def print_symbols(self, print_sections, sym_filter=None): if sym_filter is not None: sym_filter = sym_filter.lower() if sym_filter[0] == "-": invert_match = True sym_filter = sym_filter[1:] else: invert_match = False total = 0 # TODO: race condition with the analyzer ? for sy in list(self.binary.symbols): ad = self.binary.symbols[sy] if sym_filter is None or \ (invert_match and sym_filter not in sy.lower()) or \ (not invert_match and sym_filter in sy.lower()): if sy: section = self.binary.get_section(ad) print_no_end(color_addr(ad) + " " + sy) if print_sections and section is not None: print_no_end(" (" + color_section(section.name) + ")") print() total += 1 print("Total:", total)
def print(self): for l in self.token_lines: for (string, col, is_bold) in l: if self.gctx.color: if col != 0: string = color(string, col) if is_bold: string = bold(string) print_no_end(string) print()
def __exec_info(self, args): if self.gctx.filename is None: print("no file loaded") return print("File:", self.gctx.filename) statinfo = os.stat(self.gctx.filename) print("Size: %.2f ko" % (statinfo.st_size/1024.)) print_no_end("Type: ") ty = self.gctx.dis.binary.type if ty == T_BIN_PE: print("PE") elif ty == T_BIN_ELF: print("ELF") elif ty == T_BIN_RAW: print("RAW") import capstone as CAPSTONE arch, mode = self.gctx.dis.binary.get_arch() print_no_end("Arch: ") if arch == CAPSTONE.CS_ARCH_X86: if mode & CAPSTONE.CS_MODE_32: print("x86") elif mode & CAPSTONE.CS_MODE_64: print("x64") elif arch == CAPSTONE.CS_ARCH_ARM: print("arm") elif arch == CAPSTONE.CS_ARCH_MIPS: if mode & CAPSTONE.CS_MODE_32: print("mips") elif mode & CAPSTONE.CS_MODE_64: print("mips64 (octeon)") else: print("not supported") if mode & CAPSTONE.CS_MODE_BIG_ENDIAN: print("Endianess: big endian") else: print("Endianess: little endian")
def __exec_info(self, args): if self.gctx.filename is None: print("no file loaded") return print("File:", self.gctx.filename) statinfo = os.stat(self.gctx.filename) print("Size: %.2f ko" % (statinfo.st_size / 1024.)) print_no_end("Type: ") ty = self.gctx.dis.binary.type if ty == T_BIN_PE: print("PE") elif ty == T_BIN_ELF: print("ELF") elif ty == T_BIN_RAW: print("RAW") import capstone as CAPSTONE arch, mode = self.gctx.dis.binary.get_arch() print_no_end("Arch: ") if arch == CAPSTONE.CS_ARCH_X86: if mode & CAPSTONE.CS_MODE_32: print("x86") elif mode & CAPSTONE.CS_MODE_64: print("x64") elif arch == CAPSTONE.CS_ARCH_ARM: print("arm") elif arch == CAPSTONE.CS_ARCH_MIPS: if mode & CAPSTONE.CS_MODE_32: print("mips") elif mode & CAPSTONE.CS_MODE_64: print("mips64 (octeon)") else: print("not supported") if mode & CAPSTONE.CS_MODE_BIG_ENDIAN: print("Endianess: big endian") else: print("Endianess: little endian")
def dump_data_ascii(self, ctx, lines): N = 128 # read by block of 128 bytes ad = ctx.entry s = self.binary.get_section(ad) print(hex(ad)) s.print_header() l = 0 ascii_str = [] ad_str = -1 while l < lines: buf = s.read(ad, N) if not buf: break i = 0 while i < len(buf): if ad > s.end: return j = i while j < len(buf): c = buf[j] if c not in BYTES_PRINTABLE_SET: break if ad_str == -1: ad_str = ad ascii_str.append(c) j += 1 if c != 0 and j == len(buf): ad += j - i break if c == 0 and len(ascii_str) >= 2: if self.is_label(ad_str): print(color_symbol(self.get_symbol(ad_str))) print_no_end(color_addr(ad_str)) print_no_end( color_string("\"" + "".join(map(get_char, ascii_str)) + "\"")) print(", 0") ad += j - i i = j else: if self.is_label(ad): print(color_symbol(self.get_symbol(ad))) print_no_end(color_addr(ad)) print("0x%.2x " % buf[i]) ad += 1 i += 1 ad_str = -1 ascii_str = [] l += 1 if l >= lines: return
def dump_data_ascii(self, ctx, lines): N = 128 # read by block of 128 bytes ad = ctx.entry s = self.binary.get_section(ad) print(hex(ad)) s.print_header() l = 0 ascii_str = [] ad_str = -1 while l < lines: buf = s.read(ad, N) if not buf: break i = 0 while i < len(buf): if ad > s.end: return j = i while j < len(buf): c = buf[j] if c not in BYTES_PRINTABLE_SET: break if ad_str == -1: ad_str = ad ascii_str.append(c) j += 1 if c != 0 and j == len(buf): ad += j - i break if c == 0 and len(ascii_str) >= 2: if self.is_label(ad_str): print(color_symbol(self.get_symbol(ad_str))) print_no_end(color_addr(ad_str)) print_no_end(color_string( "\"" + "".join(map(get_char, ascii_str)) + "\"")) print(", 0") ad += j - i i = j else: if self.is_label(ad): print(color_symbol(self.get_symbol(ad))) print_no_end(color_addr(ad)) print("0x%.2x " % buf[i]) ad += 1 i += 1 ad_str = -1 ascii_str = [] l += 1 if l >= lines: return
def __exec_help(self, args): for name in COMMANDS_ALPHA: cmd = self.COMMANDS[name] if cmd.callback_exec is not None: print_no_end(color(name, 2)) print_no_end(" ") for i, line in enumerate(cmd.desc): if i > 0: print_no_end(self.TAB) print(line)
def print_symbols(self, print_sections, sym_filter=None): if sym_filter is not None: sym_filter = sym_filter.lower() if sym_filter[0] == "-": invert_match = True sym_filter = sym_filter[1:] else: invert_match = False total = 0 # TODO: race condition with the analyzer ? for sy in list(self.db.symbols): ad = self.db.symbols[sy] if ad in self.db.reverse_demangled: dem = self.db.reverse_demangled[ad] else: dem = None print_sym = True if sym_filter is None or \ (invert_match and sym_filter not in sy.lower()) or \ (not invert_match and sym_filter in sy.lower()) or \ (dem is not None and ((invert_match and sym_filter not in dem.lower()) or \ (not invert_match and sym_filter in dem.lower()))): if sy: print_no_end(color_addr(ad)) if dem is not None: print_no_end(" %s (%s) " % (dem, color_comment(sy))) else: print_no_end(" " + sy) section = self.binary.get_section(ad) if print_sections and section is not None: print_no_end(" (" + color_section(section.name) + ")") print() total += 1 print("Total:", total)
def print_functions(self, api): total = 0 lst = list(self.functions) lst.sort() # TODO: race condition with the analyzer ? for ad in lst: print_no_end(color_addr(ad)) sy = api.get_symbol(ad) if ad in self.db.reverse_demangled: print_no_end(" %s (%s) " % (self.db.reverse_demangled[ad], color_comment(sy))) else: print_no_end(" " + sy) print() total += 1 print("Total:", total)
def print_functions(self, api): total = 0 lst = list(self.functions) lst.sort() # TODO: race condition with the analyzer ? for ad in lst: print_no_end(color_addr(ad)) sy = api.get_symbol(ad) if ad in self.db.reverse_demangled: print_no_end( " %s (%s) " % (self.db.reverse_demangled[ad], color_comment(sy))) else: print_no_end(" " + sy) print() total += 1 print("Total:", total)
def print_header(self): print_no_end(color_section(self.name.ljust(20))) print_no_end(" [ ") print_no_end(hex(self.start)) print_no_end(" - ") print_no_end(hex(self.end)) print_no_end(" - %d - %d" % (self.virt_size, self.real_size)) print(" ]")
def dump_data(self, ctx, lines, size_word): ad = ctx.entry s = self.binary.get_section(ad) s.print_header() for w in self.read_array(ad, lines, size_word, s): if self.is_label(ad): print(color_symbol(self.get_symbol(ad))) print_no_end(color_addr(ad)) print_no_end("0x%.2x" % w) section = self.binary.get_section(w) if section is not None: print_no_end(" (") print_no_end(color_section(section.name)) print_no_end(")") if size_word >= 4 and self.is_label(w): print_no_end(" ") print_no_end(color_symbol(self.get_symbol(w))) ad += size_word print()
def __exec_sections(self, args): print_no_end("NAME".ljust(20)) print(" [ START - END - VIRTUAL_SIZE - RAW_SIZE ]") for s in self.gctx.dis.binary.iter_sections(): s.print_header()
def print_line(ad, line): if not line: return print_no_end(color_addr(ad)) for by in line: print_no_end("%.2x " % by) if len(line) != MAX_NB_BYTES: print_no_end(" " * (MAX_NB_BYTES - len(line))) print_no_end("| ") for by in line: if by in BYTES_PRINTABLE_SET and by != 13 and by != 9 and by != 10: print_no_end("%c" % by) else: print_no_end(".") print()