
binary = f_binary.read()
decrypted_cutwail = bytearray()
for index, byte in enumerate(binary):
if isinstance(byte, str):
byte = ord(byte)
decrypted_cutwail.append(byte ^ (index % 256))
cls.cutwail_binary = decrypted_cutwail
# run FileLoader and disassemble as file
loader = FileLoader("/", map_file=True)
loader._loadFile(decrypted_cutwail)
file_content = loader.getData()
binary_info = BinaryInfo(file_content)
binary_info.raw_data = loader.getRawData()
binary_info.file_path = ""
binary_info.base_addr = loader.getBaseAddress()
binary_info.bitness = loader.getBitness()
binary_info.code_areas = loader.getCodeAreas()
cls.cutwail_disassembly = disasm._disassemble(binary_info)
cls.cutwail_unmapped_disassembly = disasm.disassembleUnmappedBuffer(
decrypted_cutwail)
def detectBackend():
backend = ""
version = ""
try:
import idaapi
import idautils
backend = "IDA"
version = idaapi.IDA_SDK_VERSION
except:
pass
return (backend, version)
if __name__ == "__main__":
BACKEND, VERSION = detectBackend()
if BACKEND == "IDA":
from smda.ida.IdaInterface import IdaInterface
ida_interface = IdaInterface()
binary = ida_interface.getBinary()
base_addr = ida_interface.getBaseAddr()
DISASSEMBLER = Disassembler(backend=BACKEND)
REPORT = DISASSEMBLER.disassembleBuffer(binary, base_addr)
output_path = ida_interface.getIdbDir()
output_filepath = output_path + "ConvertedFromIdb.smda"
with open(output_filepath, "w") as fout:
json.dump(REPORT.toDict(), fout, indent=1, sort_keys=True)
print("Output saved to: %s" % output_filepath)
else:
raise Exception("No supported backend found.")
SMDA_REPORT = None
INPUT_FILENAME = ""
if os.path.isfile(ARGS.input_path):
# optionally create and set up a config, e.g. when using ApiScout profiles for WinAPI import usage discovery
config = SmdaConfig()
config.API_COLLECTION_FILES = {
"win_7":
os.sep.join([
config.PROJECT_ROOT, "data",
"apiscout_win7_prof-n_sp1.json"
])
}
DISASSEMBLER = Disassembler(config)
print("now analyzing {}".format(ARGS.input_path))
INPUT_FILENAME = os.path.basename(ARGS.input_path)
if ARGS.parse_header:
SMDA_REPORT = DISASSEMBLER.disassembleFile(
ARGS.input_path, pdb_path=ARGS.pdb_path)
else:
BUFFER = readFileContent(ARGS.input_path)
BASE_ADDR = parseBaseAddrFromArgs(ARGS)
SMDA_REPORT = DISASSEMBLER.disassembleBuffer(BUFFER, BASE_ADDR)
SMDA_REPORT.filename = os.path.basename(ARGS.input_path)
print(SMDA_REPORT)
if SMDA_REPORT and os.path.isdir(ARGS.output_path):
with open(ARGS.output_path + os.sep + INPUT_FILENAME + ".smda",
"w") as fout:
json.dump(SMDA_REPORT.toDict(), fout, indent=1, sort_keys=True)
else:
PARSER.print_help()
from smda.Disassembler import Disassembler
LOGGER = logging.getLogger(__name__)
def detectBackend():
backend = ""
version = ""
try:
import idaapi
import idc
import idautils
backend = "IDA"
version = idaapi.IDA_SDK_VERSION
except:
pass
return (backend, version)
if __name__ == "__main__":
BACKEND, VERSION = detectBackend()
if BACKEND == "IDA":
DISASSEMBLER = Disassembler(config, backend=BACKEND)
REPORT = DISASSEMBLER.disassembleBuffer(None, None)
output_path = idc.get_idb_path()
with open(output_path + ".smda", "wb") as fout:
json.dump(REPORT, fout, indent=1, sort_keys=True)
LOGGER.info("Output saved to: %s.smda", output_path)
else:
raise Exception("No supported backend found.")