def main(doAllFuncs=True):
#doAllFuncs=False
#jayutils.configLogger('', logging.DEBUG)
jayutils.configLogger('', logging.INFO)
logger = jayutils.getLogger('stackstrings')
logger.debug('Starting up now')
filePath = jayutils.getInputFilepath()
if filePath is None:
self.logger.info('No input file provided. Stopping')
return
vw = jayutils.loadWorkspace(filePath)
ea = idc.ScreenEA()
res = idc.AskYN(0, 'Use basic-block local aggregator')
if res == -1:
print 'User canceled'
return
uselocalagg = (res == 1)
ranges = getFuncRanges(ea, doAllFuncs)
for funcStart, funcEnd in ranges:
try:
logger.debug('Starting on function: 0x%x', funcStart)
stringList = runStrings(vw, funcStart, uselocalagg)
for node, string in stringList:
if isLikelyFalsePositiveString(string):
#if it's very likely a FP, skip annotating
continue
print '0x%08x: %s' % (node[0], string)
#print '0x%08x: 0x%08x: %s %s' % (node[0], node[1], binascii.hexlify(string), string)
idc.MakeComm(node[0], string.strip())
except Exception, err:
logger.exception('Error during parse: %s', str(err))
def main():
#jayutils.configLogger(__name__, logging.DEBUG)
jayutils.configLogger(__name__, logging.INFO)
logger = jayutils.getLogger('')
logger.debug('Starting up in main')
#name = idc.AskStr('CreateThread', 'Enter function to find args for')
#argNum = idc.AskLong(6)
filePath = jayutils.getInputFilepath()
if filePath is None:
self.logger.info('No input file provided. Stopping')
return
vw = jayutils.loadWorkspace(filePath)
logger.debug('Loaded workspace')
tracker = ArgTracker(vw)
import idautils
funcEa = idc.get_name_ea_simple('CreateThread')
if funcEa == idc.BADADDR:
logger.info('CreateThread not found. Returning now')
return
for xref in idautils.XrefsTo(funcEa):
argsList = tracker.getPushArgs(xref.frm, 6)
for argDict in argsList:
print '-' * 60
pc, value = argDict[3]
print '0x%08x: 0x%08x: 0x%08x' % (xref.frm, pc, value)
def main():
#jayutils.configLogger(__name__, logging.DEBUG)
jayutils.configLogger(__name__, logging.INFO)
logger = jayutils.getLogger('')
logger.debug('Starting up in main')
#name = idc.AskStr('CreateThread', 'Enter function to find args for')
#argNum = idc.AskLong(6)
filePath = jayutils.getInputFilepath()
if filePath is None:
self.logger.info('No input file provided. Stopping')
return
vw = jayutils.loadWorkspace(filePath)
logger.debug('Loaded workspace')
tracker = ArgTracker(vw)
import idautils
funcEa = idc.LocByName('CreateThread')
if funcEa == idc.BADADDR:
logger.info('CreateThread not found. Returning now')
return
for xref in idautils.XrefsTo(funcEa):
argsList = tracker.getPushArgs(xref.frm, 6)
for argDict in argsList:
print '-'*60
pc, value = argDict[3]
print '0x%08x: 0x%08x: 0x%08x' % (xref.frm, pc, value)
def main(doAllFuncs=True):
#doAllFuncs=False
#jayutils.configLogger('', logging.DEBUG)
jayutils.configLogger('', logging.INFO)
logger = jayutils.getLogger('stackstrings')
logger.debug('Starting up now')
filePath = jayutils.getInputFilepath()
if filePath is None:
self.logger.info('No input file provided. Stopping')
return
vw = jayutils.loadWorkspace(filePath)
ea = idc.ScreenEA()
res = idc.AskYN(0, 'Use basic-block local aggregator')
if res == -1:
print 'User canceled'
return
uselocalagg = (res == 1)
ranges = getFuncRanges(ea, doAllFuncs)
for funcStart, funcEnd in ranges:
try:
logger.debug('Starting on function: 0x%x', funcStart)
stringList = runStrings(vw, funcStart, uselocalagg)
for node, string in stringList:
if isLikelyFalsePositiveString(string):
#if it's very likely a FP, skip annotating
continue
print '0x%08x: %s' % (node[0], string)
#print '0x%08x: 0x%08x: %s %s' % (node[0], node[1], binascii.hexlify(string), string)
idc.MakeComm(node[0], string.strip())
except Exception, err:
logger.exception('Error during parse: %s', str(err))