def main(): clist = build_color_list() filepath = idaapi.askfile_c(False, "*.*", "Pin log file") imagebase = idaapi.get_imagebase() try: f = open(filepath, "rb") except: print("Need log file to parse data...") return buff = f.read() functions = set() for index in range(0, len(buff)): exec_count = ord(buff[index]) if exec_count == 0: continue exec_count = exec_count / 10 if exec_count > 11: exec_count = 11 ida_color = clist[exec_count] if (not (idc.GetFunctionName(imagebase + index) in functions)): func = idc.GetFunctionName(imagebase + index) print "hit @ 0x%08x function %s" % (imagebase + index, func) functions.add(func) idc.SetColor(imagebase + index, CIC_ITEM, ida_color)
def main(): clist = build_color_list(); filepath = idaapi.askfile_c(False, "*.*", "Pin log file"); imagebase = idaapi.get_imagebase(); try: f = open(filepath, "rb"); except: print("Need log file to parse data..."); return; buff = f.read(); functions = set() for index in range(0, len(buff)): exec_count = ord(buff[index]); if exec_count == 0: continue; exec_count = exec_count / 10; if exec_count > 11: exec_count = 11; ida_color = clist[exec_count]; if (not (idc.GetFunctionName(imagebase+index) in functions)): func = idc.GetFunctionName(imagebase+index) print "hit @ 0x%08x function %s"%(imagebase+index, func) functions.add(func) idc.SetColor(imagebase + index, CIC_ITEM, ida_color);
def capture_graph(): path = idaapi.askfile_c(1, 'graph.png', 'Save Graph...') if not path: return image = grab_graph() try: image.save(path, format='PNG') except: import traceback traceback.print_exc()
def DetectDOTExe(self): self.DOTExe = None for file in self.DOTExeList: if os.path.exists( file ): self.DOTExe = file break if not self.DOTExe: self.DOTExe = idaapi.askfile_c(1,"*.exe","Select dot.exe file"); if not self.DOTExe: print "You need to install Graphviz. Download from http://graphviz.org"
def DetectDOTExe(self): self.DOTExe = None for file in self.DOTExeList: if os.path.exists(file): self.DOTExe = file break if not self.DOTExe: self.DOTExe = idaapi.askfile_c(1, "*.exe", "Select dot.exe file") if not self.DOTExe: print "You need to install Graphviz. Download from http://graphviz.org"
def ask_user(default_path): while True: bap_path = idaapi.askfile_c(False, default_path, 'Path to bap') if bap_path is None: if confirm('Are you sure you don\'t want to set path?'): return None else: continue if not bap_path.endswith('bap'): if not confirm("Path does not end with bap. Confirm?"): continue if not os.path.isfile(bap_path): if not confirm("Path does not point to a file. Confirm?"): continue return bap_path
def LoadInstructionData(self): global x86InstructionData if x86InstructionData == None: path = os.path.realpath(__file__) path = path[:path.rfind(os.path.sep)+1] + "instructionsDICT.data" print path if path == "": print path = idaapi.askfile_c(1, "instructionsDICT.data", "Go to optimice dir and select instructionsDICT file") fp = open(path, "rb") data = fp.read() x86InstructionData = pickle.loads(zlib.decompress(data)) fp.close()
def main(): filepath = idaapi.askfile_c(False, "*.*", "Pin log file"); imagebase = idaapi.get_imagebase(); try: f = open(filepath, "rb"); except: print("Need log file to parse data..."); return; buff = f.read(); ida_color = 0xFFFFFFFF; for index in range(0, len(buff)): exec_count = ord(buff[index]); if exec_count == 0: continue; exec_count = exec_count / 10; if exec_count > 11: exec_count = 11; idc.SetColor(imagebase + index, CIC_ITEM, ida_color);
def config_path(): if config.get('bap_executable_path') is not None: return default_bap_path = '' from subprocess import check_output, CalledProcessError import os try: default_bap_path = check_output(['which', 'bap']).strip() except (OSError, CalledProcessError) as e: # Cannot run 'which' command OR # 'which' could not find 'bap' try: default_bap_path = os.path.join( check_output(['opam', 'config', 'var', 'bap:bin']).strip(), 'bap' ) except OSError: # Cannot run 'opam' pass if not default_bap_path.endswith('bap'): default_bap_path = '' def confirm(msg): from idaapi import askyn_c, ASKBTN_CANCEL, ASKBTN_YES return askyn_c(ASKBTN_CANCEL, msg) == ASKBTN_YES while True: bap_path = idaapi.askfile_c(False, default_bap_path, 'Path to bap') if bap_path is None: if confirm('Are you sure you don\'t want to set path?'): return else: continue if not bap_path.endswith('bap'): if not confirm("Path does not end with bap. Confirm?"): continue if not os.path.isfile(bap_path): if not confirm("Path does not point to a file. Confirm?"): continue break config.set('bap_executable_path', bap_path)
def LoadInstructionData(self): global x86InstructionData if x86InstructionData == None: path = os.path.realpath(__file__) path = path[:path.rfind(os.path.sep) + 1] + "instructionsDICT.data" print path if path == "": print path = idaapi.askfile_c( 1, "instructionsDICT.data", "Go to optimice dir and select instructionsDICT file") fp = open(path, "rb") data = fp.read() x86InstructionData = pickle.loads(zlib.decompress(data)) fp.close()
def config_path(): if config.get('bap_executable_path') is not None: return default_bap_path = '' from subprocess import check_output, CalledProcessError import os try: default_bap_path = check_output(['which', 'bap']).strip() except (OSError, CalledProcessError) as e: # Cannot run 'which' command OR # 'which' could not find 'bap' try: default_bap_path = os.path.join( check_output(['opam', 'config', 'var', 'bap:bin']).strip(), 'bap') except OSError: # Cannot run 'opam' pass if not default_bap_path.endswith('bap'): default_bap_path = '' def confirm(msg): from idaapi import askyn_c, ASKBTN_CANCEL, ASKBTN_YES return askyn_c(ASKBTN_CANCEL, msg) == ASKBTN_YES while True: bap_path = idaapi.askfile_c(False, default_bap_path, 'Path to bap') if bap_path is None: if confirm('Are you sure you don\'t want to set path?'): return else: continue if not bap_path.endswith('bap'): if not confirm("Path does not end with bap. Confirm?"): continue if not os.path.isfile(bap_path): if not confirm("Path does not point to a file. Confirm?"): continue break config.set('bap_executable_path', bap_path)
def OnCommand(self, cmd_id): if self.cmd_dot == cmd_id: fname = askfile_c(1, "*.dot", "Export DOT file") if fname: f = open(fname, "wb") buf = "digraph G {\n graph [overlap=scale]; node [fontname=Courier]; rankdir=\"LR\";\n\n" for c in self.classes.keys(): n = self.classes.keys().index(c) buf += ' a%s [shape=box, label = "%s", color="blue"]\n' % ( n, c) buf += "\n" for c in self.classes.keys(): class_index = self.classes.keys().index(c) for base in self.classes[c]: if base in self.classes.keys(): base_index = self.classes.keys().index(base) buf += ' a%s -> a%s [style = bold]\n' % ( class_index, base_index) buf += "}" f.write(buf) f.close()
def main(): clist = build_color_list() filepath = idaapi.askfile_c(False, "*.*", "Pin log file") imagebase = idaapi.get_imagebase() try: f = open(filepath, "rb") except: print("Need log file to parse data...") return buff = f.read() for index in range(0, len(buff)): exec_count = ord(buff[index]) if exec_count == 0: continue exec_count = exec_count / 10 if exec_count > 11: exec_count = 11 ida_color = clist[exec_count] idc.SetColor(imagebase + index, CIC_ITEM, ida_color)
def OnCommand(self, n, cmd_id): # Export CSV if cmd_id == self.cmd_export_csv: file_name = idaapi.askfile_c(1, "*.csv", "Please enter CSV file name") if file_name: print("[idarop] Exporting gadgets to %s" % file_name) with open(file_name, 'wb') as csvfile: csvwriter = csv.writer(csvfile, delimiter=',', quotechar='"', quoting=csv.QUOTE_MINIMAL) csvwriter.writerow(["Address", "Gadget", "Size", "Pivot"]) for item in self.items: csvwriter.writerow(item) elif cmd_id == self.clear_rop_list: self.idarop.clear_rop_list() self.refreshitems() return 1
"""Convert IDB to mega file.""" mode = "w" # File already exists if os.path.exists(filename): ask = idaapi.askyn_c(False, "Append result to existing file?") if ask == -1: return elif ask == 0: if 1 != idaapi.askyn_c(False, "Overwrite existing file?"): return elif ask == 1: mode = "a+" # Process functions with open(filename, mode) as f: for i in range(idaapi.get_func_qty()): line = process_func(i) if line: line += "\n" f.write(line) if __name__ == "__main__": """TODO: Add/Append ending: ---""" filename = idaapi.askfile_c(True, "*.mega", "Enter the name of the mega file:") if not filename: idaapi.warning("Save filename not provided!") else: idb_to_mega(filename) idc.Message("idb_to_mega finished!\n")
buggy = True else: buggy = False if buggy: f = idaapi.qfile_t() f.open(fname, 'wb+') segments = [x for x in idautils.Segments()] max_addr = idc.GetSegmentAttr(segments[-1], idc.SEGATTR_END) # TODO check max_addr to see if it's sane to write such a big file idaapi.base2file(f.get_fp(), 0, 0, max_addr) f.close() else: with open(fname, 'wb+') as f: # over all segments for s in idautils.Segments(): start = idc.GetSegmentAttr(s, idc.SEGATTR_START) end = idc.GetSegmentAttr(s, idc.SEGATTR_END) # print "Start: %x, end: %x, size: %x" % (start, end, end-start) max_addr = max(max_addr, end) f.seek(start, 0) # Only works with fixed IDAPython. f.write(idaapi.get_many_bytes_ex(start, end - start)[0]) dump_log.debug("section[dump] = 0, 0x%x, 0, 0x%x", max_addr, max_addr) if __name__ == '__main__': fname = idaapi.askfile_c(1, "*.*", "Save to binary") dump_binary(fname)
def run(self, arg): if not idaapi.autoIsOk(): if idaapi.askyn_c( ASKBTN_CANCEL, "HIDECANCEL\n", "The autoanalysis has not finished yet.\n", "The result might be incomplete. Do you want to continue?" ) < ASKBTN_NO: return form_title = "ETM trace" form = idaapi.find_tform(form_title) if form != None: print "ETM trace window already open. Switching to it." idaapi.switchto_tform(form, True) return trace_file_name = idaapi.askfile_c(0, "", "Select a trace to display...") if len(trace_file_name) < 1: return image_name = idaapi.get_root_filename() f = open(trace_file_name, "r") #trace format: filename[0] id[1] type[2] description[3] src_addr[4] src_func_offset[5] src_image[6] =>[7] dst_addr[8] dst_func_offset[9] dst_image[10] start_branch = f.readline().split() if not start_branch: return while len(start_branch) != 11: start_branch = f.readline().split() if not start_branch: return self.c = EtmTraceChoose2(form_title, modal=False) self.c.callgraph.append("start") while True: next_branch = f.readline().split() if not next_branch: break start_branch[10] = start_branch[10].replace("(", "").replace(")", "") start_branch[6] = start_branch[6].replace("(", "").replace(")", "") if start_branch[10].split("/")[-1] != image_name and start_branch[ 6].split("/")[-1] != image_name: start_branch = next_branch continue if start_branch[10].split("/")[-1] != image_name: #to external lib self.c.add_jump_to_external(start_branch[1], start_branch[8], start_branch[10]) start_branch = next_branch continue if start_branch[6].split("/")[-1] != image_name: #from external lib self.c.add_jump_from_external(start_branch[1], start_branch[4], start_branch[6]) self.c.add_instruction_range(start_branch[1], [start_branch[8], next_branch[4]]) start_branch = next_branch self.c.show()
def GetOutputFile(self): return idaapi.askfile_c(1, "*.dot", "Select DOT File to Output")
def GetOutputFile(self): return idaapi.askfile_c(1,"*.dot","Select DOT File to Output");