def extract_os(): format_name = ida_loader.get_file_type_name() if "PE" in format_name: yield OS(OS_WINDOWS), 0x0 elif "ELF" in format_name: with contextlib.closing(capa.ida.helpers.IDAIO()) as f: os = capa.features.extractors.elf.detect_elf_os(f) yield OS(os), 0x0 else: # we likely end up here: # 1. handling shellcode, or # 2. handling a new file format (e.g. macho) # # for (1) we can't do much - its shellcode and all bets are off. # we could maybe accept a futher CLI argument to specify the OS, # but i think this would be rarely used. # rules that rely on OS conditions will fail to match on shellcode. # # for (2), this logic will need to be updated as the format is implemented. logger.debug("unsupported file format: %s, will not guess OS", format_name) return
def _create_project_accepted(self, dialog): """Called when the project creation dialog is accepted.""" name = dialog.get_result() # Ensure we don't already have a project with that name # Note: 2 different groups can have two projects with the same name # and it will effectively be 2 different projects if any(project.name == name for project in self._projects): failure = QMessageBox() failure.setIcon(QMessageBox.Warning) failure.setStandardButtons(QMessageBox.Ok) failure.setText("A project with that name already exists!") failure.setWindowTitle("New Project") icon_path = self._plugin.plugin_resource("upload.png") failure.setWindowIcon(QIcon(icon_path)) failure.exec_() return # Get all the information we need and sent it to the server hash = ida_nalt.retrieve_input_file_md5() # Remove the trailing null byte, if exists if hash.endswith(b'\x00'): hash = hash[0:-1] # This decode is safe, because we have an hash in hex format hash = binascii.hexlify(hash).decode('utf-8') file = ida_nalt.get_root_filename() ftype = ida_loader.get_file_type_name() date_format = "%Y/%m/%d %H:%M" date = datetime.datetime.now().strftime(date_format) project = Project(self._group.name, name, hash, file, ftype, date) d = self._plugin.network.send_packet(CreateProject.Query(project)) d.add_callback(partial(self._project_created, project)) d.add_errback(self._plugin.logger.exception)
def _create_project_accepted(self, dialog): """Called when the project creation dialog is accepted.""" name = dialog.get_result() # Ensure we don't already have a project with that name if any(project.name == name for project in self._projects): failure = QMessageBox() failure.setIcon(QMessageBox.Warning) failure.setStandardButtons(QMessageBox.Ok) failure.setText("A project with that name already exists!") failure.setWindowTitle("New Project") icon_path = self._plugin.plugin_resource("upload.png") failure.setWindowIcon(QIcon(icon_path)) failure.exec_() return # Get all the information we need and sent it to the server hash = ida_nalt.retrieve_input_file_md5().lower() file = ida_nalt.get_root_filename() type = ida_loader.get_file_type_name() date_format = "%Y/%m/%d %H:%M" date = datetime.datetime.now().strftime(date_format) project = Project(name, hash, file, type, date) d = self._plugin.network.send_packet(CreateProject.Query(project)) d.add_callback(partial(self._project_created, project)) d.add_errback(self._plugin.logger.exception)
def _new_repo_accepted(self, dialog): """ Called when the new repository dialog is accepted by the user. :param dialog: the dialog """ name = dialog.get_result() if any(repo.name == name for repo in self._repos): failure = QMessageBox() failure.setIcon(QMessageBox.Warning) failure.setStandardButtons(QMessageBox.Ok) failure.setText("A repository with that name already exists!") failure.setWindowTitle("New Repository") iconPath = self._plugin.resource('upload.png') failure.setWindowIcon(QIcon(iconPath)) failure.exec_() return hash = ida_nalt.retrieve_input_file_md5().lower() file = ida_nalt.get_root_filename() type = ida_loader.get_file_type_name() dateFormat = "%Y/%m/%d %H:%M" date = datetime.datetime.now().strftime(dateFormat) repo = Repository(name, hash, file, type, date) d = self._plugin.network.send_packet(NewRepository.Query(repo)) d.add_callback(partial(self._on_new_repo, repo)) d.add_errback(logger.exception)
def extract_file_format(): format_name = ida_loader.get_file_type_name() if "PE" in format_name: yield Format(FORMAT_PE), 0x0 elif "ELF64" in format_name: yield Format(FORMAT_ELF), 0x0 elif "ELF32" in format_name: yield Format(FORMAT_ELF), 0x0 else: raise NotImplementedError("file format: %s", format_name)