Ejemplos de SelStart en Python

Ejemplo n.º 1

Archivo: tq.py Proyecto: shonker/ida_python_extractCode

def extractCode():
	printAvd()
	
	start = idc.SelStart()
	end = idc.SelEnd()
	codeSize = end - start
	ea = start
	#print hex(ea)
	result=""

	for i in range(codeSize):
		op1 = idc.GetOpType(ea,0)
		op2 = idc.GetOpType(ea,1)
		instructionSize=idc.ItemSize(ea) 
	
		if op1 == idc.o_reg and (op2 ==idc.o_reg or op2 == idc.o_void or op2 == idc.o_phrase):
			for b in range(0,instructionSize):
				result += formatByte(ea+b)
		elif (op1 == idc.o_reg and op2 == idc.o_displ) or (op1 == idc.o_displ and op2 == idc.o_reg) or (op1 == idc.o_displ and op2 == idc.o_imm):
			result += formatByte(ea) + formatByte(ea+1)
			for b in range(2,instructionSize):
				result=result+"*"
		elif op1 == idc.o_phrase and op2 == idc.o_reg:
			for b in range(0,instructionSize):
				result+=formatByte(ea+b)
		else:
			result+=calcStr(ea,instructionSize)

		ea = ea + instructionSize
		if ea >= (start + codeSize):
			break
	print ("%s  Offset:%s") % (idc.GetFunctionName(start),hex(start - idc.GetFunctionAttr(start,0)))
	print result
	return result

Ejemplo n.º 2

Archivo: symbol_exec.py Proyecto: etsangsplk/miasm

def symbolic_exec():
    from miasm2.ir.symbexec import SymbolicExecutionEngine
    from miasm2.core.bin_stream_ida import bin_stream_ida

    from utils import guess_machine

    bs = bin_stream_ida()
    machine = guess_machine()

    mdis = machine.dis_engine(bs)
    start, end = idc.SelStart(), idc.SelEnd()

    mdis.dont_dis = [end]
    asmcfg = mdis.dis_multiblock(start)
    ira = machine.ira(symbol_pool=mdis.symbol_pool)
    for block in asmcfg.blocks:
        ira.add_block(block)

    print "Run symbolic execution..."
    sb = SymbolicExecutionEngine(ira, machine.mn.regs.regs_init)
    sb.run_at(start)
    modified = {}

    for dst, src in sb.modified(init_state=machine.mn.regs.regs_init):
        modified[dst] = src

    view = symbolicexec_t()
    all_views.append(view)
    if not view.Create(modified, machine, mdis.symbol_pool,
                       "Symbolic Execution - 0x%x to 0x%x" % (start, end)):
        return

    view.Show()

Ejemplo n.º 3

Archivo: util.py Proyecto: richinseattle/quicksec

def get_pos():
    """ Get the selected area """
    start, end = idc.SelStart(), idc.SelEnd()
    if start == idc.BADADDR:
        start = idc.ScreenEA()
        end = idc.ScreenEA() + instr_size(start)
    return start, end

Ejemplo n.º 4

def copy_bytes():
    """
    Copy selected bytes to clipboard
    """
    if using_ida7api:
        start = idc.read_selection_start()
        end = idc.read_selection_end()
        if idaapi.BADADDR in (start, end):
            ea = idc.here()
            start = idaapi.get_item_head(ea)
            end = idaapi.get_item_end(ea)
        # # reference https://stackoverflow.com/questions/6624453/whats-the-correct-way-to-convert-bytes-to-a-hex-string-in-python-3
        data = idc.get_bytes(start, end - start).hex()
        print("Bytes copied: %s" % data)
        copy_to_clip(data)
    else:
        start = idc.SelStart()
        end = idc.SelEnd()
        if idaapi.BADADDR in (start, end):
            ea = idc.here()
            start = idaapi.get_item_head(ea)
            end = idaapi.get_item_end(ea)
        # reference https://stackoverflow.com/questions/6624453/whats-the-correct-way-to-convert-bytes-to-a-hex-string-in-python-3
        # not work in ida7.5 python3.7.7
        # data = idc.GetManyBytes(start, end-start).encode('hex')
        data = idc.GetManyBytes(start, end - start).hex()
        print("Bytes copied: %s" % data)
        copy_to_clip(data)
    return

Ejemplo n.º 5

Archivo: 16_输入与输出.py Proyecto: zengkefu/IDAPython_Note

 def __init__(self):
     self.start = idc.SelStart()
     self.end = idc.SelEnd()
     self.buffer = ''
     self.ogLen = None
     self.status = True
     self.run()

Ejemplo n.º 6

Archivo: mkyara_plugin.py Proyecto: y11en/mkYARA

def get_selection():
    start = idc.SelStart()
    end = idc.SelEnd()
    if idaapi.BADADDR in (start, end):
        ea = idc.here()
        start = idaapi.get_item_head(ea)
        end = idaapi.get_item_end(ea)
    return start, end

Ejemplo n.º 7

Archivo: shellcode_hash_search.py Proyecto: zhouat/flare-ida

 def promptForRange(self):
     #check if a range has already been selected - if so skip prompt
     start = idc.SelStart()
     if start != idc.BADADDR:
         self.logger.info('Processing range 0x%08x - 0x%08x', self.params.startAddr, self.params.endAddr)
         self.params.startAddr = start
         self.params.endAddr = idc.SelEnd()
     else:
         self.logger.info('Processing current segment only')
         self.params.startAddr = idc.SegStart(idc.here())
         self.params.endAddr = idc.SegEnd(idc.here())

Ejemplo n.º 8

    def __init__(self):
        self.searchDwordArray = False
        self.searchPushArgs = False
        self.createStruct = False

        #startAddr & endAddr: range to process
        self.startAddr = idc.SelStart()
        self.endAddr = idc.SelEnd()

        #hashTypes: list of HashTypes user confirmed to process
        self.hashTypes = []

Ejemplo n.º 9

Archivo: idaemu.py Proyecto: in7egral/idaemu

 def eBlock(self, codeStart=None, codeEnd=None):
     if codeStart == None: codeStart = idc.SelStart()
     if codeEnd == None: codeEnd = idc.SelEnd()
     codeStart = codeStart | 1 if self._is_thumb_ea(
         codeStart) else codeStart
     self._emulate(startAddr=codeStart,
                   stopAddr=codeEnd,
                   args=[],
                   TimeOut=0,
                   Count=0,
                   DisablePatchRA=True)
     self._showRegs(self.curUC)

Ejemplo n.º 10

Archivo: base.py Proyecto: Noam5/sark2

def get_selection(always=True):
    start = idc.SelStart()
    end = idc.SelEnd()

    if idaapi.BADADDR in (start, end):
        if not always:
            raise exceptions.SarkNoSelection()

        ea = idc.here()
        start = idaapi.get_item_head(ea)
        end = idaapi.get_item_end(ea)

    return Selection(start, end)

Ejemplo n.º 11

Archivo: shellcode_hash_search.py Proyecto: X-EcutiOnner/flare-ida

    def __init__(self):
        self.searchDwordArray = False
        self.searchPushArgs = False
        self.createStruct = False
        self.useDecompiler = False
        self.useXORSeed = False
        self.XORSeed = 0

        #startAddr & endAddr: range to process
        if using_ida7api:
            self.startAddr = idc.read_selection_start()
            self.endAddr = idc.read_selection_end()
        else:
            self.startAddr = idc.SelStart()
            self.endAddr = idc.SelEnd()

        #hashTypes: list of HashTypes user confirmed to process
        self.hashTypes = []

Ejemplo n.º 12

Archivo: symbol_exec.py Proyecto: LOUISLCE/miasm

def symbolic_exec():
    from miasm2.ir.symbexec import SymbolicExecutionEngine
    from miasm2.core.bin_stream_ida import bin_stream_ida

    from utils import guess_machine

    bs = bin_stream_ida()
    machine = guess_machine()

    mdis = machine.dis_engine(bs)
    start, end = idc.SelStart(), idc.SelEnd()

    mdis.dont_dis = [end]
    blocks = mdis.dis_multiblock(start)
    ira = machine.ira()
    for block in blocks:
        ira.add_block(block)

    print "Run symbolic execution..."
    sb = SymbolicExecutionEngine(ira, machine.mn.regs.regs_init)
    sb.emul_ir_blocks(start)

    modified = {}
    for ident in sb.symbols.symbols_id:
        if ident in sb.ir_arch.arch.regs.regs_init and \
                ident in sb.symbols.symbols_id and \
                sb.symbols.symbols_id[ident] == sb.ir_arch.arch.regs.regs_init[ident]:
            continue
        modified[ident] = sb.symbols.symbols_id[ident]

    for ident in sb.symbols.symbols_mem:
        modified[sb.symbols.symbols_mem[ident][0]] = sb.symbols.symbols_mem[ident][1]


    view = symbolicexec_t()
    all_views.append(view)
    if not view.Create(modified, machine,
                       "Symbolic Execution - 0x%x to 0x%x" % (start, end)):
        return

    view.Show()

Ejemplo n.º 13

Archivo: idaemu.py Proyecto: idkwim/idaemu

 def eBlock(self):
     codeStart = idc.SelStart()
     codeEnd = idc.SelEnd()
     codesize = codeEnd - codeStart
     print(">>> start:0x%x" % codeStart)
     print(">>> end:0x%x" % codeEnd)
     try:
         uc = Uc(self.arch, self.mode)
         code = self._getOriginData(codeStart, codesize)
         print(">>> opcode:", code.encode('hex'))
         
         self._initStack(uc, self.RA)
         self._initData(uc)
         self._initRegs(uc)
         
         # add the invalid memory access hook
         uc.hook_add(UC_HOOK_MEM_READ_UNMAPPED | UC_HOOK_MEM_WRITE_UNMAPPED | \
                     UC_HOOK_MEM_FETCH_UNMAPPED, self._hook_mem_invalid)
         uc.emu_start(codeStart, codeEnd)
         self._showStatus(uc)
     except UcError as e:
         print("#ERROR: %s" % e)	

Ejemplo n.º 14

    def promptForRange(self):
        # Only run if QT not available, so not bothering with ida7 check
        #check if a range has already been selected - if so skip prompt
        if using_ida7api:
            selstart = idc.read_selection_start()
            selend = idc.read_selection_end()
            segstart = idc.get_segm_start(idc.here())
            segend = idc.get_segm_end(idc.here())
        else:
            selstart = idc.SelStart()
            selend = idc.SelEnd()
            seg = idc.SegStart(idc.here())
            self.params.endAddr = idc.SegEnd(idc.here())

        if selstart != idc.BADADDR:
            self.params.startAddr = selstart
            self.params.endAddr = selend
            logger.info('Processing range 0x%08x - 0x%08x', self.params.startAddr, self.params.endAddr)
        else:
            self.params.startAddr = segstart
            self.params.endAddr = segend
            logger.info('Processing current segment only')

Ejemplo n.º 15

def symbolic_exec():
    from miasm2.ir.symbexec import SymbolicExecutionEngine
    from miasm2.core.bin_stream_ida import bin_stream_ida

    from utils import guess_machine

    start, end = idc.SelStart(), idc.SelEnd()

    bs = bin_stream_ida()
    machine = guess_machine(addr=start)

    mdis = machine.dis_engine(bs)

    if start == idc.BADADDR and end == idc.BADADDR:
        start = idc.ScreenEA()
        end = idc.next_head(start)  # Get next instruction address

    mdis.dont_dis = [end]
    asmcfg = mdis.dis_multiblock(start)
    ira = machine.ira(loc_db=mdis.loc_db)
    for block in asmcfg.blocks:
        ira.add_block(block)

    print "Run symbolic execution..."
    sb = SymbolicExecutionEngine(ira, machine.mn.regs.regs_init)
    sb.run_at(start)
    modified = {}

    for dst, src in sb.modified(init_state=machine.mn.regs.regs_init):
        modified[dst] = src

    view = symbolicexec_t()
    all_views.append(view)
    if not view.Create(
            modified, machine, mdis.loc_db,
            "Symbolic Execution - 0x%x to 0x%x" % (start, idc.prev_head(end))):
        return

    view.Show()

Ejemplo n.º 16

    def extractCode(self):
        self.printAvd()

        start = idc.SelStart()
        end = idc.SelEnd()
        codeSize = end - start
        ea = start
        # print hex(ea)
        result = ""

        for i in range(codeSize):
            op1 = idc.GetOpType(ea, 0)
            op2 = idc.GetOpType(ea, 1)
            instructionSize = idc.ItemSize(ea)

            if op1 == idc.o_reg and (op2 == idc.o_reg or op2 == idc.o_void or op2 == idc.o_phrase):
                for b in range(0, instructionSize):
                    result += self.formatByte(ea + b)
            elif (op1 == idc.o_reg and op2 == idc.o_displ) or (op1 == idc.o_displ and op2 == idc.o_reg) or (
                    op1 == idc.o_displ and op2 == idc.o_imm):
                result += self.formatByte(ea) + self.formatByte(ea + 1)
                for b in range(2, instructionSize):
                    result = result + " ??"
            elif op1 == idc.o_phrase and op2 == idc.o_reg:
                for b in range(0, instructionSize):
                    result += self.formatByte(ea + b)
            else:
                result += self.calcStr(ea, instructionSize)

            ea = ea + instructionSize
            if ea >= (start + codeSize):
                break
        # print (idc.get_event_module_base() -  idc.SelStart());
        print ("%s  Address:0x%x Offset:0x%x") % (idc.GetFunctionName(idc.here()),idc.here(), idc.here() - idaapi.get_imagebase())
        # print result
        return result

Ejemplo n.º 17

#coding=utf-8

import idautils
import idaapi
import idc

#获取选取的数据的边界(起始地址和结束地址) 注意结束地址是这段数据中最后一条指令的下一条指令的起始地址
#0x100001dfdL 0x100001e2dL
start = idc.SelStart()
end = idc.SelEnd()
print hex(start),hex(end)

# 同上 简化版
#0x1 0x100001dfdL 0x100001e2bL
result,start,end = idaapi.read_selection()
print hex(result), hex(start), hex(end)

Ejemplo n.º 18

import idaapi
import idautils
import idc

# needed for regexp [a3e1bcd6]
import re

# Ask for a prefix that will be added to subs in the specified range
func_prefix = idc.AskStr("MyClass::",
                         "Enter a prefix that will be added to subs")

if (func_prefix == "MyClass::") or not func_prefix:
    quit()

start_addr = idc.SelStart()
end_addr = idc.SelEnd()
#start = idc.SelStart()
#end = idc.SelEnd()

# print hex(start), hex(end)

# while start < end:
#     # print hex(idc.Qword(start))
#     print hex(start)
#     start = idc.NextAddr(start)

# quit()

# [[441b119f]]
# Asks for a start address of a vftable. Function names in this range (start_addr-end_addr) will be renamed.
#

Ejemplo n.º 19

Archivo: idb.py Proyecto: hakril/midap

 def __init__(self):
     start, end = idc.SelStart(), idc.SelEnd()
     if start == idc.BADADDR:
         raise ValueError("No selection")
     super(Selection, self).__init__(start, end)

Ejemplo n.º 20

    def __init__(self):

        default_types_info = r"""ExprId("RDX", 64): char *"""
        archs = ["AMD64_unk", "X86_32_unk", "msp430_unk"]

        func = ida_funcs.get_func(idc.ScreenEA())
        func_addr = func.startEA

        start_addr = idc.SelStart()
        if start_addr == idc.BADADDR:
            start_addr = idc.ScreenEA()
        end_addr = idc.SelEnd()

        ida_kernwin.Form.__init__(
            self, r"""BUTTON YES* Launch
BUTTON CANCEL NONE
Type Propagation Settings

{FormChangeCb}
Analysis scope:
<Whole function:{rFunction}>
<From an address to the end of function:{rAddr}>
<Between two addresses:{r2Addr}>{cScope}>

<Target function:{functionAddr}>
<Start address  :{startAddr}>
<End address    :{endAddr}>

<Architecture/compilator :{arch}>

<##Header file          :{headerFile}>
<Use a file for type informations:{rTypeFile}>{cTypeFile}>
<##Types informations   :{typeFile}>
<Types informations     :{strTypesInfo}>

<Unalias stack:{rUnaliasStack}>{cUnalias}>
""", {
                'FormChangeCb':
                ida_kernwin.Form.FormChangeCb(self.OnFormChange),
                'cScope':
                ida_kernwin.Form.RadGroupControl(
                    ("rFunction", "rAddr", "r2Addr")),
                'functionAddr':
                ida_kernwin.Form.NumericInput(tp=ida_kernwin.Form.FT_RAWHEX,
                                              value=func_addr),
                'startAddr':
                ida_kernwin.Form.NumericInput(tp=ida_kernwin.Form.FT_RAWHEX,
                                              value=start_addr),
                'endAddr':
                ida_kernwin.Form.NumericInput(tp=ida_kernwin.Form.FT_RAWHEX,
                                              value=end_addr),
                'arch':
                ida_kernwin.Form.DropdownListControl(
                    items=archs, readonly=False, selval=archs[0]),
                'headerFile':
                ida_kernwin.Form.FileInput(swidth=20, open=True),
                'cTypeFile':
                ida_kernwin.Form.ChkGroupControl(("rTypeFile", )),
                'typeFile':
                ida_kernwin.Form.FileInput(swidth=20, open=True),
                'strTypesInfo':
                ida_kernwin.Form.MultiLineTextControl(
                    text=default_types_info,
                    flags=ida_kernwin.Form.MultiLineTextControl.TXTF_FIXEDFONT
                ),
                'cUnalias':
                ida_kernwin.Form.ChkGroupControl(("rUnaliasStack", )),
            })
        form, args = self.Compile()
        form.rUnaliasStack.checked = True
        form.rTypeFile.checked = True