def goto(shift=False):
print("GhIDA:: [DEBUG] goto called")
symbol = None
ret = ida_kernwin.get_highlight(ida_kernwin.get_current_viewer())
if ret and ret[1]:
symbol = ret[0]
if not symbol:
return False
address = gl.get_address_for_symbol(symbol)
if not address:
return False
print("OnDblClick, shift=%d, selection:%s, address:%s" %
(shift, symbol, address))
# Update IDA DISASM view
idaapi.jumpto(address)
# Update IDA DECOMP view
ea = gl.convert_address(address)
print("GhIDA:: [DEBUG] update view to %s" % ea)
DECOMP_VIEW.switch_to_address(ea)
return True
def highlight_symbol_in_DISASM():
"""
Select a symbol in the DECOMP view,
highlight the corresponding symbols in IDA DISASM view.
"""
# print("GhIDA:: [DEBUG] highlight_symbol_in_DISASM called")
disasm_widget = idaapi.find_widget('IDA View-A')
symbol = None
ret = ida_kernwin.get_highlight(ida_kernwin.get_current_viewer())
if ret and ret[1]:
symbol = ret[0]
if not symbol:
# TODO improve it
# Highlight a non-existing symbole
idaapi.set_highlight(disasm_widget, 'aaabbbccc', 1)
return True
converted_symbol = from_ghidra_to_ida_syntax_conversion(symbol)
if converted_symbol:
# Update IDA DISASM view
idaapi.set_highlight(disasm_widget, converted_symbol, 1)
else:
# TODO improve it
# Highlight a non-existing symbole
idaapi.set_highlight(disasm_widget, 'aaabbbccc', 1)
return True
def get_ea_from_highlight():
view = idaapi.get_current_viewer()
thing = ida_kernwin.get_highlight(view)
if thing and thing[1]:
# we have a highligh, is it a valid name ?
ea = idc.get_name_ea_simple(thing[0])
if ea != idaapi.BADADDR:
return ea
# get name at screen ea
ea = idc.get_screen_ea()
name = idc.get_name(ea, idaapi.GN_DEMANGLED)
if name and thing[0] in name:
return ea
# Try to get full highlight name
place = idaapi.get_custom_viewer_place(view, False)
if place and len(place) == 3: # (plate_t, x, y)
ea = place[0].toea()
far_code_refs = [xref.to for xref in idautils.XrefsFrom(ea, ida_xref.XREF_FAR)]
if far_code_refs:
return far_code_refs[0] # First xref
# Reach now, we do not have any valid name, return current screen ea
return idc.get_screen_ea()
def get_selected_text():
""" Get the highlight text. If none, force IDA copy text and we will get from clipboard """
text = ""
old_text = clip_text()
view = idaapi.get_current_viewer()
if view:
thing = ida_kernwin.get_highlight(view)
if thing and thing[1]:
text = thing[0]
# We not have a highlight text
if not text:
for action in idaapi.get_registered_actions():
if "Copy" in action:
shortcut = idaapi.get_action_shortcut(action)
state = idaapi.get_action_state(action)
if ("Ctrl-C" in shortcut) and (state and state[0] and (state[1] <= idaapi.AST_ENABLE)):
idaapi.process_ui_action(action)
text = clip_text()
if text != old_text:
break
if not text:
plg_print("Could not get any highlight/auto copied text\n" \
"Search with old clipboard text: '%s'" % old_text)
text = old_text
return text
def activate(self, ctx):
cur_ea = ida_kernwin.get_screen_ea()
pfn = ida_funcs.get_func(cur_ea)
if pfn:
v = ida_kernwin.get_current_viewer()
result = ida_kernwin.get_highlight(v)
if result:
stkvar_name, _ = result
frame = ida_frame.get_frame(cur_ea)
sptr = ida_struct.get_struc(frame.id)
mptr = ida_struct.get_member_by_name(sptr, stkvar_name)
if mptr:
fii = ida_funcs.func_item_iterator_t()
ok = fii.set(pfn)
while ok:
ea = fii.current()
F = ida_bytes.get_flags(ea)
for n in range(ida_ida.UA_MAXOP):
if not ida_bytes.is_stkvar(F, n):
continue
insn = ida_ua.insn_t()
if not ida_ua.decode_insn(insn, ea):
continue
v = ida_frame.calc_stkvar_struc_offset(
pfn, insn, n)
if v >= mptr.soff and v < mptr.eoff:
print("Found xref at 0x%08x, operand #%d" %
(ea, n))
ok = fii.next_code()
else:
print("No stack variable named \"%s\"" % stkvar_name)
else:
print("Please position the cursor within a function")
def arachno():
"""gets textual representation of currently selected identifier
from any current IDA view, opens a new browser tab and googles for it
"""
r = kw.get_highlight(kw.get_current_viewer())
if r:
webbrowser.open("https://google.com/search?q=%s" % r[0], new=2)
def getHighlight():
if idaapi.IDA_SDK_VERSION <= 699:
retval = idaapi.get_highlighted_identifier()
else:
v = ida_kernwin.get_current_viewer()
t = ida_kernwin.get_highlight(v)
retval = None
if t is None:
print('Nothing highlighted in viewer %s' % str(v))
else:
retval, flags = t
return retval
def get_curr_highlighted_str():
"""
Return the currently highlighted identifier or None if nothing is
highlighted. This get it from the current view.
:return: The string of the highlighted object or None if nothing
is highlighted.
"""
t = ida_kernwin.get_highlight(ida_kernwin.get_current_viewer())
if t is None:
return t
return t[0]
def OnDblClick(self, node_id):
target_ea = self.items[node_id].ea
r = ida_kernwin.get_highlight(ida_kernwin.get_current_viewer())
if r:
text, _ = r
# ghetto-convert hex strings to int
try:
target_ea = int(text, 16)
except ValueError:
pass
ida_kernwin.jumpto(target_ea)
return True
def get_cursor_reg(ea):
#print 'get_cursor_reg'
if 'get_highlight' in dir(ida_kernwin): #in IDA 7.1
w = ida_kernwin.get_current_viewer()
t = ida_kernwin.get_highlight(w)
reg = None
if t:
reg, _ = t
else: #in IDA 6.98
reg = ida_kernwin.get_highlighted_identifier()
if reg is None:
return None
reg = get_reg_canon_name(ea, reg)
if reg in idautils.GetRegisterList():
return reg
return None
def run(self, arg):
# Get the highlighted identifier
v = ida_kernwin.get_current_viewer()
ident, ok = ida_kernwin.get_highlight(v)
if not ok:
print("No identifier was highlighted")
return
ident = self.sanitize_name(ident)
print("Looking up '%s' in MSDN online" % ident)
d = feedparser.parse(get_url(ident))
if len(d['entries']) > 0:
url = d['entries'][0].link
if arg > 0:
print("URL: %s" % url)
else:
import webbrowser
webbrowser.open_new_tab(url)
else:
print("API documentation not found for: %s" % ident)
def run(self, arg):
# Get the highlighted identifier
v = ida_kernwin.get_current_viewer()
ident, ok = ida_kernwin.get_highlight(v)
if not ok:
print "No identifier was highlighted"
return
ident = self.sanitize_name(ident)
print "Looking up '%s' in MSDN online" % ident
d = feedparser.parse(get_url(ident))
if len(d['entries']) > 0:
url = d['entries'][0].link
if arg > 0:
print("URL: %s" % url)
else:
import webbrowser
webbrowser.open_new_tab(url)
else:
print "API documentation not found for: %s" % ident
def run(self, arg):
# Get the highlighted identifier
v = ida_kernwin.get_current_viewer()
ident, ok = ida_kernwin.get_highlight(v)
if not ok:
print "No identifier was highlighted"
return
ident = self.sanitize_name(ident)
print "Looking up '%s' in MSDN online" % ident
qurl = "https://social.msdn.microsoft.com/search/en-US/feed?query=%s&format=RSS&theme=feed%%2fen-us"
d = feedparser.parse(qurl % ident)
if len(d['entries']) > 0:
url = d['entries'][0].link
if arg > 0:
print("URL: %s" % url)
else:
import webbrowser
webbrowser.open_new_tab(url)
else:
print "API documentation not found for: %s" % ident
def highlight_symbol_in_DECOMP():
"""
Select a symbol in the IDA DISASM view,
highlight the corresponding symbol in DECOMP view.
"""
# print("GhIDA:: [DEBUG] highlight_symbol_in_DECOMP called")
symbol = None
ret = ida_kernwin.get_highlight(ida_kernwin.get_current_viewer())
if ret and ret[1]:
symbol = ret[0]
if not symbol:
return
converted_symbol = from_ida_to_ghidra_syntax_conversion(symbol)
decompiler_widget = idaapi.find_widget('Decompiled Function')
if converted_symbol:
# Update IDA DECOMP view
idaapi.set_highlight(decompiler_widget, converted_symbol, 1)
else:
idaapi.set_highlight(decompiler_widget, 'aaabbbccc', 1)
return
def for_each_call_to(callback, va=None):
"""For each xref to va that is a call, pass xref va to callback.
Falls back to highlighted identifier or current location if va is
unspecified.
"""
if not va:
v = ida_kernwin.get_current_viewer()
hi = ida_kernwin.get_highlight(v)
if hi and hi[1]:
nm = hi[0]
va = idc.get_name_ea_simple(nm)
if va >= idaapi.cvar.inf.maxEA:
va = None
va = va or idc.here()
# Obtain and de-duplicate addresses of xrefs that are calls
callsites = set([
x.frm for x in idautils.XrefsTo(va)
if idc.print_insn_mnem(x.frm) == 'call'
])
for va in callsites:
callback(va)
def rename_symbol(self):
"""
Rename the symbol "symbol" with the new name
provided by the user in the Pop-Up
"""
# Get the symbol
symbol = None
ret = ida_kernwin.get_highlight(ida_kernwin.get_current_viewer())
if ret and ret[1]:
symbol = ret[0]
if not symbol:
idaapi.warning("Select a symbol")
return False
# Get the address
address = gl.get_address_for_symbol(symbol)
if not address:
print("GhIDA:: [!] Symbol %s not found" % symbol)
return False
# Display a Pop-up to get the new name
new_name = gl.display_rename_form(address, symbol)
if not new_name or len(new_name) == 0:
return
# Check for white_spaces in the new symbol name
for letter in new_name:
if not (letter.isdigit() or letter.isalpha() or letter == '_'):
print("GhIDA:: [!] symbol name contains invalid char")
return
# Check if new_name is already used
if gl.check_if_symbol_is_used(new_name):
print("GhIDA:: [!] symble name already used")
return
# Update symbol name in SYMBLE DICT:
gl.updated_symbol_name_for_address(symbol, address, new_name)
# Update symbol name in IDA DISASM view.
print("GhIDA:: [DEBUG] New symbol name: %s" % new_name)
# Update symbol name in the decompiled view
new_code = gl.rename_variable_in_text(self.__decompiled, symbol,
new_name)
self.update(self.__ea, new_code)
# Add comments
comment_list = COMMENTS_CACHE.get_comments_cache(self.__ea)
if comment_list:
self.add_comments(comment_list)
print("GhIDA:: [INFO] Symbol name updated in IDA DECOMP view.")
if idc.set_name(address, new_name):
# Refresh the view
idaapi.request_refresh(idaapi.IWID_DISASMS)
# Highlight the new identifier
gl.highlight_symbol_in_DISASM()
print("GhIDA:: [INFO] Symbol name updated in IDA DISASM view.")
return
print("GhIDA:: [!] IDA DISASM rename error")
return
def _get_identifier():
"""helper function"""
r = ida_kernwin.get_highlight(ida_kernwin.get_current_viewer())
return r[0] if r else None
