def get_debugger_argument(bv):
""" Pops up a window that lets the user set the debugger arguments. Implemented
using the native Binja GUI, so we don't have the option of showing a command history"""
mode = ChoiceField("Mode", choices)
text = TextLineField("")
get_form_input([mode, SeparatorField(), text], "Set Run Arguments")
if mode.result is None:
mode = 'raw'
else:
mode = mode.choices[mode.result]
text = str(text.result).strip()
if mode == 'raw':
return text
try:
if mode == 'hex':
return text.decode('hex')
if mode == 'b64':
return b64decode(text)
if mode == 'py2':
return eval(text)
except:
log_alert("Failed to decode input")
return ""
def apply_symbols(self, symbols: dict, sections: list) -> None:
"""Make functions in text section of kernel image
"""
binary_text_start = None
if '.text' in sections:
binary_text_start = sections['.text'].start
else:
archs = get_architectures()
arch_choices = list(archs.keys())
arch_field = ChoiceField('Architecture', arch_choices)
stext_field = IntegerField('stext Symbol Offset')
get_form_input([arch_field, stext_field],
'Kernel Architecture and stext Offset')
self.view.platform = archs[arch_choices[
arch_field.result]].standalone_platform
if stext_field.result is None:
show_message_box('kallsyms', 'Failed to identify stext offset')
return
binary_text_start = stext_field.result
binary_text_end = None
if '.text' in sections:
binary_text_end = sections['.text'].end
else:
binary_text_end = self.view.end
kallsyms_text_start = symbols['T']['_stext']
self.apply_function_symbols(symbols, kallsyms_text_start,
binary_text_start, binary_text_end)
self.apply_data_symbols(symbols, kallsyms_text_start,
binary_text_start)
self.view.update_analysis_and_wait()
def __init__(self):
json_file = SaveFileNameField('Export json file')
get_form_input([json_file], 'BN Export Options')
if json_file.result == '':
self.json_file = None
else:
self.json_file = json_file.result
def map_memory(self):
start = AddressField('Start (hex):')
length = AddressField('Length (hex):')
flags = ChoiceField(
'Flags', ['---', '--x', '-w-', '-wx', 'r--', 'r-x', 'rw-', 'rwx'])
get_form_input([start, length, flags], 'Map Memory')
self.parent().emulator.map_memory(start.result, length.result,
flags.result)
def _get_params(self):
params = {}
start_offset_field = AddressField(
'Start offset for patch (current offset: 0x{:08x})'.format(
self.bv.offset),
view=self.bv, current_address=self.bv.offset)
code_field = MultilineTextField('Code')
get_form_input([start_offset_field, code_field], 'Patch Parameters')
params['start_offset'] = start_offset_field.result
params['code'] = code_field.result
return params
def add_function_hook(emulator, function):
ctx = UIContext.activeContext()
handler = ctx.globalActions()
hook_options = [
a
for a in handler.getAllValidActions()
if "Snippets\\" in a and "emulator" in a.lower()
]
snippets = ChoiceField("Snippets:", hook_options)
get_form_input([snippets], "Add Function Hook")
choice = hook_options[snippets.result]
def dialog(bv):
match_path_field = bn.OpenFileNameField("Match File", "*.BinDiff")
role_field = bn.ChoiceField(
"Current view role",
[ "None", "Primary", "Secondary" ]
)
form_fields = [
match_path_field,
role_field
]
# Present form
if not bn.get_form_input(form_fields, "BinDiff Viewer"):
# User cancelled
return
match_path = match_path_field.result
if role_field.result == 0:
role = None
else:
role = role_field.result - 1
try:
view_bindiff_matches(bv, match_path, role)
except:
bn.show_message_box(
"BinDiff Viewer Error",
"Failed to load matches:\n{}".format(traceback.format_exc())
)
def add_hook(emulator, instruction):
ctx = UIContext.activeContext()
handler = ctx.globalActions()
hook_options = [
a
for a in handler.getAllValidActions()
if "Snippets\\" in a and "emulator" in a.lower()
]
snippets = ChoiceField("Snippets:", hook_options)
get_form_input([snippets], "Add Hook")
choice = hook_options[snippets.result]
emulator.add_hook(instruction, choice)
instruction.function.source_function.set_auto_instr_highlight(
instruction.address, HighlightStandardColor.BlackHighlightColor
)
def run(self) -> None:
"""Run the plugin
"""
# Open the file
filepath = OpenFileNameField('kernel symbol file: ')
get_form_input([filepath], 'Select file containing kallsyms output')
filepath = filepath.result
self.progress = 'kallsyms: importing kernel symbols...'
status, message = self.open_sym_file(filepath)
if status is False:
show_message_box('kallsyms', message)
self.progress = ''
return
sections = self.view.sections
if sections is None:
show_message_box('kallsyms', 'No sections defined')
return
symbols = self.parse_kallsyms_file()
self.apply_symbols(symbols, sections)
def unmap_memory(self):
start = AddressField('Start (hex):')
length = AddressField('Length (hex):')
get_form_input([start, length], 'Unmap Memory')
self.parent().emulator.unmap_memory(start.result, length.result)