def init(self):
""" On script initalisation : load previous rop results and init menu items """
# Only Intel x86/x86-64 are supported
if idaapi.ph_get_id() == idaapi.PLFM_386:
global idarop_manager
# Check if already initialized
if not 'idarop_manager' in globals():
idarop_manager = IdaRopManager()
if idarop_manager.add_menu_items():
print("[IdaRop] Failed to initialize IDA Sploiter.")
idarop_manager.del_menu_items()
del idarop_manager
return idaapi.PLUGIN_SKIP
else:
try:
idarop_manager.load_internal_db()
except Exception as e:
pass
print("[IdaRop] IDA ROP View v%s initialized " %
IDAROP_VERSION)
return idaapi.PLUGIN_KEEP
else:
return idaapi.PLUGIN_SKIP
def init(self):
if idaapi.ph_get_id(
) != idaapi.PLFM_ARM or idaapi.BADADDR <= 0xFFFFFFFF:
return idaapi.PLUGIN_SKIP
print "%s init" % self.comment
self.hook = Aarch64PACHook()
self.hook.hook()
return idaapi.PLUGIN_KEEP
def init(self):
if idaapi.ph_get_id(
) != idaapi.PLFM_ARM or idaapi.BADADDR <= 0xFFFFFFFF:
print "%s won't load!" % self.wanted_name
return idaapi.PLUGIN_SKIP
self.hooks = CPUHooks()
self.hooks.hook()
print "%s is loaded!" % self.wanted_name
return idaapi.PLUGIN_KEEP
def init(self):
self.hook = None
if idc.GetInputMD5() != input_md5 or idaapi.ph_get_id(
) != idaapi.PLFM_386:
return idaapi.PLUGIN_SKIP
self.hook = deobX86Hook()
self.hook.hook()
return idaapi.PLUGIN_KEEP
def init(self):
self.prochook = None
if idaapi.ph_get_id() != idaapi.PLFM_386:
# print "dumbx86_t.init() skipped!"
return idaapi.PLUGIN_SKIP
self.prochook = dumbx86hook()
self.prochook.hook()
print "dumbx86_t.init() called!"
return idaapi.PLUGIN_KEEP
def init(self):
self.prochook = None
if idaapi.ph_get_id() != idaapi.PLFM_386 or idaapi.cvar.inf.filetype != idaapi.f_ELF:
print "linuxprocext_t.init() skipped!"
return idaapi.PLUGIN_SKIP
self.prochook = linux_idp_hook_t()
self.prochook.hook()
print "linuxprocext_t.init() called!"
return idaapi.PLUGIN_KEEP
def init(self):
global glob_lex
global glob_parser
if idaapi.ph_get_id() != idaapi.PLFM_386:
return idaapi.PLUGIN_SKIP
debug_out("Loading Parsers")
self.lexer = glob_lex
self.parser = glob_parser
debug_out("Loaded SmartJumper")
return idaapi.PLUGIN_KEEP
def init(self):
self.hook = None
if not ".mp.dll" in idc.GetInputFile(
) or idaapi.ph_get_id() != idaapi.PLFM_386:
return idaapi.PLUGIN_SKIP
print "\n\n-->MsMpEng apicall x86 Parser Invoked!\n\n"
self.hook = parse_apicall_hook()
self.hook.hook()
return idaapi.PLUGIN_KEEP
def init(self):
self.prochook = None
if idaapi.ph_get_id() != idaapi.PLFM_386:
# print "dumbx86_t.init() skipped!"
return idaapi.PLUGIN_SKIP
self.prochook = dumbx86hook()
self.prochook.hook()
print "dumbx86_t.init() called!"
return idaapi.PLUGIN_KEEP
def init(self):
self.prochook = None
if idaapi.ph_get_id(
) != idaapi.PLFM_386 or idaapi.cvar.inf.filetype != idaapi.f_ELF:
print "linuxprocext_t.init() skipped!"
return idaapi.PLUGIN_SKIP
self.prochook = linux_idp_hook_t()
self.prochook.hook()
print "linuxprocext_t.init() called!"
return idaapi.PLUGIN_KEEP
def init(self):
self.hook = None
if idaapi.ph_get_id(
) != idaapi.PLFM_ARM or idaapi.BADADDR <= 0xFFFFFFFF:
return idaapi.PLUGIN_SKIP
self.hook = simpA64Hook()
flag = self.hook.n.altval(0)
if flag:
self.enabled = flag - 1
print "%s is %sabled" % (self.wanted_name,
"en" if self.enabled else "dis")
if self.enabled:
self.hook.hook()
return idaapi.PLUGIN_KEEP
def init(self):
# Some initialization
global hexnight_cb_info, hexnight_cb, inttype
if idaapi.init_hexrays_plugin() and idaapi.ph_get_id() == idaapi.PLFM_ARM:
inttype = idaapi.get_int_type_by_width_and_sign(4, True)
hexnight_cb_info = hexrays_callback_info()
hexnight_cb = hexnight_cb_info.event_callback
if idaapi.install_hexrays_callback(hexnight_cb):
print "Hexnight plugin installed"
addon = idaapi.addon_info_t();
addon.id = "org.xerub.hexnight";
addon.name = "Hexnight";
addon.producer = "xerub";
addon.url = "https://twitter.com/xerub";
addon.version = "7.0";
idaapi.register_addon( addon );
return idaapi.PLUGIN_KEEP
print "Hexnight plugin failed"
return idaapi.PLUGIN_SKIP
def init(self):
self.hexrays_inited = False
self.registered_actions = []
self.registered_hx_actions = []
global ARCH
global BITS
ARCH = idaapi.ph_get_id()
info = idaapi.get_inf_structure()
if info.is_64bit():
BITS = 64
elif info.is_32bit():
BITS = 32
else:
BITS = 16
print("Golang_Rev plugin has been loaded.")
# Register menu actions
menu_actions = (
idaapi.action_desc_t(GOLANG_STRING, "Set golang string",
menu_action_handler_t(GOLANG_STRING), None,
None, 9),
idaapi.action_desc_t(GOLANG_FUNC, "Set golang function",
menu_action_handler_t(GOLANG_FUNC), None,
None, 9),
idaapi.action_desc_t(RENAME_POINTER, "Set pointer",
menu_action_handler_t(RENAME_POINTER), None,
None, 9),
)
for action in menu_actions:
idaapi.register_action(action)
self.registered_actions.append(action.name)
# Add ui hook
self.ui_hook = UI_Hook()
self.ui_hook.hook()
return idaapi.PLUGIN_KEEP
def init(self):
# Only Intel x86/x86-64 are supported
if idaapi.ph_get_id() == idaapi.PLFM_386:
global heaptracer_manager
# Check if already initialized
if not 'heaptracer_manager' in globals():
heaptracer_manager = HeapTracerManager()
if heaptracer_manager.add_menu_items():
print "Failed to initialize Heap Tracer."
heaptracer_manager.del_menu_items()
del heaptracer_manager
return idaapi.PLUGIN_SKIP
else:
print("Initialized Heap Tracer v%s (c) Marcin Kalinowski <*****@*****.**>" % HEAPTRACER_VERSION)
return idaapi.PLUGIN_KEEP
else:
return idaapi.PLUGIN_SKIP
def init(self):
# Some initialization
global hexnight_cb_info, hexnight_cb, inttype
if idaapi.init_hexrays_plugin() and idaapi.ph_get_id(
) == idaapi.PLFM_ARM and idaapi.BADADDR > 0xFFFFFFFF:
inttype = idaapi.get_int_type_by_width_and_sign(4, True)
enu = idaapi.add_enum(0, myenum, 0)
for i in regs.keys():
idaapi.add_enum_member(enu, regs[i], i)
hexnight_cb_info = hexrays_callback_info()
hexnight_cb = hexnight_cb_info.event_callback
if idaapi.install_hexrays_callback(hexnight_cb):
print "Hexnight plugin installed"
addon = idaapi.addon_info_t()
addon.id = "org.xerub.hexnight"
addon.name = "Hexnight"
addon.producer = "xerub"
addon.url = "https://twitter.com/xerub"
addon.version = "6.95"
idaapi.register_addon(addon)
return idaapi.PLUGIN_KEEP
print "Hexnight plugin failed"
return idaapi.PLUGIN_SKIP
def __init__(self):
self.flags = idaapi.ph_get_flag()
# instead of checking ph flags, should __EA64__ be used?
self.is_64bit = (self.flags & idaapi.PR_USE64) != 0
self.is_32bit = (self.flags & idaapi.PR_USE32) != 0
self.is_stack_up = (self.flags & idaapi.PR_STACK_UP) != 0
self.id = idaapi.ph_get_id()
self.is_assemble_supported = (self.flags & idaapi.PR_ASSEMBLE) != 0
self.is_delayslot_proc = (self.flags & idaapi.PR_DELAYED) != 0
# processor default ret instruction (icode, not opcode!)
self.ret_icodes = [idaapi.ph_get_icode_return()]
# ptrsize in bytes
self.ptrsize = 2
if self.is_32bit:
self.ptrsize = 4
if self.is_64bit:
self.ptrsize = 8
self.ptrsize_pyfmt_mapper = {2:"H", 4:"I", 8:"Q"}
self.ptrsize_mask_mapper = {2:0xFFFF, 4:0xFFFFFFFF, 8:0xFFFFFFFFFFFFFFFF}
self.datafmt_mapper = {2:"%04X", 4:"%08X", 8:"%016X"}
self.endianness = idaapi.get_inf_structure().mf
def __init__(self):
self.flags = idaapi.ph_get_flag()
# instead of checking ph flags, should __EA64__ be used?
self.is_64bit = (self.flags & idaapi.PR_USE64) != 0
self.is_32bit = (self.flags & idaapi.PR_USE32) != 0
self.is_stack_up = (self.flags & idaapi.PR_STACK_UP) != 0
self.id = idaapi.ph_get_id()
self.is_assemble_supported = (self.flags & idaapi.PR_ASSEMBLE) != 0
self.is_delayslot_proc = (self.flags & idaapi.PR_DELAYED) != 0
# processor default ret instruction (icode, not opcode!)
self.ret_icodes = [idaapi.ph_get_icode_return()]
# ptrsize in bytes
self.ptrsize = 2
if self.is_32bit:
self.ptrsize = 4
if self.is_64bit:
self.ptrsize = 8
self.ptrsize_pyfmt_mapper = {2:"H", 4:"I", 8:"Q"}
self.ptrsize_mask_mapper = {2:0xFFFF, 4:0xFFFFFFFF, 8:0xFFFFFFFFFFFFFFFF}
self.datafmt_mapper = {2:"%04X", 4:"%08X", 8:"%016X"}
self.endianness = idaapi.get_inf_structure().mf
def init(self):
self.hexrays_inited = False
self.registered_actions = []
self.registered_hx_actions = []
global ARCH
global BITS
ARCH = idaapi.ph_get_id()
info = idaapi.get_inf_structure()
if info.is_64bit():
BITS = 64
elif info.is_32bit():
BITS = 32
else:
BITS = 16
print("LazyIDA (v1.0.0.3) plugin has been loaded.")
# Register menu actions
menu_actions = (
idaapi.action_desc_t(ACTION_CONVERT[0], "Convert to string", menu_action_handler_t(ACTION_CONVERT[0]), None, None, 80),
idaapi.action_desc_t(ACTION_CONVERT[1], "Convert to hex string", menu_action_handler_t(ACTION_CONVERT[1]), None, None, 8),
idaapi.action_desc_t(ACTION_CONVERT[2], "Convert to C/C++ array (BYTE)", menu_action_handler_t(ACTION_CONVERT[2]), None, None, 38),
idaapi.action_desc_t(ACTION_CONVERT[3], "Convert to C/C++ array (WORD)", menu_action_handler_t(ACTION_CONVERT[3]), None, None, 38),
idaapi.action_desc_t(ACTION_CONVERT[4], "Convert to C/C++ array (DWORD)", menu_action_handler_t(ACTION_CONVERT[4]), None, None, 38),
idaapi.action_desc_t(ACTION_CONVERT[5], "Convert to C/C++ array (QWORD)", menu_action_handler_t(ACTION_CONVERT[5]), None, None, 38),
idaapi.action_desc_t(ACTION_CONVERT[6], "Convert to python list (BYTE)", menu_action_handler_t(ACTION_CONVERT[6]), None, None, 201),
idaapi.action_desc_t(ACTION_CONVERT[7], "Convert to python list (WORD)", menu_action_handler_t(ACTION_CONVERT[7]), None, None, 201),
idaapi.action_desc_t(ACTION_CONVERT[8], "Convert to python list (DWORD)", menu_action_handler_t(ACTION_CONVERT[8]), None, None, 201),
idaapi.action_desc_t(ACTION_CONVERT[9], "Convert to python list (QWORD)", menu_action_handler_t(ACTION_CONVERT[9]), None, None, 201),
idaapi.action_desc_t(ACTION_XORDATA, "Get xored data", menu_action_handler_t(ACTION_XORDATA), None, None, 9),
idaapi.action_desc_t(ACTION_FILLNOP, "Fill with NOPs", menu_action_handler_t(ACTION_FILLNOP), None, None, 9),
idaapi.action_desc_t(ACTION_SCANVUL, "Scan format string vulnerabilities", menu_action_handler_t(ACTION_SCANVUL), None, None, 160),
)
for action in menu_actions:
idaapi.register_action(action)
self.registered_actions.append(action.name)
# Register hotkey actions
hotkey_actions = (
idaapi.action_desc_t(ACTION_COPYEA, "Copy EA", hotkey_action_handler_t(ACTION_COPYEA), "w", "Copy current EA", 0),
idaapi.action_desc_t(ACTION_GOTOCLIP, "Goto clip EA", hotkey_action_handler_t(ACTION_GOTOCLIP), "Shift-G", "Goto clipboard EA", 0),
)
for action in hotkey_actions:
idaapi.register_action(action)
self.registered_actions.append(action.name)
# Add ui hook
self.ui_hook = UI_Hook()
self.ui_hook.hook()
# Add hexrays ui callback
if idaapi.init_hexrays_plugin():
addon = idaapi.addon_info_t()
addon.id = "tw.l4ys.lazyida"
addon.name = "LazyIDA"
addon.producer = "Lays"
addon.url = "https://github.com/L4ys/LazyIDA"
addon.version = "1.0.0.3"
idaapi.register_addon(addon)
hx_actions = (
idaapi.action_desc_t(ACTION_HX_REMOVERETTYPE, "Remove return type", hexrays_action_handler_t(ACTION_HX_REMOVERETTYPE), "v"),
idaapi.action_desc_t(ACTION_HX_COPYEA, "Copy ea", hexrays_action_handler_t(ACTION_HX_COPYEA), "w"),
idaapi.action_desc_t(ACTION_HX_COPYNAME, "Copy name", hexrays_action_handler_t(ACTION_HX_COPYNAME), "c"),
idaapi.action_desc_t(ACTION_HX_GOTOCLIP, "Goto clipboard ea", hexrays_action_handler_t(ACTION_HX_GOTOCLIP), "Shift-G"),
)
for action in hx_actions:
idaapi.register_action(action)
self.registered_hx_actions.append(action.name)
self.hx_hook = HexRays_Hook()
idaapi.install_hexrays_callback(self.hx_hook.callback)
self.hexrays_inited = True
return idaapi.PLUGIN_KEEP
def init(self):
self.hexrays_inited = False
self.registered_actions = []
self.registered_hx_actions = []
global arch
global bits
global is_cgc
arch = idaapi.ph_get_id()
info = idaapi.get_inf_structure()
if info.is_64bit():
bits = 64
elif info.is_32bit():
bits = 32
else:
bits = 16
is_cgc = "CGC" in idaapi.get_file_type_name()
print "LazyIDA (Python Version) (v1.0.0.1) plugin has been loaded."
# Register menu actions
menu_actions = (
idaapi.action_desc_t(ACTION_CONVERT[0], "Convert to string", menu_action_handler_t(ACTION_CONVERT[0]), None, None, 80),
idaapi.action_desc_t(ACTION_CONVERT[1], "Convert to hex string", menu_action_handler_t(ACTION_CONVERT[1]), None, None, 8),
idaapi.action_desc_t(ACTION_CONVERT[2], "Convert to C/C++ array (BYTE)", menu_action_handler_t(ACTION_CONVERT[2]), None, None, 38),
idaapi.action_desc_t(ACTION_CONVERT[3], "Convert to C/C++ array (WORD)", menu_action_handler_t(ACTION_CONVERT[3]), None, None, 38),
idaapi.action_desc_t(ACTION_CONVERT[4], "Convert to C/C++ array (DWORD)", menu_action_handler_t(ACTION_CONVERT[4]), None, None, 38),
idaapi.action_desc_t(ACTION_CONVERT[5], "Convert to C/C++ array (QWORD)", menu_action_handler_t(ACTION_CONVERT[5]), None, None, 38),
idaapi.action_desc_t(ACTION_CONVERT[6], "Convert to python list (BYTE)", menu_action_handler_t(ACTION_CONVERT[6]), None, None, 201),
idaapi.action_desc_t(ACTION_CONVERT[7], "Convert to python list (WORD)", menu_action_handler_t(ACTION_CONVERT[7]), None, None, 201),
idaapi.action_desc_t(ACTION_CONVERT[8], "Convert to python list (DWORD)", menu_action_handler_t(ACTION_CONVERT[8]), None, None, 201),
idaapi.action_desc_t(ACTION_CONVERT[9], "Convert to python list (QWORD)", menu_action_handler_t(ACTION_CONVERT[9]), None, None, 201),
idaapi.action_desc_t(ACTION_XORDATA, "Get xored data", menu_action_handler_t(ACTION_XORDATA), None, None, 9),
idaapi.action_desc_t(ACTION_FILLNOP, "Fill with NOPs", menu_action_handler_t(ACTION_FILLNOP), None, None, 9),
idaapi.action_desc_t(ACTION_SCANVUL, "Scan format string vulnerabilities", menu_action_handler_t(ACTION_SCANVUL), None, None, 160),
)
for action in menu_actions:
idaapi.register_action(action)
self.registered_actions.append(action.name)
# Register hotkey actions
hotkey_actions = (
idaapi.action_desc_t(ACTION_COPYEA, "Copy EA", hotkey_action_handler_t(ACTION_COPYEA), "w", "Copy current EA", 0),
)
for action in hotkey_actions:
idaapi.register_action(action)
self.registered_actions.append(action.name)
# Add ui hook
self.ui_hook = UI_Hook()
self.ui_hook.hook()
# Add idb hook
self.idb_hook = IDB_Hook()
self.idb_hook.hook()
# Add idp hook
self.idp_hook = IDP_Hook()
self.idp_hook.hook()
# Add hexrays ui callback
if idaapi.init_hexrays_plugin():
hx_actions = (
idaapi.action_desc_t(ACTION_HX_REMOVERETTYPE, "Remove return type", hexrays_action_handler_t(ACTION_HX_REMOVERETTYPE), "v"),
idaapi.action_desc_t(ACTION_HX_COPYEA , "Copy ea", hexrays_action_handler_t(ACTION_HX_COPYEA), "w"),
idaapi.action_desc_t(ACTION_HX_COPYNAME, "Copy name", hexrays_action_handler_t(ACTION_HX_COPYNAME), "c"),
)
for action in hx_actions:
idaapi.register_action(action)
self.registered_hx_actions.append(action.name)
idaapi.install_hexrays_callback(hexrays_callback)
self.hexrays_inited = True
# Auto apply libcgc signature
if is_cgc and os.path.exists(idaapi.get_sig_filename("libcgc.sig")):
if "libcgc.sig" not in [idaapi.get_idasgn_desc(i)[0] for i in range(idaapi.get_idasgn_qty())]:
idaapi.plan_to_apply_idasgn("libcgc.sig")
return idaapi.PLUGIN_KEEP
def init(self):
self.prochook = None
# Enable controlable logging
logging.basicConfig(
level=logging.DEBUG,
format=
'%(asctime)s - %(levelname)s - %(filename)s:%(funcName)s@%(lineno)s: %(message)s'
)
logging.debug(
'Module for MC68000 class CPU Step-Overs, and type information')
# Random Debug to analyze PH mapping support
#
#print cdll.ida.ph
#ph = structPH.in_dll(cdll.ida, "ph")
#ph = structPH()
#ph.values = cast( cdll.ida.ph, POINTER(structPH) )
# Map ida.dll into this Python module, and lets us change the flags to add TYPEINFO support.
#
# For O/S agnostic support this follow advice from: http://www.hexblog.com/?p=695
#
idaname = "ida64" if ida_idaapi.__EA64__ else "ida"
try:
logging.debug("Platform for ida library loading: " +
str(sys.platform))
if sys.platform == "win32":
ida_dll = ctypes.windll[idaname + ".dll"]
elif sys.platform == "linux2":
ida_dll = ctypes.cdll["lib" + idaname + ".so"]
elif sys.platform == "darwin":
ida_dll = ctypes.cdll["lib" + idaname + ".dylib"]
except:
logging.error(
"Python CTYPES probably couldnt find the dll, OR the MSCVR90.dll or other system DLL is missing"
)
return idaapi.PLUGIN_SKIP
# Access ph global in ida.dll using ctypes
ph = structPH.in_dll(ida_dll, "ph")
# Log Values via PH direct access
logging.debug("- - - - - - - - - - - - - - - - - -")
logging.debug(" ph.version = %d" % ph.version)
logging.debug(" ph.id = %d" % ph.id)
logging.debug(" ph.flag = %d" % ph.flag)
# Enable TYPEINFO support
ph.flag = ph.flag | ida_idp.PR_TYPEINFO
# Official API, confirms PH was correctly accessed
logging.debug("- - - - - - - - - - - - - - - - - -")
logging.debug(" ph.version = %d" % idaapi.ph_get_version())
logging.debug(" ph.id = %d" % idaapi.ph_get_id())
logging.debug(" ph.flag = %d" % idaapi.ph_get_flag())
#print(hexlify(string_at(cdll.ida.ph, getsizeof(G))))
if idaapi.ph_get_id(
) != idaapi.PLFM_68K: # or idaapi.cvar.inf.filetype != idaapi.f_ELF:
logging.error(
"skipped this plugin because CPU being used is not 68000 derivative!"
)
return idaapi.PLUGIN_SKIP
# Connect the IDP hooks
self.prochook = m68kstepover_idp_hook_t()
self.prochook.hook()
logging.debug(
"succeeded, stepover support should now work for BSR/JSR!")
return idaapi.PLUGIN_KEEP
def init(self):
self.hexrays_inited = False
self.registered_actions = []
self.registered_hx_actions = []
global ARCH
global BITS
ARCH = idaapi.ph_get_id()
info = idaapi.get_inf_structure()
if info.is_64bit():
BITS = 64
elif info.is_32bit():
BITS = 32
else:
BITS = 16
print "LazyIDA (v1.0.0.3) plugin has been loaded."
# Register menu actions
menu_actions = (
idaapi.action_desc_t(ACTION_CONVERT[0], "Convert to string", menu_action_handler_t(ACTION_CONVERT[0]), None, None, 80),
idaapi.action_desc_t(ACTION_CONVERT[1], "Convert to hex string", menu_action_handler_t(ACTION_CONVERT[1]), None, None, 8),
idaapi.action_desc_t(ACTION_CONVERT[2], "Convert to C/C++ array (BYTE)", menu_action_handler_t(ACTION_CONVERT[2]), None, None, 38),
idaapi.action_desc_t(ACTION_CONVERT[3], "Convert to C/C++ array (WORD)", menu_action_handler_t(ACTION_CONVERT[3]), None, None, 38),
idaapi.action_desc_t(ACTION_CONVERT[4], "Convert to C/C++ array (DWORD)", menu_action_handler_t(ACTION_CONVERT[4]), None, None, 38),
idaapi.action_desc_t(ACTION_CONVERT[5], "Convert to C/C++ array (QWORD)", menu_action_handler_t(ACTION_CONVERT[5]), None, None, 38),
idaapi.action_desc_t(ACTION_CONVERT[6], "Convert to python list (BYTE)", menu_action_handler_t(ACTION_CONVERT[6]), None, None, 201),
idaapi.action_desc_t(ACTION_CONVERT[7], "Convert to python list (WORD)", menu_action_handler_t(ACTION_CONVERT[7]), None, None, 201),
idaapi.action_desc_t(ACTION_CONVERT[8], "Convert to python list (DWORD)", menu_action_handler_t(ACTION_CONVERT[8]), None, None, 201),
idaapi.action_desc_t(ACTION_CONVERT[9], "Convert to python list (QWORD)", menu_action_handler_t(ACTION_CONVERT[9]), None, None, 201),
idaapi.action_desc_t(ACTION_XORDATA, "Get xored data", menu_action_handler_t(ACTION_XORDATA), None, None, 9),
idaapi.action_desc_t(ACTION_FILLNOP, "Fill with NOPs", menu_action_handler_t(ACTION_FILLNOP), None, None, 9),
idaapi.action_desc_t(ACTION_SCANVUL, "Scan format string vulnerabilities", menu_action_handler_t(ACTION_SCANVUL), None, None, 160),
)
for action in menu_actions:
idaapi.register_action(action)
self.registered_actions.append(action.name)
# Register hotkey actions
hotkey_actions = (
idaapi.action_desc_t(ACTION_COPYEA, "Copy EA", hotkey_action_handler_t(ACTION_COPYEA), "w", "Copy current EA", 0),
)
for action in hotkey_actions:
idaapi.register_action(action)
self.registered_actions.append(action.name)
# Add ui hook
self.ui_hook = UI_Hook()
self.ui_hook.hook()
# Add hexrays ui callback
if idaapi.init_hexrays_plugin():
addon = idaapi.addon_info_t()
addon.id = "tw.l4ys.lazyida"
addon.name = "LazyIDA"
addon.producer = "Lays"
addon.url = "https://github.com/L4ys/LazyIDA"
addon.version = "1.0.0.3"
idaapi.register_addon(addon)
hx_actions = (
idaapi.action_desc_t(ACTION_HX_REMOVERETTYPE, "Remove return type", hexrays_action_handler_t(ACTION_HX_REMOVERETTYPE), "v"),
idaapi.action_desc_t(ACTION_HX_COPYEA, "Copy ea", hexrays_action_handler_t(ACTION_HX_COPYEA), "w"),
idaapi.action_desc_t(ACTION_HX_COPYNAME, "Copy name", hexrays_action_handler_t(ACTION_HX_COPYNAME), "c"),
)
for action in hx_actions:
idaapi.register_action(action)
self.registered_hx_actions.append(action.name)
self.hx_hook = HexRays_Hook()
idaapi.install_hexrays_callback(self.hx_hook.callback)
self.hexrays_inited = True
return idaapi.PLUGIN_KEEP
def init(self):
self.hexrays_inited = False
self.registered_actions = []
self.registered_hx_actions = []
global arch
global bits
arch = idaapi.ph_get_id()
info = idaapi.get_inf_structure()
if info.is_64bit():
bits = 64
elif info.is_32bit():
bits = 32
else:
bits = 16
print "LazyIDA (Python Version) (v1.0.0.1) plugin has been loaded."
# Register menu actions
menu_actions = (
idaapi.action_desc_t(ACTION_CONVERT[0], "Convert to string", menu_action_handler_t(ACTION_CONVERT[0]), None, None, 80),
idaapi.action_desc_t(ACTION_CONVERT[1], "Convert to hex string", menu_action_handler_t(ACTION_CONVERT[1]), None, None, 8),
idaapi.action_desc_t(ACTION_CONVERT[2], "Convert to C/C++ array (BYTE)", menu_action_handler_t(ACTION_CONVERT[2]), None, None, 38),
idaapi.action_desc_t(ACTION_CONVERT[3], "Convert to C/C++ array (DWORD)", menu_action_handler_t(ACTION_CONVERT[3]), None, None, 38),
idaapi.action_desc_t(ACTION_CONVERT[4], "Convert to C/C++ array (QWORD)", menu_action_handler_t(ACTION_CONVERT[4]), None, None, 38),
idaapi.action_desc_t(ACTION_CONVERT[5], "Convert to python list (BYTE)", menu_action_handler_t(ACTION_CONVERT[5]), None, None, 201),
idaapi.action_desc_t(ACTION_CONVERT[6], "Convert to python list (DWORD)", menu_action_handler_t(ACTION_CONVERT[6]), None, None, 201),
idaapi.action_desc_t(ACTION_CONVERT[7], "Convert to python list (QWORD)", menu_action_handler_t(ACTION_CONVERT[7]), None, None, 201),
idaapi.action_desc_t(ACTION_XORDATA, "Get xored data", menu_action_handler_t(ACTION_XORDATA), None, None, 9),
idaapi.action_desc_t(ACTION_SCANVUL, "Scan format string vulnerabilities", menu_action_handler_t(ACTION_SCANVUL), None, None, 160),
)
for action in menu_actions:
idaapi.register_action(action)
self.registered_actions.append(action.name)
# Register hotkey actions
hotkey_actions = (
idaapi.action_desc_t(ACTION_COPYEA, "Copy EA", hotkey_action_handler_t(ACTION_COPYEA), "w", "Copy current EA", 0),
)
for action in hotkey_actions:
idaapi.register_action(action)
self.registered_actions.append(action.name)
# Add ui hook
self.ui_hook = UI_Hook()
self.ui_hook.hook()
# Add hexrays ui callback
if idaapi.init_hexrays_plugin():
hx_actions = (
idaapi.action_desc_t(ACTION_HX_REMOVERETTYPE, "Remove return type", hexrays_action_handler_t(ACTION_HX_REMOVERETTYPE), "v"),
idaapi.action_desc_t(ACTION_HX_COPYEA , "Copy ea", hexrays_action_handler_t(ACTION_HX_COPYEA), "w"),
idaapi.action_desc_t(ACTION_HX_COPYNAME, "Copy name", hexrays_action_handler_t(ACTION_HX_COPYNAME), "c"),
)
for action in hx_actions:
idaapi.register_action(action)
self.registered_hx_actions.append(action.name)
self.hx_hook = HexRays_Hook()
idaapi.install_hexrays_callback(self.hx_hook.callback)
self.hexrays_inited = True
return idaapi.PLUGIN_KEEP
def init(self):
global LAZY_ARCH
global LAZY_BITS
LAZY_ARCH = idaapi.ph_get_id()
info = idaapi.get_inf_structure()
if info.is_64bit():
LAZY_BITS = 64
elif info.is_32bit():
LAZY_BITS = 32
else:
LAZY_BITS = 16
plg_print("v1.0.0.4 - plugin has been loaded.")
# Register hotkey actions
for HK_ACT in ALL_HOTKEY_ACTIONS:
action = idaapi.action_desc_t(HK_ACT[0], # name
HK_ACT[1], # label
hotkey_action_handler_t(HK_ACT[0]), # action handler
HK_ACT[2], # shortcut
HK_ACT[3], # tooltip
HK_ACT[4]) # iconid
idaapi.register_action(action)
self.registered_hotkey_actions.append(action.name)
# Register menu actions
menu_actions = (
idaapi.action_desc_t(ACTION_MENU_CONVERT[0], "Convert to string", menu_action_handler_t(ACTION_MENU_CONVERT[0]), None, None, 80),
idaapi.action_desc_t(ACTION_MENU_CONVERT[1], "Convert to hex string space", menu_action_handler_t(ACTION_MENU_CONVERT[1]), None, None, 8),
idaapi.action_desc_t(ACTION_MENU_CONVERT[2], "Convert to C/C++ array (BYTE)", menu_action_handler_t(ACTION_MENU_CONVERT[2]), None, None, 38),
idaapi.action_desc_t(ACTION_MENU_CONVERT[3], "Convert to C/C++ array (WORD)", menu_action_handler_t(ACTION_MENU_CONVERT[3]), None, None, 38),
idaapi.action_desc_t(ACTION_MENU_CONVERT[4], "Convert to C/C++ array (DWORD)", menu_action_handler_t(ACTION_MENU_CONVERT[4]), None, None, 38),
idaapi.action_desc_t(ACTION_MENU_CONVERT[5], "Convert to C/C++ array (QWORD)", menu_action_handler_t(ACTION_MENU_CONVERT[5]), None, None, 38),
idaapi.action_desc_t(ACTION_MENU_CONVERT[6], "Convert to python list (BYTE)", menu_action_handler_t(ACTION_MENU_CONVERT[6]), None, None, 201),
idaapi.action_desc_t(ACTION_MENU_CONVERT[7], "Convert to python list (WORD)", menu_action_handler_t(ACTION_MENU_CONVERT[7]), None, None, 201),
idaapi.action_desc_t(ACTION_MENU_CONVERT[8], "Convert to python list (DWORD)", menu_action_handler_t(ACTION_MENU_CONVERT[8]), None, None, 201),
idaapi.action_desc_t(ACTION_MENU_CONVERT[9], "Convert to python list (QWORD)", menu_action_handler_t(ACTION_MENU_CONVERT[9]), None, None, 201),
idaapi.action_desc_t(ACTION_MENU_CONVERT[10], "Convert to MASM array (BYTE)", menu_action_handler_t(ACTION_MENU_CONVERT[10]), None, None, 38),
idaapi.action_desc_t(ACTION_MENU_CONVERT[11], "Convert to GNU ASM array (BYTE)", menu_action_handler_t(ACTION_MENU_CONVERT[11]), None, None, 38),
idaapi.action_desc_t(ACTION_MENU_COPY_DATA, "Copy hex data to clipboard", menu_action_handler_t(ACTION_MENU_COPY_DATA), None, None, 9),
idaapi.action_desc_t(ACTION_MENU_DUMP_DATA, "Dump data to file", menu_action_handler_t(ACTION_MENU_DUMP_DATA), None, None, 0x1B),
idaapi.action_desc_t(ACTION_MENU_XOR_DATA, "Get xored data", menu_action_handler_t(ACTION_MENU_XOR_DATA), None, None, 9),
idaapi.action_desc_t(ACTION_MENU_FILL_NOP, "Fill with NOPs", menu_action_handler_t(ACTION_MENU_FILL_NOP), None, None, 9),
idaapi.action_desc_t(ACTION_MENU_B64STD, "Base64Std decode", menu_action_handler_t(ACTION_MENU_B64STD), None, None, 9),
idaapi.action_desc_t(ACTION_MENU_B64URL, "Base64Url decode", menu_action_handler_t(ACTION_MENU_B64URL), None, None, 9),
idaapi.action_desc_t(ACTION_MENU_SCAN_VUL, "Scan format string vulnerabilities", menu_action_handler_t(ACTION_MENU_SCAN_VUL), None, None, 160),
)
for action in menu_actions:
idaapi.register_action(action)
self.registered_menu_actions.append(action.name)
# Add ui hook
self.ui_hook = UI_Hook()
self.ui_hook.hook()
# Add hexrays ui callback
if idaapi.init_hexrays_plugin():
hx_actions = (
idaapi.action_desc_t(ACTION_HX_REMOVE_RET_TYPE[0],
ACTION_HX_REMOVE_RET_TYPE[1],
hexrays_action_handler_t(ACTION_HX_REMOVE_RET_TYPE[0]),
ACTION_HX_REMOVE_RET_TYPE[2],
ACTION_HX_REMOVE_RET_TYPE[3],
-1),
)
for action in hx_actions:
idaapi.register_action(action)
self.registered_hexray_actions.append(action.name)
self.hx_hook = HexRays_Hook()
idaapi.install_hexrays_callback(self.hx_hook.callback)
self.hexrays_inited = True
addon = idaapi.addon_info_t()
addon.id = "htc_lazyida"
addon.name = "LazyIDA"
addon.producer = "HTC (Original: Lays - tw.l4ys.lazyida)"
addon.url = "https://github.com/HongThatCong/LazyIDA"
addon.version = "1.0.0.5"
idaapi.register_addon(addon)
return idaapi.PLUGIN_KEEP
def init(self):
self.hexrays_inited = False
self.registered_actions = []
self.registered_hx_actions = []
global arch
global bits
arch = idaapi.ph_get_id()
info = idaapi.get_inf_structure()
if info.is_64bit():
bits = 64
elif info.is_32bit():
bits = 32
else:
bits = 16
print "LazyIDA (Python Version) (v1.0.0.1) plugin has been loaded."
# Register menu actions
menu_actions = (
idaapi.action_desc_t(ACTION_CONVERT[0], "Convert to string",
menu_action_handler_t(ACTION_CONVERT[0]),
None, None, 80),
idaapi.action_desc_t(ACTION_CONVERT[1], "Convert to hex string",
menu_action_handler_t(ACTION_CONVERT[1]),
None, None, 8),
idaapi.action_desc_t(ACTION_CONVERT[2],
"Convert to C/C++ array (BYTE)",
menu_action_handler_t(ACTION_CONVERT[2]),
None, None, 38),
idaapi.action_desc_t(ACTION_CONVERT[3],
"Convert to C/C++ array (DWORD)",
menu_action_handler_t(ACTION_CONVERT[3]),
None, None, 38),
idaapi.action_desc_t(ACTION_CONVERT[4],
"Convert to C/C++ array (QWORD)",
menu_action_handler_t(ACTION_CONVERT[4]),
None, None, 38),
idaapi.action_desc_t(ACTION_CONVERT[5],
"Convert to python list (BYTE)",
menu_action_handler_t(ACTION_CONVERT[5]),
None, None, 201),
idaapi.action_desc_t(ACTION_CONVERT[6],
"Convert to python list (DWORD)",
menu_action_handler_t(ACTION_CONVERT[6]),
None, None, 201),
idaapi.action_desc_t(ACTION_CONVERT[7],
"Convert to python list (QWORD)",
menu_action_handler_t(ACTION_CONVERT[7]),
None, None, 201),
idaapi.action_desc_t(ACTION_XORDATA, "Get xored data",
menu_action_handler_t(ACTION_XORDATA), None,
None, 9),
idaapi.action_desc_t(ACTION_SCANVUL,
"Scan format string vulnerabilities",
menu_action_handler_t(ACTION_SCANVUL), None,
None, 160),
)
for action in menu_actions:
idaapi.register_action(action)
self.registered_actions.append(action.name)
# Register hotkey actions
hotkey_actions = (idaapi.action_desc_t(
ACTION_COPYEA, "Copy EA", hotkey_action_handler_t(ACTION_COPYEA),
"w", "Copy current EA", 0), )
for action in hotkey_actions:
idaapi.register_action(action)
self.registered_actions.append(action.name)
# Add ui hook
self.ui_hook = UI_Hook()
self.ui_hook.hook()
# Add hexrays ui callback
if idaapi.init_hexrays_plugin():
hx_actions = (
idaapi.action_desc_t(
ACTION_HX_REMOVERETTYPE, "Remove return type",
hexrays_action_handler_t(ACTION_HX_REMOVERETTYPE), "v"),
idaapi.action_desc_t(
ACTION_HX_COPYEA, "Copy ea",
hexrays_action_handler_t(ACTION_HX_COPYEA), "w"),
idaapi.action_desc_t(
ACTION_HX_COPYNAME, "Copy name",
hexrays_action_handler_t(ACTION_HX_COPYNAME), "c"),
)
for action in hx_actions:
idaapi.register_action(action)
self.registered_hx_actions.append(action.name)
self.hx_hook = HexRays_Hook()
idaapi.install_hexrays_callback(self.hx_hook.callback)
self.hexrays_inited = True
return idaapi.PLUGIN_KEEP
