def exportLib(self, **kwargs):
file = os.path.splitext(idc.GetInputFile())[0]
path = os.path.split(idc.GetIdbPath())[0]
idapath = idc.GetIdaDirectory()
tilname = os.path.join(path, file + ".til")
outfile = os.path.join(idapath, 'til', 'pc', file + ".til")
shutil.copy(tilname, outfile)
os.system(os.path.join(idapath, "tilib64.exe") + " -#- " + outfile)
def __init__(self, funcCallbacks):
"""
This is the start of the debugger.
"""
import os
from dispatcher.core.Util import ConfigReader, unique_file_name
from dispatcher.core.structures.Tracer.Config.config import ConfigFile as ConfigFile
#Get the root IDA directory in order to locate the config.xml file
root_dir = os.path.join(idc.GetIdaDirectory(), "plugins")
ini_path = os.path.join(root_dir, "settings.ini")
configReader = ConfigReader()
configReader.Read(ini_path)
# self.removeBreakpoints()
self.windowsFileIO = funcCallbacks['windowsFileIO']
self.windowsNetworkIO = funcCallbacks['windowsNetworkIO']
self.linuxFileIO = funcCallbacks['linuxFileIO']
self.interactivemodeCallback = funcCallbacks['interactivemodeCallback']
#register the hotkey for marking the starting point for taint tracking
taintStart_ctx = idaapi.add_hotkey("Shift-A", self.taintStart)
self.taintStart = None
#register the hotkey for marking the stopping point for taint tracking
taintStop_ctx = idaapi.add_hotkey("Shift-Z", self.taintStop)
self.taintStop = None
configFile = configReader.configFile
#Print( configFile )
#Call ConfigFile to grab all configuration information from the config.xml file
self.config = ConfigFile(configFile)
(processName, osType, osArch) = self.getProcessInfo()
self.processConfig = self.createProcessConfig(processName, osType,
osArch)
filePath = os.path.splitext(configReader.traceFile)
processBasename = os.path.splitext(processName)
self.tracefile = filePath[0] + "_" + processBasename[0] + filePath[1]
self.tracefile = unique_file_name(self.tracefile)
Print(self.tracefile)
traceFileName = os.path.splitext(self.tracefile)
self.treeTracefile = traceFileName[0] + ".idb"
self.logger = None
logfile = traceFileName[0] + ".log"
self.initLogging(logfile, configReader.logging, configReader.debugging)
print "IDATrace init called."
class Config(idaapi.action_handler_t):
PLUGIN_NAME = "SAFE"
PLUGIN_COMMENT = "CREATE SAFE SIGNATURE FOR A FUNCTIONS"
PLUGIN_HELP = ""
PLUGIN_HOTKEY = "Shift-S"
CONFIG_FILE_PATH = os.path.join(idc.GetIdaDirectory(), "cfg/SAFE.cfg")
SERVING_URL = "http://35.233.53.43:8500/v1/models/safe:predict"
PLUGIN_TEST = False
ACTION_NAME = "SAFE:ConfigAction"
@staticmethod
def init():
NO_HOTKEY = ""
SETMENU_INS = 0
NO_ARGS = tuple()
idaapi.register_action(idaapi.action_desc_t(Config.ACTION_NAME, "{} Config".format(Config.PLUGIN_NAME), Config()))
idaapi.attach_action_to_menu("Options/", Config.ACTION_NAME, idaapi.SETMENU_APP)
Config.load()
@staticmethod
def destory():
idaapi.unregister_action(Config.ACTION_NAME)
try:
Config.save()
except IOError:
logging.warning("Failed to write config file")
@staticmethod
def load():
try:
maxlvl = int(open(Config.CONFIG_FILE_PATH, "rb").read())
Config.SERVING_URL = maxlvl
except:
pass
@staticmethod
def save():
config_data = str(Config.SERVING_URL)
open(Config.CONFIG_FILE_PATH, "wb").write(config_data)
@staticmethod
def safe_config():
input = idc.AskStr(str(Config.SERVING_URL), "Please enter the url for the tensorflow serving instance:")
print("New Serving URL: " + input)
Config.SERVING_URL = input
def activate(self, ctx):
self.safe_config()
def update(self, ctx):
return idaapi.AST_ENABLE_ALWAYS
def run(self, arg=0):
try:
addr = idaapi.get_screen_ea()
# print("Addr: " + str(addr))
fcn_name = idc.GetFunctionName(addr)
print(
"----------------------------------------------------------------------------------------------------------"
)
print("SAFE Signature For Function: " + fcn_name)
info = idaapi.get_inf_structure()
if info.procName == 'metapc':
arch = capstone.CS_ARCH_X86
if info.is_64bit():
mode = capstone.CS_MODE_64
elif info.is_32bit():
mode = capstone.CS_MODE_32
start = idc.get_func_attr(addr, idc.FUNCATTR_START)
# print("Start: " + str(start))
obj = disassemble_func(start)
function = list_functions_to_disassembled([obj], arch, mode)[0]
prepappend = 'X_'
inst = [prepappend + x for x in function[1]]
converter = InstructionsConverter(
os.path.join(idc.GetIdaDirectory(), "plugins", "word2id.json"))
normalizer = FunctionNormalizer(150)
converted = converter.convert_to_ids(inst)
instructions, lenghts = normalizer.normalize_functions([converted])
payload = {
"signature_name": "safe",
"inputs": {
"instruction": instructions,
"lenghts": lenghts
}
}
print(payload)
r = requests.post(Config.SERVING_URL, data=json.dumps(payload))
embeddings = json.loads(r.text)
if "outputs" in embeddings:
print(json.dumps(embeddings["outputs"][0]))
else:
raise ValueError(
"Something bad happened when computing embeddings")
except Exception as e:
logging.warning("exception", exc_info=True)
return
def __init__(self):
global hex_pytools_config
self.section = "HexRaysPyTools features"
self.file_path = os.path.join(idc.GetIdaDirectory(), "cfg",
"HexRaysPyTools.cfg")
self.reader = ConfigParser.SafeConfigParser()
self.reader.optionxform = str
self.actions, self.action_names = self.GetDefActions()
self.actions_refs = self.GetActionsRefs()
hex_pytools_config = self
try:
f = open(self.file_path, "w+b")
f.close()
except:
self.file_path = os.path.join(os.environ["APPDATA"], "IDA Pro",
"cfg", "HexRaysPyTools.cfg")
if not os.path.exists(
os.path.join(os.environ["APPDATA"], "IDA Pro", "cfg")):
os.makedirs(
os.path.join(os.environ["APPDATA"], "IDA Pro", "cfg"))
f = open(self.file_path, "w+b")
f.close()
try:
f = open(self.file_path, "rb")
self.reader.read(f)
f.close()
for ac in self.actions:
self.actions[ac] = self.reader.getboolean(self.section, ac)
except ConfigParser.NoSectionError:
self.actions, self.action_names = self.GetDefActions()
del self.reader
self.reader = ConfigParser.SafeConfigParser()
self.reader.optionxform = str
self.reader.add_section(self.section)
for ac in self.actions:
self.reader.set(self.section, ac,
"true" if self.actions[ac] else "false")
f = open(self.file_path, "wb")
self.reader.write(f)
f.close()
class ConfigStingray(idaapi.action_handler_t):
PLUGIN_NAME = "Stingray"
PLUGIN_COMMENT = "find strings in current function recursively"
PLUGIN_HELP = "www.github.com/darx0r/Stingray"
PLUGIN_HOTKEY = "Shift-S"
CONFIG_FILE_PATH = os.path.join(idc.GetIdaDirectory(), "cfg/Stingray.cfg")
CHOOSER_TITLE = "Stingray - Function Strings"
CHOOSER_COLUMN_NAMES = ["Xref", "Address", "Type", "String"]
CHOOSER_COLUMN_SIZES = [18, 8, 5, 80]
CHOOSER_COLUMNS = [
list(c) for c in zip(CHOOSER_COLUMN_NAMES, CHOOSER_COLUMN_SIZES)
]
CHOOSER_ROW = collections.namedtuple("ResultRow", CHOOSER_COLUMN_NAMES)
PLUGIN_TEST = False
SEARCH_RECURSION_MAXLVL = 0
ACTION_NAME = "Stringray:ConfigStingrayAction"
# Icon in PNG format
PLUGIN_ICON_PNG = (
"\x89\x50\x4E\x47\x0D\x0A\x1A\x0A\x00\x00\x00\x0D\x49\x48\x44\x52"
"\x00\x00\x00\x10\x00\x00\x00\x10\x08\x04\x00\x00\x00\xB5\xFA\x37"
"\xEA\x00\x00\x00\x02\x62\x4B\x47\x44\x00\xFF\x87\x8F\xCC\xBF\x00"
"\x00\x00\x09\x70\x48\x59\x73\x00\x00\x00\x48\x00\x00\x00\x48\x00"
"\x46\xC9\x6B\x3E\x00\x00\x00\xC4\x49\x44\x41\x54\x28\xCF\xBD\x91"
"\x3D\x0B\x81\x61\x14\x86\xAF\xE7\xF5\xCA\x77\xCA\x20\x0B\x61\xA0"
"\x58\x8C\x06\x65\xF4\x11\x99\x8C\xDE\x92\x18\x64\xF6\x13\xFC\x03"
"\x25\x59\xEC\x7E\x80\x32\xDB\x2C\x36\x61\x92\x85\x59\x49\xD4\xE3"
"\xF1\x35\x48\x8C\xCE\x5D\x67\x39\xD7\xE9\xDC\xE7\x1C\xF8\x4B\xB8"
"\xF1\xFD\x06\x8A\xD4\xBE\xD6\x4C\xB7\xD4\x61\x46\xE2\xA3\x64\xC6"
"\x4B\x8C\x00\x08\x86\x48\xE6\xD4\x49\x13\xA5\x80\x41\x86\xBC\x52"
"\x8E\x2C\x71\x2C\x37\xB6\xAD\x00\xC9\x85\x03\x5B\x8E\x0C\x08\x12"
"\x56\xAE\xEC\xAA\xF5\x1E\x42\x33\xF4\x93\x90\xBC\xD4\x47\x7B\x9F"
"\x55\xA2\x2B\xF6\x56\xA9\xBD\x80\x0D\xA9\x77\xC0\x85\x8D\x8A\x98"
"\x30\x62\xC5\xF9\x8E\x2C\x69\x12\x79\x8E\x70\x3C\x20\x8F\x92\x4E"
"\x88\xAA\x32\x3C\x65\xCD\x8E\x05\x63\x7A\xB4\x28\x7F\xEE\xED\xC6"
"\xAF\x96\x2E\xA8\xDB\x34\x48\xE2\xFC\xC3\xA3\xAE\x2A\xB7\x2E\x12"
"\xA0\x06\x96\xA7\x00\x00\x00\x25\x74\x45\x58\x74\x64\x61\x74\x65"
"\x3A\x63\x72\x65\x61\x74\x65\x00\x32\x30\x31\x35\x2D\x31\x30\x2D"
"\x30\x31\x54\x31\x31\x3A\x35\x34\x3A\x33\x38\x2D\x30\x35\x3A\x30"
"\x30\x9E\x3D\x6C\xB8\x00\x00\x00\x25\x74\x45\x58\x74\x64\x61\x74"
"\x65\x3A\x6D\x6F\x64\x69\x66\x79\x00\x32\x30\x31\x35\x2D\x31\x30"
"\x2D\x30\x31\x54\x31\x31\x3A\x35\x34\x3A\x33\x38\x2D\x30\x35\x3A"
"\x30\x30\xEF\x60\xD4\x04\x00\x00\x00\x00\x49\x45\x4E\x44\xAE\x42"
"\x60\x82")
@staticmethod
def init():
NO_HOTKEY = ""
SETMENU_INS = 0
NO_ARGS = tuple()
idaapi.register_action(
idaapi.action_desc_t(
ConfigStingray.ACTION_NAME,
"{} ConfigStingray".format(ConfigStingray.PLUGIN_NAME),
ConfigStingray()))
idaapi.attach_action_to_menu("Options/", ConfigStingray.ACTION_NAME,
idaapi.SETMENU_APP)
ConfigStingray.load()
@staticmethod
def destory():
idaapi.unregister_action(ConfigStingray.ACTION_NAME)
try:
ConfigStingray.save()
except IOError:
logger.warning("Failed to write config file")
@staticmethod
def load():
try:
maxlvl = int(open(ConfigStingray.CONFIG_FILE_PATH, "rb").read())
ConfigStingray.SEARCH_RECURSION_MAXLVL = maxlvl
except:
pass
@staticmethod
def save():
config_data = str(ConfigStingray.SEARCH_RECURSION_MAXLVL)
open(ConfigStingray.CONFIG_FILE_PATH, "wb").write(config_data)
@staticmethod
def stingray_config():
input = idc.AskLong(
ConfigStingray.SEARCH_RECURSION_MAXLVL,
"Please enter string search max. depth:"
"\n( 0 - non-recursive mode )")
if input >= 0:
ConfigStingray.SEARCH_RECURSION_MAXLVL = input
def activate(self, ctx):
self.stingray_config()
def update(self, ctx):
return idaapi.AST_ENABLE_ALWAYS
def get_plugin_base(*path):
return os.path.join(idc.GetIdaDirectory(), "plugins", *path)
import Forms
import ConfigParser
import idc
import os.path
import ida_kernwin
import ida_diskio
hex_pytools_config = None
fDebug = False
if fDebug:
import pydevd
import logging
CONFIG_FILE_PATH = os.path.join(idc.GetIdaDirectory(), 'cfg',
'HexRaysPyTools.cfg')
DEBUG_MESSAGE_LEVEL = logging.INFO
# Whether propagate names (Propagate name feature) through all names or only defaults like v11, a3, this, field_4
PROPAGATE_THROUGH_ALL_NAMES = False
# Store Xref information in database. I don't know how much size it consumes yet
STORE_XREFS = True
# There're some types that can be pointers to structures like int, PVOID etc and by default plugin scans only them
# Full list can be found in `Const.LEGAL_TYPES`.
# But if set this option to True than variable of every type could be possible to scan
SCAN_ANY_TYPE = False
def add_default_settings(config):
updated = False
AddHotkey('Alt-1', 'key_1')
AddHotkey('Alt-2', 'key_2')
AddHotkey('Alt-3', 'key_3')
AddHotkey('Alt-4', 'key_4')
AddHotkey('Alt-5', 'key_5')
print 'ALT-1 : Start/Stop Codemap'
print 'ALT-2 : Set Function BP'
print 'ALT-3 : Set Range BP'
print 'ALT-4 : Create/Setup Module BP'
print 'ALT-5 : Connect Codemap Graph with IDA'
'''
print 'Codemap Python Plugin is ready. enjoy. - by daehee'
icons_path = os.path.join(idc.GetIdaDirectory(), 'plugins', 'codemap', 'icons')
class StartStopCodemapHandler(ActionHandler):
TEXT = "Start/Stop Codemap"
ICON = idaapi.load_custom_icon(os.path.join(icons_path, 'start.png'))
def _activate(self, ctx):
StartTracing()
class SetFunctionBPHandler(ActionHandler):
TEXT = "Set Function BP"
ICON = idaapi.load_custom_icon(os.path.join(icons_path, 'funcbp.png'))
def _activate(self, ctx):
def getPluginPath(*path):
return os.path.join(idc.GetIdaDirectory(), "plugins", "rematch", *path)