def OnPopupMenu(self, menu_id): if menu_id == self.menu_toggledata: self.showData = not self.showData self.refresh() elif menu_id == self.menu_toggleret: self.showRet = not self.showRet self.refresh() elif menu_id == self.menu_populatestrings: self.popStrings = not self.popStrings if self.popStrings: self.strBase = idc.AskLong(self.strBase, "Base displacement to use?") self.refresh() elif menu_id == self.menu_savetofile: fileName = idc.AskFile(1, "*.*", "Export ROP Disasembly view") if fileName and self.save_to_file(fileName): print "disasm saved to %s" % fileName else: return False return True
def gui_action_callback(self, vu): cfunc = vu.cfunc.__deref__() if not vu.get_current_item(idaapi.USE_KEYBOARD): print "Force lvar width: you don't have anything selected" return False badlv = vu.item.get_lvar() if not badlv: print "Force lvar width: you don't have an lvar selected" return False new_width = idc.AskLong(badlv.width, "Enter the new width for " + badlv.name) if new_width == None: # cancelled print "Force lvar width: operation cancelled" return False if new_width <= 0: print "Force lvar width: not allowed. Non-positive width will crash IDA" return False badlv.set_width(new_width) print 'Set the type in IDA (Y) for it to apply' idaapi.process_ui_action('hx:SetType') # vu.refresh_ctext() print 'Force lvar width: OK.' return True
def stingray_config(): input = idc.AskLong( ConfigStingray.SEARCH_RECURSION_MAXLVL, "Please enter string search max. depth:" "\n( 0 - non-recursive mode )" ) if input >= 0: ConfigStingray.SEARCH_RECURSION_MAXLVL = input
def autoenum(self): common_value = get_common_value() enum_name = idc.AskStr(self._last_enum, "Enum Name") if enum_name is None: return if not enum_name: enum_name = None self._last_enum = enum_name # Can't ask with negative numbers. if common_value >> ((8 * sark.core.get_native_size()) - 1): common_value = 0 const_value = idc.AskLong(common_value, "Const Value") if const_value is None: return modify = True try: enum = sark.add_enum(enum_name) except sark.exceptions.EnumAlreadyExists: enum = sark.Enum(enum_name) yes_no_cancel = idc.AskYN(idaapi.ASKBTN_NO, "Enum already exists. Modify?\n") if yes_no_cancel == idaapi.ASKBTN_CANCEL: return elif yes_no_cancel == idaapi.ASKBTN_YES: modify = True else: # yes_no_cancel == idaapi.ASKBTN_NO: modify = False member_name = const_name(enum, const_value) if modify: try: enum.members.add(member_name, const_value) except sark.exceptions.SarkErrorAddEnumMemeberFailed as ex: idaapi.msg("[AutoEnum] Adding enum member failed: {}.".format( ex.message)) else: for member in enum.members: if member.value == const_value: member_name = member.name break else: return # Apply the enum apply_enum_by_name(enum, member_name)
def OnKeydown(self, vkey, shift): """ User pressed a key @param vkey: Virtual key code @param shift: Shift flag @return: Boolean. True if you handled the event """ print "OnKeydown, vk=%d shift=%d" % (vkey, shift) # ESCAPE? if vkey == 27: self.Close() # VK_DELETE elif vkey == 46: n = self.GetLineNo() if n is not None: self.DelLine(n) self.Refresh() print "Deleted line %d" % n # Goto? elif vkey == ord('G'): n = self.GetLineNo() if n is not None: v = idc.AskLong(self.GetLineNo(), "Where to go?") if v: self.Jump(v, 0, 5) elif vkey == ord('R'): print "refreshing...." self.Refresh() elif vkey == ord('C'): print "refreshing current line..." self.RefreshCurrent() elif vkey == ord('A'): s = idc.AskStr("NewLine%d" % self.Count(), "Append new line") self.AddLine(s) self.Refresh() elif vkey == ord('X'): print "Clearing all lines" self.ClearLines() self.Refresh() elif vkey == ord('I'): n = self.GetLineNo() s = idc.AskStr("InsertedLine%d" % n, "Insert new line") self.InsertLine(n, s) self.Refresh() elif vkey == ord('E'): l = self.GetCurrentLine(notags=1) if not l: return False n = self.GetLineNo() print "curline=<%s>" % l l = l + idaapi.COLSTR("*", idaapi.SCOLOR_VOIDOP) self.EditLine(n, l) self.RefreshCurrent() print "Edited line %d" % n else: return False return True
def set_stack_entries(self): value = idc.AskLong(config.n_stack_entries, "Set the number of stack entries to show") if value is not None: if value <= 0: idaapi.warning("Negative values are not allowed") return False config.n_stack_entries = value self.reload_info() return True return False
def ask(askType, defaultVal, prompt): if askType is int or askType is long: return idc.AskLong(defaultVal, prompt) elif askType is str: return idc.AskStr(defaultVal, prompt) elif askType is bool: result = idc.AskYN(defaultVal, prompt) return bool(result) if result != -1 else None elif askType is file: typeAssert(defaultVal, bool) fname = idc.AskFile(defaultVal, "", prompt) if not isString(fname): return None return open(fname, "w" if defaultVal else "r")
def set_deref_levels(self): value = idc.AskLong(config.max_deref_levels, "Set current dereferencing levels to show") if value is not None: if value < 0: idaapi.warning("Negative values are not allowed") return False if value > config.deref_limit: idaapi.warning("Value should not exceed the dereferencing limit: %d" % config.deref_limit) return False config.max_deref_levels = value self.reload_info() return True return False
def runToSyscall(self): value = idc.AskLong(0, "Syscall number?") print('run to syscall of %d' % value) if value == 0: simicsString = gdbProt.Evalx('SendGDBMonitor("@cgc.runToSyscall()");') else: simicsString = gdbProt.Evalx('SendGDBMonitor("@cgc.runToSyscall(%s)");' % value) eip = gdbProt.getEIPWhenStopped(kernel_ok=True) #print('runtoSyscall, stopped at eip 0x%x, now run to user space.' % eip) self.showSimicsMessage() simicsString = gdbProt.Evalx('SendGDBMonitor("@cgc.runToUserSpace()");') eip = gdbProt.getEIPWhenStopped() #print('runtoSyscall, stopped at eip 0x%x, then stepwait.' % eip) #gdbProt.stepWait() self.signalClient(norev=True) eax = idc.GetRegValue("EAX") print('Syscall result: %d' % int(eax))
def ShowFunctionsBrowser(mea=None, show_runtime=False, show_string=True, mynav=None): try: if mea is None: ea = idc.ScreenEA() else: ea = mea num = idc.AskLong(3, "Maximum recursion level") if not num: return result = list(idautils.CodeRefsFrom(ea, idc.BADADDR)) g = FunctionsBrowser("Code Refs Browser %s" % idc.GetFunctionName(ea), ea, result) g.max_level = num g.show_string = True g.show_runtime_functions = show_runtime g.mynav = mynav g.Show() except: print "Error", sys.exc_info()[1]
def OnKeydown(self, vkey, shift): # ESCAPE? if vkey == 27: self.Close() #ENTER elif vkey == ord('\r'): ea = self.GetCurrentWord() try: ea = int(ea, base=0) idc.Jump(ea) except: print("Cannot jump to '%s'" % (ea)) elif vkey == ord('G'): #add line n = self.GetLineNo() if n is not None: v = idc.AskLong(n, "Where to go?") if v: self.Jump(v) elif vkey == ord('E'): idx = self.GetLineNo() if idx is not None: l = self.lines[idx] new_l = idc.AskStr(l, 'Insert line:') if new_l is not None: self.lines[idx] = new_l self.EditLine(idx, new_l) self.Refresh() elif vkey == ord('L'): #load path = idaapi.ask_file(0, '*.json', 'Insert lines source') self.load(path) elif vkey == ord('S'): #save #for_saving = 1 path = idaapi.ask_file(1, '*.json', 'Insert json path to save db to') self.save(path) else: return False return True
def rename_immediate(): highlighted = idaapi.get_highlighted_identifier() try: desired = int(highlighted, 0) except (ValueError, TypeError): desired = None value = idc.AskLong(get_common_value(desired), "Const Value") if value is None: return name = idc.AskStr("", "Constant Name") if name is None: return try: enum = sark.Enum('GlobalConstants') except sark.exceptions.EnumNotFound: enum = sark.add_enum('GlobalConstants') enum.members.add(name, value) apply_enum_by_name(enum, name)
if __name__ == "__main__": trace_path = "" filename = "" in_ida = True try: import idc in_ida = True except ImportError as e: print("not run in ida python skip comment...") in_ida = False # is_clean=0 if (in_ida): trace_path = idc.AskStr("trace-jni.txt", "trace path") is_clean = idc.AskLong(0, "clean path?") if (not os.path.isabs(trace_path)): script_path = os.path.split(os.path.realpath(__file__))[0] trace_path = "%s/%s"%(script_path, trace_path) # filename = idc.get_root_filename() # else: trace_path = sys.argv[1] filename = sys.argv[2] if (len(sys.argv)<3): print("usage %s <trace-file> <filename>"%sys.argv[0]) sys.exit(-1) # # dic_call = {}
import idc start = idc.AskAddr(ScreenEA(),"Start Address:") length = idc.AskLong(ItemSize(ScreenEA()),"Length:") datatype = idc.AskStr("b","Type:") i = 1 if datatype == "B" or datatype == "b": func = idc.Byte elif datatype == "w" or datatype == "W": func = idc.Word i = 2 elif datatype == "d" or datatype == "D": func = idc.Dword i = 4 elif datatype == "q" or datatype == "Q": func = idc.Qword i = 8 elif datatype == "f" or datatype == "F": func = idc.GetFloat i = 4 elif datatype == "lf" or datatype == "LF": func = idc.GetDouble i = 8 else: func = idc.Byte a = [] for n in range(0,length*i,i):
def ask_long(value, prompt): if idaapi.IDA_SDK_VERSION <= 699: retval = idc.AskLong(value, prompt) else: retval = ida_kernwin.ask_long(value, prompt) return retval
def OnCommand(self, cmd_id): try: cmd = self.commands[cmd_id] if cmd == "refresh": self.Refresh() elif cmd == "hide": l = {} i = 0 for x in self.nodes: name = idc.GetFunctionName(int(x)) if name and name != "": l[i] = name i += 1 for x in self.hidden: name = idc.GetFunctionName(int(x)) if name and name != "": l[i] = name i += 1 chooser = idaapi.Choose([], "Show/Hide functions", 3) chooser.width = 50 chooser.list = l c = chooser.choose() if c: c = c - 1 c = idc.LocByName(l[c]) if c in self.hidden: self.hidden.remove(c) else: self.hidden.append(c) self.Refresh() elif cmd == "unhide": self.hidden = [] self.Refresh() elif cmd == "strings": self.show_string = not self.show_string self.Refresh() elif cmd == "apis": self.show_runtime_functions = not self.show_runtime_functions self.Refresh() elif cmd == "recursion": num = idc.AskLong(self.max_level, "Maximum recursion level") if num: self.max_level = num self.Refresh() elif cmd == "open": g = self.mynav.showSavedGraphs() if g: nodes, hidden = self.mynav.loadSavedGraphNodes(g) name, ea, level, strings, runtime = self.mynav.loadSavedGraphData( g) self.title = name self.father = ea self.max_level = level self.show_runtime_functions = runtime self.show_string = strings self.hidden = hidden self.result = nodes self.Refresh() elif cmd == "save": self.mynav.saveGraph(self.father, self.max_level, self.show_runtime_functions, \ self.show_string, self.hidden, self.result) except: print "OnCommand:", sys.exc_info()[1] return True
import idautils import idaapi import idc ea = ScreenEA() if idaapi.isCode(idaapi.getFlags(ea)): cmd = idc.GetDisasm(ea) prt_str = "Current cmd: %s" % cmd select = idc.ask_yn(ASKBTN_YES, prt_str) if select == ASKBTN_YES: length = idc.AskLong(1, "Instruction Number:") if length > 0: n = 0 print "" oplist = [] for i in xrange(length): if idaapi.isCode(idaapi.getFlags(ea)): n += 1 cmd = idc.GetDisasm(ea) print cmd if cmd[:3] == "mov": op1 = idc.get_operand_value(ea, 0) op2 = idc.get_operand_value(ea, 1) oplist.append((op1, op2)) #print hex(op1),hex(op2) else: break ea = idc.NextHead(ea) print "Process %d Instructions" % n oplist.sort() for (i, j) in oplist:
def fun(defval, prompt): res[0] = idc.AskLong(defval, prompt)