def accept_file(li, filename): """ Check if the file is of supported format @param li: a file-like object which can be used to access the input data @param n : format number. The function will be called with incrementing number until it returns zero @return: 0 - no more supported formats string "name" - format name to display in the chooser dialog dictionary { 'format': "name", 'options': integer } options: should be 1, possibly ORed with ACCEPT_FIRST (0x8000) to indicate preferred format """ if not idaxml.is_ida_version_supported(): return 0 # read 16K bytes to allow for the DTD data = li.read(0x4000) # look for start of <PROGRAM> element start = data.find("<PROGRAM") if start >= 0: s = data.find("<PROCESSOR ") p = data[s + 11:] e = p.find("/>") proc = p[:e] ida_kernwin.info("Processor specified in the XML file is:\n" + proc + "\n\nYou must select and set the compatible " + "IDA processor type.") return {'format': "XML PROGRAM file", 'options': 0x8001} return 0
def map_segments(li, table, file_offset, mclib_addr, no_save): for name, addr, size in table: seg = ida_segment.segment_t() seg.start_ea = BASE_ADDR + addr sclass = "CODE" if name in [b"image_h", b"img-hdr"]: sclass = "DATA" elif name == b"mclib": seg.start_ea = mclib_addr - 8 elif name == b"rtm": seg.start_ea = S0CB_ADDR elif name in TRUSTLETS: if not no_save: extract_binary(li, name + b".tlbin", file_offset + addr, size) continue elif name != b"mtk": ida_kernwin.info("Unknown table entry '%s'" % decode(name)) continue seg.end_ea = seg.start_ea + size seg.bitness = 1 ida_segment.add_segm_ex(seg, decode(name), sclass, 0) li.file2base(file_offset + addr, seg.start_ea, seg.end_ea - 1, 0) if not no_save: filename = b"%s_%08x.bin" % (name, seg.start_ea) extract_binary(li, filename, file_offset + addr, size)
def generate(self): idaapi.visit_patched_bytes(0, idaapi.BADADDR, self.get_patch_byte) if len(self.patched_bytes) == 0: msg = 'Cannot generate patch because there is no patch applied.' print('genpatch: %s' % msg) ida_kernwin.warning(msg) return False template_path = '' for path in sys.path: if 'plugins' in path: template_path = os.path.join(path, 'patch_template.txt') patch_path = idc.get_input_file_path() + '_patch.py' template_data = None with open(template_path, "r") as f: template_data = f.readlines() lines = 13 with open(patch_path, "w") as f: for data in self.patched_bytes: template_data.insert(lines, "# address: 0x%x\n" % data['begin_addr']) lines += 1 template_data.insert(lines, "# function name: %s\n" % data['name']) lines += 1 template_data.insert( lines, "# comment: %s\n" % data['comment'].replace('\n', ' ')) lines += 1 template_data.insert( lines, "matches = re.findall('%s', target_data)\n" % data['original']) lines += 1 template_data.insert(lines, "if len(matches) == 1:\n") lines += 1 template_data.insert( lines, " target_data = target_data.replace('%s', '%s')\n" % (data['original'], data['patched'])) lines += 1 template_data.insert(lines, "else:\n") lines += 1 template_data.insert( lines, ' print("Patch pattern isn\'t unique")\n') lines += 1 template_data.insert(lines, " sys.exit()\n") lines += 1 f.writelines(template_data) msg = 'Successfully generated patch to %s from Patched Bytes' % patch_path print('genpatch: %s' % msg) ida_kernwin.info(msg) return True
def init(self): """Set up menu hooks and implements search methods.""" valid_config = False self.menu = None config_file = os.path.join(idaapi.get_user_idadir(), 'virustotal.conf') vtsetup = VTpluginSetup(config_file) if vtsetup.check_version(): ida_kernwin.info( 'VirusTotal\'s IDA Pro Plugin\nNew version available!') logging.info('[VT Plugin] There\'s a new version of this plugin!') else: logging.debug('[VT Plugin] No update available.') if os.path.exists(config_file): valid_config = vtsetup.read_config() else: answer = vtsetup.show_warning() if answer == 1: # OK vtsetup.auto_upload = True valid_config = vtsetup.write_config() elif answer == 0: # NO vtsetup.auto_upload = False valid_config = vtsetup.write_config() elif answer == -1: # Cancel valid_config = False if valid_config: checksample = CheckSample(vtsetup.auto_upload, vtsetup.file_path) checksample.start() self.menu = Popups() self.menu.hook() arch_info = idaapi.get_inf_structure() try: if arch_info.procName in self.SUPPORTED_PROCESSORS: VTGrepWildcards.register(self, 'Search for similar code') VTGrepWildCardsStrict.register( self, 'Search for similar code (strict)') VTGrepWildCardsFunction.register( self, 'Search for similar functions') else: logging.info('\n - Processor detected: %s', arch_info.procName) logging.info( ' - Searching for similar code is not available.') VTGrepBytes.register(self, 'Search for bytes') VTGrepStrings.register(self, 'Search for string') except: logging.error('[VT Plugin] Unable to register popups actions.') else: logging.info( '[VT Plugin] Plugin disabled, restart IDA to proceed. ') ida_kernwin.warning('Plugin disabled, restart IDA to proceed.') return idaapi.PLUGIN_KEEP
def OnButtonUpdate(self, *_): app = dict() app['app_url'] = self.GetControlValue(self.txtServer) app['un'] = self.GetControlValue(self.txtUser) app['pw'] = self.GetControlValue(self.txtPw) self.configuration['apps'][app['app_url']] = app self.listView.UpdateItems() self.RefreshField(self.fvChooser) # Select the newly added item self.SetControlValue( self.fvChooser, [self.configuration['apps'].keys().index(app['app_url'])]) self.updateDpList() info("Updated / added connection %s." % app['app_url'])
def OnButtonUpdate(self, *_): app = dict() app['app_url'] = self.GetControlValue(self.txtServer) app['un'] = self.GetControlValue(self.txtUser) app['pw'] = self.GetControlValue(self.txtPw) self.configuration['apps'][app['app_url']] = app self.listView.UpdateItems() self.RefreshField(self.fvChooser) # Select the newly added item self.SetControlValue(self.fvChooser, [ self.configuration['apps'].keys().index( app['app_url'] )]) self.updateDpList() info("Updated / added connection %s." % app['app_url'])
def main(): out_file_name = ida_kernwin.ask_file(True, 'basicblocks.bb', 'Select output file') print('Will save to %s' % out_file_name) if os.path.isfile(out_file_name): # validate existing file before appending to it with open(out_file_name, 'r') as f: for line in f: if line.startswith('[') and module_name in line: warning('Module %s already exists in %s' % (module_name, os.path.basename(out_file_name))) return with open(out_file_name, 'a') as f: f.write('[%s]\n' % (module_name, )) for fva in idautils.Functions(): dump_bbs(fva, f) f.close() print('OK, done. Found %d basic blocks' % (len(dumped), )) ida_kernwin.info('Saved to %s' % (out_file_name, ))
def SCRIPT_ENTRY(): """script entry point.""" if not is_plugin(): (kw.info("Success!") if install_plugin() else kw.warning("Error! Plugin could not be installed!")) return
def sr_main(): global sr if sr: del sr sr = None print("Stopped recording") else: w = ida_kernwin.get_current_widget() title = "IDA View-A" if w: title = ida_kernwin.get_widget_title(w) title = ida_kernwin.ask_str( title, 0, "Please specify title of widget to capture") if title: path = ida_kernwin.ask_str("", ida_kernwin.HIST_DIR, "Please specify destination path") if path and os.path.exists(path): sr = screen_record_t(title, path) print("Started recording") try: sr ida_kernwin.info("Already installed. Press %s to start/stop recording." % HOTKEY) except: sr = None sr_hotkey = ida_kernwin.add_hotkey(HOTKEY, sr_main) print("Press %s to start/stop recording" % HOTKEY)
def show_info(msg): ida_kernwin.info(msg)
self.painting = False self.transform = True """workaround! widget.render() causes widget to be repainted. In order to deal with this situation, we'll issue another repaint() and transform the widget""" self.target.repaint() elif event.type() in [QtCore.QEvent.Close, QtCore.QEvent.Hide]: self.die() return QtCore.QObject.eventFilter(self, receiver, event) def coffee_main(): global coffee if coffee and not coffee.is_dead(): coffee.die() coffee = None return coffee = painter_t() ida_kernwin.msg("Caffeinated\n") try: coffee ida_kernwin.info("Already installed. Press %s" % HOTKEY) except: coffee = None print("Press %s for coffee overload" % HOTKEY) ida_kernwin.add_hotkey(HOTKEY, coffee_main)
def keyReleaseEvent(self, event): update = False key = event.key() modifiers = event.modifiers() shift_pressed = ((modifiers & Qt.ShiftModifier) == Qt.ShiftModifier) ctrl_pressed = ((modifiers & Qt.ControlModifier) == Qt.ControlModifier) if key == Qt.Key_F1 and ctrl_pressed: self.show_help() elif key == Qt.Key_G: addr = ask_addr(self.base + self.offs, 'Jump to address') if addr is not None: if self.sync: ida_kernwin.jumpto(addr) else: minea = ida_idaapi.get_inf_structure().get_minEA() maxea = ida_idaapi.get_inf_structure().get_maxEA() dst = min(max(addr, minea), maxea) self.set_addr(dst) elif key == Qt.Key_S: if not self.fm.lock_sync: self.set_sync_state(not self.get_sync_state()) update = True elif key == Qt.Key_T: self.render_data = not self.render_data self.repaint() elif key == Qt.Key_D: self.cur_formatter_idx = (self.cur_formatter_idx + 1) % self.max_formatters self.repaint() elif key == Qt.Key_N: self.next_filter.emit() elif key == Qt.Key_B: self.prev_filter.emit() elif key == Qt.Key_F2: hlp = self.fm.help if hlp is None: hlp = 'Help unavailable' ida_kernwin.info('%s\n\n' % hlp) elif key == Qt.Key_F12: img = self.render_image(cursor=False) img = img.scaled(img.width() * self.pixelSize, img.height() * self.pixelSize, Qt.KeepAspectRatio, Qt.FastTransformation) done = False i = 0 while not done: fname = 'IDACyber_%04d.bmp' % i if not os.path.isfile(fname): if img.save(fname): ida_kernwin.msg('File exported to %s\n' % fname) else: ida_kernwin.warning( 'Error exporting screenshot to %s.' % fname) done = True i += 1 if i > 40: ida_kernwin.warning('Aborted. Error exporting screenshot.') break elif key == Qt.Key_PageDown: self.set_offset_delta(-self.get_pixels_total()) update = True elif key == Qt.Key_PageUp: self.set_offset_delta(self.get_pixels_total()) update = True elif key == Qt.Key_Down: if shift_pressed: self.set_offset_delta(-1) else: self.set_offset_delta(-self.get_width()) update = True elif key == Qt.Key_Up: if shift_pressed: self.set_offset_delta(1) else: self.set_offset_delta(self.get_width()) update = True elif key == Qt.Key_Plus: if ctrl_pressed: self.set_zoom_delta(1) update = True elif key == Qt.Key_Minus: if ctrl_pressed: self.set_zoom_delta(-1) update = True self.key = None if update: if self.get_sync_state(): ida_kernwin.jumpto(self.base + self.offs) self.activateWindow() self.setFocus() self.statechanged.emit() self.repaint() return
def show_help(self): ida_kernwin.info("%s" % PLUGIN_HELP)
pp.die() pp = None return w = ida_kernwin.get_current_widget() title = "IDA View-A" if w: title = ida_kernwin.get_widget_title(w) title = ida_kernwin.ask_str(title, 0, "Please specify title of widget") if title: path = ida_kernwin.ask_str( "", ida_kernwin.HIST_DIR, "Please specify path containing png files to play back") if path and os.path.exists(path): files = find_files(path, "*.png") print("found %d files" % len(files)) if len(files): interval = ida_kernwin.ask_long( 100, "Please specify timer interval") if interval: pp = png_player_t(title, files, interval=interval) print("PNGs playing in widget %s" % title) try: pp ida_kernwin.info("Already installed. Press %s to start/stop playback." % HOTKEY) except: pp = None print("Press %s to start/stop playing PNG files" % HOTKEY) ida_kernwin.add_hotkey(HOTKEY, pp_main)
def show_help(self): global plugin_help ida_kernwin.info("%s" % plugin_help)