Ejemplo n.º 1
0
    def _translate_variable(self, var: Variable):
        if var.start is None:
            self.statistics['num_globals_unresolved'] += 1
            self._log.debug(f'global variable "{var.name}" has no address')
            return
        else:
            self.statistics['num_globals_resolved'] += 1

        binja_type = self._construct_binja_type(var.type, as_specifier=True)

        # Redefine or create the variable, as needed.
        binja_var: bn.DataVariable = self._binary_view.get_data_var_at(
            var.start)
        if binja_var is None or binja_var.type != binja_type:
            self._binary_view.define_user_data_var(var.start, binja_type)
            binja_var: bn.DataVariable = self._binary_view.get_data_var_at(
                var.start)

        if binja_var is None:
            self._log.error(
                f'unable to define variable "{var.name}" at 0x{var.start:x}')
            return

        # Set the name of the symbol.
        symbol: bn.Symbol = self._binary_view.get_symbol_at(var.start)
        if symbol is None or symbol.short_name != var.name:
            name = '::'.join(var.name) if isinstance(var.name,
                                                     tuple) else var.name
            self._binary_view.define_user_symbol(
                bn.Symbol(bn.SymbolType.DataSymbol, var.start, name))
Ejemplo n.º 2
0
	def port_symbols(self, i):
		if self.role == None:
			return

		entry = self.match_model.entries[i]
		target_index = self.role
		source_index = 1 if target_index == 0 else 0

		source_name = entry["name{}".format(source_index + 1)]
		target_address = entry["address{}".format(target_index + 1)]

		old_sym = self.bv.get_symbol_at(target_address)

		target_name = None
		if old_sym:
			target_name = old_sym.name
		target_text = target_name if target_name else "<unnamed>"

		if not source_name:
			bn.log_warn("Port symbols: {} @ {:x} has no source name, skipping".format(target_text, target_address))
			return

		if old_sym and not old_sym.auto:
			bn.log_warn("Port symbols: {} @ {:x} is already named, skipping".format(target_text, target_address))
			return

		bn.log_info("Port symbols: {} @ {:x} -> {}".format(target_text, target_address, source_name))
		new_sym = bn.Symbol(bn.SymbolType.FunctionSymbol, target_address, source_name)
		self.bv.define_user_symbol(new_sym)
Ejemplo n.º 3
0
def resolve_module_apis(view, function, module_name, api_hash_src,
                        api_hash_dst):

    #Load dll
    filename = os.path.join(DLLDIR, module_name)

    if not os.path.exists(filename):
        print "[!] ERROR Loading DLL"

    image_pe = pefile.PE(filename)

    api_hash = view.read(api_hash_src, 4)
    api_hash = struct.unpack("<I", api_hash)[0]

    while api_hash != 0xFFFF:

        for exp in image_pe.DIRECTORY_ENTRY_EXPORT.symbols:

            if not exp.name is None:

                api_hash_cmp = create_api_hash(exp.name)

                if api_hash == api_hash_cmp:

                    view.define_auto_symbol(
                        binaryninja.Symbol(binaryninja.FunctionSymbol,
                                           api_hash_dst, exp.name))
                    api_hash_dst = api_hash_dst + 4

        api_hash_src = api_hash_src + 4
        api_hash = view.read(api_hash_src, 4)
        api_hash = struct.unpack("<I", api_hash)[0]
Ejemplo n.º 4
0
    def _translate_variable(self, var: Variable):
        if not self._mapping.is_newer(var):
            return False

        self._version_table[var.uuid] = var.version
        self._log.debug(
            f'Translating variable ("{var.name}", {var.version}, {(var.addr if var.addr is not None else 0):x})'
        )

        if var.addr is None or var.type is None:
            self.statistics['num_globals_unresolved'] += 1
            if var.addr is None:
                self._log.debug(f'Variable "{var.name}" has no address.')
            if var.type is None:
                self._log.debug(f'Variable "{var.name}" has no type.')
            return

        binja_type = self._construct_binja_type(var.type, as_specifier=True)

        binja_var = self._binary_view.get_data_var_at(var.addr)
        if binja_var is None or binja_var.type != binja_type:
            self._binary_view.define_user_data_var(var.addr, binja_type)
            binja_var = self._binary_view.get_data_var_at(var.addr)

        if binja_var is None:
            self._log.error(
                f'Unable to define variable "{var.name}" at 0x{var.addr:x}')
            return

        symbol = self._binary_view.get_symbol_at(var.addr)
        if symbol is None or symbol.short_name != var.name:
            self._binary_view.define_user_symbol(
                bn.Symbol(bn.SymbolType.DataSymbol, var.addr, str(var.name)))

        self.statistics['num_globals_resolved'] += 1
Ejemplo n.º 5
0
 def set_symbol(self, address, label):
     if self.bv.is_valid_offset(address):
         symbol = bn.Symbol(bn.SymbolType.ImportedDataSymbol, address,
                            label)
         self.bv.define_user_symbol(symbol)
     else:
         self.log_error('Invalid address for symbol: {address}'.format(
             address=address))
Ejemplo n.º 6
0
 def _rename_symbol(self, symbol: bn.Symbol, new_name: str):
     new_symbol = bn.Symbol(symbol.type, symbol.address, new_name, new_name,
                            symbol.raw_name)
     self._binary_view.define_user_symbol(new_symbol)
Ejemplo n.º 7
0
    def _translate_local_variable(self, var: LocalVariable,
                                  binja_function: bn.Function,
                                  locals: VariableSet):
        num_resolved = 0
        num_preexists = 0
        for loc in var.locations:
            # Resolve the location to a MLIL variable.
            binja_var, preexists = locals.add(var.name, loc)
            if binja_var is None:
                continue
            if preexists:
                num_preexists += 1
                continue
            if isinstance(binja_var, bn.DataVariable):
                # A static (local scope) variable.
                binja_type = self._construct_binja_type(var.type,
                                                        as_specifier=True)
                # Set the name of the symbol.
                symbol: bn.Symbol = self._binary_view.get_symbol_at(
                    binja_var.address)
                if symbol is None or symbol.short_name != var.name:
                    name = '::'.join(var.name) if isinstance(
                        var.name, tuple) else var.name
                    self._binary_view.define_user_symbol(
                        bn.Symbol(bn.SymbolType.DataSymbol, binja_var.address,
                                  name))
                num_resolved += 1
                continue

            num_resolved += 1
            binja_type = self._construct_binja_type(var.type,
                                                    as_specifier=True)
            # Coerce to a reference type, as needed
            if (binja_var.source_type
                    == bn.VariableSourceType.RegisterVariableSourceType
                    and var.type.composite_type is not None
                    and var.type.byte_size is not None and
                    var.type.byte_size > self._binary_view.arch.address_size):
                binja_type = bn.Type.pointer(
                    self._binary_view.arch,
                    binja_type,
                    ref_type=bn.ReferenceType.ReferenceReferenceType)
                self._log.debug(
                    f'in {binja_function.symbol.short_name}, coercing to a reference: {binja_type}'
                )

            # Then set the name and type.
            new_name = var.name if var.name is not None else binja_var.name
            if binja_var.source_type == bn.VariableSourceType.StackVariableSourceType:
                binja_function.create_user_stack_var(binja_var.storage,
                                                     binja_type, new_name)
            else:
                # self._log.debug(f'Creating user variable {binja_var} with name {new_name}')
                binja_function.create_user_var(binja_var, binja_type, new_name)
            binja_var.name = var.name
            binja_var.type = binja_type

        if num_resolved == 0:
            issues = []
            for loc in var.locations:
                assert (loc.type == LocationType.STATIC_LOCAL)
                if loc.begin != 0 and binja_function in self._binary_view.get_functions_containing(
                        loc.begin):
                    issues.append(loc)
            if issues:
                self.statistics['num_variables_unresolved'] += 1
                self._log.debug(
                    f'In {binja_function.symbol.short_name}()@{binja_function.start:x}: unable to resolve variable ("{var.name}"), # of locations already assigned = {num_preexists}'
                )
                for loc in issues:
                    self._log.debug(
                        f'    (0x{loc.begin:08x}, 0x{loc.end:08x}, {loc.expr})'
                    )
            else:
                if len(var.locations) > 0:
                    self.statistics['num_variables_other'] += 1
        else:
            self.statistics['num_variables_resolved'] += 1