def __init__(self, ea): self.ea = ea self.funcname_or_segname = "" self.text = "" if not ida_bytes.is_code(ida_bytes.get_flags(ea)): ida_ua.create_insn(ea) # text t = ida_lines.generate_disasm_line(ea) if t: self.text = ida_lines.tag_remove(t) # funcname_or_segname n = ida_funcs.get_func_name(ea) \ or ida_segment.get_segm_name(ida_segment.getseg(ea)) if n: self.funcname_or_segname = n
def load_data_section(section: ModuleFragment, p: int) -> None: """ specialized handler for the DATA section to mark the offset initializer as code. """ ppayload = p + offset_of(section.data, 'payload') pentries = ppayload + offset_of(section.data.payload, 'entries') pcur = pentries for i, body in enumerate(section.data.payload.entries): ida_ua.create_insn(pcur + offset_of(body, 'offset')) pcur += size_of(body)
def load_globals_section(section: ModuleFragment, p: int) -> None: """ Specialized handler for the GLOBALS section to mark the initializer as code. """ ppayload = p + offset_of(section.data, 'payload') pglobals = ppayload + offset_of(section.data.payload, 'globals') pcur = pglobals for i, body in enumerate(section.data.payload.globals): ida_ua.create_insn(pcur + offset_of(body, 'init')) pcur += size_of(body)
def load(infos): insn = ida_ua.insn_t() for info in infos: # Find or create struct. struct_id = ida_struct.get_struc_id(info['name']) if struct_id == BADADDR: print('[IDA-Sync] Creating new struct %s.' % info['name']) struct_id = ida_struct.add_struc(info['idx'], info['name']) struct = ida_struct.get_struc(struct_id) ida_struct.set_struc_idx(struct, info['idx']) # Create struct members. for member in info['members']: ida_struct.add_struc_member( struct, member['name'], member['offset'], # flag 0, # opinfo_t instance... maybe it should sometimes be # something? None, member['size'], ) # Create xrefs to members of the struct as offsets. for xref in info['xrefs']: typ = xref['type'] # Offset xref. if typ == 1: # TODO figure out what second argument does. idc.op_plain_offset(xref['from'], 1, xref['offset']) # Read/write xrefs. elif typ in [2, 3]: ida_ua.create_insn(xref['from'], insn) idc.op_stroff(insn, 1, struct.id, 0) # TODO do the other cases come up? else: pass
def dbg_trace(self, tid, ip): if ip in self._visited_addrs: return 1 self._visited_addrs.add(ip) if idc.is_unknown(ida_bytes.get_flags(ip)): ida_ua.create_insn(ip) else: idc.msg( 'Skipping explored EA at address 0x{0:X}\n'.format(ip) ) # print idc.generate_disasm_line(ip, 0) if ida_ua.decode_insn(ip) > 0: if 'ret' in ida_ua.cmd.get_canon_mnem().lower(): idc.msg('Found ret instruction, suspending execution\n') ida_dbg.suspend_process() else: idc.msg( 'Unable to decode instruction at address 0x{0:X}\n'.format(ip) ) ida_dbg.suspend_process() return 0
def make(cls, ea=None): """ Class method for defining an instruction. If auto-analysis is enable in IDA this may define also the following instructions. If the instruction is already define, this instruction just returns it. :param ea: The address at which to define the instruction, if None the current screen address is used. :return: The :class:`BipInstr` for this address. :raise RuntimeError: If it was not possible to define the address as code. """ if ea is None: ea = ida_kernwin.get_screen_ea() if idc.is_code( ida_bytes.get_full_flags(ea)): # if we already have code return cls(ea) if ida_ua.create_insn(ea) == 0: raise RuntimeError( "Unable to create instruction at 0x{:X}".format(ea)) return cls(ea)
def __call__(self): ida_ua.create_insn(self.ea)
def CallStackWalk(nn): class Result: """ Class holding the result of one call stack item Each call stack item instance has the following attributes: caller = ea of caller displ = display string sp = stack pointer """ def __init__(self, caller, sp): self.caller = caller self.sp = sp f = ida_funcs.get_func(caller) self.displ = "%08x: " % caller if f: self.displ += ida_funcs.get_func_name(caller) t = caller - f.start_ea if t > 0: self.displ += "+" + hex(t) else: self.displ += hex(caller) self.displ += " [" + hex(sp) + "]" def __str__(self): return self.displ # get stack pointer sp = idautils.cpu.Esp seg = ida_segment.getseg(sp) if not seg: return (False, "Could not locate stack segment!") stack_seg = Seg(seg) word_size = 2 ** (seg.bitness + 1) callers = [] sp = idautils.cpu.Esp - word_size while sp < stack_seg.end_ea: sp += word_size ptr = next(idautils.GetDataList(sp, 1, word_size)) seg = ida_segment.getseg(ptr) # only accept executable segments if (not seg) or ((seg.perm & ida_segment.SEGPERM_EXEC) == 0): continue # try to find caller caller = IsPrevInsnCall(ptr) # we have no recognized caller, skip! if caller is None: continue # do we have a debug name that is near? if nn: ret = nn.find(caller) if ret: ea = ret[0] # function exists? f = ida_funcs.get_func(ea) if not f: # create function ida_funcs.add_func(ea) # get the flags f = ida_bytes.get_flags(caller) # no code there? if not ida_bytes.is_code(f): ida_ua.create_insn(caller) callers.append(Result(caller, sp)) # return (True, callers)
import ida_ua import ida_bytes import ida_funcs import ida_kernwin from ida_idaapi import BADADDR def read_addrs(file): lines = [] with open(file, "r") as f: lines = f.readlines() for l in lines: yield int(l.strip(), 16) pto_file = ida_kernwin.ask_file(0, "*.fad", "Choose a function address file") for addr in read_addrs(pto_file): ida_ua.create_insn(addr) ida_funcs.add_func(addr, BADADDR) ptr_file = ida_kernwin.ask_file(0, "*.fpt", "Choose a function pointer file") for addr in read_addrs(ptr_file): ida_bytes.create_dword(addr, 4)
def _on_makecode(self, ea): logger.debug('on_make_code_called') ida_ua.create_insn(ea)