def getMethodXrefs(self, unit, itemId):
data = ActionXrefsData()
# careful, with query-type actions, the data is returned after the action prep'
if unit.prepareExecution(
ActionContext(unit, Actions.QUERY_XREFS, itemId, None), data):
# clean up the DEX address, extrac the method name
return data.getAddresses()
def setOrStoreDecryptedStr(self, unit, itemId, comment, key):
data = ActionXrefsData()
if unit.prepareExecution(ActionContext(unit, Actions.QUERY_XREFS, itemId, None), data):
if data.getAddresses().size() > 1: # If the variable is called by other class(main target class)
self.dic[key] = comment # Store the key value pair into the dictionary
else:
self.addComments(self.codeUnit, itemId, comment) # If the variable is not called by other class(main target class), add the decrypted string as comment directly
return "NULL"
def setOrStoreDecryptedStr(self, unit, itemId, comment, key):
data = ActionXrefsData()
if unit.prepareExecution(ActionContext(unit, Actions.QUERY_XREFS, itemId, None), data):
if data.getAddresses().size() > 1: # If the variable is called by other class(main target class)
self.dic[key] = comment # Store the key value pair into the dictionary
else:
self.addComments(self.codeUnit, itemId, comment) # If the variable is not called by other class(main target class), add the decrypted string as comment directly
return "NULL"
def get_xrefs_by_item(dunit, itemid, addr):
data = ActionXrefsData()
result = []
if dunit.prepareExecution(ActionContext(dunit, Actions.QUERY_XREFS, itemid, addr), data): # item.getSignature()
for xref_addr in data.getAddresses():
# print(xref_addr)
result.append(xref_addr)
return result
def findClassXRef(self, units, itemId, itemAddress):
refs = []
for unit in units:
data = ActionXrefsData()
if unit.prepareExecution(
ActionContext(unit, Actions.QUERY_XREFS, itemId,
itemAddress), data):
if len(data.getAddresses()) > 0:
refs.append((unit, data.getAddresses()))
return refs
def getMethodRefs(self, unit, itemId):
r = []
data = ActionXrefsData()
# careful, with query-type actions, the data is returned after the action prep'
if unit.prepareExecution(ActionContext(unit, Actions.QUERY_XREFS, itemId, None), data):
# clean up the DEX address, extrac the method name
for a in data.getAddresses():
i = a.find('->') + 2
j = a.find('(', i)
r.append(a[i:j])
return r
def findMethodXRef(self, units, itemId, itemAddress, refs):
preNode = refs.getCurrentNode()
refs.setCurrentNodeById(itemId)
sub_address = []
total = 0
for unit in units:
data = ActionXrefsData()
if unit.prepareExecution(
ActionContext(unit, Actions.QUERY_XREFS, itemId,
itemAddress), data):
if len(data.getAddresses()) > 0:
sub_address.append((unit, data.getAddresses()))
total += len(data.getAddresses())
else:
row_m = unit.getMethod(itemAddress)
impl_class = row_m.getClassType().getImplementingClass()
if re.search(r'(\$\d+?)+;$',
impl_class.getAddress()) != None:
# sub_address.append((unit, impl_class.getAddress()))
clxXref = self.findClassXRef(units,
impl_class.getItemId(),
impl_class.getAddress())
sub_address.extend(clxXref)
for (unit, addresses) in clxXref:
total += len(addresses)
refs.getCurrentNode().setXrefCount(total)
for (unit, addresses) in sub_address:
for xref_addr in addresses:
indexObj = re.search(r'\+[0-9A-F]+?h$', xref_addr)
if indexObj != None:
index = indexObj.group()
last_index = 0 - len(index)
method = unit.getMethod(xref_addr[0:last_index])
node = refs.buildNode(method.getItemId(),
method.getAddress())
if node == None:
refs.setCurrentNodeById(preNode.itemId)
return
else:
self.findMethodXRef(units, method.getItemId(),
method.getAddress(), refs)
else:
method = unit.getMethod(xref_addr)
node = refs.buildNode(method.getItemId(),
method.getAddress())
if node == None:
refs.setCurrentNodeById(preNode.itemId)
return
else:
self.findMethodXRef(units, method.getItemId(),
method.getAddress(), refs)
refs.setCurrentNodeById(preNode.itemId)
return
def getMethodRefs(self, unit, itemId):
r = []
data = ActionXrefsData()
# careful, with query-type actions, the data is returned after the action prep'
if unit.prepareExecution(ActionContext(unit, Actions.QUERY_XREFS, itemId, None), data):
# clean up the DEX address, extrac the method name
for a in data.getAddresses():
i = a.find('->') + 2
j = a.find('(', i)
r.append(a[i:j])
return r
def run(self, ctx):
unit = ctx.getActiveView().getUnit()
print(unit.getFormatType())
current_addr = ctx.getActiveView().getActiveFragment(
).getActiveAddress()
print(current_addr)
current_item = ctx.getActiveView().getActiveFragment().getActiveItem()
print(current_item)
data = ActionXrefsData()
if unit.prepareExecution(
ActionContext(unit, Actions.QUERY_XREFS,
current_item.getItemId(), current_addr), data):
for xref_addr in data.getAddresses():
print(xref_addr)
def xrefs_for(unit, item):
data = ActionXrefsData()
if unit.prepareExecution(
ActionContext(unit, Actions.QUERY_XREFS, item.itemId,
item.address), data):
return data.addresses
return []
def run(self, ctx):
unit = ctx.getFocusedUnit()
assert unit, 'Need a focused unit fragment'
print(unit.getFormatType())
current_addr = ctx.getFocusedAddress()
print(current_addr)
current_item = ctx.getFocusedItem()
print(current_item)
data = ActionXrefsData()
if unit.prepareExecution(
ActionContext(
unit, Actions.QUERY_XREFS,
0 if not current_item else current_item.getItemId(),
current_addr), data):
for xref_addr in data.getAddresses():
print(xref_addr)
def searchXref(self,dId, dAddr):
actCntx = ActionContext(self.targetUnit, Actions.QUERY_XREFS, dId, dAddr)
actData = ActionXrefsData()
if(self.targetUnit.prepareExecution(actCntx, actData)):
try:
bRlt = self.targetUnit.executeAction(actCntx, actData)
if(not bRlt):
print('executeAction fail!')
except Exception, e:
print Exception, ":", e
return []
def Test(ctx):
assert isinstance(ctx, IClientContext)
input_path = r"D:\tmp\2\project\about_dex_diff\code\jsq\jsq.dex"
class_sign = "Lcom/BestCalculatorCN/MyCalculator;"
method_sign = "Lcom/BestCalculatorCN/MyCalculator;->b(Lcom/BestCalculatorCN/MyCalculator;Ljava/lang/String;)V"
unit = ctx.open(input_path)
assert isinstance(unit, IUnit)
prj = ctx.getMainProject()
assert isinstance(prj, IRuntimeProject)
dexUnit = prj.findUnit(IDexUnit)
assert isinstance(dexUnit, IDexUnit)
clz = dexUnit.getClass(class_sign)
assert isinstance(clz, IDexClass)
method = dexUnit.getMethod(method_sign)
assert isinstance(method, IDexMethod)
# 1 查询某method交叉引用列表
# 使用(unit,操作,地址,itemid)来创建一个context对象,提供给JEB引擎,用于后续执行
print "------------------------------------------------"
actionXrefsData = ActionXrefsData()
actionContext = ActionContext(dexUnit, Actions.QUERY_XREFS,
method.getItemId(), None)
if unit.prepareExecution(actionContext, actionXrefsData):
for xref_addr in actionXrefsData.getAddresses():
print xref_addr
# 2 查询整个class的交叉引用列表
print "------------------------------------------------"
actionXrefsData = ActionXrefsData()
actionContext = ActionContext(dexUnit, Actions.QUERY_XREFS,
clz.getItemId(), None)
if unit.prepareExecution(actionContext, actionXrefsData):
for idx, xref_addr in enumerate(actionXrefsData.getAddresses()):
print idx, xref_addr
