def open_comment(self):
"""
This method opens the comment pop-up to add a comment/ or edit an exiting comment.Afterwards it updates
the information to the detailed point of interest in the database.
:return: none
"""
item = self.analysis_tab.poi_listWidget.currentItem()
value = DBConnection.search_by_item(item)
project_db = DBConnection.get_collection(Singleton.get_project())
if item.toolTip() == "Functions":
db_info = project_db["functions"]
elif item.toolTip() == "Strings":
db_info = project_db["string"]
if value is not None:
id = value["_id"]
cmt = value["comment"]
if cmt is None:
cmt = ""
pop_up = CommentDialog(self.analysis_tab, cmt)
comm = pop_up.exec_()
index = {"_id": id}
new_value = {"$set": {"comment": comm}}
db_info.update_one(index, new_value)
self.detailed_poi(item)
new_font = QtGui.QFont()
new_font.setBold(True)
item.setFont(new_font)
def static_functions(rlocal, cplugin):
"""
analysis all the functions in the binary and filters with the selected plugin and adds them to the database
:param rlocal: R2Connection of the binary file
:param cplugin: string current selected plugin
:return: List of dict with filtered functions
"""
items = []
s = Singleton.get_project()
project_db = DBConnection.get_collection(s)
#if project_db["functions"]:
# project_db.drop_collection("functions")
func_db = project_db["functions"]
func_all = rlocal.cmdj("aflj")
func_plg = Plugin.plugin_types("Function", cplugin)
for fc in func_all:
if fc["name"] in func_plg:
function = rlocal.cmdj("axtj %s" % fc["name"])
tmp = fc["name"]
for f in function:
fc["name"] = tmp + " " + hex(f["from"])
items.append(fc["name"])
fc["comment"] = ""
fc["runs"] = []
fc["from"] = hex(f["from"])
if "_id" in fc:
del fc["_id"]
if func_db.find({"name": fc["name"]}).count() == 0:
func_db.insert_one(fc)
return items
def poi_comboBox_change(self, text):
"""
This function listens for a change in the poi window to change the current filter and updates the
filtered pois which are stored in the database in the list view
:param text: poi's type
:return: none
"""
s = Singleton.get_project()
if s == "BEAT":
msg = ErrorDialog(self.analysis_tab, "Please select a project first", "Static analysis Error")
msg.exec_()
return
self.analysis_tab.poi_listWidget.clear()
project_db = DBConnection.get_collection(s)
if text == "Functions":
project_info = project_db["functions"]
cursor = project_info.find()
for db in cursor:
item = self.set_item(db["name"], "Functions")
item = self.change_font(item)
self.analysis_tab.poi_listWidget.addItem(item)
elif text == "Strings":
project_info = project_db["string"]
cursor = project_info.find()
for db in cursor:
text = db["string"]
item = self.set_item(text, "Strings")
item = self.change_font(item)
self.analysis_tab.poi_listWidget.addItem(item)
elif text == "All":
project_info = project_db["functions"]
cursor = project_info.find()
for db in cursor:
item = self.set_item(db["name"], "Functions")
item = self.change_font(item)
self.analysis_tab.poi_listWidget.addItem(item)
project_info = project_db["string"]
cursor = project_info.find()
for db in cursor:
text = db["string"]
item = self.set_item(text, "Strings")
item = self.change_font(item)
self.analysis_tab.poi_listWidget.addItem(item)
def return_funcitions(self, text):
""" This method receives the information from the breakpoint and stores the information into the database.
:param text: information received
:return: none
"""
value = DBConnection.search_by_name(text["name"], "Functions")
project_db = DBConnection.get_collection(Singleton.get_project())
db_info = project_db["functions"]
if value is not None:
id = value["_id"]
index = {"_id": id}
runs = value["runs"]
run = {"name":input,"rtnPara": text["rtnPara"], "rtnFnc": text["rtnFnc"]}
runs.append(run)
new_value = {"$set": {"runs": runs}}
db_info.update_one(index, new_value)
def search_by_name(name, type):
"""
Gets all the information of poi from the database
:param name: String name of poi
:param type: String type of the poi
:return: Dict with all poi info
"""
s = Singleton.get_project()
project_db = get_collection(s)
value = None
if type == "Functions":
project_info = project_db["functions"]
cursor = project_info.find_one({"name": name})
if cursor is not None:
value = {"_id": cursor["_id"], 'name': cursor["name"], 'signature': cursor["signature"],
'varaddress': hex(cursor["offset"]), 'from': cursor["from"], 'comment': cursor["comment"], 'runs':cursor["runs"]}
return value
def input_terminal(self, text):
"""
This method checks if the dynamic analysis thread is running if it's being run it passes the text as an input
pipe.Otherwise passes the text as a command for Radare.
:param text: text for argument
:return: none
"""
if self.run == 0:
if Singleton.get_project() != "BEAT":
try:
r2 = model.analysis.StaticAnalysis.static_all(Singleton.get_path())
self.terminal(text + ' >\n')
self.terminal(r2.cmd(text))
except Exception as e:
x = ErrorDialog(self.analysis_tab, str(e), "Error")
x.exec_()
self.analysis_tab.terminal_window_lineEdit.setText("")
else:
x = ErrorDialog(self.analysis_tab, "First select a project", "Error")
x.exec_()
elif self.run == 1:
thread.input(text)
self.analysis_tab.terminal_window_lineEdit.clear()
def static_strings(rlocal, cplugin):
"""
analysis all the strings in the binary and filters with nthe selected plugin and adds them to the database
:param rlocal: R2Connection of the binary file
:param cplugin: string current selected plugin
:return: List of dict with filtered strings
"""
items = []
s = Singleton.get_project()
project_db = DBConnection.get_collection(s)
# Strings
strings = rlocal.cmdj("izj")
str_plg = Plugin.plugin_types("String", cplugin)
#if project_db["string"]:
# project_db.drop_collection("string")
str_db = project_db["string"]
for string in strings:
text = string["string"]
text_decoded = base64.b64decode(text)
for i in str_plg:
if i.upper() in text_decoded.decode().upper():
x = rlocal.cmdj("axtj %s" % string["vaddr"])
tmp = text_decoded.decode()
for str in x:
string["string"] = tmp + " " + hex(str["from"])
items.append(string["string"])
string["from"] = hex(str["from"])
string["comment"] = ""
if "_id" in string:
del string["_id"]
if str_db.find({"string": string["string"]}).count() == 0:
str_db.insert_one(string)
break
return items
def search_by_item(item):
"""
Gets all the information of a poi from a listwidget item
:param item: ListwidgetItem selected poi
:return: dict with pois info
"""
if item is not None:
s = Singleton.get_project()
project_db = get_collection(s)
value = None
if item.toolTip() == "Functions":
project_info = project_db["functions"]
cursor = project_info.find_one({"name": item.text()})
if cursor is not None:
value = {"_id":cursor["_id"],'name': cursor["name"], 'signature': cursor["signature"], 'varaddress': hex(cursor["offset"]),
'from': cursor["from"], 'comment': cursor["comment"],"runs": cursor["runs"]}
elif item.toolTip() == "Strings":
project_info = project_db["string"]
cursor = project_info.find_one({"string": item.text()})
if cursor is not None:
value = {"_id":cursor["_id"],'string': cursor["string"], 'varaddress': hex(cursor["vaddr"]), 'from': cursor["from"],
'comment': cursor["comment"]}
return value
return None
def static(self):
"""
This method listens to the click of the static analysis button and connects with the model to preform
static analysis.This method also saves into the database depending on the type.
:return: none
"""
s = Singleton.get_project()
if s == "BEAT":
x = ErrorDialog(self.analysis_tab, "Please select a project", "Static analysis Error")
x.exec_()
return
if self.analysis_tab.plugin_comboBox.count() == 0:
x = ErrorDialog(self.analysis_tab, "Please install a plugin", "Static analysis Error")
x.exec_()
return
QtWidgets.QApplication.setOverrideCursor(QtCore.Qt.WaitCursor)
self.analysis_tab.poi_listWidget.clear()
print(Singleton.get_path())
rlocal = model.analysis.StaticAnalysis.static_all(Singleton.get_path())
try:
if self.analysis_tab.poi_comboBox.currentText() == "All":
strings = model.analysis.StaticAnalysis.static_strings(rlocal,
self.analysis_tab.plugin_comboBox.currentText())
for st in strings:
item = self.set_item(st, "Strings")
item = self.change_font(item)
self.analysis_tab.poi_listWidget.addItem(item)
functions = model.analysis.StaticAnalysis.static_functions(rlocal,
self.analysis_tab.plugin_comboBox.currentText())
for fc in functions:
item = self.set_item(fc, "Functions")
item = self.change_font(item)
self.analysis_tab.poi_listWidget.addItem(item)
elif self.analysis_tab.poi_comboBox.currentText() == "Functions":
functions = model.analysis.StaticAnalysis.static_functions(rlocal,
self.analysis_tab.plugin_comboBox.currentText())
for fc in functions:
item = self.set_item(fc, "Functions")
item = self.change_font(item)
self.analysis_tab.poi_listWidget.addItem(item)
elif self.analysis_tab.poi_comboBox.currentText() == "Strings":
strings = model.analysis.StaticAnalysis.static_strings(rlocal,
self.analysis_tab.plugin_comboBox.currentText())
for st in strings:
item = self.set_item(st, "Strings")
item = self.change_font(item)
self.analysis_tab.poi_listWidget.addItem(item)
except Exception as e:
x = ErrorDialog(self.analysis_tab, str(e), "Static analysis Error")
x.exec_()
rlocal.quit()
QtWidgets.QApplication.restoreOverrideCursor()
def set_running(self):
self.main_window.setWindowTitle("BEAT | Running " + Singleton.get_project())
def set_project_name(self):
self.main_window.setWindowTitle("BEAT | " + Singleton.get_project())