def main(): f = open(idc.AskFile(0, '*.json', 'Where is the first JSON report you want to load ?'), 'r') report = json.load(f) l1 = report['basic_blocks_info']['list'] f = open(idc.AskFile(0, '*.json', 'Where is the second JSON report you want to load ?'), 'r') report = json.load(f) l2 = report['basic_blocks_info']['list'] c = idc.AskStr('black', 'Which color do you want ?').lower() addresses_l1 = set(r['address'] for r in l1) addresses_l2 = set(r['address'] for r in l2) dic_l2 = dict((k['address'], k['nbins']) for k in l2) diff = addresses_l2 - addresses_l1 print '%d bbls in the first execution' % len(addresses_l1) print '%d bbls in the second execution' % len(addresses_l2) print 'Differences between the two executions: %d bbls' % len(diff) assert(len(addresses_l1) < len(addresses_l2)) funcs = defaultdict(list) for i in diff: try: color(i, dic_l2[i], c) funcs[get_func(i).startEA].append(i) except Exception, e: print 'fail %s' % str(e)
def TwoProfColor(self): self.is_singleprofile = False self.is_twoprofile = True if not self.is_reanalyse: self.ProgectWarning() self.fname = idc.AskFile(0, '*.*', 'Select first profile file, plz') self.sname = idc.AskFile(0, '*.*', 'Select second profile file, plz') if (self.fname == None) or (self.sname == None): return False first = open(self.fname, 'rb') second = open(self.sname, 'rb') firstprofile = first.read().split('\n\n') secondprofile = second.read().split('\n\n') idaapi.msg("Analysing profiles...\n") firstprof = self.kern.analyze_callgr_profile(firstprofile) secondprof = self.kern.analyze_callgr_profile(secondprofile) if not self.is_reanalyse: YN = idc.AskYN( 0, 'Do you want to make additional funcs, based on callgrind logs?\n(If func not already exist)' ) if YN == 1: idaapi.msg("Tryind add funcs...\n") num = self.kern.make_funcs_from_profiles(firstprof, secondprof) idc.Warning("%d funcs was added" % num) actfuncs_dict = self.kern.color_profs(firstprof, secondprof, BLUE, ORG, GREEN) self.ColorFuncsView = FuncsColorChooser("Colored Funcs", actfuncs_dict, self.fname, self.sname) # self.ColorFuncsView.show() idaapi.msg("Done, enjoy work!\n") idaapi.msg( "\nHelp:\n - Click Functions window and Type Alt+1 to see actually executed funcs from profiles\n" ) self.is_reanalyse = False return True
def main(): if _IN_IDA: # # get dyld_shared_cache path from IDA's openFile dialog print "[+] Please choose the original dyld_shared_cache_arm64" dsc_path = idc.AskFile(0, "*.*", "dyld shared cache file") else: dsc_path = sys.argv[1] if not dsc_path or not os.path.exists(dsc_path): raise RuntimeError("Couldn't find the dyld shared cache file..") print "[+] about to parse %s.." % (dsc_path) dsc_file = open(dsc_path, "rb") adrfind = AddrFinder(dsc_file, cache_symbols=False) map_shared_bridges(dsc_file, adrfind) if _IN_IDA: addresses = sorted(set(get_bad_addresses())) else: addresses = sorted(set(eval(open("addrs.txt", "rb").read()))) segments, exports = get_segments_and_exports_for_addresses( addresses, adrfind) # segments = join_neighbors(segments, threshold=0x1000) if _IN_IDA: map_segments(segments, dsc_file) map_exports(exports) idaapi.analyze_area(idc.MinEA(), idc.MaxEA())
def activate(self, ctx): import json filepath = idc.AskFile(False, "*.zmu;*.overlay;*", "Load Zelos Overlay...") if filepath is None: return f = open(filepath, "r") zelos_data = f.read() f.close() zelos_data = zelos_data[len("DISAS\n"):] zelos_dump = json.loads(zelos_data) # Apply the overlay data for comment in zelos_dump["comments"]: ea = comment["address"] try: comment_text = str(comment["text"]) except UnicodeEncodeError: comment_text = "" color = comment.get("color", 0x73F0DF) # Set color of instruction line idaapi.set_item_color(ea, color) idaapi.set_cmt(ea, comment_text, False) # Set function name if not already changed idc.GetFunctionAttr(ea, idc.FUNCATTR_START) name = idc.GetFunctionName(ea) if len(name) > 0 and name.startswith("zmu_") is False: idc.MakeName(ea, "zmu_" + name) return 1
def ida_main(): import idc filepath = idc.AskFile(0, "*.map", "Load a Dolphin emulator symbol map") if filepath is None: return symbol_map = load_dolphin_map(filepath) for symbol in symbol_map: addr = int(symbol.vaddr, 16) size = int(symbol.size, 16) idc.MakeUnknown(addr, size, 0) if symbol.section in [".init", ".text"]: idc.MakeCode(addr) success = idc.MakeFunction( addr, idc.BADADDR if not size else (addr + size)) else: success = idc.MakeData(addr, idc.FF_BYTE, size, 0) if not success: idc.Message("Can't apply properties for symbol:" " {0.vaddr} - {0.name}\n".format(symbol)) flags = idc.SN_NOCHECK | idc.SN_PUBLIC if symbol.name.startswith("zz_"): flags |= idc.SN_AUTO | idc.SN_WEAK else: flags |= idc.SN_NON_AUTO idc.MakeNameEx(addr, symbol.name, flags)
def importb(self): #将文件中的内容导入到buffer中 fileName = idc.AskFile(0, "*.*", 'Import File') try: self.buffer = open(fileName, 'rb').read() except: sys.stdout.write('ERROR:Cannot access file')
def __init__(self, *args, **kwargs): dict.__init__(self, *args, **kwargs) store = idaapi.netnode(Config().idb_store, 0, True) maze = store.getblob(0, 'N') if maze is None: maze_file = idc.AskFile(0, '*.json', 'Select the Maze...') if maze_file: with open(maze_file, 'r') as fd: ma_id = int(idc.GetInputFile().split('_')[1], 10) blob = fd.read() maze = json.loads(blob) for i in range(len(maze["mem_areas"])): if maze["mem_areas"][i]["id"] == ma_id: del maze["mem_areas"][0:i] del maze["mem_areas"][1:] break self.update(maze) CallAsPushAnalysis.Analyze(self) self.__mark_bbls() self.__mark_calls() blob = json.dumps(maze) store.setblob(blob, 0, "N") else: self.update(json.loads(maze)) self.__create_luts()
def rizzo_produce(arg): fname = idc.AskFile(1, "*.riz", "Save signature file as") if fname: if '.' not in fname: fname += ".riz" RizzoBuild(fname) return None
def main(): info("Running pintool") # OPEN = 0, SAVE = 1 #filename = idc.AskFile(0, "*", "Choose a file to run under pintool") #arguments = idc.AskStr("", "Specify command line arguments for %s" % os.path.basename(filename)) #info("Got filename %s" % filename) #info("Got arguments %s" % arguments) try: #tool = PinnaclePintool() trace_log = idc.AskFile(0, "*", "Choose a file to run under pintool") if not os.path.exists(trace_log): tool.run(filename + arguments) tr = TraceReader(trace_log) m = BasicBlockMarker(tr.bbhit_trace) m.mark() m = TaintedMarker(tr.ins_trace) m.mark() m = AssertionMarker(tr.assertion_trace) m.mark() except InvalidTraceFileException, e: info("Could not find trace file") return -1
def activate(self, ctx): import json filepath = idc.AskFile(False, '*.zmu;*.overlay;*', 'Load Zemu Overlay...') if filepath is None: return f = open(filepath, 'r') zemu_data = f.read() f.close() zemu_data = zemu_data[len('DISAS\n'):] zemu_dump = json.loads(zemu_data) # Apply the overlay data for comment in zemu_dump['comments']: ea = comment['address'] comment_text = str(comment['text']) color = comment.get('color', 0x73f0df) # Set color of instruction line idaapi.set_item_color(ea, color) idaapi.set_cmt(ea, comment_text, False) # Set function name if not already changed idc.GetFunctionAttr(ea, idc.FUNCATTR_START) name = idc.GetFunctionName(ea) if len(name) > 0 and name.startswith('zmu_') == False: idc.MakeName(ea, 'zmu_' + name) return 1
def saveReport(self): fileName = str(idaapi.get_root_filename() + "_" + self.FunctionName[:15] + ".html") dir = idc.AskFile(1, fileName, "Save as") dir = dir[:-len(fileName)] if not os.path.exists(dir + str(idaapi.get_root_filename() + "_" + self.FunctionName[:15])): os.makedirs(dir + str(idaapi.get_root_filename() + "_" + self.FunctionName[:15])) dir = dir + str(idaapi.get_root_filename() + "_" + self.FunctionName[:15]) + "\\" report = htmlReport() fileOutput = open(dir + fileName, "wb") fileOutput.write( report.generateReport(idaapi.get_root_filename(), self.CurrentMD5, self.FunctionName, self.generateStatisticsTable())) fileOutput.close() for graph in self.statsFigures.keys(): self.statsFigures[graph].set_figheight(2.500) self.statsFigures[graph].set_figwidth(6.000) self.statsFigures[graph].set_dpi(10) self.statsFigures[graph].savefig(dir + graph + ".png")
def OnPopupMenu(self, menu_id): if menu_id == self.menu_toggledata: self.showData = not self.showData self.refresh() elif menu_id == self.menu_toggleret: self.showRet = not self.showRet self.refresh() elif menu_id == self.menu_populatestrings: self.popStrings = not self.popStrings if self.popStrings: self.strBase = idc.AskLong(self.strBase, "Base displacement to use?") self.refresh() elif menu_id == self.menu_savetofile: fileName = idc.AskFile(1, "*.*", "Export ROP Disasembly view") if fileName and self.save_to_file(fileName): print "disasm saved to %s" % fileName else: return False return True
def run(self): try: logger.debug("Starting up") dbFile = os.path.abspath(os.path.join(os.path.dirname(__file__), '..', '..', 'shellcode_hashes', 'sc_hashes.db')) logger.debug('Trying default db path: %s', dbFile) if not os.path.exists(dbFile): if using_ida7api: dbFile = idc.AskFile(0, "*.db", "Select shellcode hash database") else: dbFile = idaapi.ask_file(False, "*.db", "Select shellcode hash database") if (dbFile is None) or (not os.path.isfile(dbFile)): logger.debug("No file select. Stopping now") return self.dbstore = DbStore(dbFile) logger.debug("Loaded db file: %s", dbFile) if QT_AVAILABLE: self.launchGuiInput() else: self.launchManualPrompts() searcher = ShellcodeHashSearcher(self.dbstore, self.params) logger.debug('Starting to run the searcher now') searcher.run() logger.debug("Done") except RejectionException: logger.info('User canceled action') except Exception, err: logger.exception("Exception caught: %s", str(err))
def main(): disas_path = idc.AskFile(1, '*.disas', 'Save basic blocks') do_exit = False if not disas_path: basename = idc.GetInputFile() disas_path = '%s.disas' % basename idc.GenerateFile(idc.OFILE_ASM, '%s.asm' % basename, 0, idc.BADADDR, 0) idc.GenerateFile(idc.OFILE_LST, '%s.lst' % basename, 0, idc.BADADDR, 0) do_exit = True # Get basic blocks bbs = _get_basic_blocks() # Get the module's base address base_addr = idaapi.get_imagebase() # Get the module's end address segs = sorted(idautils.Segments()) end_addr = idc.SegEnd(segs[-1]) disas_info = { 'bbs': bbs, 'base_addr': base_addr, 'end_addr': end_addr, } with open(disas_path, 'w') as disas_file: json.dump(disas_info, disas_file) if do_exit: idc.Exit(0)
def activate(self, ctx): fname = idc.AskFile(1, '*.riz', 'Save signature file as') if fname: if '.' not in fname: fname += ".riz" RizzoBuild(fname) return 0
def on_export(self): Warning("This export option generates an .ivz file that you have to distribute manually.\nIDASynergy won't automatically synchronize unless a local repository is synched\nto a versioning server and the 'IDASynergy SVN Commit' menu option is used.") exp_file = idc.AskFile(1, "*.ivz", "Exported data filename") print time.time() self.remove_hooks() self.data_io.export_to_file(exp_file) self.insert_hooks() return 1
def start(self): self.setSafeGuard() if not os.path.isfile(self.modulePath): self.modulePath = idc.AskFile(0,"*.*","Please select the right Path of the module/executable loaded in IDA") idc.SetInputFilePath(self.modulePath) LoadDebugger("win32", 0) # load win32 as default if (StartDebugger(self.modulePath, self.moduleArgs, self.sourceDir) == -1): self.log(1, "Error! Failed to launch debugger!") GetDebuggerEvent(WFNE_ANY, -1) # handle first event
def prepare(metrics_used): fname = idc.AskFile(0, ".out", "Choose a trace file") if fname == None: print "You need to specify trace to get dynamic metrics" return 0 print "Start trace analysis" metrics_dynamic = Metrics_dynamic() metrics_dynamic.get_dynamic_metrics(fname, metrics_used)
def load_methods(): sigfile = idc.AskFile(0, "*.json", "Select json signature file") log("loading signature file: %s", sigfile) with open(sigfile, 'r') as f: infos = json.load(f) log("loaded %d methods from JSON", len(infos)) return infos
def getInputFilepath(): '''Returns None if the uesr cancels. Updates the filepath in the idb on success''' filePath = idc.GetInputFilePath() if not os.path.exists(filePath): print 'IDB input file not found. Prompting for new one: %s' % filePath filePath = idc.AskFile(False, '*.*', 'Enter path to idb input file') if filePath is not None: idc.SetInputFilePath(filePath) return filePath
def rizzo_produce(self, arg): fname = idc.AskFile(1, idc.GetInputFile() + ".riz", "Save signature file as") if fname: if '.' not in fname: fname += ".riz" RizzoBuild(fname) return None
def run(self, arg): if self.view: self.Close() fn = idc.AskFile(0, "*.asm", "Select ASM file to view") if not fn: return self.view = asmview_t() if not self.view.Create(fn): return self.view.Show()
def OneProfMakeFuncs(self): fname = idc.AskFile(0, '*.*', 'Select profile file, plz') prof = open(fname, 'rb') binprofile = prof.read().split('\n\n') binprof = self.kern.analyze_callgr_profile(binprofile) idaapi.msg("Tryind add funcs...\n") num = self.kern.make_funcs_from_prof(binprof) idc.Warning("%d funcs was added" % num) return True
def doImport(self, filename=None): self.initialize() if filename is None: f = idc.AskFile(0, "*.sqlite", "Select database to import") else: f = filename if f: self.openDatabase(f) self.searchAll()
def main(): filename = idc.AskFile( 0, '*.txt', 'Select filename with intermodular calls dump') f = file(filename, 'rt') for line in f.readlines(): process_line(line) f.close()
def main(): fnlistfile = idc.AskFile(0, '*.*', 'Choose file') if fnlistfile is None: return with open(fnlistfile, 'rU') as f: while True: fn = f.readline() if fn == '': break else: make_fn_non_library_fn(fn.strip())
def _addMazeLog(self): maze_file = idc.AskFile(0, '*.json', 'Select the Maze...') if maze_file is not None: with open(maze_file, 'r') as fd: maze = fd.read() self._store_maze_in_idb(maze) self.filter_qbox.clear() self.execution_tree.init_maze(json.loads(maze)[0]) for tag in self.execution_tree.tags: self.filter_qbox.addItem(tag)
def main(argv): filename = idc.AskFile(forsave=False, mask='Text files (*.txt)|*.txt|All files (*.*)|*.*', prompt='Choose an input file') if filename is not None: with open(filename, 'r') as file: info = crashinfo.parse_crashinfo(file) print('Call stack:') for address, module in info.get_call_stack(): name = idc.GetFunctionName(address) if name: print(' %x in %s!%s' % (address, module.filename, name))
def Run(self, fileName=''): # Ask the user for a file if needed if fileName == '' or fileName == None: fileName = idc.AskFile(0, "*.*", "Select a PT dump file...") # Run the engine and get the base start address: qwStartEa = self.ParseFileAndGetStartAddr(fileName) if (qwStartEa == 0): print "Error! The specified dump file is not valid!" return False #print "Obtained %s has start virtual address." % hex(qwStartEa) return self.StartPtAnalysis(qwStartEa)
def main(): f = open( idc.AskFile(0, '*.json', 'Where is the JSON report you want to load ?'), 'r') c = idc.AskStr('black', 'Which color do you want ?').lower() report = json.load(f) for i in report['basic_blocks_info']['list']: print '%x' % i['address'], try: color(i['address'], i['nbins'], c) print 'ok' except Exception, e: print 'fail: %s' % str(e)