def by(**type): '''Return the segment matching the specified keywords in `type`.''' searchstring = ', '.join("{:s}={!r}".format(key, value) for key, value in six.iteritems(type)) res = builtins.list(__iterate__(**type)) if len(res) > 1: maxaddr = max(builtins.map(operator.attrgetter('endEA'), res) or [1]) caddr = math.ceil(math.log(maxaddr) / math.log(16)) builtins.map( logging.info, (("[{:d}] {:0{:d}x}:{:0{:d}x} {:s} {:+#x} sel:{:04x} flags:{:02x}". format(seg.index, seg.startEA, int(caddr), seg.endEA, int(caddr), idaapi.get_true_segm_name(seg), seg.size(), seg.sel, seg.flags)) for seg in res)) logging.warn( "{:s}.by({:s}) : Found {:d} matching results. Returning the first segment at index {:d} from {:0{:d}x}<>{:0{:d}x} with the name {:s} and size {:+#x}." .format(__name__, searchstring, len(res), res[0].index, res[0].startEA, int(caddr), res[0].endEA, int(caddr), idaapi.get_true_segm_name(res[0]), res[0].size())) res = next(iter(res), None) if res is None: raise E.SearchResultsError( "{:s}.by({:s}) : Found 0 matching results.".format( __name__, searchstring)) return res
def update_content_viewers(self): n = self.GetLineNo() item = self.get_item(n) self.dav.clear() self.hv.clear() self.iv.clear() if item != None and item.type == Item.TYPE_CODE: # get disassembly and hex stream dis = self.payload.da.get_disasm(item.ea) for line in dis: self.dav.add_line(line[0]) self.hv.add_line(line[1]) # get various info seg = idaapi.getseg(item.ea) if seg: name = idaapi.get_true_segm_name(seg) perm = seg.perm ltype = "ld" if seg.is_loader_segm() else "dbg" ea_start = seg.startEA ea_end = seg.endEA perms = "" perms += "R" if perm & idaapi.SEGPERM_READ != 0 else "." perms += "W" if perm & idaapi.SEGPERM_WRITE != 0 else "." perms += "X" if perm & idaapi.SEGPERM_EXEC != 0 else "." self.iv.add_line("<%s> [%X - %X], %s, [%s]" % (name, ea_start, ea_end, ltype, perms)) self.dav.update() self.hv.update() self.iv.update()
def list(**type): '''List all of the segments in the database that match the keyword specified by `type`.''' res = builtins.list(__iterate__(**type)) maxindex = max(builtins.map(operator.attrgetter('index'), res) or [1]) maxaddr = max(builtins.map(operator.attrgetter('endEA'), res) or [1]) maxsize = max(builtins.map(operator.methodcaller('size'), res) or [1]) maxname = max( builtins.map(utils.fcompose(idaapi.get_true_segm_name, len), res) or [1]) cindex = math.ceil(math.log(maxindex or 1) / math.log(10)) caddr = math.ceil(math.log(maxaddr or 1) / math.log(16)) csize = math.ceil(math.log(maxsize or 1) / math.log(16)) for seg in res: comment = idaapi.get_segment_cmt(seg, 0) or idaapi.get_segment_cmt( seg, 1) six.print_( u"[{:{:d}d}] {:#0{:d}x}<>{:#0{:d}x} : {:<+#{:d}x} : {:>{:d}s} : sel:{:04x} flags:{:02x}{:s}" .format( seg.index, int(cindex), seg.startEA, 2 + int(caddr), seg.endEA, 2 + int(caddr), seg.size(), 3 + int(csize), utils.string.of(idaapi.get_true_segm_name(seg)), maxname, seg.sel, seg.flags, u"// {:s}".format( utils.string.of(comment)) if comment else '')) return
def name(): '''Return the name of the current segment.''' seg = ui.current.segment() if seg is None: raise E.SegmentNotFoundError(u"{:s}.name() : Unable to locate the current segment.".format(__name__)) res = idaapi.get_true_segm_name(seg) return utils.string.of(res)
def repr(segment): '''Given a segment_t/address, return a printable representation of it''' if type(segment) is idaapi.segment_t: return '{:s} {:s} {:x}-{:x} (+{:x})'.format( object.__repr__(segment), idaapi.get_true_segm_name(segment), segment.startEA, segment.endEA, segment.endEA - segment.startEA) return repr(by(segment))
def name(): '''Return the name of the current segment.''' seg = ui.current.segment() if seg is None: raise E.SegmentNotFoundError( "{:s}.name() : Unable to locate the current segment.".format( __name__)) return idaapi.get_true_segm_name(seg)
def name(key=None): '''Given a segment_t/address, return it's name''' if key is None: segment = ui.current.segment() if segment is None: raise LookupError, "segment.name(%r):Not currently positioned within a segment" % key else: segment = by(key) return idaapi.get_true_segm_name(segment)
def repr(key=None): '''Given a segment_t/address, return a printable representation of it''' if key is None: segment = ui.current.segment() if segment is None: raise LookupError, "segment.repr(%r):Not currently positioned within a segment" % key else: segment = by(key) return '{:s} {:s} {:x}-{:x} (+{:x})'.format( object.__repr__(segment), idaapi.get_true_segm_name(segment), segment.startEA, segment.endEA, segment.endEA - segment.startEA)
def update_content_viewers(self, n=None): if n is None: n = self.GetLineNo() item = self.get_item(n) self.dav.clear() self.hv.clear() self.iv.clear() if item is not None: if item.type == Item.TYPE_CODE: # get disassembly and hex stream dis = self.payload.da.get_disasm(item.ea) for line in dis: self.dav.add_line(line[0]) self.hv.add_line(line[1]) # get various info seg = idaapi.getseg(item.ea) if seg: name = idaapi.get_true_segm_name(seg) perm = seg.perm ltype = "ld" if seg.is_loader_segm() else "dbg" ea_start = seg.startEA ea_end = seg.endEA perms = "" perms += "R" if perm & idaapi.SEGPERM_READ != 0 else "." perms += "W" if perm & idaapi.SEGPERM_WRITE != 0 else "." perms += "X" if perm & idaapi.SEGPERM_EXEC != 0 else "." self.iv.add_line("<%s> [%X - %X], %s, [%s]" % (name, ea_start, ea_end, ltype, perms)) else: stype = GetStringType(item.ea) if stype is not None: scontent = GetString(item.ea, -1, stype) if scontent != None and len(scontent): self.dav.add_line( idaapi.COLSTR("\"%s\"" % scontent, idaapi.SCOLOR_DSTR)) # length = idaapi.get_max_ascii_length(item.ea, stype, idaapi.ALOPT_IGNHEADS) # self.hv.add_line() else: scontent = GetString(item.ea, -1, ASCSTR_C) if scontent != None and len(scontent): self.dav.add_line("\"%s\"" % scontent) self.dav.update() self.hv.update() self.iv.update()
def update_content_viewers(self, n=None): if n is None: n = self.GetLineNo() item = self.get_item(n) self.dav.clear() self.hv.clear() self.iv.clear() if item is not None: if item.type == Item.TYPE_CODE: # get disassembly and hex stream dis = self.payload.da.get_disasm(item.ea) for line in dis: self.dav.add_line(line[0]) self.hv.add_line(line[1]) # get various info seg = idaapi.getseg(item.ea) if seg: name = idaapi.get_true_segm_name(seg) perm = seg.perm ltype = "ld" if seg.is_loader_segm() else "dbg" ea_start = seg.startEA ea_end = seg.endEA perms = "" perms += "R" if perm & idaapi.SEGPERM_READ != 0 else "." perms += "W" if perm & idaapi.SEGPERM_WRITE != 0 else "." perms += "X" if perm & idaapi.SEGPERM_EXEC != 0 else "." self.iv.add_line("<%s> [%X - %X], %s, [%s]" % (name, ea_start, ea_end, ltype, perms)) else: stype = GetStringType(item.ea) if stype is not None: scontent = GetString(item.ea, -1, stype) if scontent != None and len(scontent): self.dav.add_line(idaapi.COLSTR("\"%s\"" % scontent, idaapi.SCOLOR_DSTR)) # length = idaapi.get_max_ascii_length(item.ea, stype, idaapi.ALOPT_IGNHEADS) # self.hv.add_line() else: scontent = GetString(item.ea, -1, ASCSTR_C) if scontent != None and len(scontent): self.dav.add_line("\"%s\"" % scontent) self.dav.update() self.hv.update() self.iv.update()
def get_offset_name(ea): # Try and get the function name try: func = get_func(ea) name = idc.GetTrueName(func.startEA) name = demangle(name, 0x60) # MNG_NOTYPE | MNG_NORETTYPE if name: offset = ea - func.startEA if offset: return '{}+{:X}'.format(name, offset) return name except exceptions.SarkNoFunction: pass # If that failed, use the segment name instead. segment = idaapi.getseg(ea) name = idaapi.get_true_segm_name(segment) offset_format = '{{:0{}X}}'.format(get_native_size() * 2) ea_text = offset_format.format(ea) if name: return '{}:{}'.format(name, ea_text) # Nothing found, simply return the address return ea_text
def get_offset_name(ea): # Try and get the function name try: func = get_func(ea) name = idaapi.get_ea_name(func.startEA) name = demangle(name, 0x60) # MNG_NOTYPE | MNG_NORETTYPE if name: offset = ea - func.startEA if offset: return '{}+{:X}'.format(name, offset) return name except exceptions.SarkNoFunction: pass # If that failed, use the segment name instead. segment = idaapi.getseg(ea) name = idaapi.get_true_segm_name(segment) offset_format = '{{:0{}X}}'.format(get_native_size() * 2) ea_text = offset_format.format(ea) if name: return '{}:{}'.format(name, ea_text) # Nothing found, simply return the address return ea_text
def repr(segment): '''Return the specified `segment` in a printable form.''' seg = by(segment) return "{:s} {:s} {:#x}-{:#x} ({:+#x})".format( object.__repr__(seg), idaapi.get_true_segm_name(seg), seg.startEA, seg.endEA, seg.endEA - seg.startEA)
def list(**type): """List all the segments defined in the database. Search type can be identified by providing a named argument. like = glob match regex = regular expression selector = segment selector index = particular index name = specific segment name predicate = function predicate """ res = __builtin__.list(iterate(**type)) maxindex = max(__builtin__.map(operator.attrgetter('index'), res) or [1]) maxaddr = max(__builtin__.map(operator.attrgetter('endEA'), res) or [1]) maxsize = max(__builtin__.map(operator.methodcaller('size'), res) or [1]) maxname = max(__builtin__.map(utils.compose(idaapi.get_true_segm_name,len), res) or [1]) cindex = math.ceil(math.log(maxindex)/math.log(10)) caddr = math.ceil(math.log(maxaddr)/math.log(16)) csize = math.ceil(math.log(maxsize)/math.log(16)) for seg in res: comment = idaapi.get_segment_cmt(seg, 0) or idaapi.get_segment_cmt(seg, 1) print("[{:{:d}d}] {:0{:d}x}:{:0{:d}x} {:>{:d}s} {:<+#{:d}x} sel:{:04x} flags:{:02x}{:s}".format(seg.index, int(cindex), seg.startEA, int(caddr), seg.endEA, int(caddr), idaapi.get_true_segm_name(seg), maxname, seg.size(), int(csize), seg.sel, seg.flags, "// {:s}".format(comment) if comment else '')) return
def by(**type): """Search through all the segments within the database for a particular result. Search type can be identified by providing a named argument. like = glob match regex = regular expression selector = segment selector index = particular index name = specific segment name predicate = function predicate """ searchstring = ', '.join("{:s}={!r}".format(k,v) for k,v in type.iteritems()) res = __builtin__.list(iterate(**type)) if len(res) > 1: maxaddr = max(__builtin__.map(operator.attrgetter('endEA'), res) or [1]) caddr = math.ceil(math.log(maxaddr)/math.log(16)) __builtin__.map(logging.info, (("[{:d}] {:0{:d}x}:{:0{:d}x} {:s} {:+#x} sel:{:04x} flags:{:02x}".format(seg.index, seg.startEA, int(caddr), seg.endEA, int(caddr), idaapi.get_true_segm_name(seg), seg.size(), seg.sel, seg.flags)) for seg in res)) logging.warn("{:s}.by({:s}) : Found {:d} matching results, returning the first one. : [{:d}] {:0{:d}x}:{:0{:d}x} {:s} {:+#x}".format(__name__, searchstring, len(res), res[0].index, res[0].startEA, int(caddr), res[0].endEA, int(caddr), idaapi.get_true_segm_name(res[0]), res[0].size())) res = next(iter(res), None) if res is None: raise LookupError("{:s}.by({:s}) : Found 0 matching results.".format(__name__, searchstring)) return res
def name(segment): '''Given a segment_t/address, return it's name''' if type(segment) is idaapi.segment_t: return idaapi.get_true_segm_name(segment) return name(by(segment))
def repr(segment): '''Given a segment_t/address, return a printable representation of it''' if type(segment) is idaapi.segment_t: return '{:s} {:s} {:x}-{:x} (+{:x})'.format(object.__repr__(segment),idaapi.get_true_segm_name(segment),segment.startEA,segment.endEA,segment.endEA-segment.startEA) return repr(by(segment))
def name(): '''Return the name of the current segment.''' seg = ui.current.segment() if seg is None: raise LookupError("{:s}.name() : Not currently positioned within a segment".format(__name__)) return idaapi.get_true_segm_name(seg)
def list(): '''List all the segments defined in the database by name''' for n in iterate(): yield idaapi.get_true_segm_name(n) or "" return
def name(segment): '''Return the name of the segment identified by `segment`.''' seg = by(segment) res = idaapi.get_true_segm_name(seg) return utils.string.of(res)
def by(**type): '''Return the segment matching the specified keywords in `type`.''' searchstring = utils.string.kwargs(type) res = builtins.list(__iterate__(**type)) if len(res) > 1: maxaddr = max(builtins.map(operator.attrgetter('endEA'), res) or [1]) caddr = math.ceil(math.log(maxaddr)/math.log(16)) builtins.map(logging.info, ((u"[{:d}] {:0{:d}x}:{:0{:d}x} {:s} {:+#x} sel:{:04x} flags:{:02x}".format(seg.index, seg.startEA, int(caddr), seg.endEA, int(caddr), utils.string.of(idaapi.get_true_segm_name(seg)), seg.size(), seg.sel, seg.flags)) for seg in res)) logging.warn(u"{:s}.by({:s}) : Found {:d} matching results. Returning the first segment at index {:d} from {:0{:d}x}<>{:0{:d}x} with the name {:s} and size {:+#x}.".format(__name__, searchstring, len(res), res[0].index, res[0].startEA, int(caddr), res[0].endEA, int(caddr), utils.string.of(idaapi.get_true_segm_name(res[0])), res[0].size())) res = next(iter(res), None) if res is None: raise E.SearchResultsError(u"{:s}.by({:s}) : Found 0 matching results.".format(__name__, searchstring)) return res
def repr(): '''Return a repr() of the current segment.''' segment = ui.current.segment() if segment is None: raise LookupError("{:s}.repr() : Not currently positioned within a segment".format(__name__)) return "{:s} {:s} {:x}-{:x} (+{:x})".format(object.__repr__(segment),idaapi.get_true_segm_name(segment),segment.startEA,segment.endEA,segment.endEA-segment.startEA)
def repr(segment): '''Return the specified `segment` in a printable form.''' seg = by(segment) return "{:s} {:s} {:#x}-{:#x} ({:+#x})".format(object.__repr__(seg),idaapi.get_true_segm_name(seg),seg.startEA,seg.endEA,seg.endEA-seg.startEA)
def name(segment): '''Return the name of the segment identified by `segment`.''' seg = by(segment) return idaapi.get_true_segm_name(seg)
def get_segments(): seg_names = [] for seg in idautils.Segments(): st = ida_segment.getseg(seg) seg_names.append(idaapi.get_true_segm_name(st)) return seg_names
def list(**type): '''List all of the segments in the database that match the keyword specified by `type`.''' res = builtins.list(__iterate__(**type)) maxindex = max(builtins.map(operator.attrgetter('index'), res) or [1]) maxaddr = max(builtins.map(operator.attrgetter('endEA'), res) or [1]) maxsize = max(builtins.map(operator.methodcaller('size'), res) or [1]) maxname = max(builtins.map(utils.fcompose(idaapi.get_true_segm_name,len), res) or [1]) cindex = math.ceil(math.log(maxindex or 1)/math.log(10)) caddr = math.ceil(math.log(maxaddr or 1)/math.log(16)) csize = math.ceil(math.log(maxsize or 1)/math.log(16)) for seg in res: comment = idaapi.get_segment_cmt(seg, 0) or idaapi.get_segment_cmt(seg, 1) six.print_(u"[{:{:d}d}] {:#0{:d}x}<>{:#0{:d}x} : {:<+#{:d}x} : {:>{:d}s} : sel:{:04x} flags:{:02x}{:s}".format(seg.index, int(cindex), seg.startEA, 2+int(caddr), seg.endEA, 2+int(caddr), seg.size(), 3+int(csize), utils.string.of(idaapi.get_true_segm_name(seg)), maxname, seg.sel, seg.flags, u"// {:s}".format(utils.string.of(comment)) if comment else '')) return
def repr(segment): '''Return a repr() of the segment identified by ``segment``.''' '''Given a segment_t/address, return a printable representation of it''' seg = by(segment) return "{:s} {:s} {:x}-{:x} (+{:x})".format(object.__repr__(seg),idaapi.get_true_segm_name(seg),seg.startEA,seg.endEA,seg.endEA-seg.startEA)
def name(self): return idaapi.get_true_segm_name(self.segment_t)