def getInputFilepath():
'''Returns None if the uesr cancels. Updates the filepath in the idb on success'''
filePath = idc.GetInputFilePath()
if not os.path.exists(filePath):
print 'IDB input file not found. Prompting for new one: %s' % filePath
filePath = idc.AskFile(False, '*.*', 'Enter path to idb input file')
if filePath is not None:
idc.SetInputFilePath(filePath)
return filePath
def start(self):
self.setSafeGuard()
if not os.path.isfile(self.modulePath):
self.modulePath = idc.AskFile(0,"*.*","Please select the right Path of the module/executable loaded in IDA")
idc.SetInputFilePath(self.modulePath)
LoadDebugger("win32", 0) # load win32 as default
if (StartDebugger(self.modulePath, self.moduleArgs, self.sourceDir) == -1):
self.log(1, "Error! Failed to launch debugger!")
GetDebuggerEvent(WFNE_ANY, -1) # handle first event
def __init__(self, headless=False, binary_path=None):
'''
Initialize the IdaConcreteTarget. Nothing has to be done if the target is used inside the IDA Debugger but when
using IDA in headless mode (without the GUI) we need to start the debugger by ourselves.
:param :bool headless: headless mode is used when IDA is launched without the GUI
:param :str binary_path: optional path to the binary needed only
Example
To run a script in IDA headless mode use:
> idat.exe -c -A -S"angr_script.py" -t
> idat -c -A -S"angr_script.py" -t
'''
self.headless = headless
if binary_path and not self.headless:
l.warn(
"The binary path is needed only when using IDA in headless mode"
)
if self.headless:
if binary_path is None:
l.warn(
"You should provide a binary path when running IDA in headless mode"
)
self.exit()
idc.SetInputFilePath(binary_path)
l.debug("Running IDA in headless mode. Initializing the debugger")
idaapi.autoWait()
if sys.platform is "win32":
idc.LoadDebugger("win32", 0)
else:
idc.LoadDebugger("linux", 0)
# entry_point = idc.GetLongPrm(INF_START_IP)
# print("adding breakpoint at %x"%(entry_point))
idc.SetInputFilePath(binary_path)
# idc.AddBpt(entry_point)
idc.SetDebuggerOptions(idc.DOPT_START_BPT)
idc.StartDebugger("", "", "")
idc.ResumeProcess()
idc.GetDebuggerEvent(idc.WFNE_SUSP, -1)
l.debug("Debugger initialized")
super(IDAConcreteTarget, self).__init__()
def setDebuggerOptions(self, processConfig, interactiveMode):
if processConfig.getOsArch() == 'ARM':
from dispatcher.core.structures.Tracer.ETDbgHookMobile import ETDbgHookMobile as ETDbgHook
port = 23946
host = "localhost"
_pass = ""
else:
from dispatcher.core.structures.Tracer.ETDbgHook import ETDbgHook as ETDbgHook
port = 0
host = ""
_pass = ""
path = processConfig.getPath()
application = processConfig.getApplication()
args = processConfig.getArgs()
sdir = processConfig.getSdir()
debugger = processConfig.getDebugger()
remote = processConfig.getRemote() == "True"
if remote:
port = int(processConfig.getPort())
host = processConfig.getHost()
_pass = processConfig.getPass()
#Use the win32 debugger as our debugger of choice
#You can can between these debuggers: win32, linux, mac
idc.LoadDebugger(debugger, remote)
#Set the process parameters, dont know if this actually worked (Should test it)
idc.SetInputFilePath(path)
idaapi.set_process_options(application, args, sdir, host, _pass, port)
if interactiveMode:
Print("Using interactive mode.")
else:
Print("Using non-interactive mode.")
EThook = ETDbgHook(self.tracefile, self.treeTracefile, self.logger,
interactiveMode)
EThook.hook()
EThook.steps = 0
return EThook
def setup0(self):
args = r''
exe = r'C:\Users\benoit\work\malware\run2.exe'
path = r'C:\Users\benoit\work\malware'
infile = r'C:\Users\benoit\work\malware\data.bin'
idc.StopDebugger()
idc.SetInputFilePath(infile)
self.run_call_addr = 0x4010df
self.main_addr = 0x401000
self.ret_pad_ea = self.run_call_addr + 0x10
idc.AddBpt(self.run_call_addr)
idc.AddBpt(self.main_addr)
self.add_bpt(self.ret_pad_ea)
res = idc.StartDebugger(exe, args, path)
print('starting dbugger')
time.sleep(1)
wait_susp()