def check_thread(self):
tid = ida_dbg.get_current_thread()
if self.last_tid != tid:
idaapi.refresh_debugger_memory()
self.callback()
self.last_tid = tid
return self.timer_freq
def reload_gui_info(self, from_arena_cb=False):
if self.heap is None:
return
try:
if not misc.is_process_suspended():
answer = idaapi.askyn_c(
idaapi.ASKBTN_YES,
"HIDECANCEL\nThe process must be suspended to reload the info.\n\
Do you want to suspend it?")
if answer == idaapi.ASKBTN_NO:
return
if not idaapi.suspend_process():
warning("Unable to suspend the process")
return
idaapi.refresh_debugger_memory()
if not self.heap.get_heap_base():
self.show_warning("Heap not initialized")
return
if not config.libc_base:
self.show_warning("Unable to resolve glibc base address.")
return
self.hide_warning()
self.arenas_widget.setVisible(True)
if not from_arena_cb:
self.populate_arenas()
self.arena_widget.populate_table()
self.tcache_widget.populate_table()
self.bins_widget.populate_tables()
except Exception as e:
self.show_warning(e.message)
idaapi.warning(traceback.format_exc())
def writeMem(self, binfile):
regs = self.getRegs()
segm = self.init_segm_mem()
idaapi.refresh_debugger_memory()
print(
"+-------------------+----------------------+--------------------+----------+--------+"
)
print(
"| segment | VA | size | flag | status |"
)
print(
"+-------------------+----------------------+--------------------+----------+--------+"
)
for n in xrange(idaapi.get_segm_qty()):
seg = idaapi.getnseg(n)
if seg:
name = Dump.getSegName(seg, segm)
address = seg.startEA
length = seg.endEA - seg.startEA
db_data = idaapi.dbg_read_memory(address, length)
print("| %-17s | %18x | %8x -> %5dkb| %2d | " %
(name, address, length, length / 1024, seg.flags),
end="")
if db_data:
segm[name] = [address, length, db_data]
print('ok |')
length = len(db_data)
segm[name] = [address, length, db_data]
else:
if (length >= 0x400):
print(
"war |\n+-------------------+----------------------+--------------------+----------+--------+"
)
data = Dump.getDbgMemPage(address, length)
data.append([b"", 0, 0])
is_unmap = False
tmp = b''
begin = address
fbegin = address
fsize = 0
for i, d in enumerate(data):
db, ea, size = d
if is_unmap:
if db: # 0 1
is_unmap = False
begin = ea
tmp = db
print(
"| %-17s | %18x | %8x -> %5dkb| %2d | faild |"
% (name, fbegin, fsize, fsize / 1024,
seg.flags))
else: # 0 0
fsize += size
if (i == len(data) - 1):
print(
"| %-17s | %18x | %8x -> %5dkb| %2d | faild |"
% (name, fbegin, fsize,
fsize / 1024, seg.flags))
pass
else:
if db: # 1 1
is_unmap = False
tmp += db
else: # 1 0
fbegin = ea
fsize = size
is_unmap = True
if tmp:
name = Dump.getSegName(seg, segm)
segm[name] = [begin, len(tmp), tmp]
print(
"| %-17s | %18x | %8x -> %5dkb| %2d | ok |"
% (name, begin, len(tmp),
len(tmp) / 1024, seg.flags))
else:
print(
"| %-17s | %18x | %8x -> %5dkb| %2d | faild |"
% (name, fbegin, fsize,
fsize / 1024, seg.flags))
break
print(
"+-------------------+----------------------+--------------------+----------+--------+"
)
else:
print(' faild')
continue
print(
"+-------------------+----------------------+--------------------+----------+--------+"
)
# GetBptQty() GetBptEA(n):
nameoffset_p = 0
dataoffset_p = 0
all_ab_name = 0
for regAddress in regs:
INT = regs[regAddress]
regName = self.register_names[regAddress]
size = self.registers[regName][1]
up = None
if INT < 0:
up = lambda x: x.lower()
else:
up = lambda x: x
try:
if size == 1:
db_data = struct.pack(up("<B"), INT)
elif size == 2:
db_data = struct.pack(up("<H"), INT)
elif size == 4:
db_data = struct.pack(up("<I"), INT)
elif size == 8:
db_data = struct.pack(up("<Q"), INT)
elif size == 16:
db_data = struct.pack(up("<QQ"),
int(INT & 0xffffffffffffffff),
int(INT >> 64))
elif size == 32:
db_data = struct.pack(up("<QQQQ"),
INT & 0xffffffffffffffff,
(INT >> 64) & 0xffffffffffffffff,
(INT >> 128) & 0xffffffffffffffff,
INT >> 192)
else:
continue
segm['registers' +
str(regAddress)] = [regAddress,
len(db_data), db_data]
print(" (%-10s IR_offset: %-5d) (regValue: %-32x nb: %2d) " %
(regName, regAddress, (INT), len(db_data)))
except Exception as e:
print("-=1-=1-=1-=1- error:", e, regName, hex(INT), size,
"-=1-=1-=1-=1- ")
def find_segm(va, length, bpt_l):
global BPNORMAL
for ea, bptype, hwtype_hwsize, code in bpt_l:
if va <= ea and ea < va + length:
if bptype == BPNORMAL:
yield (code, ea - va)
bpt_list = [i for i in Breakpoints()]
for name in segm:
address, length, db_data = segm[name]
ab_name = (name + '\x00').encode('utf-8')
all_ab_name += len(ab_name)
# 将软件断点pass掉
len_db_data = len(db_data)
for code, offset in find_segm(address, length, bpt_list):
db_data = db_data[:offset] + struct.pack(
up("<H"), code) + db_data[offset + 2:]
segm[name] = [address, length, db_data]
assert (len(db_data) == len_db_data)
print("bkp found: address: %x code: %s" %
(address + offset,
base64.b16encode(struct.pack(up("<H"), code))))
for name in segm:
address, length, db_data = segm[name]
ab_name = (name + '\x00').encode('utf-8')
nameoffset = len(segm) * 32 + nameoffset_p
dataoffset = len(segm) * 32 + all_ab_name + dataoffset_p
db1 = struct.pack("<Q", nameoffset)
db2 = struct.pack("<Q", address)
db3 = struct.pack("<Q", length)
db4 = struct.pack("<Q", dataoffset)
self.mem_mmap[name] = [address, dataoffset, length]
binfile.write(db1)
binfile.write(db2)
binfile.write(db3)
binfile.write(db4)
nameoffset_p += len(ab_name)
dataoffset_p += length
for name in segm:
address, length, db_data = segm[name]
ab_name = (name + '\x00').encode('utf-8')
binfile.write(ab_name)
for name in segm:
address, length, db_data = segm[name]
binfile.write(db_data)
def notify(self):
idaapi.refresh_debugger_memory()
self.callback()