def find_path(subdir=None):
"""Find the IDA user directory for the current user on the current platform.
Returns the path to the IDA user directory. No guarantee is made of the
existence of the directory, but it is the correct path as defined by the
IDA documentation.
If subdir is given then the path to that subdirectory of the IDA user
directory is returned.
"""
path = None
try:
import ida_diskio
path = ida_diskio.get_user_idadir()
except ImportError:
path = os.getenv("IDAUSR")
if path:
path = path.split(os.path.pathsep)[0]
elif os.name == "nt":
path = _find_windows()
else:
path = _find_starnix()
if path and subdir:
path = os.path.join(path, subdir)
return path
def get_user_directory(self):
user_dir = ida_diskio.get_user_idadir()
plug_dir = os.path.join(user_dir, "plugins")
res_dir = os.path.join(plug_dir, "findcrypt-yara")
if not os.path.exists(res_dir):
os.makedirs(res_dir, 0o755)
return res_dir
def user_resource(directory, filename):
"""
Return the absolute path to a user resource located with the local
user's directory (should be %APPDATA%\Roaming\Hex-Rays\IDA Pro\idarling
under Windows and $HOME/.idapro/idarling/ under Linux and macOS).
"""
local_path = os.path.join(ida_diskio.get_user_idadir(), "idarling")
res_dir = os.path.join(local_path, directory)
if not os.path.exists(res_dir):
os.makedirs(res_dir)
return os.path.join(res_dir, filename)
def user_resource(directory, filename):
"""
Return the absolute path to a resource located in the user directory.
It should be:
* %APPDATA%\\Roaming\\Hex-Rays\\IDA Pro\\plugin\\idarling under Windows
* $HOME/.idapro/plugins/idarling under Linux and MacOS.
"""
user_dir = ida_diskio.get_user_idadir()
plug_dir = os.path.join(user_dir, "plugins")
local_dir = os.path.join(plug_dir, "idarling")
res_dir = os.path.join(local_dir, directory)
if not os.path.exists(res_dir):
os.makedirs(res_dir, 493) # 0755
return os.path.join(res_dir, filename)
def init(cls):
# Configuration files path
idausr = ida_diskio.get_user_idadir()
cls.config_path = os.path.join(idausr, "plugins", "idabincat")
# Plugin options
def_options = {
"save_to_idb": "False", # config only - results are always saved
"load_from_idb": "True",
"server_url": "http://localhost:5000",
"web_analyzer": "False",
"autostart": "False"}
cls._options = ConfigParser.ConfigParser(defaults=def_options)
cls._options.optionxform = str
cls.configfile = os.path.join(cls.config_path, "conf", "options.ini")
if len(cls._options.read(cls.configfile)) != 1:
cls._options.add_section("options")
def _load_filters(self, pw):
filters = []
filterdir = os.path.join(ida_diskio.idadir('plugins'), 'cyber')
if not os.path.exists(filterdir):
usr_plugins_dir = os.path.join(ida_diskio.get_user_idadir(),
"plugins")
filterdir = os.path.join(usr_plugins_dir, 'cyber')
if os.path.exists(filterdir):
sys.path.append(filterdir)
for entry in os.listdir(filterdir):
if entry.lower().endswith(
'.py') and entry.lower() != '__init__.py':
mod = os.path.splitext(entry)[0]
fmod = __import__(mod, globals(), locals(), [], 0)
if fmod is not None:
flt = fmod.FILTER_INIT(pw)
if flt is not None:
filters.append((fmod, flt))
return filters
def update_pythonrc():
rcpath = os.path.join(ida_diskio.get_user_idadir(), "idapythonrc.py")
sep_with_ver = SEP[0] + __version__.encode()
payload = b'%s\n%s\n%s' % (sep_with_ver, RC.strip(), SEP[1])
if os.path.isfile(rcpath):
with open(rcpath, 'rb') as f:
py = f.read()
if payload in py and all(x in py for x in SEP):
py = py.split(SEP[0], 1)
py = py[0] + py[1].split(SEP[1], 1)[1]
else:
py = payload
print('Removed idapkg from idapythonrc.py. ' 'I hope to see you again! :)')
print(
' You can remove ~/idapkg directory to remove packages and configurations.'
)
with open(rcpath, 'wb') as f:
f.write(py)
def update_pythonrc():
rcpath = os.path.join(ida_diskio.get_user_idadir(), "idapythonrc.py")
sep_with_ver = SEP[0] + __version__.encode()
payload = b'%s\n%s\n%s' % (sep_with_ver, RC.strip(), SEP[1])
if os.path.isfile(rcpath):
with open(rcpath, 'rb') as f:
py = f.read()
if payload in py:
return
if all(x in py for x in SEP):
py = py.split(SEP[0], 1)
py = py[0] + py[1].split(SEP[1], 1)[1]
py = payload + py
log.info('Updating idapkg into idapythonrc.py.')
else:
py = payload
log.info('Added idapkg into idapythonrc.py. Will work after restarting!')
with open(rcpath, 'wb') as f:
f.write(py)
def find_pdb(dll_path):
# we first check if the pdb is available
symbol_paths = []
cfg_known_locations = [
ida_diskio.get_user_idadir() + "/cfg/pdb.cfg",
idc.idadir() + "/cfg/pdb.cfg"
]
for cfg in cfg_known_locations:
if os.path.exists(cfg):
symbol_paths = _parse_cfg_file(cfg)
# ida first check IDAUSR dir and if ok ignore IDADIR cfg
if symbol_paths is not None and len(symbol_paths):
break
nt_symbol_path_env = os.getenv("_NT_SYMBOL_PATH")
# assume Windows + it overrides values of ida cfg file
if nt_symbol_path_env is not None and nt_symbol_path_env != "":
symbol_paths = _parse_symbol_path(os.getenv("_NT_SYMBOL_PATH"))
if symbol_paths is None or not len(symbol_paths):
idaapi.msg("Error: \'_NT_SYMBOL_PATH\' could not be found. One must" +\
" set for .NIET to work.\n")
return False
else:
# we then compute pdb guid of SharedLibrary.dll
pdbguid = pdbg.get_guid(dll_path)
if pdbguid is None:
return False
# we can have multiple paths, we check all of them
for paths in symbol_paths:
pdb_path = paths.replace('\\','/') + "/SharedLibrary.pdb/" + \
pdbguid + "/SharedLibrary.pdb"
if not os.path.exists(pdb_path):
idaapi.msg("Error: %s could not be found\n" % pdb_path)
return False
else:
return True
# it under the terms of the GNU General Public License as published by
# the Free Software Foundation, either version 3 of the License, or
# (at your option) any later version.
# This program is distributed in the hope that it will be useful,
# but WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
# GNU General Public License for more details.
# You should have received a copy of the GNU General Public License
# along with this program. If not, see <http://www.gnu.org/licenses/>.
import os
import ida_diskio
LOCAL_PATH = os.path.join(ida_diskio.get_user_idadir(), 'idarling')
def local_resource(dirname, filename):
"""
Get the absolute path of a local resource.
:param dirname: the directory name
:param filename: the file name
:return: the path of the resource
"""
resDir = os.path.join(LOCAL_PATH, dirname)
if not os.path.exists(resDir):
os.makedirs(resDir)
return os.path.join(resDir, filename)
# Have to make sure Python finds our modules
sys.path.append(ida_diskio.idadir("python"))
# Remove current directory from the top of the patch search
if '' in sys.path: # On non Windows, the empty path is added
sys.path.remove('')
if os.getcwd() in sys.path:
sys.path.remove(os.getcwd())
# ...and add it to the end if needed
if not IDAPYTHON_REMOVE_CWD_SYS_PATH:
sys.path.append(os.getcwd())
if IDAPYTHON_COMPAT_AUTOIMPORT_MODULES:
# Import all the required modules
from idaapi import get_user_idadir, cvar, Appcall, Form
if IDAPYTHON_COMPAT_695_API:
from idaapi import Choose2
from idc import *
from idautils import *
import idaapi
# Load the users personal init file
userrc = os.path.join(ida_diskio.get_user_idadir(), "idapythonrc.py")
if os.path.exists(userrc):
ida_idaapi.IDAPython_ExecScript(userrc, globals())
# All done, ready to rock.
def get_cfg_filename():
"""returns destination path."""
return os.path.join(ida_diskio.get_user_idadir(), "plugins",
"%s" % CFG_FILENAME)
def get_dest_filename():
"""returns destination path for plugin installation."""
return os.path.join(
ida_diskio.get_user_idadir(),
"plugins",
"%s%s" % (PLUGIN_NAME, ".py"))
def get_target_dir():
"""returns destination path for plugin installation."""
base = os.path.join(
ida_diskio.get_user_idadir(),
"plugins")
return os.path.join(base, PLUGIN_NAME+".py")
import os
import json
from socket import gethostbyname
import traceback
import ida_diskio
CONFIG_FILE_NAME = os.path.join(
os.path.expandvars(ida_diskio.get_user_idadir()), r'idb_push.cfg')
USER = '******'
BACKEND_HOSTNAME = 'backend_hostname'
SUB_PORT = 'sub_port'
PUB_PORT = 'pub_port'
ZMQ_TIMEOUT_MS = 'timeout'
MAX_ITEMS_IN_LIST = 'max_items'
DEBUG = 'debug'
ZMQ_CONNECTIVITY_TEST_TIMEOUT_MS = 'connectivity_test_timeout'
AUTO_APPLY = 'auto_apply'
username = os.getenv('USERNAME') if os.getenv('USERNAME') else os.getenv(
'USER')
# filled with reasonable defaults
CONFIGURATION = {
USER: username,
BACKEND_HOSTNAME: '',
SUB_PORT: 5560,
PUB_PORT: 5559,
ZMQ_TIMEOUT_MS: 100,
ZMQ_CONNECTIVITY_TEST_TIMEOUT_MS: 1000,
MAX_ITEMS_IN_LIST: 1000,
DEBUG: True,
def get_disassembler_user_directory(self):
return ida_diskio.get_user_idadir()
def get_cfg_filename():
"""returns full path for config file."""
return os.path.join(
ida_diskio.get_user_idadir(),
"plugins",
"%s" % CFG_FILENAME)
import shutil
import sys
import urllib2
import zipfile
import ida_diskio
import ida_loader
# Allow the user to override the download URL
if 'URL' not in locals():
URL = 'https://github.com/IDArlingTeam/IDArling/archive/master.zip'
print('[*] Installing IDArling...')
if os.name == 'nt':
# Install into the user directory on Windows
userDir = ida_diskio.get_user_idadir()
if not os.path.exists(userDir):
os.makedirs(userDir, 0755)
destDir = os.path.join(userDir, 'idarling')
if not os.path.exists(destDir):
os.makedirs(destDir, 0755)
else:
# Install into the plugins directory on Linux
destDir = os.path.join(ida_diskio.idadir(None), 'plugins')
print('[*] Downloading master.zip archive...')
archivePath = os.path.join(destDir, 'master.zip')
if os.path.exists(archivePath):
os.remove(archivePath)
with open(archivePath, 'wb') as f:
f.write(urllib2.urlopen(URL).read())
# Have to make sure Python finds our modules
sys.path.append(ida_diskio.idadir("python"))
# Remove current directory from the top of the patch search
if '' in sys.path: # On non Windows, the empty path is added
sys.path.remove('')
if os.getcwd() in sys.path:
sys.path.remove(os.getcwd())
# ...and add it to the end if needed
if not IDAPYTHON_REMOVE_CWD_SYS_PATH:
sys.path.append(os.getcwd())
if IDAPYTHON_COMPAT_AUTOIMPORT_MODULES:
# Import all the required modules
from idaapi import get_user_idadir, cvar, Appcall, Form
if IDAPYTHON_COMPAT_695_API:
from idaapi import Choose2
from idc import *
from idautils import *
import idaapi
# Load the users personal init file
userrc = os.path.join(ida_diskio.get_user_idadir(), "idapythonrc.py")
if os.path.exists(userrc):
ida_idaapi.IDAPython_ExecScript(userrc, globals())
# All done, ready to rock.
def get_target_dir():
"""returns destination path for plugin installation."""
base = os.path.join(
ida_diskio.get_user_idadir(),
"plugins")
return os.path.join(base, genmc.wanted_name+".py")
