Python retrieve_input_file_sha256 Examples

Programming Language: Python

Namespace/Package Name: idaapi

Method/Function: retrieve_input_file_sha256

Examples at hotexamples.com: 4

Python retrieve_input_file_sha256 - 4 examples found. These are the top rated real world Python examples of idaapi.retrieve_input_file_sha256 extracted from open source projects. You can rate examples to help us improve the quality of examples.

Example #1

Show file

def collect_metadata():
    md5 = idautils.GetInputFileMD5()
    if not isinstance(md5, six.string_types):
        md5 = capa.features.bytes_to_str(md5)

    sha256 = idaapi.retrieve_input_file_sha256()
    if not isinstance(sha256, six.string_types):
        sha256 = capa.features.bytes_to_str(sha256)

    return {
        "timestamp": datetime.datetime.now().isoformat(),
        # "argv" is not relevant here
        "sample": {
            "md5": md5,
            "sha1": "",  # not easily accessible
            "sha256": sha256,
            "path": idaapi.get_input_file_path(),
        },
        "analysis": {
            "format": idaapi.get_file_type_name(),
            "extractor": "ida",
            "base_address": idaapi.get_imagebase(),
        },
        "version": capa.version.__version__,
    }

Example #2

Show file

def collect_metadata():
    return {
        "timestamp": datetime.datetime.now().isoformat(),
        # "argv" is not relevant here
        "sample": {
            "md5": capa.features.bytes_to_str(idautils.GetInputFileMD5()),
            # "sha1" not easily accessible
            "sha256": capa.features.bytes_to_str(idaapi.retrieve_input_file_sha256()),
            "path": idaapi.get_input_file_path(),
        },
        "analysis": {"format": idaapi.get_file_type_name(), "extractor": "ida",},
        "version": capa.version.__version__,
    }

Example #3

Show file

def get_upload_func_info(ea):
    """
    get function upload info by IDA Pro

    Args:
        ea(ea_t): function address

    Returns:
        func_info(dict): function info
    """
    func_info = {}
    try:
        hf = idaapi.hexrays_failure_t()
        if idaapi.IDA_SDK_VERSION >= 730:
            cfunc = idaapi.decompile(ea, hf, idaapi.DECOMP_NO_WAIT)
        else:
            cfunc = idaapi.decompile(ea, hf)
        func_info['feature'] = str(cfunc)
        func_info['pseudo_code'] = str(cfunc)
    except Exception as e:
        print(str(e))
        return None

    func_info['binary_file'] = idaapi.get_root_filename()
    binary_sha256 = idaapi.retrieve_input_file_sha256()
    binary_sha256 = binary_sha256.hex() if isinstance(binary_sha256,
                                                      bytes) else binary_sha256
    func_info['binary_sha256'] = binary_sha256
    func_info['binary_offset'] = idaapi.get_fileregion_offset(ea)
    func_info['platform'] = get_platform_info()
    func_info['name'] = idaapi.get_func_name(ea)

    func_bytes = b''
    for start, end in idautils.Chunks(idaapi.get_func(ea).start_ea):
        fb = idaapi.get_bytes(start, end - start)
        func_bytes += fb
    func_bytes = func_bytes.hex() if isinstance(func_bytes,
                                                bytes) else func_bytes
    func_info['func_bytes'] = func_bytes

    return func_info

Example #4

Show file

def get_file_sha256():
    """ """
    sha256 = idaapi.retrieve_input_file_sha256()
    if not isinstance(sha256, str):
        sha256 = capa.features.bytes_to_str(sha256)
    return sha256