def do_trace(then_quit_ida=True): debugHook = TraceHook() debugHook.hook() # Start tracing when entry point is hit ep = ida_ida.inf_get_start_ip() ida_dbg.enable_step_trace(1) ida_dbg.set_step_trace_options(ida_dbg.ST_OVER_DEBUG_SEG | ida_dbg.ST_OVER_LIB_FUNC) print("Running to %x" % ep) ida_dbg.run_to(ep) while ida_dbg.get_process_state() != 0: ida_dbg.wait_for_next_event(1, 0) if not debugHook.epReached: raise Exception("Entry point wasn't reached!") if not debugHook.unhook(): raise Exception("Error uninstalling hooks!") del debugHook if then_quit_ida: # we're done; exit IDA ida_pro.qexit(0)
def OnFormChange(self, fid): if fid == -2: # click on ok print self._project_list[self.GetControlValue(self.iProject)] if self._project_list[self.GetControlValue(self.iProject)] == "Select public project": project_id = idc.AskStr("", "Project id:") try: headers = {"Authorization" : "Bearer {0}".format(shared.USER_TOKEN)} data = json.loads(requests.get("{0}/{1}".format(shared.BASE_URL, constants.GET_PROJECT_HEADER.format(project_id)), headers = headers).content) hash_of_program = data["body"]["hash"] warning("{0} {1}".format(ida_nalt.retrieve_input_file_sha256().lower(), hash_of_program)) if ida_nalt.retrieve_input_file_sha256().lower() != hash_of_program: warning("Wrong hash of program, exiting now") ida_pro.qexit(1) contributors = data["body"]["contributors"] shared.MASTER_PAUSE_HOOK = True for cont in contributors: if cont["id"] == shared.USERID: shared.MASTER_PAUSE_HOOK = False shared.PAUSE_HOOK = True break shared.PROJECT_ID = data["body"]["id"] except Exception as e: warning("Cant get project information: " + str(e)) return 0 else: headers = {"Authorization" : "Bearer {0}".format(shared.USER_TOKEN)} data = json.loads(requests.get("{0}/{1}".format(shared.BASE_URL, constants.GET_PROJECT_HEADER.format(self._project_list[self.GetControlValue(self.iProject)].split(" ")[0])), headers = headers).content) hash_of_program = data["body"]["hash"] if ida_nalt.retrieve_input_file_sha256().lower() != hash_of_program: warning("Wrong hash of program, exiting now") ida_pro.qexit(1) shared.PROJECT_ID = self._project_list[self.GetControlValue(self.iProject)].split(" ")[0] return 1 else: return 1
def plugin_main(signatures_root, project_name, symbols_file=None): global fa_instance fa_instance = IdaLoader() fa_instance.set_input('ida') if project_name is not None: fa_instance.set_project(project_name) load_ui() IdaLoader.log(''' --------------------------------- FA Loaded successfully Quick usage: print(fa_instance.find(symbol_name)) # searches for the specific symbol fa_instance.get_python_symbols(filename=None) # run project's python scripts (all or single) fa_instance.set_symbol_template(status) # enable/disable template temp signature fa_instance.symbols() # searches for the symbols in the current project ---------------------------------''') if symbols_file is not None: fa_instance.set_signatures_root(signatures_root) fa_instance.symbols(symbols_file) ida_pro.qexit(0)
def main(): idc.auto_wait() c = Config() update_config(c) if c.logenabled: h = logging.FileHandler(c.logfile) h.setLevel(c.loglevel) logging.getLogger().addHandler(h) filename = get_pat_file() if filename is None: g_logger.debug("No file selected") return sigs = make_func_sigs(c) if c.pat_append: with open(filename, "ab") as f: for sig in sigs: f.write(sig) f.write("\r\n") f.write("---") f.write("\r\n") else: with open(filename, "wb") as f: for sig in sigs: f.write(sig) f.write("\r\n") f.write("---") f.write("\r\n") import ida_pro ida_pro.qexit(0)
def main(signatures_root, project_name, symbols_file=None): global fa_instance IdaLoader.log(''' --------------------------------- FA Loaded successfully Quick usage: fa_instance.set_project(project_name) # select project name print(fa_instance.list_projects()) # prints available projects print(fa_instance.find(symbol_name)) # searches for the specific symbol fa_instance.get_python_symbols(filename=None) # run project's python scripts (all or single) fa_instance.symbols() # searches for the symbols in the current project HotKeys: Ctrl-6: Set current project Ctrl-7: Search project symbols Ctrl-8: Create temporary signature Ctrl-Shift-8: Create temporary signature and open an editor Ctrl-9: Find temporary signature Ctrl-0: Prompt for adding the temporary signature as permanent ---------------------------------''') fa_instance = IdaLoader() fa_instance.set_input('ida') fa_instance.set_project(project_name) idaapi.add_hotkey('Ctrl-6', fa_instance.interactive_set_project) idaapi.add_hotkey('Ctrl-7', fa_instance.symbols) idaapi.add_hotkey('Ctrl-8', fa_instance.create_symbol) idaapi.add_hotkey('Ctrl-Shift-8', fa_instance.extended_create_symbol) idaapi.add_hotkey('Ctrl-9', fa_instance.find_symbol) idaapi.add_hotkey('Ctrl-0', fa_instance.prompt_save_signature) if symbols_file is not None: fa_instance.set_signatures_root(signatures_root) fa_instance.symbols(symbols_file) ida_pro.qexit(0)
def main(): idaapi.autoWait() info = dict() info["arch"] = dict() info["arch"]["is_32bit"] = ida_ida.inf_is_32bit() info["arch"]["is_64bit"] = ida_ida.inf_is_64bit() info["imports"] = get_imports() functions = get_functions() info["histogram"] = dict() for f_ea in functions: disasm = get_mnemonics(f_ea) h = histogram(disasm) h_d = dict() for t in h: h_d[t[0]] = t[1] info["histogram"][functions[f_ea]] = h_d write_result(idc.ARGV[1], info) ida_pro.qexit(0)
funcs = get_funcs() text_segm = ida_segment.get_segm_by_name(".text") for func in funcs: # we only care about functions in .text segment if not in_range(text_segm, func.start_ea): continue name = ida_funcs.get_func_name(func.start_ea) code = ida_hexrays.decompile_func(func, None) results[name] = { "name": name, "start_ea": func.start_ea, "end_ea": func.end_ea, "code": code.__str__(), "size": func.size() } print("JSON:") print(json.dumps({"time": time.time() - start, "data": results})) # wait for the analysis to complete ida_auto.auto_wait() # actually do stuff print(BEGIN_BANNER) main() print(END_BANNER) # quit to stop GUI from poping up ida_pro.qexit(0)
import idc print idc.gen_file(idc.OFILE_LST, '2.lst', 0, idc.BADADDR, 0) import ida_pro ida_pro.qexit()
def exit(self): """Exit the disassembler (cleanly).""" ida_pro.qexit(0)
else: continue f.writelines(result) f.close def build_result(items): lines = [] for item in items: data = [str(item.vuln), item.name, hexstr(item.ea)] for x in [item.addr1, item.addr2]: if x != None: data.append(hexstr(x)) else: continue for x in [item.str1, item.str2, item.other1]: if x != None: data.append(repr(x)) else: continue data.append('\n') lines.append('\t'.join(data)) return lines if __name__ == "__main__": analysis() if "DO_EXIT" in os.environ: ida_pro.qexit(1)