def goto(shift=False):
print("GhIDA:: [DEBUG] goto called")
symbol = None
ret = ida_kernwin.get_highlight(ida_kernwin.get_current_viewer())
if ret and ret[1]:
symbol = ret[0]
if not symbol:
return False
address = gl.get_address_for_symbol(symbol)
if not address:
return False
print("OnDblClick, shift=%d, selection:%s, address:%s" %
(shift, symbol, address))
# Update IDA DISASM view
idaapi.jumpto(address)
# Update IDA DECOMP view
ea = gl.convert_address(address)
print("GhIDA:: [DEBUG] update view to %s" % ea)
DECOMP_VIEW.switch_to_address(ea)
return True
def activate(self, ctx):
cur_ea = ida_kernwin.get_screen_ea()
pfn = ida_funcs.get_func(cur_ea)
if pfn:
v = ida_kernwin.get_current_viewer()
result = ida_kernwin.get_highlight(v)
if result:
stkvar_name, _ = result
frame = ida_frame.get_frame(cur_ea)
sptr = ida_struct.get_struc(frame.id)
mptr = ida_struct.get_member_by_name(sptr, stkvar_name)
if mptr:
fii = ida_funcs.func_item_iterator_t()
ok = fii.set(pfn)
while ok:
ea = fii.current()
F = ida_bytes.get_flags(ea)
for n in range(ida_ida.UA_MAXOP):
if not ida_bytes.is_stkvar(F, n):
continue
insn = ida_ua.insn_t()
if not ida_ua.decode_insn(insn, ea):
continue
v = ida_frame.calc_stkvar_struc_offset(
pfn, insn, n)
if v >= mptr.soff and v < mptr.eoff:
print("Found xref at 0x%08x, operand #%d" %
(ea, n))
ok = fii.next_code()
else:
print("No stack variable named \"%s\"" % stkvar_name)
else:
print("Please position the cursor within a function")
def highlight_symbol_in_DISASM():
"""
Select a symbol in the DECOMP view,
highlight the corresponding symbols in IDA DISASM view.
"""
# print("GhIDA:: [DEBUG] highlight_symbol_in_DISASM called")
disasm_widget = idaapi.find_widget('IDA View-A')
symbol = None
ret = ida_kernwin.get_highlight(ida_kernwin.get_current_viewer())
if ret and ret[1]:
symbol = ret[0]
if not symbol:
# TODO improve it
# Highlight a non-existing symbole
idaapi.set_highlight(disasm_widget, 'aaabbbccc', 1)
return True
converted_symbol = from_ghidra_to_ida_syntax_conversion(symbol)
if converted_symbol:
# Update IDA DISASM view
idaapi.set_highlight(disasm_widget, converted_symbol, 1)
else:
# TODO improve it
# Highlight a non-existing symbole
idaapi.set_highlight(disasm_widget, 'aaabbbccc', 1)
return True
def arachno():
"""gets textual representation of currently selected identifier
from any current IDA view, opens a new browser tab and googles for it
"""
r = kw.get_highlight(kw.get_current_viewer())
if r:
webbrowser.open("https://google.com/search?q=%s" % r[0], new=2)
def make_name():
"""rename current item"""
"""TODO:replace with custom implementation that allows
parameters such as name and flags ("create name anyway") to be set
"""
cv = ida_kernwin.get_current_viewer()
if cv:
hx = ida_kernwin.get_widget_type(cv) == ida_kernwin.BWN_PSEUDOCODE
ida_kernwin.process_ui_action("hx:Rename" if hx else "MakeName")
return
def getHighlight():
if idaapi.IDA_SDK_VERSION <= 699:
retval = idaapi.get_highlighted_identifier()
else:
v = ida_kernwin.get_current_viewer()
t = ida_kernwin.get_highlight(v)
retval = None
if t is None:
print('Nothing highlighted in viewer %s' % str(v))
else:
retval, flags = t
return retval
def get_curr_highlighted_str():
"""
Return the currently highlighted identifier or None if nothing is
highlighted. This get it from the current view.
:return: The string of the highlighted object or None if nothing
is highlighted.
"""
t = ida_kernwin.get_highlight(ida_kernwin.get_current_viewer())
if t is None:
return t
return t[0]
def OnDblClick(self, node_id):
target_ea = self.items[node_id].ea
r = ida_kernwin.get_highlight(ida_kernwin.get_current_viewer())
if r:
text, _ = r
# ghetto-convert hex strings to int
try:
target_ea = int(text, 16)
except ValueError:
pass
ida_kernwin.jumpto(target_ea)
return True
def get_highlighted_identifier():
"""
Get currently highlighted text.
:return: Highlighted text or ""
"""
fn = _get_fn_by_version(ida_kernwin, 'get_highlight',
'get_highlighted_identifier', idaapi)
if idaapi.IDA_SDK_VERSION >= 700:
viewer = ida_kernwin.get_current_viewer()
highlight = fn(viewer)
if highlight and highlight[1]:
return highlight[0]
return fn()
def rename_func():
"""rename function, suggests current identifier as function name"""
name = _get_identifier()
if name:
str = ida_kernwin.ask_str(name, -1, "Rename function")
if str:
f = ida_funcs.get_func(ida_kernwin.get_screen_ea())
if f:
if ida_name.set_name(f.start_ea, str, ida_name.SN_NOCHECK):
cv = ida_kernwin.get_current_viewer()
if ida_kernwin.get_widget_type(
cv) == ida_kernwin.BWN_PSEUDOCODE:
vd = ida_hexrays.get_widget_vdui(cv)
if vd:
vd.refresh_view(True)
return
def get_cursor_reg(ea):
#print 'get_cursor_reg'
if 'get_highlight' in dir(ida_kernwin): #in IDA 7.1
w = ida_kernwin.get_current_viewer()
t = ida_kernwin.get_highlight(w)
reg = None
if t:
reg, _ = t
else: #in IDA 6.98
reg = ida_kernwin.get_highlighted_identifier()
if reg is None:
return None
reg = get_reg_canon_name(ea, reg)
if reg in idautils.GetRegisterList():
return reg
return None
def runToUserSpace(self):
#self.bookmark_view.runToUserSpace()
#time.sleep(3)
print('runToUser do resynch')
v = ida_kernwin.get_current_viewer()
r = ida_kernwin.get_view_renderer_type(v)
dotoggle = False
''' work around ida bug "nrect(26)" error '''
if r == ida_kernwin.TCCRT_GRAPH:
dotoggle = True
ida_kernwin.process_ui_action("ToggleRenderer")
print('resynch to server')
simicsString = gdbProt.Evalx('SendGDBMonitor("@cgc.resynch()");')
time.sleep(1)
eip = gdbProt.getEIPWhenStopped()
print('resynch got eip 0x%x now sig client' % eip)
if dotoggle:
ida_kernwin.process_ui_action("ToggleRenderer")
self.signalClient()
def run(self, arg):
# Get the highlighted identifier
v = ida_kernwin.get_current_viewer()
ident, ok = ida_kernwin.get_highlight(v)
if not ok:
print "No identifier was highlighted"
return
ident = self.sanitize_name(ident)
print "Looking up '%s' in MSDN online" % ident
d = feedparser.parse(get_url(ident))
if len(d['entries']) > 0:
url = d['entries'][0].link
if arg > 0:
print("URL: %s" % url)
else:
import webbrowser
webbrowser.open_new_tab(url)
else:
print "API documentation not found for: %s" % ident
def run(self, arg):
# Get the highlighted identifier
v = ida_kernwin.get_current_viewer()
ident, ok = ida_kernwin.get_highlight(v)
if not ok:
print("No identifier was highlighted")
return
ident = self.sanitize_name(ident)
print("Looking up '%s' in MSDN online" % ident)
d = feedparser.parse(get_url(ident))
if len(d['entries']) > 0:
url = d['entries'][0].link
if arg > 0:
print("URL: %s" % url)
else:
import webbrowser
webbrowser.open_new_tab(url)
else:
print("API documentation not found for: %s" % ident)
def run(self, arg):
# Get the highlighted identifier
v = ida_kernwin.get_current_viewer()
ident, ok = ida_kernwin.get_highlight(v)
if not ok:
print "No identifier was highlighted"
return
ident = self.sanitize_name(ident)
print "Looking up '%s' in MSDN online" % ident
qurl = "https://social.msdn.microsoft.com/search/en-US/feed?query=%s&format=RSS&theme=feed%%2fen-us"
d = feedparser.parse(qurl % ident)
if len(d['entries']) > 0:
url = d['entries'][0].link
if arg > 0:
print("URL: %s" % url)
else:
import webbrowser
webbrowser.open_new_tab(url)
else:
print "API documentation not found for: %s" % ident
def highlight_symbol_in_DECOMP():
"""
Select a symbol in the IDA DISASM view,
highlight the corresponding symbol in DECOMP view.
"""
# print("GhIDA:: [DEBUG] highlight_symbol_in_DECOMP called")
symbol = None
ret = ida_kernwin.get_highlight(ida_kernwin.get_current_viewer())
if ret and ret[1]:
symbol = ret[0]
if not symbol:
return
converted_symbol = from_ida_to_ghidra_syntax_conversion(symbol)
decompiler_widget = idaapi.find_widget('Decompiled Function')
if converted_symbol:
# Update IDA DECOMP view
idaapi.set_highlight(decompiler_widget, converted_symbol, 1)
else:
idaapi.set_highlight(decompiler_widget, 'aaabbbccc', 1)
return
def grab_focus(title):
done = False
limit = 10
i = 0
while not done:
form = find_widget(title)
if form is None:
print('No form titled %s' % title)
break
activate_widget(form, True)
cur_form = get_current_widget()
if form == cur_form:
done = True
else:
cur_form = ida_kernwin.get_current_viewer()
if cur_form == form:
print('**but the viewer matches?')
done = True
else:
print('failed grab focus %s' % title)
time.sleep(1)
i = i + 1
if i > limit:
done = True
def for_each_call_to(callback, va=None):
"""For each xref to va that is a call, pass xref va to callback.
Falls back to highlighted identifier or current location if va is
unspecified.
"""
if not va:
v = ida_kernwin.get_current_viewer()
hi = ida_kernwin.get_highlight(v)
if hi and hi[1]:
nm = hi[0]
va = idc.get_name_ea_simple(nm)
if va >= idaapi.cvar.inf.maxEA:
va = None
va = va or idc.here()
# Obtain and de-duplicate addresses of xrefs that are calls
callsites = set([
x.frm for x in idautils.XrefsTo(va)
if idc.print_insn_mnem(x.frm) == 'call'
])
for va in callsites:
callback(va)
def __init__(self):
self.prev_node = None
self.graph_viewer = ida_kernwin.get_current_viewer()
def rename_symbol(self):
"""
Rename the symbol "symbol" with the new name
provided by the user in the Pop-Up
"""
# Get the symbol
symbol = None
ret = ida_kernwin.get_highlight(ida_kernwin.get_current_viewer())
if ret and ret[1]:
symbol = ret[0]
if not symbol:
idaapi.warning("Select a symbol")
return False
# Get the address
address = gl.get_address_for_symbol(symbol)
if not address:
print("GhIDA:: [!] Symbol %s not found" % symbol)
return False
# Display a Pop-up to get the new name
new_name = gl.display_rename_form(address, symbol)
if not new_name or len(new_name) == 0:
return
# Check for white_spaces in the new symbol name
for letter in new_name:
if not (letter.isdigit() or letter.isalpha() or letter == '_'):
print("GhIDA:: [!] symbol name contains invalid char")
return
# Check if new_name is already used
if gl.check_if_symbol_is_used(new_name):
print("GhIDA:: [!] symble name already used")
return
# Update symbol name in SYMBLE DICT:
gl.updated_symbol_name_for_address(symbol, address, new_name)
# Update symbol name in IDA DISASM view.
print("GhIDA:: [DEBUG] New symbol name: %s" % new_name)
# Update symbol name in the decompiled view
new_code = gl.rename_variable_in_text(self.__decompiled, symbol,
new_name)
self.update(self.__ea, new_code)
# Add comments
comment_list = COMMENTS_CACHE.get_comments_cache(self.__ea)
if comment_list:
self.add_comments(comment_list)
print("GhIDA:: [INFO] Symbol name updated in IDA DECOMP view.")
if idc.set_name(address, new_name):
# Refresh the view
idaapi.request_refresh(idaapi.IWID_DISASMS)
# Highlight the new identifier
gl.highlight_symbol_in_DISASM()
print("GhIDA:: [INFO] Symbol name updated in IDA DISASM view.")
return
print("GhIDA:: [!] IDA DISASM rename error")
return
def get_current_viewer(self):
self.current_viewer = ida_kernwin.get_current_viewer()
print("get current_viewer")
def _get_identifier():
"""helper function"""
r = ida_kernwin.get_highlight(ida_kernwin.get_current_viewer())
return r[0] if r else None
