def subscriberChanged(self):
subPaths = self.subscriber.subPaths()
if self.listWidget:
self.listWidget.clear()
elif self.tableWidget:
self.tableWidget.clearContents()
self.tableWidget.setRowCount(len(subPaths))
for i in xrange(len(subPaths)):
v = self.subscriber.value(subPaths[i])
if self.listWidget:
item = QListWidgetItem('%s (%s)\n%s' % (subPaths[i], str(type(v)), str(v)))
item.setFlags(item.flags() & ~Qt.ItemIsEditable)
self.listWidget.addItem(item)
elif self.tableWidget:
pathItem = QTableWidgetItem(subPaths[i])
pathItem.setFlags(pathItem.flags() & ~Qt.ItemIsEditable)
valueItem = QTableWidgetItem(str(v))
valueItem.setFlags(pathItem.flags() & ~Qt.ItemIsEditable)
typeItem = QTableWidgetItem(str(type(v)))
typeItem.setFlags(pathItem.flags() & ~Qt.ItemIsEditable)
self.tableWidget.setItem(i, 0, pathItem)
self.tableWidget.setItem(i, 1, valueItem)
self.tableWidget.setItem(i, 2, typeItem)
def subscriberChanged(self):
subPaths = self.subscriber.subPaths()
if self.listWidget:
self.listWidget.clear()
elif self.tableWidget:
self.tableWidget.clearContents()
self.tableWidget.setRowCount(len(subPaths))
for i in xrange(len(subPaths)):
v = self.subscriber.value(subPaths[i])
if self.listWidget:
item = QListWidgetItem('%s (%s)\n%s' %
(subPaths[i], str(type(v)), str(v)))
item.setFlags(item.flags() & ~Qt.ItemIsEditable)
self.listWidget.addItem(item)
elif self.tableWidget:
pathItem = QTableWidgetItem(subPaths[i])
pathItem.setFlags(pathItem.flags() & ~Qt.ItemIsEditable)
valueItem = QTableWidgetItem(str(v))
valueItem.setFlags(pathItem.flags() & ~Qt.ItemIsEditable)
typeItem = QTableWidgetItem(str(type(v)))
typeItem.setFlags(pathItem.flags() & ~Qt.ItemIsEditable)
self.tableWidget.setItem(i, 0, pathItem)
self.tableWidget.setItem(i, 1, valueItem)
self.tableWidget.setItem(i, 2, typeItem)
def readTableFromList(self, mytable, mylist):
"""
mylist contains triples of (name, value, modifyable)
"""
mytable.clear()
mytable.setRowCount(0)
for (ind, (name, string_value, modifyable,
var_type)) in enumerate(sorted(mylist, key=lambda x: x[0])):
# sort list to get a reproducible table
mytable.insertRow(ind)
mytable.setItem(ind, 0, QTableWidgetItem(name))
value_item = QTableWidgetItem(string_value)
if not modifyable:
value_item.setFlags(value_item.flags() & Qt.ItemIsEditable)
mytable.setItem(ind, 1, value_item)
type_item = QTableWidgetItem(str(var_type))
type_item.setFlags(type_item.flags() & Qt.ItemIsEditable)
mytable.setItem(ind, 2, type_item)
header = mytable.horizontalHeader()
try:
# this is Qt4
header.setResizeMode(0, QHeaderView.ResizeToContents)
header.setResizeMode(1, QHeaderView.Stretch)
except AttributeError:
# this is Qt5
header.setSectionResizeMode(0, QHeaderView.ResizeToContents)
header.setSectionResizeMode(1, QHeaderView.Stretch)
def add_link( self, url ):
"""
Adds a link to the link widget.
Only adds if its not already present.
"""
if url not in self.links:
self.links.add( url )
rowCounts = self.links_ui.rowCount()
nextRow = rowCounts + 1
nextPosition = rowCounts # row count is the length, but position is zero-based
self.links_ui.setRowCount( nextRow )
urlEntry = QTableWidgetItem( url )
statusEntry = QTableWidgetItem( '' )
statusEntry.setTextAlignment( Qt.AlignCenter )
urlEntry.setFlags( urlEntry.flags() & ~Qt.ItemIsEditable ) # not editable
statusEntry.setFlags( statusEntry.flags() & ~Qt.ItemIsEditable ) # not editable
self.links_ui.setItem( nextPosition, 0, urlEntry )
self.links_ui.setItem( nextPosition, 1, statusEntry )
# check if online
stream = Stream( url.split() )
stream.is_online( statusEntry )
def add_chunk_trace_table(self, table, trace, k, index):
i = index
while trace.instrs.has_key(k):
inst = trace.instrs[k]
if trace.metas.has_key(k):
for name, arg1, arg2 in trace.metas[k]:
if name == "wave":
infos = ["=", "========",
"> Wave:" + str(arg1)] #,"=","========"
elif name == "exception":
infos = [
"", "", "Exception type:" + str(arg1) +
" @handler:" + str(arg2)
] #,"",""
elif name == "module":
infos = ["", "Module", arg1] #,"",""
else:
infos = ["", "", "Invalid"] #,"",""
for col_id, cell in enumerate(infos):
newitem = QTableWidgetItem(cell)
newitem.setFlags(newitem.flags() ^ Qt.ItemIsEditable)
table.setItem(i, col_id, newitem)
i += 1
info = [str(k), hex(inst.address)[:-1], inst.opcode
] #str(inst.thread), idc.GetFunctionName(inst.address)
for col_id, cell in enumerate(info):
newitem = QTableWidgetItem(cell)
newitem.setFlags(newitem.flags() ^ Qt.ItemIsEditable)
table.setItem(i, col_id, newitem)
i += 1
k += 1
def readTableFromList(self, mytable, mylist):
"""
mylist contains triples of (name, value, modifyable)
"""
mytable.clear()
mytable.setRowCount(0)
for (ind, (name, string_value, modifyable, var_type)) in enumerate(
sorted(mylist, key=lambda x: x[0])):
# sort list to get a reproducible table
mytable.insertRow(ind)
mytable.setItem(ind, 0, QTableWidgetItem(name))
value_item = QTableWidgetItem(string_value)
if not modifyable:
value_item.setFlags(value_item.flags() & Qt.ItemIsEditable)
mytable.setItem(ind, 1, value_item)
type_item = QTableWidgetItem(str(var_type))
type_item.setFlags(type_item.flags() & Qt.ItemIsEditable)
mytable.setItem(ind, 2, type_item)
header = mytable.horizontalHeader()
try:
# this is Qt4
header.setResizeMode(0, QHeaderView.ResizeToContents)
header.setResizeMode(1, QHeaderView.Stretch)
except AttributeError:
# this is Qt5
header.setSectionResizeMode(0, QHeaderView.ResizeToContents)
header.setSectionResizeMode(1, QHeaderView.Stretch)
def _showStringXrefs(self):
"""
Displays string references in a table
Optionally Shannon's misc.entropy as well
"""
# Retrieve some config values
show_misc_entropy = self.config.calculate_entropy
show_unique_s = self.config.display_unique_strings
self._console_output("Calculating string references...")
self.ba.calculate_strings_list()
s_ref_list = self.ba.get_string_references()
# Found any references at all?
nrows = len(s_ref_list)
if not nrows:
self._console_output("[!] No string references found", err=True)
return
if show_misc_entropy:
self.table.setColumnCount(3)
self.table.setHorizontalHeaderLabels(
("Address", "String", "Entropy"))
else:
self.table.setColumnCount(2)
self.table.setHorizontalHeaderLabels(("Address", "String"))
self.table_label.setText("String references in current function")
self.table.clearContents()
self.table.setRowCount(0)
# Fill the table
displayed_strings = []
idx = 0
for (addr, s) in s_ref_list:
if show_unique_s and s in displayed_strings:
continue
displayed_strings.append(s)
self.table.insertRow(idx)
addr_item = QTableWidgetItem("%08x" % addr)
addr_item.setFlags(addr_item.flags() ^ QtCore.Qt.ItemIsEditable)
string_item = QTableWidgetItem(s.decode('utf-8'))
string_item.setFlags(string_item.flags()
^ QtCore.Qt.ItemIsEditable)
self.table.setItem(idx, 0, addr_item)
self.table.setItem(idx, 1, string_item)
if show_misc_entropy:
misc_entropy_item = cw.NumQTableWidgetItem("%.4f" %
misc.entropy(s))
self.table.setItem(idx, 2, misc_entropy_item)
idx += 1
def add_link(self, url):
"""
Adds a link to the link widget.
Only adds if its not already present.
"""
if url not in self.links:
self.links.add(url)
rowCounts = self.links_ui.rowCount()
nextRow = rowCounts + 1
nextPosition = rowCounts # row count is the length, but position is zero-based
self.links_ui.setRowCount(nextRow)
urlEntry = QTableWidgetItem(url)
statusEntry = QTableWidgetItem('')
statusEntry.setTextAlignment(Qt.AlignCenter)
urlEntry.setFlags(urlEntry.flags()
& ~Qt.ItemIsEditable) # not editable
statusEntry.setFlags(statusEntry.flags()
& ~Qt.ItemIsEditable) # not editable
self.links_ui.setItem(nextPosition, 0, urlEntry)
self.links_ui.setItem(nextPosition, 1, statusEntry)
# check if online
stream = Stream(url.split())
stream.is_online(statusEntry)
def _showImportTrace(self, restrict=True):
"""
This is the GUI part of the PIN trace import functionality
"""
self._console_output("Importing PIN trace information from file...")
# Color for the basic blocks hit during the trace
col = QtGui.QColorDialog.getColor()
if col.isValid():
# IDA works with BGR (annoying)
ida_color = misc.pyside_to_ida_color(col.name())
else:
# Probably closed the QColorDialog
self._console_output(
"[!] Problem getting color for trace. Aborting.")
return
try:
imported_info_dict = self.ie.ti.import_data(ida_color)
except:
self._console_output("[!] Problem importing from file", err=True)
self._console_output(traceback.format_exc(), err=True)
return
self.table.setColumnCount(5)
self.table.setHorizontalHeaderLabels(
('Thread ID', 'From', 'To', 'From (name)', 'To (name)'))
self.table_label.setText("Imported information from PIN trace")
self.table.clearContents()
self.table.setRowCount(0)
# Fill with contents
# TODO: This could be better in a QTree or maybe adding
# a dropdown to select the thread id...
idx = 0
for tid, call_list in imported_info_dict.iteritems():
self._console_output("Processing Thread ID %d" % tid)
for u_ea, v_ea in call_list:
self.table.insertRow(idx)
tid_item = QTableWidgetItem("%d" % tid)
u_item = QTableWidgetItem("%x" % u_ea)
u_item.setFlags(u_item.flags() ^ QtCore.Qt.ItemIsEditable)
v_item = QTableWidgetItem("%x" % v_ea)
v_item.setFlags(v_item.flags() ^ QtCore.Qt.ItemIsEditable)
from_item = QTableWidgetItem(misc.get_function_name(u_ea))
to_item = QTableWidgetItem(misc.get_function_name(v_ea))
self.table.setItem(idx, 0, tid_item)
self.table.setItem(idx, 1, u_item)
self.table.setItem(idx, 2, v_item)
self.table.setItem(idx, 3, from_item)
self.table.setItem(idx, 4, to_item)
idx += 1
def _showStringXrefs(self):
"""
Displays string references in a table
Optionally Shannon's misc.entropy as well
"""
# Retrieve some config values
show_misc_entropy = self.config.calculate_entropy
show_unique_s = self.config.display_unique_strings
self._console_output("Calculating string references...")
self.ba.calculate_strings_list()
s_ref_list = self.ba.get_string_references()
# Found any references at all?
nrows = len(s_ref_list)
if not nrows:
self._console_output("[!] No string references found", err = True)
return
if show_misc_entropy:
self.table.setColumnCount(3)
self.table.setHorizontalHeaderLabels(
("Address", "String", "Entropy"))
else:
self.table.setColumnCount(2)
self.table.setHorizontalHeaderLabels(("Address", "String"))
self.table_label.setText("String references in current function")
self.table.clearContents()
self.table.setRowCount(0)
# Fill the table
displayed_strings = []
idx = 0
for (addr, s) in s_ref_list:
if show_unique_s and s in displayed_strings:
continue
displayed_strings.append(s)
self.table.insertRow(idx)
addr_item = QTableWidgetItem("%08x" % addr)
addr_item.setFlags(addr_item.flags() ^ QtCore.Qt.ItemIsEditable)
string_item = QTableWidgetItem(s.decode('utf-8'))
string_item.setFlags(string_item.flags() ^ QtCore.Qt.ItemIsEditable)
self.table.setItem(idx, 0, addr_item)
self.table.setItem(idx, 1, string_item)
if show_misc_entropy:
misc_entropy_item = cw.NumQTableWidgetItem("%.4f" % misc.entropy(s))
self.table.setItem(idx, 2, misc_entropy_item)
idx += 1
def _showImportTrace(self):
"""
This is the GUI part of the PIN trace import functionality
"""
self._console_output("Importing PIN trace information from file...")
# Color for the basic blocks hit during the trace
col = QtGui.QColorDialog.getColor()
if col.isValid():
# IDA works with BGR (annoying)
ida_color = misc.pyside_to_ida_color(col.name())
else:
# Probably closed the QColorDialog
self._console_output("[!] Problem getting color for trace. Aborting.")
return
try:
imported_info_dict = self.ie.ti.import_data(ida_color)
except:
self._console_output("[!] Problem importing from file", err = True)
self._console_output(traceback.format_exc(), err = True)
return
self.table.setColumnCount(5)
self.table.setHorizontalHeaderLabels(
('Thread ID', 'From', 'To', 'From (name)', 'To (name)'))
self.table_label.setText("Imported information from PIN trace")
self.table.clearContents()
self.table.setRowCount(0)
# Fill with contents
# TODO: This could be better in a QTree or maybe adding
# a dropdown to select the thread id...
idx = 0
for tid, call_list in imported_info_dict.iteritems():
self._console_output("Processing Thread ID %d" % tid)
for u_ea, v_ea in call_list:
self.table.insertRow(idx)
tid_item = QTableWidgetItem("%d" % tid)
u_item = QTableWidgetItem("%x" % u_ea)
u_item.setFlags(u_item.flags() ^ QtCore.Qt.ItemIsEditable)
v_item = QTableWidgetItem("%x" % v_ea)
v_item.setFlags(v_item.flags() ^ QtCore.Qt.ItemIsEditable)
from_item = QTableWidgetItem(misc.get_function_name(u_ea))
to_item = QTableWidgetItem(misc.get_function_name(v_ea))
self.table.setItem(idx, 0, tid_item)
self.table.setItem(idx, 1, u_item)
self.table.setItem(idx, 2, v_item)
self.table.setItem(idx, 3, from_item)
self.table.setItem(idx, 4, to_item)
idx += 1
def _showConnectedIO(self):
"""
Shows a list of functions dealing with IO and
connected to the current function
"""
self._console_output("Calculating file & network IO...")
io_list = self.ba.input_to_function()
if not io_list:
self._console_output("[!] No (obvious) IO connecting to this function", err = True)
return
self.table.setColumnCount(2)
self.table.setHorizontalHeaderLabels(("Caller", "Name"))
self.table_label.setText("Connected IO")
self.table.clearContents()
self.table.setRowCount(0)
for idx, caller in enumerate(io_list):
self.table.insertRow(idx)
addr_item = QTableWidgetItem("%08x" % caller)
addr_item.setFlags(addr_item.flags() ^ QtCore.Qt.ItemIsEditable)
name_item = QTableWidgetItem("%s" % misc.get_function_name(caller))
self.table.setItem(idx, 0, addr_item)
self.table.setItem(idx, 1, name_item)
def set_abbreviations(self, empire):
""" Clears the abbreviations table, then adds the abbreviations for the current
empire to it.
Arguments:
empire (lacuna.empire.MyEmpire): The empire whose abbreviations we'll show.
"""
self.init_for_data()
self.widget.setSortingEnabled(False)
row = 0
for n in sorted(empire.planet_names):
self.num_planets += 1
itm_name = QTableWidgetItem(n)
try:
itm_abbrv = QTableWidgetItem(self.parent.app.abbrv.get_abbrv(n))
except KeyError as e:
itm_abbrv = QTableWidgetItem("<None>")
fl = itm_name.flags()
fl &= ~Qt.ItemIsEditable
itm_name.setFlags(fl)
self.widget.insertRow(row)
self.widget.setItem(row, 0, itm_name)
self.widget.setItem(row, 1, itm_abbrv)
row += 1
self.widget.setSortingEnabled(True)
self.widget.itemChanged.connect(self.update)
self.resize(True)
def _showConnectedIO(self):
"""
Shows a list of functions dealing with IO and
connected to the current function
"""
self._console_output("Calculating file & network IO...")
io_list = self.ba.input_to_function()
if not io_list:
self._console_output("[!] No (obvious) IO connecting \
to this function", err = True)
return
self.table.setColumnCount(2)
self.table.setHorizontalHeaderLabels(("Caller", "Name"))
self.table_label.setText("Connected IO")
self.table.clearContents()
self.table.setRowCount(0)
for idx, caller in enumerate(io_list):
self.table.insertRow(idx)
addr_item = QTableWidgetItem("%08x" % caller)
addr_item.setFlags(addr_item.flags() ^ QtCore.Qt.ItemIsEditable)
name_item = QTableWidgetItem("%s" % misc.get_function_name(caller))
self.table.setItem(idx, 0, addr_item)
self.table.setItem(idx, 1, name_item)
def _showMostReferenced(self):
"""
Shows the most referenced functions.
"""
self._console_output("Calculating most referenced functions...")
self.table_label.setText("Most referenced functions")
most_referenced = self.ba.most_referenced_functions()
self.table.setColumnCount(3)
self.table.setHorizontalHeaderLabels(("Address", "References", "Name"))
self.table.clearContents()
self.table.setRowCount(0)
idx = 0
# Fill with contents
for f_ea, (ref_nr, ref_name) in most_referenced:
self.table.insertRow(idx)
addr_item = QTableWidgetItem("%x" % f_ea)
addr_item.setFlags(addr_item.flags() ^ QtCore.Qt.ItemIsEditable)
ref_item = cw.NumQTableWidgetItem("%d" % ref_nr)
name_item = QTableWidgetItem(ref_name)
self.table.setItem(idx, 0, addr_item)
self.table.setItem(idx, 1, ref_item)
self.table.setItem(idx, 2, name_item)
idx += 1
def _patchBinary(self):
"""
Exports the current function code, ascii hex encoded
This is useful to import into tools like miasm and alike
"""
self._console_output("Patching the original binary...")
pl = patch_binary()
if not pl:
self._console_output("[!] No bytes to patch", err = True)
return
self.table.setColumnCount(3)
self.table.setHorizontalHeaderLabels(('File offset', 'Original', 'Patched'))
self.table_label.setText("Patched bytes exported to file")
self.table.clearContents()
self.table.setRowCount(0)
# Fill with contents
for idx, (fpos, o, p) in enumerate(pl):
self.table.insertRow(idx)
fpos_item = QTableWidgetItem("%x" % fpos)
fpos_item.setFlags(fpos_item.flags() ^ QtCore.Qt.ItemIsEditable)
orig_item = QTableWidgetItem("%x" % o)
patch_item = QTableWidgetItem("%x" % p)
self.table.setItem(idx, 0, fpos_item)
self.table.setItem(idx, 1, orig_item)
self.table.setItem(idx, 2, patch_item)
self._console_output("Done patching. Look in the same directory as the original for a .patched file")
def set_abbreviations(self, empire):
""" Clears the abbreviations table, then adds the abbreviations for the current
empire to it.
Arguments:
empire (lacuna.empire.MyEmpire): The empire whose abbreviations we'll show.
"""
self.init_for_data()
self.widget.setSortingEnabled(False)
row = 0
for n in sorted(empire.planet_names):
itm_name = QTableWidgetItem(n)
try:
itm_abbrv = QTableWidgetItem(
self.parent.app.abbrv.get_abbrv(n))
except KeyError as e:
itm_abbrv = QTableWidgetItem("<None>")
fl = itm_name.flags()
fl &= ~Qt.ItemIsEditable
itm_name.setFlags(fl)
self.widget.insertRow(row)
self.widget.setItem(row, 0, itm_name)
self.widget.setItem(row, 1, itm_abbrv)
row += 1
self.widget.setSortingEnabled(True)
self.widget.itemChanged.connect(self.update)
self.resize()
def _patchBinary(self):
"""
Exports the current function code, ascii hex encoded
This is useful to import into tools like miasm and alike
"""
self._console_output("Patching the original binary...")
pl = patch_binary()
if not pl:
self._console_output("[!] No bytes to patch", err=True)
return
self.table.setColumnCount(3)
self.table.setHorizontalHeaderLabels(
('File offset', 'Original', 'Patched'))
self.table_label.setText("Patched bytes exported to file")
self.table.clearContents()
self.table.setRowCount(0)
# Fill with contents
for idx, (fpos, o, p) in enumerate(pl):
self.table.insertRow(idx)
fpos_item = QTableWidgetItem("%x" % fpos)
fpos_item.setFlags(fpos_item.flags() ^ QtCore.Qt.ItemIsEditable)
orig_item = QTableWidgetItem("%x" % o)
patch_item = QTableWidgetItem("%x" % p)
self.table.setItem(idx, 0, fpos_item)
self.table.setItem(idx, 1, orig_item)
self.table.setItem(idx, 2, patch_item)
self._console_output(
"Done patching. Look in the same directory as the original for a .patched file"
)
def _markImmCompares(self):
"""
Marks the immediate compares within the current function
"""
self.output_window.append("Marking all immediate compares...")
self.table_label.setText("Immediate compares within current function")
INS_COLOR = 0x2020c0
self.table.setColumnCount(2)
self.table.setHorizontalHeaderLabels(("Address", "Disassembly"))
self.table.clearContents()
self.table.setRowCount(0)
idx = 0
for cmp_ea, dis in self.ba.find_imm_compares():
self.table.insertRow(idx)
addr_item = QTableWidgetItem("%x" % cmp_ea)
addr_item.setFlags(addr_item.flags() ^ QtCore.Qt.ItemIsEditable)
dis_item = cw.NumQTableWidgetItem("%s" % dis)
self.table.setItem(idx, 0, addr_item)
self.table.setItem(idx, 1, dis_item)
misc.set_ins_color(cmp_ea, INS_COLOR)
idx += 1
def _markImmCompares(self):
"""
Marks the immediate compares within the current function
"""
self.output_window.append("Marking all immediate compares...")
self.table_label.setText("Immediate compares within current function")
INS_COLOR = 0x2020c0
self.table.setColumnCount(2)
self.table.setHorizontalHeaderLabels(("Address", "Disassembly"))
self.table.clearContents()
self.table.setRowCount(0)
idx = 0
for cmp_ea, dis in self.ba.find_imm_compares():
self.table.insertRow(idx)
addr_item = QTableWidgetItem("%x" % cmp_ea)
addr_item.setFlags(addr_item.flags() ^ QtCore.Qt.ItemIsEditable)
dis_item = cw.NumQTableWidgetItem("%s" % dis)
self.table.setItem(idx, 0, addr_item)
self.table.setItem(idx, 1, dis_item)
misc.set_ins_color(cmp_ea, INS_COLOR)
idx += 1
def _showMostReferenced(self):
"""
Shows the most referenced functions.
"""
self._console_output("Calculating most referenced functions...")
self.table_label.setText("Most referenced functions")
most_referenced = self.ba.most_referenced_functions()
self.table.setColumnCount(3)
self.table.setHorizontalHeaderLabels(("Address", "References", "Name"))
self.table.clearContents()
self.table.setRowCount(0)
idx = 0
# Fill with contents
for f_ea, (ref_nr, ref_name) in most_referenced:
self.table.insertRow(idx)
addr_item = QTableWidgetItem("%x" % f_ea)
addr_item.setFlags(addr_item.flags() ^ QtCore.Qt.ItemIsEditable)
ref_item = cw.NumQTableWidgetItem("%d" % ref_nr)
name_item = QTableWidgetItem(ref_name)
self.table.setItem(idx, 0, addr_item)
self.table.setItem(idx, 1, ref_item)
self.table.setItem(idx, 2, name_item)
idx += 1
def _callsInThisFunction(self):
"""
Shows all calls within the current function
"""
msg = "Calls within function '" + misc.get_function_name()
self._console_output(msg)
show_unique_calls = self.config.display_unique_calls
callee_list = self.ba.calls_in_function()
nrows = len(callee_list)
if not nrows:
self._console_output("[!] No calls found", err = True)
return
self.table_label.setText("Calls within current function")
self.table.setColumnCount(2)
self.table.setHorizontalHeaderLabels(("Address", "Callee"))
self.table.clearContents()
self.table.setRowCount(0)
# Fill with contents
shown_calls = []
idx = 0
for (addr, callee) in callee_list:
if show_unique_calls and callee in shown_calls:
continue
shown_calls.append(callee)
self.table.insertRow(idx)
addr_item = QTableWidgetItem("%08x" % addr)
addr_item.setFlags(addr_item.flags() ^ QtCore.Qt.ItemIsEditable)
callee_item = QTableWidgetItem(callee)
callee_item.setFlags(addr_item.flags() ^ QtCore.Qt.ItemIsEditable)
self.table.setItem(idx, 0, addr_item)
self.table.setItem(idx, 1, callee_item)
idx += 1
def _callsInThisFunction(self):
"""
Shows all calls within the current function
"""
msg = "Calls within function '" + misc.get_function_name()
self._console_output(msg)
show_unique_calls = self.config.display_unique_calls
callee_list = self.ba.calls_in_function()
nrows = len(callee_list)
if not nrows:
self._console_output("[!] No calls found", err = True)
return
self.table_label.setText("Calls within current function")
self.table.setColumnCount(2)
self.table.setHorizontalHeaderLabels(("Address", "Callee"))
self.table.clearContents()
self.table.setRowCount(0)
# Fill with contents
shown_calls = []
idx = 0
for (addr, callee) in callee_list:
if show_unique_calls and callee in shown_calls:
continue
shown_calls.append(callee)
self.table.insertRow(idx)
addr_item = QTableWidgetItem("%08x" % addr)
addr_item.setFlags(addr_item.flags() ^ QtCore.Qt.ItemIsEditable)
callee_item = QTableWidgetItem(callee)
callee_item.setFlags(addr_item.flags() ^ QtCore.Qt.ItemIsEditable)
self.table.setItem(idx, 0, addr_item)
self.table.setItem(idx, 1, callee_item)
idx += 1
def addFiles(self):
files, _ = QFileDialog.getOpenFileNames(
self, self.tr("Select Music Files"),
QDesktopServices.storageLocation(QDesktopServices.MusicLocation),
self.tr("Media Files (*.mp3 *.mp4 *.aac)")
)
if not files:
return
for mediafile in files:
title = "unknown"
artist, album, year = "", "", ""
try:
tag = EasyID3(mediafile)
title = tag['title'][0]
artist = tag['artist'][0]
album = tag['album'][0]
year = tag['date'][0]
except:
pass
titleItem = QTableWidgetItem(title)
titleItem.setFlags(titleItem.flags() ^ Qt.ItemIsEditable)
artistItem = QTableWidgetItem(artist)
artistItem.setFlags(artistItem.flags() ^ Qt.ItemIsEditable)
albumItem = QTableWidgetItem(album)
albumItem.setFlags(albumItem.flags() ^ Qt.ItemIsEditable)
yearItem = QTableWidgetItem(year)
yearItem.setFlags(yearItem.flags() ^ Qt.ItemIsEditable)
currentRow = self.musicTable.rowCount()
self.musicTable.insertRow(currentRow)
self.musicTable.setItem(currentRow, 0, titleItem)
self.musicTable.setItem(currentRow, 1, artistItem)
self.musicTable.setItem(currentRow, 2, albumItem)
self.musicTable.setItem(currentRow, 3, yearItem)
self.engine.play_list_add(files)
self.play_action()
def addFiles(self):
files, _ = QFileDialog.getOpenFileNames(
self, self.tr("Select Music Files"),
QDesktopServices.storageLocation(QDesktopServices.MusicLocation),
self.tr("Media Files (*.mp3 *.mp4 *.aac)")
)
if not files:
return
for mediafile in files:
title = "unknown"
artist, album, year = "", "", ""
try:
tag = EasyID3(mediafile)
title = tag['title'][0]
artist = tag['artist'][0]
album = tag['album'][0]
year = tag['date'][0]
except:
pass
titleItem = QTableWidgetItem(title)
titleItem.setFlags(titleItem.flags() ^ Qt.ItemIsEditable)
artistItem = QTableWidgetItem(artist)
artistItem.setFlags(artistItem.flags() ^ Qt.ItemIsEditable)
albumItem = QTableWidgetItem(album)
albumItem.setFlags(albumItem.flags() ^ Qt.ItemIsEditable)
yearItem = QTableWidgetItem(year)
yearItem.setFlags(yearItem.flags() ^ Qt.ItemIsEditable)
currentRow = self.musicTable.rowCount()
self.musicTable.insertRow(currentRow)
self.musicTable.setItem(currentRow, 0, titleItem)
self.musicTable.setItem(currentRow, 1, artistItem)
self.musicTable.setItem(currentRow, 2, albumItem)
self.musicTable.setItem(currentRow, 3, yearItem)
self.engine.play_list_add(files)
self.play_action()
def _showDangerousConnections(self):
"""
Shows connections graphs between functions calling IO
and the ones calling dangerous APIs
"""
self._console_output("Calculating dangerous connections...")
conn_graphs = self.ba.get_all_dangerous_connections()
if not conn_graphs:
self._console_output("[!] No (obvious) dangerous connections",
err=True)
return
self.table.setColumnCount(5)
self.table.setHorizontalHeaderLabels(
("IO Caller", "Dangerous Functions", "Shortest Path Length", "u",
"v"))
self.table_label.setText("Dangerous Connections")
self.table.clearContents()
self.table.setRowCount(0)
for idx, c in enumerate(conn_graphs):
self.table.insertRow(idx)
u, v, sp_len = c # tuple unpacking
io_item = QTableWidgetItem("%s" % misc.get_function_name(u))
df_item = QTableWidgetItem("%s" % misc.get_function_name(v))
sp_item = QTableWidgetItem("%d" % sp_len)
ioa_item = QTableWidgetItem("%x" % u)
ioa_item.setFlags(ioa_item.flags() ^ QtCore.Qt.ItemIsEditable)
dfa_item = QTableWidgetItem("%x" % v)
dfa_item.setFlags(dfa_item.flags() ^ QtCore.Qt.ItemIsEditable)
self.table.setItem(idx, 0, io_item)
self.table.setItem(idx, 1, df_item)
self.table.setItem(idx, 2, sp_item)
self.table.setItem(idx, 3, ioa_item)
self.table.setItem(idx, 4, dfa_item)
def _showDangerousConnections(self):
"""
Shows connections graphs between functions calling IO
and the ones calling dangerous APIs
"""
self._console_output("Calculating dangerous connections...")
conn_graphs = self.ba.get_all_dangerous_connections()
if not conn_graphs:
self._console_output("[!] No (obvious) dangerous connections", err = True)
return
self.table.setColumnCount(5)
self.table.setHorizontalHeaderLabels(
("IO Caller", "Dangerous Functions", "Shortest Path Length", "u", "v"))
self.table_label.setText("Dangerous Connections")
self.table.clearContents()
self.table.setRowCount(0)
for idx, c in enumerate(conn_graphs):
self.table.insertRow(idx)
u, v, sp_len = c # tuple unpacking
io_item = QTableWidgetItem("%s" % misc.get_function_name(u))
df_item = QTableWidgetItem("%s" % misc.get_function_name(v))
sp_item = QTableWidgetItem("%d" % sp_len)
ioa_item = QTableWidgetItem("%x" % u)
ioa_item.setFlags(ioa_item.flags() ^ QtCore.Qt.ItemIsEditable)
dfa_item = QTableWidgetItem("%x" % v)
dfa_item.setFlags(dfa_item.flags() ^ QtCore.Qt.ItemIsEditable)
self.table.setItem(idx, 0, io_item)
self.table.setItem(idx, 1, df_item)
self.table.setItem(idx, 2, sp_item)
self.table.setItem(idx, 3, ioa_item)
self.table.setItem(idx, 4, dfa_item)
def _showAllFunctions(self):
"""
Populates the functions list.
From this it is possible to select endpoints to
create a ConnectGraph for example
"""
self._console_output("Displaying all known functions...")
current_ea, _ = misc.function_boundaries()
func_list = self.ba.get_all_functions()
if not func_list:
return
self.table.setColumnCount(2)
self.table.setHorizontalHeaderLabels(("Address", "Name"))
self.table_label.setText("Functions in current binary")
self.table.clearContents()
self.table.setRowCount(0)
# Current table index
c_idx = 0
for idx, (f_ea, f_name) in enumerate(func_list):
self.table.insertRow(idx)
addr_item = QTableWidgetItem("%08x" % f_ea)
addr_item.setFlags(addr_item.flags() ^ QtCore.Qt.ItemIsEditable)
name_item = QTableWidgetItem("%s" % f_name)
if f_ea == current_ea:
current_ea_item = addr_item
c_idx = idx
self.table.setItem(idx, 0, addr_item)
self.table.setItem(idx, 1, name_item)
# Conveniently scroll to the current EA
self.table.scrollToItem(
#current_ea_item,
self.table.item(c_idx, 0),
QtGui.QAbstractItemView.PositionAtTop
)
def _showAllFunctions(self):
"""
Populates the functions list.
From this it is possible to select endpoints to
create a ConnectGraph for example
"""
self._console_output("Displaying all known functions...")
current_ea, _ = misc.function_boundaries()
func_list = self.ba.get_all_functions()
if not func_list:
return
self.table.setColumnCount(2)
self.table.setHorizontalHeaderLabels(("Address", "Name"))
self.table_label.setText("Functions in current binary")
self.table.clearContents()
self.table.setRowCount(0)
# Current table index
c_idx = 0
for idx, (f_ea, f_name) in enumerate(func_list):
self.table.insertRow(idx)
addr_item = QTableWidgetItem("%08x" % f_ea)
addr_item.setFlags(addr_item.flags() ^ QtCore.Qt.ItemIsEditable)
name_item = QTableWidgetItem("%s" % f_name)
if f_ea == current_ea:
# current_ea_item = addr_item
c_idx = idx
self.table.setItem(idx, 0, addr_item)
self.table.setItem(idx, 1, name_item)
# Conveniently scroll to the current EA
self.table.scrollToItem(
# current_ea_item,
self.table.item(c_idx, 0),
QtGui.QAbstractItemView.PositionAtTop
)
def _showConnectedBBs(self):
"""
Shows a list of paths between selected basic blocks
"""
self._console_output("Calculating paths between basic blocks...")
bb_paths = self.ba.get_bb_connect_graph(self.config.connect_bb_cutoff)
if not bb_paths:
self._console_output("[!] Could not find paths between \
basic blocks",
err=True)
return
self.table.setColumnCount(2)
self.table.setHorizontalHeaderLabels(("Path ID", "Length"))
# Override the default double click callback
self.table.cellDoubleClicked.connect(self._bbTableDoubleClicked)
self.table_label.setText("Paths between Basic Blocks")
self.table.clearContents()
self.table.setRowCount(0)
bb_paths_l = list(bb_paths) # To reference by index :)
if len(bb_paths_l) == 0:
self._console_output("[!] Could not find paths. \
Try increasing cutoff under Options",
err=True)
return
for idx, path in enumerate(bb_paths_l):
self.table.insertRow(idx)
path_item = QTableWidgetItem("%d" % idx)
path_item.setFlags(path_item.flags() ^ QtCore.Qt.ItemIsEditable)
len_item = cw.NumQTableWidgetItem("%d" % len(path))
len_item.setFlags(len_item.flags() ^ QtCore.Qt.ItemIsEditable)
self.table.setItem(idx, 0, path_item)
self.table.setItem(idx, 1, len_item)
# Cache this
self.ba.cache.bb_paths = bb_paths_l
def _commentsInThisFunction(self):
"""
Shows all comments within the current function
"""
show_unique_c = self.config.display_unique_comments
msg = "Searching comments within function '" + \
misc.get_function_name() + "'"
self._console_output(msg)
comment_list = self.ba.comments_in_function()
# Found any comment at all?
nrows = len(comment_list)
if not nrows:
self._console_output("[!] No comments found", err = True)
return
self.table.setColumnCount(2)
self.table_label.setText("Comments within current function")
self.table.setHorizontalHeaderLabels(("Address", "Comments"))
self.table.clearContents()
self.table.setRowCount(0)
# Fill with contents
displayed_comments = []
idx = 0
for (addr, comment) in comment_list:
if show_unique_c and comment in displayed_comments:
continue
displayed_comments.append(comment)
self.table.insertRow(idx)
addr_item = QTableWidgetItem("%08x" % addr)
addr_item.setFlags(addr_item.flags() ^ QtCore.Qt.ItemIsEditable)
comment_item = QTableWidgetItem(comment)
self.table.setItem(idx, 0, addr_item)
self.table.setItem(idx, 1, comment_item)
idx += 1
def _commentsInThisFunction(self):
"""
Shows all comments within the current function
"""
show_unique_c = self.config.display_unique_comments
msg = "Searching comments within function '" + \
misc.get_function_name() + "'"
self._console_output(msg)
comment_list = self.ba.comments_in_function()
# Found any comment at all?
nrows = len(comment_list)
if not nrows:
self._console_output("[!] No comments found", err = True)
return
self.table.setColumnCount(2)
self.table_label.setText("Comments within current function")
self.table.setHorizontalHeaderLabels(("Address", "Comments"))
self.table.clearContents()
self.table.setRowCount(0)
# Fill with contents
displayed_comments = []
idx = 0
for (addr, comment) in comment_list:
if show_unique_c and comment in displayed_comments:
continue
displayed_comments.append(comment)
self.table.insertRow(idx)
addr_item = QTableWidgetItem("%08x" % addr)
addr_item.setFlags(addr_item.flags() ^ QtCore.Qt.ItemIsEditable)
comment_item = QTableWidgetItem(comment)
self.table.setItem(idx, 0, addr_item)
self.table.setItem(idx, 1, comment_item)
idx += 1
def _showConnectedBBs(self):
"""
Shows a list of paths between selected basic blocks
"""
self._console_output("Calculating paths between basic blocks...")
bb_paths = self.ba.get_bb_connect_graph(self.config.connect_bb_cutoff)
if not bb_paths:
self._console_output("[!] Could not find paths between \
basic blocks", err = True)
return
self.table.setColumnCount(2)
self.table.setHorizontalHeaderLabels(("Path ID", "Length"))
# Override the default double click callback
self.table.cellDoubleClicked.connect(self._bbTableDoubleClicked)
self.table_label.setText("Paths between Basic Blocks")
self.table.clearContents()
self.table.setRowCount(0)
bb_paths_l = list(bb_paths) # To reference by index :)
if len(bb_paths_l) == 0:
self._console_output("[!] Could not find paths. \
Try increasing cutoff under Options", err = True)
return
for idx, path in enumerate(bb_paths_l):
self.table.insertRow(idx)
path_item = QTableWidgetItem("%d" % idx)
path_item.setFlags(path_item.flags() ^ QtCore.Qt.ItemIsEditable)
len_item = cw.NumQTableWidgetItem("%d" % len(path))
len_item.setFlags(len_item.flags() ^ QtCore.Qt.ItemIsEditable)
self.table.setItem(idx, 0, path_item)
self.table.setItem(idx, 1, len_item)
# Cache this
self.ba.cache.bb_paths = bb_paths_l
def _showIntegerIssues(self):
"""
This is the GUI part of the integer issues functionality
"""
self._console_output("Looking for integer issues (comparisons)")
try:
integer_issues_ins = self.ii.search_integer_issues()
except NotImplementedError:
self._console_output("[!] x86_64 not implemented yet", err=True)
return
# Is there any integer issues at all?
nrows = len(integer_issues_ins)
if not nrows:
self._console_output("[-] No integer issues found.")
return
self.table.setColumnCount(3)
self.table_label.setText("Possible integer issues")
self.table.setHorizontalHeaderLabels(
('Address', 'Function name', 'Notes'))
self.table.clearContents()
self.table.setRowCount(0)
# Fill with contents
for idx, ins_ea in enumerate(integer_issues_ins):
self.table.insertRow(idx)
addr_item = QTableWidgetItem("%x" % ins_ea)
addr_item.setFlags(addr_item.flags() ^ QtCore.Qt.ItemIsEditable)
name_item = QTableWidgetItem(misc.get_function_name(ins_ea))
mnem_item = QTableWidgetItem("") # placeholder
self.table.setItem(idx, 0, addr_item)
self.table.setItem(idx, 1, name_item)
self.table.setItem(idx, 2, mnem_item)
def _showIntegerIssues(self):
"""
This is the GUI part of the integer issues functionality
"""
self._console_output("Looking for integer issues (comparisons)")
try:
integer_issues_ins = self.ii.search_integer_issues()
except NotImplementedError:
self._console_output("[!] x86_64 not implemented yet", err = True)
return
# Is there any integer issues at all?
nrows = len(integer_issues_ins)
if not nrows:
self._console_output("[-] No integer issues found.")
return
self.table.setColumnCount(3)
self.table_label.setText("Possible integer issues")
self.table.setHorizontalHeaderLabels(
('Address', 'Function name', 'Notes'))
self.table.clearContents()
self.table.setRowCount(0)
# Fill with contents
for idx, ins_ea in enumerate(integer_issues_ins):
self.table.insertRow(idx)
addr_item = QTableWidgetItem("%x" % ins_ea)
addr_item.setFlags(addr_item.flags() ^ QtCore.Qt.ItemIsEditable)
name_item = QTableWidgetItem(misc.get_function_name(ins_ea))
mnem_item = QTableWidgetItem("") # placeholder
self.table.setItem(idx, 0, addr_item)
self.table.setItem(idx, 1, name_item)
self.table.setItem(idx, 2, mnem_item)
def __loadUsers(self):
"""Loads user's data from DB"""
users = self.parentWidget().app.getUsers()
self.user_table.clearContents()
self.user_table.setRowCount(len(users))
for i in range(len(users)):
username_item = QTableWidgetItem(users[i].username)
username_item.setFlags(username_item.flags() ^ Qt.ItemIsEditable)
blocked_checkbox = QCheckBox()
if users[i].blocked:
blocked_checkbox.setChecked(True)
def create_blocked_toggle(checkbox, user):
def blocked_toggle():
user.blocked = (1 if checkbox.isChecked() else 0)
self.parentWidget().app.updateUser(user)
self.__loadUsers()
return blocked_toggle
blocked_checkbox.toggled.connect(create_blocked_toggle(blocked_checkbox, users[i]))
password_restrict_checkbox = QCheckBox()
if users[i].restrictions:
password_restrict_checkbox.setChecked(True)
def create_password_restrict_toggle(checkbox, user):
def password_restrict_toggle():
user.restrictions = (1 if checkbox.isChecked() else 0)
self.parentWidget().app.updateUser(user)
self.__loadUsers()
return password_restrict_toggle
password_restrict_checkbox.toggled.connect(
create_password_restrict_toggle(password_restrict_checkbox, users[i]))
self.user_table.setItem(i, 0, username_item)
self.user_table.setCellWidget(i, 1, blocked_checkbox)
self.user_table.setCellWidget(i, 2, password_restrict_checkbox)