def run(self, arg):
plg = HyaraWidget()
plg.Show("Hyara")
try:
widget_a = ida_kernwin.find_widget("IDA View-A")
widget_Hyara = ida_kernwin.find_widget("Hyara")
if widget_Hyara and widget_a:
ida_kernwin.set_dock_pos("Hyara", "IDA View-A", ida_kernwin.DP_RIGHT)
except:
print("find_widget option is available version 7.0 or later")
def touch_window(self, target):
"""
Touch a window/widget/form to ensure it gets drawn by IDA.
XXX/HACK:
We need to ensure that widget we will analyze actually gets drawn
so that there are colors for us to steal.
To do this, we switch to it, and switch back. I tried a few different
ways to trigger this from Qt, but could only trigger the full
painting by going through the IDA routines.
"""
# get the currently active widget/form title (the form itself seems
# transient...)
twidget = ida_kernwin.get_current_widget()
title = ida_kernwin.get_widget_title(twidget)
# touch the target window by switching to it
ida_kernwin.activate_widget(target, True)
self.flush_ida_sync_requests()
# locate our previous selection
previous_twidget = ida_kernwin.find_widget(title)
# return us to our previous selection
ida_kernwin.activate_widget(previous_twidget, True)
self.flush_ida_sync_requests()
def OnRefresh(self):
nodes = {}
self.Clear()
# nodes
for n in xrange(len(self.items)):
item = self.items[n]
node_label = self.get_node_label(n)
hl, color = self.get_node_color(n)
nid = self.AddNode(("%s" % node_label, color))
nodes[item] = nid
if hl:
widget = ida_kernwin.find_widget(self._title)
ida_graph.viewer_center_on(widget, nid)
# edges
for n in xrange(len(self.items)):
item = self.items[n]
for i in xrange(self.nsucc(n)):
t = self.succ(n, i)
# original code removed, edges may not have labels in IDA
self.AddEdge(nodes[item], nodes[self.items[t]])
return True
def _dirty_resize_hack(self, w, form):
title = form.title
widget = kw.find_widget(title)
if not widget:
return
w1 = kw.PluginForm.TWidgetToPyQtWidget(widget)
w2 = kw.PluginForm.TWidgetToPyQtWidget(w)
if not w1 or not w2:
return
p1 = w1.parentWidget()
p2 = w2.parentWidget()
if not p1 or not p2:
return
splitter = p1.parentWidget()
hr = p2.parentWidget()
if not splitter or not hr:
return
sizes = splitter.sizes()
if len(sizes) != 2:
return
idx = splitter.indexOf(p1)
_min, _max = splitter.getRange(idx)
sizes[idx] = _min
idx = splitter.indexOf(hr)
_min, _max = splitter.getRange(idx)
sizes[idx] = _max
splitter.setSizes(sizes)
return
def acquire_pseudocode_vdui(addr):
"""
Acquires a IDA HexRays vdui pointer, which is a pointer to a pseudocode view that contains
the cfunc which describes the code on the screen. Using this function optimizes the switching of code views
by using in-place switching if a view is already present.
@param addr:
@return:
"""
func = ida_funcs.get_func(addr)
if not func:
return None
names = ["Pseudocode-%c" % chr(ord("A") + i) for i in range(5)]
for name in names:
widget = ida_kernwin.find_widget(name)
if not widget:
continue
vu = ida_hexrays.get_widget_vdui(widget)
break
else:
vu = ida_hexrays.open_pseudocode(func.start_ea, False)
if func.start_ea != vu.cfunc.entry_ea:
target_cfunc = idaapi.decompile(func.start_ea)
vu.switch_to(target_cfunc, False)
return vu
def __init__(self, parent_widget):
self.parent_widget = parent_widget
self.parent_title = kw.get_widget_title(self.parent_widget)
i=1
while kw.find_widget("%s-%d" % (PLUGIN_NAME, i)):
i+=1
self.idx = i
__title = "%s-%s" % (PLUGIN_NAME, self.idx)
self.options = (TEXT_INPUT_FORMS[self.parent_title].options
if self.parent_title in TEXT_INPUT_FORMS.keys()
else TextInputForm.SO_FILTER_TEXT | TextInputForm.SO_FIND_TEXT)
self.query = (TEXT_INPUT_FORMS[self.parent_title].query
if self.parent_title in TEXT_INPUT_FORMS.keys()
else "")
kw.Form.__init__(self,
("BUTTON YES NONE\n"
"BUTTON NO NONE\n"
"BUTTON CANCEL NONE\n"
"%s\n\n"
"{FormChangeCb}\n"
"<##Enter text##Filter:{cbEditable}>"
"|<##Filter type##ASCII:{rAscii}><Regex:{rRegex}>{cSearchOptions}>"
"|<##Filter options##Text:{rText}><Color:{rColor}>{cFilterType}>\n"
) % (__title),
{'FormChangeCb': kw.Form.FormChangeCb(self.OnFormChange),
'cbEditable': kw.Form.StringInput(value = self.query),
'cSearchOptions': kw.Form.RadGroupControl(("rAscii", "rRegex")),
'cFilterType': kw.Form.RadGroupControl(("rText", "rColor")),
})
def get_ida_bg_color(self):
"""
Get the background color of an IDA disassembly view. (IDA 7+)
"""
names = ["Enums", "Structures"]
names += ["Hex View-%u" % i for i in range(5)]
names += ["IDA View-%c" % chr(ord('A') + i) for i in range(5)]
# find a form (eg, IDA view) to analyze colors from
for window_name in names:
twidget = ida_kernwin.find_widget(window_name)
if twidget:
break
else:
raise RuntimeError("Failed to find donor view")
# touch the target form so we know it is populated
self.touch_window(twidget)
# locate the Qt Widget for a form and take 1px image slice of it
import sip
widget = sip.wrapinstance(long(twidget), QWidget)
pixmap = widget.grab(QRect(0, 10, widget.width(), 1))
# convert the raw pixmap into an image (easier to interface with)
image = QImage(pixmap.toImage())
# return the predicted background color
return QColor(self.predict_bg_color(image))
def find_hex_view(self):
for i in range(1, 10):
widget = ida_kernwin.find_widget('Hex View-%d' % i)
if widget:
return widget
else:
continue
return None
def find_disass_view(self):
for c in map(chr, range(65, 75)):
widget = ida_kernwin.find_widget('IDA View-%s' % c)
if widget:
return widget
else:
continue
return None
def update():
if self.destroying == True or find_widget(self.title) == None:
return -1
else:
if self.do_auto:
self.update()
return 200
def refresh_pseudocode_view():
"""Refreshes the pseudocode view in IDA."""
names = ["Pseudocode-%c" % chr(ord("A") + i) for i in range(5)]
for name in names:
widget = ida_kernwin.find_widget(name)
if widget:
vu = ida_hexrays.get_widget_vdui(widget)
vu.refresh_view(True)
def __init__(self):
self.widget_a = ida_kernwin.find_widget("IDA View-A")
if not self.widget_a:
raise Exception("IDA View-A not opened!")
self.current_block_start_ea = None
self.current_focused_addr = None
self.current_bb_id = None
self.current_viewer = None
def __init__(self, title, path):
QtCore.QObject.__init__(self)
self.target = ida_kernwin.PluginForm.FormToPyQtWidget(
ida_kernwin.find_widget(title)).viewport()
self.target.installEventFilter(self)
self.painting = False
self.title = title
self.path = path
def destroy(self):
self.destroying = True
self.is_loaded = False
self.hooks.unhook()
window = find_widget(self.title)
if window:
close_widget(window, 0)
def zoom_and_dock(self, vu_title, zoom, dock_position=None):
widget = ida_kernwin.find_widget(self.title)
if widget and dock_position:
gli = ida_moves.graph_location_info_t()
if ida_graph.viewer_get_gli(gli, widget):
gli.zoom = zoom
ida_graph.viewer_set_gli(widget, gli)
ida_kernwin.set_dock_pos(self.title, vu_title, dock_position)
self.Refresh()
def _commit_changes(self):
vu = ida_hexrays.get_widget_vdui(self.parent_widget)
if vu:
vu.refresh_ctext()
# "refresh_ctext()" took away the focus, take it back
kw.activate_widget(kw.find_widget(self.title), True)
self.SetFocusedField(self.cbEditable)
return True
return False
def cg_zoom_and_dock(title, vu_title, dock_position=None):
widget = ida_kernwin.find_widget(title)
if widget:
if dock_position is not None:
gli = ida_moves.graph_location_info_t()
if ida_graph.viewer_get_gli(gli, widget):
gli.zoom = 1.0
ida_graph.viewer_set_gli(widget, gli)
ida_kernwin.set_dock_pos(title, vu_title, dock_position)
def activate(self, ctx):
global last_pos
if last_pos:
w = ida_kernwin.find_widget(last_pos.widget_title)
if w:
ida_kernwin.custom_viewer_jump(w, last_pos.lochist_entry)
else:
print("Widget \"%s\" not found" % last_pos.widget_title)
else:
print("No last position to restore")
def start(self, *args):
global insref_g
idaapi.msg("Starting IdaRef\n")
if insref_g != None and find_widget(insref_g.title) == None:
self.stop()
if insref_g == None:
insref_g = InstructionReference(self)
else:
print("IdaRef Already started")
def Show(self):
"""
Shows an existing graph or creates a new one
@return: Boolean
"""
if self._close_open:
import ida_kernwin
frm = ida_kernwin.find_widget(self._title)
if frm:
ida_kernwin.close_widget(frm, 0)
return _ida_graph.pyg_show(self)
def Show(self):
"""
Shows an existing graph or creates a new one
@return: Boolean
"""
if self._close_open:
import ida_kernwin
frm = ida_kernwin.find_widget(self._title)
if frm:
ida_kernwin.close_widget(frm, 0)
return _ida_graph.pyg_show(self)
def refresh_pseudocode_view(ea):
"""Refreshes the pseudocode view in IDA."""
names = ["Pseudocode-%c" % chr(ord("A") + i) for i in range(5)]
for name in names:
widget = ida_kernwin.find_widget(name)
if widget:
vu = ida_hexrays.get_widget_vdui(widget)
# Check if the address is in the same function
func_ea = vu.cfunc.entry_ea
func = ida_funcs.get_func(func_ea)
if ida_funcs.func_contains(func, ea):
vu.refresh_view(True)
def __init__(self, title, file_list, interval=200):
QtCore.QObject.__init__(self)
self.dead = False
w = ida_kernwin.find_widget(title)
if not w:
raise RuntimeError("Could not find %s" % title)
self.target = ida_kernwin.PluginForm.FormToPyQtWidget(w).viewport()
self.title = title
self.file_list = file_list
self.interval = interval
self.painting = False
self.anim = None
self._load_img_files(self.file_list)
self.target.installEventFilter(self)
self.t = self.timercallback_t(self.target, len(self.anim), interval)
def __init__(self):
QtCore.QObject.__init__(self)
self.dead = False
name = "Coffee"
w = ida_kernwin.find_widget("IDA View-%s" % name)
if not w:
w = ida_kernwin.get_current_widget()
if not w:
name = "Coffee"
w = ida_kernwin.open_disasm_window("IDA View-%s" % name)
self.painting = False
self.transform = False
self.target = ida_kernwin.PluginForm.FormToPyQtWidget(w).viewport()
self.pm = QtGui.QPixmap(self.target.size())
self.target.installEventFilter(self)
self.timer = self.timercallback_t(self.target, 2)
def OnRefresh(self):
"""
Event called when the graph is refreshed or first created.
From this event you are supposed to create nodes and edges.
This callback is mandatory.
@note: ***It is important to clear previous nodes before adding nodes.***
@return: Returning True tells the graph viewer to use the items. Otherwise old items will be used.
"""
self.nodes = {}
self.Clear()
# nodes
for n in range(len(self.items)):
item = self.items[n]
focus_node, hl, color = self.get_node_info(n)
node_label = self.get_node_label(n, highlight_node=hl)
nid = self.AddNode((node_label, color))
p = idaapi.node_info_t()
p.frame_color = 0x000000
if hl:
p.frame_color = self.CL_NODE_HIGHLIGHT
if focus_node:
p.frame_color = self.CL_NODE_FOCUS
self.SetNodeInfo(nid, p, idaapi.NIF_FRAME_COLOR)
self.nodes[item.obj_id] = nid
if self.center_node and focus_node:
widget = ida_kernwin.find_widget(self._title)
ida_graph.viewer_center_on(widget, nid)
# edges
for n in range(len(self.items)):
item = self.items[n]
for i in range(self.nsucc(n)):
t = self.succ(n, i)
self.AddEdge(self.nodes[item.obj_id],
self.nodes[self.items[t].obj_id])
return True
def __init__(self,
q=None,
ea_list=None,
query_full=True,
flags=ida_kernwin.CH_RESTORE | ida_kernwin.CH_QFLT,
title=None,
width=None,
height=None,
embedded=False,
modal=False):
_title = ""
i = 0
idx = ""
pfx = ""
exists = True
while exists:
idx = chr(ord('A')+i%26)
_title = "%s-%s%s" % (ic_t.window_title, pfx, idx)
if title:
_title += ": %s" % title
exists = (ida_kernwin.find_widget(_title) != None)
i += 1
pfx += "" if i % 26 else "A"
ida_kernwin.Choose.__init__(
self,
_title,
[ ["Function", 20 | ida_kernwin.CHCOL_FNAME],
["Address", 10 | ida_kernwin.CHCOL_EA],
["Output", 80 | ida_kernwin.CHCOL_PLAIN]],
flags = flags,
width = width,
height = height,
embedded = embedded)
if ea_list is None:
ea_list =[ida_kernwin.get_screen_ea()]
if callable(q):
self.items = exec_query(q, ea_list, query_full)
elif isinstance(q, list):
self.items = q
else:
self.items = list()
self.Show()
def delayed_exec(*args):
output_window_title = "Output window"
tw = ida_kernwin.find_widget(output_window_title)
if not tw:
raise Exception("Couldn't find widget '%s'" % output_window_title)
# convert from a SWiG 'TWidget*' facade,
# into an object that PyQt will understand
w = ida_kernwin.PluginForm.TWidgetToPyQtWidget(tw)
line_edit = w.findChild(QtWidgets.QLineEdit)
if not line_edit:
raise Exception("Couldn't find input")
line_edit.setFocus() # ensure it has focus
QtWidgets.QApplication.instance().processEvents() # and that it received the focus event
# inject text into widget
line_edit.setText(text)
# and execute the standard 'execute' action
ida_kernwin.process_ui_action("cli:Execute")
def OnRefresh(self):
"""
@return: 返回 True 告诉 graph viewer 使用新的 items
"""
self.nodes = {}
self.Clear()
# nodes
for n in range(len(self.items)):
item = self.items[n]
focus_node, highlight_node, color = self._get_node_info(n)
node_label = self._get_node_label(n, highlight_node=highlight_node)
nid = self.AddNode((node_label, color))
framecol = self.COLOR_FRAME_DEFAULT
if highlight_node:
framecol = self.COLOR_FRAME_HIGHLIGHT
if focus_node:
framecol = self.COLOR_FRAME_FOCUS
p = idaapi.node_info_t()
p.frame_color = framecol
self.SetNodeInfo(nid, p, idaapi.NIF_FRAME_COLOR)
self.nodes[item.obj_id] = nid
if self.center_node and focus_node:
widget = ida_kernwin.find_widget(self._title)
ida_graph.viewer_center_on(widget, nid)
# edges
for n in range(len(self.items)):
item = self.items[n]
for i in range(self._nsucc(n)):
t = self._succ(n, i)
self.AddEdge(self.nodes[item.obj_id],
self.nodes[self.items[t].obj_id])
return True
def get_all_vdui():
"""
Return every visible vdui_t (Hex-Rays window).
"""
found = {}
# TODO: A-Z.. eh good enough
for widget_title in ["Pseudocode-%c" % chr(0x41+i) for i in range(0, 26)]:
# try to find the hexrays widget of the given name
widget = ida_kernwin.find_widget(widget_title)
if not widget:
continue
# make sure the widget looks in-use
vdui = ida_hexrays.get_widget_vdui(widget)
if not (vdui and vdui.visible):
continue
found[widget_title] = vdui
return found
def navigate(self, address):
# TODO fetch active view? or most recent one? i'm lazy for now...
widget = ida_kernwin.find_widget("IDA View-A")
#
# this call can both navigate to an arbitrary address, and keep
# the cursor position 'static' within the window at an (x,y)
# text position
#
# TODO: I think it's kind of tricky to figure out the 'center' line of
# the disassembly window navigation, so for now we'll just make a
# navigation call always center around line 20...
#
CENTER_AROUND_LINE_INDEX = 20
if widget:
return ida_kernwin.ea_viewer_history_push_and_jump(
widget, address, 0, CENTER_AROUND_LINE_INDEX, 0)
# ehh, whatever.. just let IDA navigate to yolo
else:
return ida_kernwin.jumpto(address)
ida_kernwin.action_handler_t.__init__(self)
def activate(self, ctx):
for idx in ctx.chooser_selection:
addr, _, _, s = ida_kernwin.get_chooser_data(ctx.widget_title, idx)
print("%s: '%s'" % (addr, s))
return 0
def update(self, ctx):
if ctx.widget_type == ida_kernwin.BWN_STRINGS:
return ida_kernwin.AST_ENABLE_FOR_WIDGET
return ida_kernwin.AST_DISABLE_FOR_WIDGET
klasses = [copy_only_string, print_string]
sw = ida_kernwin.find_widget("Strings window")
if not sw:
sw = ida_kernwin.open_strings_window(ida_idaapi.BADADDR)
for klass in klasses:
ida_kernwin.unregister_action(klass.ACTION_NAME)
if ida_kernwin.register_action(
ida_kernwin.action_desc_t(klass.ACTION_NAME, klass.ACTION_LABEL,
klass(), klass.ACTION_SHORTCUT)):
if sw:
ida_kernwin.attach_action_to_popup(sw, None, klass.ACTION_NAME)
print("Permanently added '%s' action to 'String window's popup" %
klass.ACTION_LABEL)
