def cb_broker_on_state_change(self, new_state): rs_debug("broker new state: %s" % Broker.QP_STATES[new_state]) if Broker.QP_STATES[new_state] == 'Not running': if rsconfig.LOG_TO_FILE_ENABLE: rs_log( ' check tmp file retsync.<broker|dispatcher>.err if you think this is an error' )
def init_broker(self): rs_debug("init_broker") modname = self.input.text() cmdline = "\"%s\" -u \"%s\" --idb \"%s\"" % ( PYTHON_PATH, BROKER_PATH, modname) rs_log("cmdline: %s" % cmdline) self.broker = Broker(self.parser) env = QProcessEnvironment.systemEnvironment() env.insert("IDB_PATH", IDB_PATH) env.insert("PYTHON_PATH", PYTHON_PATH) try: self.broker.started.connect(self.cb_broker_started) self.broker.finished.connect(self.cb_broker_finished) self.broker.setProcessEnvironment(env) self.broker.start(cmdline) except Exception as e: rs_log("[-] failed to start broker: %s\n%s" % (str(e), traceback.format_exc())) return self.init_hotkeys() self.broker.worker.name = modname
def translate_notice(self): if not self.dbg_dialect: rs_log("idb isn't synced yet, can't translate") return ea = idaapi.get_screen_ea() mod = self.name.split('.')[0].strip() cmd = self.dbg_dialect['prefix'] + "translate 0x%x 0x%x %s" % (self.base, ea, mod) self.notice_broker("cmd", "\"cmd\":\"%s\"" % cmd) rs_debug("translate address 0x%x" % ea)
def parse_exec(self, req): if self.prev_req: if self.prev_req != "": if rsconfig.DEBUG_JSON: rs_log("JSON merge with request: \"%s\"" % req) req = self.prev_req + req self.prev_req = "" if req == '': return if rsconfig.DEBUG_JSON: rs_log("parse_exec -> " + str(req)) if not (req.startswith('[sync]')): rs_log("[<] bad hdr %s" % repr(req)) rs_log('[-] Request dropped due to bad header') return req_ = self.normalize(req, 6) try: hash = json.loads(req_) except ValueError: if rsconfig.DEBUG_JSON: rs_log( "[x] Sync failed to parse json\n '%s'. Caching for next req..." % req_) rs_log("------------------------------------") self.prev_req = req return type = hash['type'] if type not in self.req_handlers: rs_log("unknown request: %s" % type) return req_handler = self.req_handlers[type] # few requests are handled even though idb is not enable if type in ['broker', 'dialect', 'bc']: req_handler(hash) else: if self.is_active: req_handler(hash) else: rs_debug("[-] Drop the %s request because idb is not enabled" % type) return idaapi.refresh_idaview_anyway()
def OnClose(self, form): rs_debug("form close") self.smooth_kill() idaapi.unregister_action('hexrays_sync_toogle:action') idaapi.detach_action_from_toolbar("DebugToolBar", 'hexrays_sync_toogle:action') idaapi.unregister_action('g_sync_toogle:action') idaapi.detach_action_from_toolbar("DebugToolBar", 'g_sync_toogle:action') global SyncForm del SyncForm
def req_broker(self, hash): subtype = hash['subtype'] if (subtype == 'msg'): # simple message announcement rs_log("<< broker << %s" % hash['msg']) elif (subtype == 'notice'): # notice from broker self.broker_port = int(hash['port']) rs_debug("<< broker << binding on port %d" % self.broker_port) for attempt in range(rsconfig.CONNECT_BROKER_MAX_ATTEMPT): try: host = socket.gethostbyname('localhost') self.broker_sock = socket.socket(socket.AF_INET, socket.SOCK_STREAM) self.broker_sock.settimeout(2) self.broker_sock.connect((host, self.broker_port)) break except socket.error: rs_log('failed to connect to broker') rs_log(sys.exc_info()) if self.broker_sock: self.broker_sock.close() self.broker_sock = None time.sleep(0.1) if (attempt == (rsconfig.CONNECT_BROKER_MAX_ATTEMPT - 1)): self.announcement( "[sync] failed to connect to broker (attempt %d)" % attempt) raise RuntimeError # request broker to validate its beacon time.sleep(0.4) self.beacon_notice() # enable/disable idb, if disable it drops most sync requests elif (subtype == 'enable_idb'): self.is_active = True rs_log('idb is enabled') elif (subtype == 'disable_idb'): self.is_active = False self.base_remote = None self.cb_restore_last_line() rs_log('idb is disabled')
def req_rln(self, hash): raddr = hash['raddr'] rs_debug("rln: 0x%x" % raddr) addr = self.rebase_local(raddr) if not addr: rs_log("could not rebase this address (0x%x)" % raddr) return sym = idaapi.get_func_name(addr) if sym: sym = self.demangle(sym) func = idaapi.get_func(addr) if not func: rs_log("could not find func for 0x%x" % addr) return lck = idaapi.lock_func(func) limits = ida_range.range_t() rs = ida_range.rangeset_t() if ida_funcs.get_func_ranges(rs, func) != ida_idaapi.BADADDR: limits.start_ea = rs.begin().start_ea limits.end_ea = rs.begin().end_ea if limits.start_ea != addr: if (addr > limits.start_ea): sym = "%s%s0x%x" % (sym, "+", addr - limits.start_ea) else: sym = "%s%s0x%x" % (sym, "-", limits.start_ea - addr) lck = None else: sym = idc.get_name(addr, ida_name.GN_VISIBLE) if sym: sym = self.demangle(sym) if sym: self.notice_broker('cmd', "\"cmd\":\"%s\"" % sym) rs_debug("resolved symbol: %s" % sym) else: rs_log("could not resolve symbol for address 0x%x" % addr)
def req_rln(self, hash): raddr, rbase, offset, base = hash['raddr'], hash['rbase'], hash[ 'offset'], hash['base'] rs_debug("rln: 0x%x - 0x%x - 0x%x - 0x%x" % (raddr, rbase, offset, base)) addr = self.rebase(rbase, raddr) if not addr: rs_log("could not rebase this address (0x%x)" % raddr) return sym = idaapi.get_func_name(addr) if sym: sym = self.demangle(sym) func = idaapi.get_func(addr) if not func: rs_log("could not find func for 0x%x" % addr) return lck = idaapi.lock_func(func) limits = idaapi.area_t() if idaapi.get_func_limits(func, limits): if limits.start_ea != addr: if (addr > limits.start_ea): sym = "%s%s0x%x" % (sym, "+", addr - limits.start_ea) else: sym = "%s%s0x%x" % (sym, "-", limits.start_ea - addr) lck = None else: sym = idc.get_name(addr, ida_name.GN_VISIBLE) if sym: sym = self.demangle(sym) if sym: self.notice_broker('cmd', "\"cmd\":\"%s\"" % sym) rs_debug("resolved symbol: %s" % sym) else: rs_log("could not resolve symbol for address 0x%x" % addr)
def init_broker(self): rs_debug("init_broker") modname = self.input.text() if modname == "": modname = self.handle_name_aliasing() self.input.setText(modname) cmdline = "\"%s\" -u \"%s\" --idb \"%s\"" % (PYTHON_PATH, BROKER_PATH, modname) rs_log("cmdline: %s" % cmdline) try: self.broker = Broker(self.parser) self.broker.started.connect(self.cb_broker_started) self.broker.finished.connect(self.cb_broker_finished) self.broker.start(cmdline) except Exception as e: rs_log("[-] failed to start broker: %s\n%s" % (str(e), traceback.format_exc())) return self.broker.worker.name = modname
def OnCreate(self, form): rs_debug("form create") # get parent widget parent = self.FormToPyQtWidget(form) # create global sync checkbox self.cb_sync = QtWidgets.QCheckBox('Synchronization enable') self.cb_sync.move(20, 20) self.cb_sync.stateChanged.connect(self.cb_change_state) # create hexrays sync checkbox self.cb_hexrays = QtWidgets.QCheckBox( 'Hex-Rays Synchronization enable') self.cb_hexrays.move(20, 20) self.cb_hexrays.stateChanged.connect(self.cb_hexrays_sync_state) # create label label = QtWidgets.QLabel('Overwrite idb name:') name = self.handle_name_aliasing() # create input field self.input = QtWidgets.QLineEdit(parent) self.input.setText(name) self.input.setMaxLength = 256 self.input.setFixedWidth(300) # create restart button self.btn = QtWidgets.QPushButton('restart', parent) self.btn.setToolTip('Restart broker.') self.btn.clicked.connect(self.cb_btn_restart) # create layout layout = QtWidgets.QGridLayout() layout.addWidget(self.cb_sync) layout.addWidget(self.cb_hexrays) layout.addWidget(label) layout.addWidget(self.input) layout.addWidget(self.btn, 2, 2) layout.setColumnStretch(4, 1) layout.setRowStretch(4, 1) parent.setLayout(layout) self.parser = argparse.ArgumentParser() self.parser.add_argument('-a', '--address', nargs=1, action='store') self.parser.add_argument('msg', nargs=argparse.REMAINDER) # synchronization is enabled by default self.cb_sync.toggle() # register action for hexrays sync action_hex_sync_desc = idaapi.action_desc_t( 'hexrays_sync_toogle:action', 'Toggle Hex-Rays syncing', CheckBoxActionHandler(self.cb_hexrays), 'Ctrl+H', 'Toggle Hex-Rays syncing', 198) idaapi.register_action(action_hex_sync_desc) idaapi.attach_action_to_toolbar("DebugToolBar", 'hexrays_sync_toogle:action') # register action for global sync action_g_sync_desc = idaapi.action_desc_t( 'g_sync_toogle:action', 'Toggle syncing', CheckBoxActionHandler(self.cb_sync), 'Ctrl+Shift+S', 'Toggle syncing', 203) idaapi.register_action(action_g_sync_desc) idaapi.attach_action_to_toolbar("DebugToolBar", 'g_sync_toogle:action')