def color(self):
"""Line color in IDA View"""
color = idc.get_color(self.ea, idc.CIC_ITEM)
if color == 0xFFFFFFFF:
return None
return color
def reset_ida_highlighting(self, item, checked):
"""reset IDA highlight for item
@param item: CapaExplorerDataItem
@param checked: True, item checked, False item not checked
"""
if not isinstance(
item,
(CapaExplorerStringViewItem, CapaExplorerInstructionViewItem,
CapaExplorerByteViewItem)):
# ignore other item types
return
curr_highlight = idc.get_color(item.location, idc.CIC_ITEM)
if checked:
# item checked - record current highlight and set to new
item.ida_highlight = curr_highlight
idc.set_color(item.location, idc.CIC_ITEM, DEFAULT_HIGHLIGHT)
else:
# item unchecked - reset highlight
if curr_highlight != DEFAULT_HIGHLIGHT:
# user modified highlight - record new highlight and do not modify
item.ida_highlight = curr_highlight
else:
# reset highlight to previous
idc.set_color(item.location, idc.CIC_ITEM, item.ida_highlight)
def color(self):
"""Function color in IDA View"""
color = idc.get_color(self.ea, idc.CIC_FUNC)
if color == 0xFFFFFFFF:
return None
return color
def add_match(self, match):
"""Associate a color to a match id.
Arguments:
match (Match): Match to add.
"""
match_id = match.get_match_id()
pattern_id = match.get_pattern_id()
insts = match.get_match()
for getid, node_list in insts.iteritems():
if not node_list.empty():
# Add all match instructions.
for node in node_list:
if match_id not in self._matches_colors:
self._matches_colors[match_id] = {}
try:
c = get_color(node.info.address, CIC_ITEM)
except:
c = GetColor(node.info.address, CIC_ITEM)
self._matches_colors[match_id][node.info.address] = {
"new": self._patterns_colors[pattern_id],
"old": c
}
def __init__(self, parent, display, location):
"""initialize item
details section shows byte preview for match
@param parent: parent node
@param display: text to display in UI
@param location: virtual address as seen by IDA
"""
byte_snap = idaapi.get_bytes(location, 32)
if byte_snap:
byte_snap = codecs.encode(byte_snap, "hex").upper()
if sys.version_info >= (3, 0):
details = " ".join([
byte_snap[i:i + 2].decode()
for i in range(0, len(byte_snap), 2)
])
else:
details = " ".join(
[byte_snap[i:i + 2] for i in range(0, len(byte_snap), 2)])
else:
details = ""
super(CapaExplorerByteViewItem, self).__init__(parent,
display,
location=location,
details=details)
self.ida_highlight = idc.get_color(location, idc.CIC_ITEM)
def paint_hexrays(self, cfunc):
sv = cfunc.get_pseudocode()
lines_painted = 0
for sline in sv:
indexes = lex_citem_indexes(sline.line)
for index in indexes:
try:
item = cfunc.treeitems[index]
ea = item.ea
# apparently this is a thing on IDA 6.95
except IndexError as e:
continue
col = idc.get_color(ea, CIC_ITEM)
if col != BADADDR:
sline.bgcolor = col
lines_painted += 1
if not lines_painted:
return
col = 0xccffcc
for line_number in xrange(0, cfunc.hdrlines):
sv[line_number].bgcolor = col
idaapi.refresh_idaview_anyway()
def color(self):
"""
Property which return the color of the item.
:return: The coloration of the element in IDA.
:rtype: int
"""
return idc.get_color(self.ea, idc.CIC_ITEM)
def __init__(self, parent, display, location, value):
"""initialize item
@param parent: parent node
@param display: text to display in UI
@param location: virtual address as seen by IDA
"""
super(CapaExplorerStringViewItem, self).__init__(parent, display, location=location, details=value)
self.ida_highlight = idc.get_color(location, idc.CIC_ITEM)
def __init__(self, parent, display, location):
""" """
details = capa.ida.helpers.get_disasm_line(location)
super(CapaExplorerInstructionViewItem,
self).__init__(parent,
display,
location=location,
details=details)
self.ida_highlight = idc.get_color(location, idc.CIC_ITEM)
def __init__(self, parent, display, location):
"""initialize item
details section shows disassembly view for match
@param parent: parent node
@param display: text to display in UI
@param location: virtual address as seen by IDA
"""
details = capa.ida.helpers.get_disasm_line(location)
super(CapaExplorerInstructionViewItem, self).__init__(parent, display, location=location, details=details)
self.ida_highlight = idc.get_color(location, idc.CIC_ITEM)
def test_bipelt00():
# ea, flags, size
assert BipElt(0x01800D325A).ea == 0x01800D325A
assert BipElt(0x01800D325A).flags == ida_bytes.get_full_flags(0x01800D325A)
assert BipElt(0x01800D325A).size == 4
assert BipElt(0x018015D260).size == 1
assert BipElt(0x018015D228).size == 8
# bytes
assert BipElt(0x01800D325A).bytes == [0x48, 0x83, 0xC4, 0x60]
BipElt(0x01800D325A).bytes = [0x90, 0x90, 0x90, 0x90]
assert BipElt(0x01800D325A).bytes == [0x90, 0x90, 0x90, 0x90]
assert BipElt(0x01800D325A).original_bytes == [0x48, 0x83, 0xC4, 0x60]
BipElt(0x01800D325A).bytes = b"\xAA" * 4
assert BipElt(0x01800D325A).bytes == [0xAA, 0xAA, 0xAA, 0xAA]
BipElt(0x01800D325A).bytes = [0x48, 0x83, 0xC4, 0x60]
assert BipElt(0x01800D325A).bytes == [0x48, 0x83, 0xC4, 0x60]
# name
assert BipElt(0x01800D325A).name == 'loc_1800D325A'
assert BipElt(0x01800D325A).is_dummy_name
assert not BipElt(0x01800D325A).is_auto_name
assert BipElt(0x01800D325A).is_ida_name
assert not BipElt(0x01800D325A).is_user_name
ie = BipElt(0x01800D325A)
prevname = ie.name
ie.name = "idaelt_test"
assert ie.name == "idaelt_test"
assert not BipElt(0x01800D325A).is_dummy_name
assert not BipElt(0x01800D325A).is_auto_name
assert not BipElt(0x01800D325A).is_ida_name
assert BipElt(0x01800D325A).is_user_name
ie.name = None
assert BipElt(0x01800D325A).name == 'loc_1800D325A'
assert BipElt(0x01800D325A).is_dummy_name
assert not BipElt(0x01800D325A).is_auto_name
assert BipElt(0x01800D325A).is_ida_name
assert not BipElt(0x01800D325A).is_user_name
assert BipElt(0x018014F7FF).is_auto_name
assert not BipElt(0x018014F7FF).is_dummy_name
assert BipElt(0x018014F7FF).is_ida_name
assert BipElt(0x0180125828).demangle_name is None
# TODO: need other binary for demangle name
# color
assert BipElt(0x01800D325A).color == idc.get_color(0x01800D325A, idc.CIC_ITEM)
ie = BipElt(0x01800D325A)
prevcolor = ie.color
ie.color = 0xAABBCC
assert ie.color == 0xAABBCC
ie.color = prevcolor
def __init__(self, parent, display, location):
""" """
byte_snap = idaapi.get_bytes(location, 32)
if byte_snap:
byte_snap = codecs.encode(byte_snap, "hex").upper()
if sys.version_info >= (3, 0):
details = " ".join([
byte_snap[i:i + 2].decode()
for i in range(0, len(byte_snap), 2)
])
else:
details = " ".join(
[byte_snap[i:i + 2] for i in range(0, len(byte_snap), 2)])
else:
details = ""
super(CapaExplorerByteViewItem, self).__init__(parent,
display,
location=location,
details=details)
self.ida_highlight = idc.get_color(location, idc.CIC_ITEM)
def __init__(self, parent, display, location):
""" """
super(CapaExplorerStringViewItem, self).__init__(parent,
display,
location=location)
self.ida_highlight = idc.get_color(location, idc.CIC_ITEM)
from __future__ import print_function
#---------------------------------------------------------------------
# This illustrates the setting/retrievel of background colours,
# using the IDC wrappers
BG_BLUE = 0xc02020
BG_GREEN = 0x208020
BG_RED = 0x2020c0
import idc
ea = idc.here()
idc.set_color(ea, idc.CIC_SEGM, BG_BLUE)
idc.set_color(ea, idc.CIC_FUNC, BG_GREEN)
idc.set_color(ea, idc.CIC_ITEM, BG_RED)
print("Segment: %x" % idc.get_color(ea, idc.CIC_SEGM))
print("Function: %x" % idc.get_color(ea, idc.CIC_FUNC))
print("Item: %x" % idc.get_color(ea, idc.CIC_ITEM))
def test(n):
idc.get_color(here(), )
def get_orig_color_feature_vas(vas):
orig_colors = {}
for va in vas:
orig_colors[va] = idc.get_color(va, idc.CIC_ITEM)
return orig_colors