def goto_file_ofs():
fofs = 0
txt = clip_text()
if txt.isdigit():
try:
fofs = int(txt, 10)
except:
pass
elif txt.isalnum():
try:
fofs = int(txt, 16)
except:
pass
fofs = ida_kernwin.ask_addr(fofs, "Enter the file offset to jump to")
if fofs is None:
return 0
ea = idaapi.get_fileregion_ea(fofs)
if ea != idc.BADADDR:
plg_print("File offset = 0x%X -> EA = 0x%X" % (fofs, ea))
idc.jumpto(ea)
return 1
else:
plg_print("Invalid file offset 0x%X" % fofs)
return 0
def keyPressEvent(self, e):
if e.key() == QtCore.Qt.Key_G:
import ida_kernwin, ida_idaapi
address = ida_kernwin.ask_addr(self.model.address,
"Jump to address in memory")
if address != ida_idaapi.BADADDR:
self.controller.navigate(address)
e.accept()
return super(HexView, self).keyPressEvent(e)
def main():
offset = ida_kernwin.ask_addr(0x0, "file offset")
if not offset:
return
ea = ida_loader.get_fileregion_ea(offset)
if ea == ida_idaapi.BADADDR:
print('error: EA for file offset not found')
return
print('EA for file offset: 0x%x' % (ea))
ida_kernwin.jumpto(ea)
def main():
print("[*] Start patching to XOR encoded blocks")
ea = ida_kernwin.ask_addr(BADADDR, "What address is encoded block by xor?")
xor_key = ida_kernwin.ask_long(0x00, "Waht is key for xor?(0-255)")
valid_check(ea, xor_key)
print hex(ea)
print hex(xor_key)
while True:
b = ida_bytes.get_byte(ea)
if b == 0:
break
ida_bytes.patch_byte(ea, b ^ xor_key)
ea += 1
print("[*] Finished patching to XOR encoded blocks")
def dalAddrFromPc():
pc = ida_kernwin.ask_addr(0x00000000, "PC:")
if type(pc) is not int:
warning("Invalid input!")
return
if (pc & 0xF0000000) == 0x20000000:
#MMU mapped
pc -= 0x20000000
if pc >= DAL_START_IN_ROM:
pc -= DAL_START_IN_ROM
if pc > DAL_END_IN_ROM:
warning("Not in DAL!")
return
ida_kernwin.jumpto(pc)
def goto_rva():
rva = 0
txt = clip_text()
if txt.isdigit():
try:
rva = int(txt, 10)
except:
pass
elif txt.isalnum():
try:
rva = int(txt, 16)
except:
pass
rva = ida_kernwin.ask_addr(rva, "Enter the RVA to jump to")
if rva is None:
return 0
base = ida_nalt.get_imagebase()
ea = base + rva
plg_print("RVA = 0x%X -> EA = 0x%X" % (rva, ea))
idc.jumpto(ea)
return 1
def main():
path = ida_kernwin.ask_file(False, "*", "file to load")
if not path:
return
with open(path, "rb") as f:
buf = tuple(map(ord, f.read()))
if len(buf) == 0:
print("empty file, cancelling")
return
size = idawilli.align(len(buf), 0x1000)
print("size: 0x%x" % (len(buf)))
print("aligned size: 0x%x" % (size))
addr = ida_kernwin.ask_addr(idc.ScreenEA(), "location to write")
if not addr:
return
idawilli.dbg.patch_bytes(addr, buf)
print("ok")
def ask_addr(value, prompt):
if idaapi.IDA_SDK_VERSION <= 699:
retval = idc.AskAddr(value, prompt)
else:
retval = ida_kernwin.ask_addr(value, prompt)
return retval
def AskAddr(defval, prompt):
return ida_kernwin.ask_addr(defval, prompt)
import idaapi
import ida_kernwin
import idc
struct_name = ida_kernwin.ask_str("", 4, "Enter struct name")
start = ida_kernwin.ask_addr(0, "Enter start address")
num_structs = ida_kernwin.ask_long(0, "Enter struct count")
should_number = ida_kernwin.ask_yn(0, "Number the structs as they're created?")
cur_struct_num = 0
struct_id = idaapi.get_struc_id(struct_name)
if struct_id == -1:
exit("No such struct {}".format(struct_name))
struct_size = idaapi.get_struc_size(struct_id)
cur = start
for i in range(num_structs):
create_struct(cur, struct_size, struct_name)
if should_number:
set_cmt(cur, str(cur_struct_num), 0)
cur_struct_num += 1
cur += struct_size
def main():
rva = ida_kernwin.ask_addr(0x0, "RVA")
if not rva:
return
ida_kernwin.jumpto(ida_nalt.get_imagebase() + rva)
def keyReleaseEvent(self, event):
update = False
key = event.key()
modifiers = event.modifiers()
shift_pressed = ((modifiers & Qt.ShiftModifier) == Qt.ShiftModifier)
ctrl_pressed = ((modifiers & Qt.ControlModifier) == Qt.ControlModifier)
if key == Qt.Key_F1 and ctrl_pressed:
self.display_help_box(PLUGIN_HELP)
self.repaint()
elif key == Qt.Key_F2 and ctrl_pressed:
self.display_help_box(self.get_filter_helptext(), isFilter=True)
self.repaint()
elif key == Qt.Key_G:
addr = ida_kernwin.ask_addr(self.base + self.offs,
'Jump to address')
if addr is not None:
if self.sync:
ida_kernwin.jumpto(addr)
else:
minea = ida_idaapi.get_inf_structure().get_minEA()
maxea = ida_idaapi.get_inf_structure().get_maxEA()
dst = min(max(addr, minea), maxea)
self.set_addr(dst)
elif key == Qt.Key_S:
if not self.fm.lock_sync:
self.set_sync_state(not self.get_sync_state())
update = True
elif key == Qt.Key_D:
self.cur_formatter_idx = (self.cur_formatter_idx +
1) % self.max_formatters
self.repaint()
elif key == Qt.Key_T:
self.cur_compos_mode = (self.cur_compos_mode + 1) % len(
self.composition_modes)
self.repaint()
elif key == Qt.Key_N:
self.next_filter.emit()
elif key == Qt.Key_B:
self.prev_filter.emit()
elif key == Qt.Key_F12 and shift_pressed and ctrl_pressed:
img = self.paint_image(cursor=False)
img = img.scaled(img.width() * self.pixelSize,
img.height() * self.pixelSize, Qt.KeepAspectRatio,
Qt.FastTransformation)
done = False
i = 0
while not done:
fname = 'IDACyber_%04d.bmp' % i
if not os.path.isfile(fname):
if img.save(fname):
ida_kernwin.msg('File exported to %s\n' % fname)
else:
ida_kernwin.warning(
'Error exporting screenshot to %s.' % fname)
done = True
i += 1
if i > 40:
ida_kernwin.warning('Aborted. Error exporting screenshot.')
break
elif key == Qt.Key_PageDown:
self.set_offset_delta(-self.get_pixel_qty())
update = True
elif key == Qt.Key_PageUp:
self.set_offset_delta(self.get_pixel_qty())
update = True
elif key == Qt.Key_Down:
if shift_pressed:
self.set_offset_delta(-1)
else:
self.set_offset_delta(-self.get_pixel_qty_per_line())
update = True
elif key == Qt.Key_Up:
if shift_pressed:
self.set_offset_delta(1)
else:
self.set_offset_delta(self.get_pixel_qty_per_line())
update = True
elif key == Qt.Key_Plus:
if ctrl_pressed:
self.set_zoom_delta(1)
update = True
elif key == Qt.Key_Minus:
if ctrl_pressed:
self.set_zoom_delta(-1)
update = True
self.key = None
if update:
if self.get_sync_state():
ida_kernwin.jumpto(self.base + self.offs)
self.activateWindow()
self.setFocus()
self.statechanged.emit()
self.repaint()
return