def init(self):
act_icon = idaapi.load_custom_icon(data=icon_data, format="png")
act_name = "idenLib:action"
idaapi.register_action(
idaapi.action_desc_t(act_name, "idenLib - Function Identification",
idenLib_class(), None, "idenLib", act_icon))
# Insert the action in a toolbar
idaapi.attach_action_to_toolbar("DebugToolBar", act_name)
idaapi.attach_action_to_menu('Edit/idenLib/', act_name,
idaapi.SETMENU_APP)
# refresh signatures
act_name = "idenLib:refresh"
idaapi.register_action(
idaapi.action_desc_t(act_name, "Refresh Signatures",
RefreshHandler(), None, "idenLib - Refresh"))
idaapi.attach_action_to_menu('Edit/idenLib/', act_name,
idaapi.SETMENU_APP)
# about
act_name = "idenLib:about"
idaapi.register_action(
idaapi.action_desc_t(act_name, "About", AboutHandler(), None,
"idenLib - About"))
idaapi.attach_action_to_menu('Edit/idenLib/', act_name,
idaapi.SETMENU_APP)
return idaapi.PLUGIN_OK
def __init__(self):
# Load custom icon
self.icon_id = idaapi.load_custom_icon(data=MyChooserForm.icon_data)
if self.icon_id == 0:
raise RuntimeError("Failed to load icon data!")
self.main_current_index = -1
self.EChMain = MainChooserClass("MainChooser", self.icon_id)
self.EChAux = AuxChooserClass("AuxChooser", self.icon_id)
# Link the form to the EChooser
self.EChMain.form = self
self.EChAux.form = self
Form.__init__(
self,
r"""STARTITEM 0
Form with choosers
{FormChangeCb}
Select an item in the main chooser:
<Main chooser:{ctrlMainChooser}><Auxiliar chooser (multi):{ctrlAuxChooser}>
<Selection:{ctrlSelectionEdit}>
""",
{
"ctrlSelectionEdit": Form.StringInput(),
"FormChangeCb": Form.FormChangeCb(self.OnFormChange),
"ctrlMainChooser": Form.EmbeddedChooserControl(self.EChMain),
"ctrlAuxChooser": Form.EmbeddedChooserControl(self.EChAux),
},
)
def __init__(self):
# Load custom icon
self.icon_id = idaapi.load_custom_icon(data=MyChooserForm.icon_data)
if self.icon_id == 0:
raise RuntimeError("Failed to load icon data!")
self.main_current_index = -1
self.EChMain = MainChooserClass("MainChooser", self.icon_id)
self.EChAux = AuxChooserClass("AuxChooser", self.icon_id)
# Link the form to the EChooser
self.EChMain.form = self
self.EChAux.form = self
Form.__init__(
self, r"""STARTITEM 0
Form with choosers
{FormChangeCb}
Select an item in the main chooser:
<Main chooser:{ctrlMainChooser}><Auxiliar chooser (multi):{ctrlAuxChooser}>
<Selection:{ctrlSelectionEdit}>
""", {
'ctrlSelectionEdit': Form.StringInput(),
'FormChangeCb': Form.FormChangeCb(self.OnFormChange),
'ctrlMainChooser': Form.EmbeddedChooserControl(self.EChMain),
'ctrlAuxChooser': Form.EmbeddedChooserControl(self.EChAux),
})
def _install_open_coverage_xref(self):
"""
Install the right click 'Coverage Xref' context menu entry.
"""
# create a custom IDA icon
icon_path = plugin_resource(os.path.join("icons", "batch.png"))
icon_data = open(icon_path, "rb").read()
self._icon_id_xref = idaapi.load_custom_icon(data=icon_data)
# describe a custom IDA UI action
action_desc = idaapi.action_desc_t(
self.ACTION_COVERAGE_XREF, # The action name
"Xrefs coverage sets...", # The action text
IDACtxEntry(self._pre_open_coverage_xref), # The action handler
None, # Optional: action shortcut
"List coverage sets containing this address", # Optional: tooltip
self._icon_id_xref # Optional: the action icon
)
# register the action with IDA
result = idaapi.register_action(action_desc)
if not result:
RuntimeError("Failed to register coverage_xref action with IDA")
self._ui_hooks.hook()
logger.info("Installed the 'Coverage Xref' menu entry")
def _install_load_batch(self):
"""
Install the 'File->Load->Code coverage batch...' menu entry.
"""
# create a custom IDA icon
icon_path = plugin_resource(os.path.join("icons", "batch.png"))
icon_data = str(open(icon_path, "rb").read())
self._icon_id_batch = idaapi.load_custom_icon(data=icon_data)
# describe a custom IDA UI action
action_desc = idaapi.action_desc_t(
self.ACTION_LOAD_BATCH, # The action name.
"~C~ode coverage batch...", # The action text.
IDACtxEntry(self.interactive_load_batch), # The action handler.
None, # Optional: action shortcut
"Load and aggregate code coverage files", # Optional: tooltip
self._icon_id_batch # Optional: the action icon
)
# register the action with IDA
result = idaapi.register_action(action_desc)
if not result:
RuntimeError("Failed to register load_batch action with IDA")
# attach the action to the File-> dropdown menu
result = idaapi.attach_action_to_menu(
"File/Load file/", # Relative path of where to add the action
self.ACTION_LOAD_BATCH, # The action ID (see above)
idaapi.SETMENU_APP # We want to append the action after ^
)
if not result:
RuntimeError("Failed action attach load_batch")
logger.info("Installed the 'Code coverage batch' menu entry")
def _install_open_coverage_overview(self):
"""
Install the 'View->Open subviews->Coverage Overview' menu entry.
"""
# create a custom IDA icon
icon_path = plugin_resource(os.path.join("icons", "overview.png"))
icon_data = str(open(icon_path, "rb").read())
self._icon_id_overview = idaapi.load_custom_icon(data=icon_data)
# describe a custom IDA UI action
action_desc = idaapi.action_desc_t(
self.ACTION_COVERAGE_OVERVIEW, # The action name.
"~C~overage Overview", # The action text.
IDACtxEntry(self.open_coverage_overview), # The action handler.
None, # Optional: action shortcut
"Open database code coverage overview", # Optional: tooltip
self._icon_id_overview # Optional: the action icon
)
# register the action with IDA
result = idaapi.register_action(action_desc)
if not result:
RuntimeError("Failed to register open coverage overview action with IDA")
# attach the action to the View-> dropdown menu
result = idaapi.attach_action_to_menu(
"View/Open subviews/Hex dump", # Relative path of where to add the action
self.ACTION_COVERAGE_OVERVIEW, # The action ID (see above)
idaapi.SETMENU_INS # We want to insert the action before ^
)
if not result:
RuntimeError("Failed action attach to 'View/Open subviews' dropdown")
logger.info("Installed the 'Coverage Overview' menu entry")
def run(self, arg=0):
# Load icon from the memory and save its id
self.icon_id = idaapi.load_custom_icon(data=VT_ICON, format="png")
if self.icon_id == 0:
raise RuntimeError("Failed to load icon data!")
# Create config object
cfg = VirusTotalConfig()
# Read previous config
cfg.Read()
# Create form
f = VirusTotalForm(self.icon_id)
# Show the form
ok = f.Show(cfg)
if ok == 0:
f.Free()
return
# Save configuration
cfg.Write()
# Spawn a non-modal chooser w/ the results if any
if ok == 2 and f.EChooser.GetItems():
VirusTotalChooser("VirusTotal results [%s]" % cfg.input,
f.EChooser.GetItems(), self.icon_id).Show()
f.Free()
return
def run(self, arg=0):
# Load icon from the memory and save its id
self.icon_id = idaapi.load_custom_icon(data=VT_ICON, format="png")
if self.icon_id == 0:
raise RuntimeError("Failed to load icon data!")
# Create config object
cfg = VirusTotalConfig()
# Read previous config
cfg.Read()
# Create form
f = VirusTotalForm(self.icon_id)
# Show the form
ok = f.Show(cfg)
if ok == 0:
f.Free()
return
# Save configuration
cfg.Write()
# Spawn a non-modal chooser w/ the results if any
if ok == 2 and f.EChooser.GetItems():
VirusTotalChooser(
"VirusTotal results [%s]" % cfg.input,
f.EChooser.GetItems(),
self.icon_id).Show()
f.Free()
return
def install(self):
"""
Install the action into the IDA UI.
:return: did the install succeed
"""
# Read and load the icon file
iconData = str(open(self._icon, 'rb').read())
self._iconId = idaapi.load_custom_icon(data=iconData)
# Create the action description
actionDesc = idaapi.action_desc_t(self._ACTION_ID, self._text,
self._handler, None, self._tooltip,
self._iconId)
# Register the action using its description
result = idaapi.register_action(actionDesc)
if not result:
raise RuntimeError("Failed to register action")
# Attach the action to the chosen menu
result = idaapi.attach_action_to_menu(self._menu, self._ACTION_ID,
idaapi.SETMENU_APP)
if not result:
raise RuntimeError("Failed to attach action")
logger.debug("Installed the action")
return True
def init( self ):
self.icon_id = idaapi.load_custom_icon( data = ReefConfig.PLUGIN_ICON_PNG,
format = "png" )
if self.icon_id == 0:
raise RuntimeError("Failed to load icon data!")
self.finder = XrefsFromFinder()
return idaapi.PLUGIN_KEEP
def __init__(self, id, name, tooltip, menuPath, callback, icon):
idaapi.action_handler_t.__init__(self)
self.id = id
self.name = name
self.tooltip = tooltip
self.menuPath = menuPath
self.callback = callback
scriptPath = os.path.dirname(
os.path.abspath(inspect.getfile(inspect.currentframe())))
self.icon = idaapi.load_custom_icon(scriptPath + "/" + "icon" + ".png")
def init(self):
self.icon_id = idaapi.load_custom_icon(data=ReefConfig.PLUGIN_ICON_PNG,
format="png")
if self.icon_id == 0:
raise RuntimeError("Failed to load icon data!")
self.finder = XrefsFromFinder()
return idaapi.PLUGIN_KEEP
def init(self):
#
# Ensure symEx and cache dir existed
#
if not os.path.isdir(symEx_dir):
print("[idenLib] default sig directory {} not existed !!!".format(symEx_dir))
os.mkdir(symEx_dir)
if not os.path.isdir(symEx_cache_dir):
os.mkdir(symEx_cache_dir)
act_icon = idaapi.load_custom_icon(data=icon_data, format="png")
act_name = "idenLib:action"
idaapi.register_action(idaapi.action_desc_t(
act_name,
"idenLib - Function Identification",
idenLibHandler(),
None,
"idenLib",
act_icon))
# Insert the action in a toolbar
idaapi.attach_action_to_toolbar("DebugToolBar", act_name)
idaapi.attach_action_to_menu(
'Edit/idenLib/',
act_name,
idaapi.SETMENU_APP)
# refresh signatures
act_name = "idenLib:refresh"
idaapi.register_action(idaapi.action_desc_t(
act_name,
"Refresh Signatures",
RefreshHandler(),
None,
"idenLib - Refresh"))
idaapi.attach_action_to_menu(
'Edit/idenLib/',
act_name,
idaapi.SETMENU_APP)
# about
act_name = "idenLib:about"
idaapi.register_action(idaapi.action_desc_t(
act_name,
"About",
AboutHandler(),
None,
"idenLib - About"))
idaapi.attach_action_to_menu(
'Edit/idenLib/',
act_name,
idaapi.SETMENU_APP)
return idaapi.PLUGIN_OK
def __init__(self, id, name, tooltip, menuPath, callback, icon):
idaapi.action_handler_t.__init__(self)
self.id = id
self.name = name
self.tooltip = tooltip
self.menuPath = menuPath
self.callback = callback
scriptPath = os.path.dirname(os.path.abspath(inspect.getfile(inspect.currentframe())))
self.icon = idaapi.load_custom_icon(
scriptPath + "/" + "icon" + ".png"
)
def init(self):
self.icon_id = idaapi.load_custom_icon(
data=ConfigStingray.PLUGIN_ICON_PNG, format="png")
if self.icon_id == 0:
raise RuntimeError("Failed to load icon data!")
self.finder = StringFinder()
ConfigStingray.init()
return idaapi.PLUGIN_KEEP
def main():
# icon author: https://www.flaticon.com/authors/freepik
icon_data = "".join([
"\x89\x50\x4E\x47\x0D\x0A\x1A\x0A\x00\x00\x00\x0D\x49\x48\x44\x52\x00\x00\x00\x18\x00\x00\x00\x18\x08\x03\x00\x00\x00\xD7\xA9\xCD\xCA\x00\x00\x00\x4E\x50\x4C\x54\x45\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\xC4\xA2\xA6\x59\x00\x00\x00\x19\x74\x52\x4E\x53\x00\x20\xEE\x4F\xC9\x64\xD3\xB3\x32\x99\x88\x17\x0C\xC1\x5C\x28\xF6\x7F\xE6\xDD\xBB\xA2\x47\x41\x90\xCE\x19\x07\xA1\x00\x00\x00\xC8\x49\x44\x41\x54\x28\xCF\x75\xD1\xDB\xAE\x83\x20\x10\x85\xE1\x35\x08\x0E\xCA\x16\x3C\xDB\xF5\xFE\x2F\xBA\xC7\x58\xDB\xB4\xA1\xFF\x8D\xC8\x27\x48\x02\x7E\x26\xD6\xDF\xE7\x58\x70\x46\xAB\x79\x82\x23\x19\xD4\x31\x55\xC1\x93\x47\x75\xAB\xFD\x10\xA9\xAE\x38\x16\xEA\x0B\x36\x6F\x6D\x88\x56\x8A\xE4\xFC\x02\xA5\xA5\x58\x9C\x73\x19\x23\x99\x6E\x88\x12\xA3\x94\x6B\x2B\x78\x9B\xB8\xA1\xA5\x9B\xE9\x9F\xF0\x20\xA7\x37\x58\x37\x64\x52\xAB\x50\x48\x57\x85\xF3\x21\x55\x18\x6C\xA6\x0A\x3D\xD9\x1B\x68\x37\x7E\x41\xD3\x4E\x0A\x2C\x40\xF7\x05\x12\x60\x2B\x5C\xC2\x70\x43\x0E\x21\x14\xD8\x97\xD0\x02\x8E\xB3\xFD\xA3\x1D\xD4\x0F\xD0\x75\x5D\x77\x03\x1D\x99\xD1\x5B\x25\xED\x21\x34\x09\x93\x8D\xA3\x41\x9E\xEC\xA5\xB3\xA2\xBF\xB6\x7A\xD8\xF8\x04\xD9\xDA\xA1\x76\x5C\x24\x3A\xBD\x6E\x4D\xCE\xD2\xFB\x36\x05\xBF\xFB\x07\x19\xFC\x16\xA4\x38\xC6\x08\x3D\x00\x00\x00\x00\x49\x45\x4E\x44\xAE\x42\x60\x82"
])
act_icon = idaapi.load_custom_icon(data=icon_data, format="png")
act_name = "idenLib:action"
idaapi.register_action(
idaapi.action_desc_t(act_name, "idenLib", idenLib_class(), None,
"idenLib", act_icon))
# Insert the action in a toolbar
idaapi.attach_action_to_toolbar("DebugToolBar", act_name)
print(PLUGIN_VERSION)
def __init__(self, *args, **kwargs):
# Main entry for the plugin
# When plugin is hooked every function here will be initialized
print("[SPIRIT] SpiritMS IDA Plugin succesfully loaded")
idaapi.plugin_t.__init__(self)
icon_data = str(open(PIC_DIR, "rb").read())
self.icon_id = idaapi.load_custom_icon(data=icon_data)
self.load_folders()
self.load_actions()
self.hooks = Hooks()
self.hooks.hook()
form = idaapi.get_current_tform()
idaapi.attach_action_to_popup(form, None, "my:InHeader", None)
def _createContextActions(self):
actions = [
("grap:pg:set_root", None, "[grap] Set root node",
self._onSetRootNode),
("grap:pg:add_target", None, "[grap] Add target node",
self._onAddTargetNode),
("grap:pg:match_default",
config['icons_path'] + "icons8-asterisk-24.png",
"[grap] Default match (apply options)", self._onSetMatchDefault),
("grap:pg:match_full", None, "[grap] Full match",
self._onSetMatchFull),
("grap:pg:match_opcode_arg1", None, "[grap] Opcode+arg1",
self._onSetMatchOpcodeArg1),
("grap:pg:match_opcode_arg2", None, "[grap] Opcode+arg2",
self._onSetMatchOpcodeArg2),
("grap:pg:match_opcode_arg3", None, "[grap] Opcode+arg3",
self._onSetMatchOpcodeArg3),
("grap:pg:match_opcode", None, "[grap] Opcode",
self._onSetMatchOpcode),
("grap:pg:match_wildcard", None, "[grap] Wildcard: *",
self._onSetMatchWildcard),
("grap:pg:remove_target",
config['icons_path'] + "icons8-delete.png",
"[grap] Remove target node", self._onRemoveTargetNode)
]
for actionId, icon_path, text, method in (a for a in actions):
if icon_path is not None and icon_path != "":
icon_number = idaapi.load_custom_icon(icon_path)
# Describe the action
action_desc = idaapi.action_desc_t(
actionId, # The action name. This acts like an ID and must be unique
text, # The action text.
PatternGenerationHandler(method), # The action handler.
None,
None,
icon_number)
else:
# Describe the action
action_desc = idaapi.action_desc_t(
actionId, # The action name. This acts like an ID and must be unique
text, # The action text.
PatternGenerationHandler(method)) # The action handler.
# Register the action
idaapi.register_action(action_desc)
self.actionsDefined = True
def register_handlers():
"""
Register the handlers for the pop-up menu to interact with the UI
"""
print("GhIDA:: [DEBUG] Registering handlers")
# Load a custom icon
icon_path = gl.plugin_resource("ghida.png")
icon_data = str(open(icon_path, "rb").read())
icon_ghida = idaapi.load_custom_icon(data=icon_data)
idaapi.register_action(
idaapi.action_desc_t("my:disasmsaction",
"Decompile function with GhIDA", DisasmsHandler(),
None, 'IDA plugin for Ghidra decompiler',
icon_ghida))
disasmtracker_action = idaapi.action_desc_t(
"my:disasmtracker", "Disable decompile view synchronization",
DisasmTracker(), None, None, icon_ghida)
idaapi.register_action(disasmtracker_action)
idaapi.register_action(
idaapi.action_desc_t("my:invalidatecache",
"Clear cache for current function",
InvalidateCache(), None, None, icon_ghida))
# Add the settings item in the menu
show_settings_action = idaapi.action_desc_t('my:showsettingsaction',
'GhIDA Settings',
ShowSettingsHandler(), None,
'GhIDA Settings', icon_ghida)
idaapi.register_action(show_settings_action)
idaapi.attach_action_to_menu('Edit/Settings/GhIDA Settings',
'my:showsettingsaction', idaapi.SETMENU_APP)
# Add the view decompile window in the menu
show_decomp_window_action = idaapi.action_desc_t(
'my:showdecompilewindowaction', 'GhIDA decomp view',
ShowDecompWindowHandler(), None, 'GhIDA decomp view', icon_ghida)
idaapi.register_action(show_decomp_window_action)
idaapi.attach_action_to_menu('View/Open subviews/GhIDA',
'my:showdecompilewindowaction',
idaapi.SETMENU_APP)
return
def load_icon(self, icon_filename, icon_key_name):
"""
Load a single custom icon
@param icon_filename: Icon file name
@param icon_key_name: The key value to store the icon with in the icon_list.
"""
try:
icons_path = self.die_config.icons_path
icon_filename = os.path.join(icons_path, icon_filename)
icon_num = idaapi.load_custom_icon(icon_filename)
self.icon_list[icon_key_name.lower()] = icon_num
return True
except Exception as ex:
self.logger.error("Failed to load icon %s: %s", icon_filename, ex)
return False
def load_icon(self, icon_filename, icon_key_name):
"""
Load a single custom icon
@param icon_filename: Icon file name
@param icon_key_name: The key value to store the icon with in the icon_list.
"""
try:
icons_path = self.die_config.icons_path
icon_filename = os.path.join(icons_path, icon_filename)
icon_num = idaapi.load_custom_icon(icon_filename)
self.icon_list[icon_key_name.lower()] = icon_num
return True
except Exception as ex:
self.logger.error("Failed to load icon %s: %s", icon_filename, ex)
return False
def _init_action_bulk(self):
"""
Register the bulk prefix action with IDA.
"""
# load the icon for this action
self._bulk_icon_id = idaapi.load_custom_icon(plugin_resource("bulk.png"))
# describe the action
action_desc = idaapi.action_desc_t(
self.ACTION_BULK, # The action name.
"Prefix selected functions", # The action text.
IDACtxEntry(bulk_prefix), # The action handler.
None, # Optional: action shortcut
"Assign a user prefix to the selected functions", # Optional: tooltip
self._bulk_icon_id # Optional: the action icon
)
# register the action with IDA
assert idaapi.register_action(action_desc), "Action registration failed"
def _init_action_sync_menu(self):
"""
Register the sync_menu action with IDA.
"""
menu = SyncMenu(controller)
# describe the action
self._binsync_icon_id = idaapi.load_custom_icon(plugin_resource("ui/binsync.png"))
action_desc = idaapi.action_desc_t(
"binsync:sync_menu", # The action name.
"Binsync action...", # The action text.
menu.ctx_menu, # The action handler.
None, # Optional: action shortcut
"Select actions to sync in Binsync", # Optional: tooltip
self._binsync_icon_id
)
# register the action with IDA
assert idaapi.register_action(action_desc), "Action registration failed"
def _init_action_recursive(self):
"""
Register the recursive rename action with IDA.
"""
# load the icon for this action
self._recursive_icon_id = idaapi.load_custom_icon(plugin_resource("recursive.png"))
# describe the action
action_desc = idaapi.action_desc_t(
self.ACTION_RECURSIVE, # The action name.
"Recursive function prefix", # The action text.
IDACtxEntry(recursive_prefix_cursor), # The action handler.
None, # Optional: action shortcut
"Recursively prefix callees of this function", # Optional: tooltip
self._recursive_icon_id # Optional: the action icon
)
# register the action with IDA
assert idaapi.register_action(action_desc), "Action registration failed"
def _init_action_bulk(self):
"""
Register the bulk prefix action with IDA.
"""
# load the icon for this action
self._bulk_icon_id = idaapi.load_custom_icon(plugin_resource("bulk.png"))
# describe the action
action_desc = idaapi.action_desc_t(
self.ACTION_BULK, # The action name.
"Prefix selected functions", # The action text.
IDACtxEntry(bulk_prefix), # The action handler.
None, # Optional: action shortcut
"Assign a user prefix to the selected functions", # Optional: tooltip
self._bulk_icon_id # Optional: the action icon
)
# register the action with IDA
assert idaapi.register_action(action_desc), "Action registration failed"
def _init_action_clear(self):
"""
Register the clear prefix action with IDA.
"""
# load the icon for this action
self._clear_icon_id = idaapi.load_custom_icon(plugin_resource("clear.png"))
# describe the action
action_desc = idaapi.action_desc_t(
self.ACTION_CLEAR, # The action name.
"Clear prefixes", # The action text.
IDACtxEntry(clear_prefix), # The action handler.
None, # Optional: action shortcut
"Clear user prefixes from the selected functions", # Optional: tooltip
self._clear_icon_id # Optional: the action icon
)
# register the action with IDA
assert idaapi.register_action(action_desc), "Action registration failed"
def _init_action_recursive(self):
"""
Register the recursive rename action with IDA.
"""
# load the icon for this action
self._recursive_icon_id = idaapi.load_custom_icon(plugin_resource("recursive.png"))
# describe the action
action_desc = idaapi.action_desc_t(
self.ACTION_RECURSIVE, # The action name.
"Recursive function prefix", # The action text.
IDACtxEntry(recursive_prefix_cursor), # The action handler.
None, # Optional: action shortcut
"Recursively prefix callees of this function", # Optional: tooltip
self._recursive_icon_id # Optional: the action icon
)
# register the action with IDA
assert idaapi.register_action(action_desc), "Action registration failed"
def editor_menuaction(self):
action_desc = idaapi.action_desc_t(
'my:editoraction', # The action name. This acts like an ID and must be unique
'Python Editor!', # The action text.
MyEditorHandler(), # The action handler.
'Ctrl+H', # Optional: the action shortcut DO IT HERE!
'Script editor', # Optional: the action tooltip (available in menus/toolbar)
idaapi.load_custom_icon(":/ico/python.png") # hackish load action icon , if no custom icon use number from 1-150 from internal ida
)
# 3) Register the action
idaapi.register_action(action_desc)
idaapi.attach_action_to_menu(
'File/Editor...', # The relative path of where to add the action
'my:editoraction', # The action ID (see above)
idaapi.SETMENU_APP) # We want to append the action after the 'Manual instruction...
form = ida_kernwin.get_current_widget()
idaapi.attach_action_to_popup(form, None, "my:editoraction", None)
def _init_action_clear(self):
"""
Register the clear prefix action with IDA.
"""
# load the icon for this action
self._clear_icon_id = idaapi.load_custom_icon(plugin_resource("clear.png"))
# describe the action
action_desc = idaapi.action_desc_t(
self.ACTION_CLEAR, # The action name.
"Clear prefixes", # The action text.
IDACtxEntry(clear_prefix), # The action handler.
None, # Optional: action shortcut
"Clear user prefixes from the selected functions", # Optional: tooltip
self._clear_icon_id # Optional: the action icon
)
# register the action with IDA
assert idaapi.register_action(action_desc), "Action registration failed"
def _init_action_bulk(self):
"""
Register the bulk prefix action with IDA.
"""
icon_data = "".join([
"\x89\x50\x4E\x47\x0D\x0A\x1A\x0A\x00\x00\x00\x0D\x49\x48\x44\x52\x00\x00\x00\x10\x00\x00\x00\x10\x08\x06\x00\x00\x00\x1F\xF3\xFF\x61\x00\x00\x02\xCA\x49\x44\x41\x54\x78\x5E\x65",
"\x53\x6D\x48\x53\x6F\x14\x3F\xBA\xB5\xB7\xA0\x8D\x20\x41\xF2\xBA\x5D\xB6\x0F\x56\xF4\x41\xA2\xC0\x9C\xE9\xB4\x29\x4A\x7D\xB0\x22\x7A\x11\x02\x23\x48\x2A\xD4\x74\x53\x33\x3F\xD4",
"\x3E\x4A\x50\x19\xE4\xB0\xD0\x22\xCD\x44\x45\x4A\x31\x8C\x92\xA2\x3E\x65\x0A\x4D\xCB\x96\x7E\xE8\xD5\x97\xCC\xFE\xFE\x37\xA7\x77\xDB\xBD\xA7\xE7\x3C\xBE\x05\x9E\xED\xB7\xB3\xF3",
"\x7B\x39\xF7\xEE\x19\x17\xA8\xAC\x56\xDB\x54\x82\x60\x41\xB3\x59\xBC\xFF\xAC\xF9\xCA\xB5\xAE\x86\xCA\xF9\x4E\xAF\x1B\x3B\xEA\x5D\x48\x9D\x66\xE2\x49\x27\x9F\xD5\x66\x9B\xA2\x1C",
"\x22\x02\xD0\x40\xE4\x81\x6C\x3B\x76\x37\x56\xE3\x37\x5F\x2F\x62\xE8\x0B\xD3\x66\x19\x7E\x53\xA7\x99\x78\xAE\x1F\x64\x3E\x21\x71\x69\x09\x5F\x20\x98\x2D\x58\x70\x24\x07\x07\x7B",
"\x6F\xB0\x79\x82\x61\x81\x21\xCC\xDE\x21\x54\x16\x02\xD4\x69\x26\x9E\x74\xEE\xCB\xCF\x4D\xC7\x44\xB3\x88\x7C\x81\xC5\x22\xFE\x6C\xB9\xE9\x46\x67\x46\x1A\x8A\x16\x2B\x0A\x5B\x05",
"\x74\x66\x65\xE1\x98\x6F\x00\x31\x32\x87\x9F\x59\x77\x66\x66\x61\x42\xBC\xC0\xF5\x6C\x47\x1A\x36\xD7\xB9\x51\x14\xC5\x1E\xBE\xA0\xC3\x5B\xD9\x98\x99\xE1\xC0\xCE\xBE\x57\x48\xD7",
"\x9A\x63\x68\xEA\x7C\x8A\xF6\x14\x3B\x9F\xF6\xA6\xA4\x60\xEB\xE3\x3E\x9C\x5F\xD6\x5A\x7A\xFA\x71\xBF\xC3\x81\x3D\x4D\x35\x0D\x7C\xC1\xF3\x87\x57\x43\xF9\x87\x8F\x21\x95\x5E\xAB",
"\x41\x83\x4E\x83\x54\xDB\x92\x76\x20\xCA\xBF\xD0\x99\x9D\xBB\x4E\xDB\xBD\xC7\x8E\x2F\x5A\x3D\x74\x3D\x50\x03\x80\x7E\x7A\x7A\x06\x46\x47\xFD\xA0\x33\x6C\x84\x18\x46\x0C\xBD\x1F",
"\x86\x2D\x71\x71\x00\x52\x10\x16\x17\xE6\xC1\xE7\x1B\x61\x9A\x81\x69\x31\x30\xFC\x61\x14\xB4\x3A\x3D\x20\x82\x1E\x58\xA9\x15\x05\x41\x14\x05\xB8\x58\xEE\x82\x7D\xE9\x99\x20\xCB",
"\x32\x94\x95\x95\xC3\xA5\xD2\x53\x00\x51\x09\xAA\x4B\x0B\xA1\xB8\xA4\x0C\x52\x53\x33\x40\xA5\x52\x81\xDB\x5D\x01\xA2\x45\x00\x45\x51\x80\x2A\x36\x12\x8D\x42\x49\x51\x01\x44\xE5",
"\x18\x90\x22\x0A\x98\x8C\x46\xF0\x54\x14\x42\x6D\x7D\x3B\xE4\x1C\x75\x41\xAD\xB7\x1D\x3C\x55\x85\x60\x32\x19\x41\x8A\x2A\xDC\x57\x5C\x74\x12\x28\x47\xA5\x8E\x44\xE4\xF0\x76\x5B",
"\x82\xA6\xCD\x5B\x0D\xB2\x12\xE6\xE4\x06\xB5\x1A\x66\xA7\x26\x41\x92\xC2\xA0\xD5\x6A\x60\x67\x92\x19\xAE\x7B\xCE\x70\x4D\x15\xAB\x01\xAD\xC1\x08\x3F\x46\x64\x6E\x8E\x9D\xF9\x13",
"\xE8\x1A\xFF\xE4\x63\x8A\x0E\xE6\x02\x41\xF8\x3F\x18\x82\x40\x28\x04\xFD\xDD\x75\xF0\xB6\xFF\x2E\x75\x9A\x89\x27\x9D\xFB\xC8\x4F\x39\xBE\xE0\xB4\xAB\xCE\x35\xFE\x71\x00\x16\x17",
"\x25\x76\x50\x26\x76\x6B\x61\x86\x08\xE4\x1D\xAF\x81\xBC\x13\x97\xA9\xD3\x4C\x3C\xE9\xDC\x47\x7E\xCA\xF1\x05\x0C\x5F\x7D\xFE\xEF\x35\x03\xAF\x9F\x00\xB0\x73\x30\x9A\xE2\x81\x0E",
"\xF6\xC1\xED\x52\xB8\x77\xAB\x98\x3A\xCD\xC4\x73\x9D\x7C\x6F\xDE\xF9\xCF\x53\x0E\xFE\xA9\xCD\xAE\xB3\x87\xCE\x75\x35\x54\xE1\xD0\xCB\x47\x38\x39\x36\x88\xFF\x4D\xF8\x57\x41\x33",
"\xF1\xA4\x93\x0F\x00\x36\xAD\x3E\x4C\x6B\xC5\xC9\x5D\x77\x6A\x2F\xB4\x31\xA3\xC4\x40\x4F\x21\x0F\xD1\x4C\x3C\xE9\x2B\xE1\xF5\x0B\xD6\x90\xC8\x90\x4C\xE6\x35\xD0\xCC\x79\x5E\xFF",
"\x2E\xF8\x0B\x2F\x3D\xE5\xC3\x97\x06\xCF\xCF\x00\x00\x00\x00\x49\x45\x4E\x44\xAE\x42\x60\x82"])
# load the icon for this action
self._bulk_icon_id = idaapi.load_custom_icon(data=icon_data, format="png")
# describe the action
action_desc = idaapi.action_desc_t(
self.ACTION_BULK, # The action name.
"Copy function pointers to selected function(s)", # The action text.
IDACtxEntry(bulk_function), # The action handler.
None, # Optional: action shortcut
"Copies a function pointer to the selected function(s)", # Optional: tooltip
self._bulk_icon_id # Optional: the action icon
)
# register the action with IDA
assert idaapi.register_action(action_desc), "Action registration failed"
def register_actions_and_handlers_decompile_view():
"""
Attach the following actions in the pop-up menu of the
decompiled view.
"""
# Load a custom icon
icon_path = gl.plugin_resource("ghida.png")
icon_data = str(open(icon_path, "rb").read())
icon_ghida = idaapi.load_custom_icon(data=icon_data)
decompiler_widget = idaapi.find_widget('Decompiled Function')
# TODO alternative
# decompiler_widget = idaapi.get_current_tform()
# Add Rename to the pop-up
action_renamecustviewer = idaapi.action_desc_t(
'my:renamecustviewerhandler', 'Rename',
RenameCustViewerHandler(DECOMP_VIEW), None, None, icon_ghida)
decompiler_widget = idaapi.find_widget('Decompiled Function')
idaapi.register_action(action_renamecustviewer)
idaapi.attach_action_to_popup(decompiler_widget, None,
"my:renamecustviewerhandler", None)
# Add add-comment to the pop-up
action_addcommentcustviewer = idaapi.action_desc_t(
'my:addcommentcustviewer', 'Add comment',
AddCommentCustViewerHandler(DECOMP_VIEW), None, None, icon_ghida)
idaapi.register_action(action_addcommentcustviewer)
idaapi.attach_action_to_popup(decompiler_widget, None,
"my:addcommentcustviewer", None)
# Add goto to the pop-up
action_gotocustviewerhandler = idaapi.action_desc_t(
'my:gotocustviewerhandler', 'Goto', GoToCustViewerHandler(DECOMP_VIEW),
None, None, icon_ghida)
idaapi.register_action(action_gotocustviewerhandler)
idaapi.attach_action_to_popup(decompiler_widget, None,
"my:gotocustviewerhandler", None)
return
'hbp1': 'xxx '
},
'x64_dbg': {
'prefix': '',
'si': 'sti',
'so': 'sto',
'go': 'go',
'bp': 'bp ',
'hbp': 'bph ',
'bp1': 'xxx ',
'hbp1': 'xxx '
},
}
# TODO: The icons need to be released on termination.
SYNC_ON_ICON = idaapi.load_custom_icon(
os.path.join(os.path.dirname(__file__), 'sync_on.png'))
SYNC_OFF_ICON = idaapi.load_custom_icon(
os.path.join(os.path.dirname(__file__), 'sync_off.png'))
# --------------------------------------------------------------------------
class RequestHandler(object):
# color callback
def cb_color(self, ea):
idaapi.set_item_color(ea, COL_CBTRACE)
# instruction step callback
def cb_curline(self, ea):
if self.prev_loc:
prev_ea, prev_color = self.prev_loc
def AddMenuElements(self):
idaapi.add_menu_item("File/", "Screen Recorder", "Shift-R", 0, self.eyes, ())
idaapi.set_menu_item_icon("File/Screen Recorder", idaapi.load_custom_icon(":/ico/python.png"))
def loadIcon(name):
scriptPath = os.path.dirname(
os.path.abspath(inspect.getfile(inspect.currentframe())))
return idaapi.load_custom_icon(scriptPath + "/imgs/" + name + ".png")
"\x7B\x39\xF7\xEE\x19\x17\xA8\xAC\x56\xDB\x54\x82\x60\x41\xB3\x59\xBC\xFF\xAC\xF9\xCA\xB5\xAE\x86\xCA\xF9\x4E\xAF\x1B\x3B\xEA\x5D\x48\x9D\x66\xE2\x49\x27\x9F\xD5\x66\x9B\xA2\x1C",
"\x22\x02\xD0\x40\xE4\x81\x6C\x3B\x76\x37\x56\xE3\x37\x5F\x2F\x62\xE8\x0B\xD3\x66\x19\x7E\x53\xA7\x99\x78\xAE\x1F\x64\x3E\x21\x71\x69\x09\x5F\x20\x98\x2D\x58\x70\x24\x07\x07\x7B",
"\x6F\xB0\x79\x82\x61\x81\x21\xCC\xDE\x21\x54\x16\x02\xD4\x69\x26\x9E\x74\xEE\xCB\xCF\x4D\xC7\x44\xB3\x88\x7C\x81\xC5\x22\xFE\x6C\xB9\xE9\x46\x67\x46\x1A\x8A\x16\x2B\x0A\x5B\x05",
"\x74\x66\x65\xE1\x98\x6F\x00\x31\x32\x87\x9F\x59\x77\x66\x66\x61\x42\xBC\xC0\xF5\x6C\x47\x1A\x36\xD7\xB9\x51\x14\xC5\x1E\xBE\xA0\xC3\x5B\xD9\x98\x99\xE1\xC0\xCE\xBE\x57\x48\xD7",
"\x9A\x63\x68\xEA\x7C\x8A\xF6\x14\x3B\x9F\xF6\xA6\xA4\x60\xEB\xE3\x3E\x9C\x5F\xD6\x5A\x7A\xFA\x71\xBF\xC3\x81\x3D\x4D\x35\x0D\x7C\xC1\xF3\x87\x57\x43\xF9\x87\x8F\x21\x95\x5E\xAB",
"\x41\x83\x4E\x83\x54\xDB\x92\x76\x20\xCA\xBF\xD0\x99\x9D\xBB\x4E\xDB\xBD\xC7\x8E\x2F\x5A\x3D\x74\x3D\x50\x03\x80\x7E\x7A\x7A\x06\x46\x47\xFD\xA0\x33\x6C\x84\x18\x46\x0C\xBD\x1F",
"\x86\x2D\x71\x71\x00\x52\x10\x16\x17\xE6\xC1\xE7\x1B\x61\x9A\x81\x69\x31\x30\xFC\x61\x14\xB4\x3A\x3D\x20\x82\x1E\x58\xA9\x15\x05\x41\x14\x05\xB8\x58\xEE\x82\x7D\xE9\x99\x20\xCB",
"\x32\x94\x95\x95\xC3\xA5\xD2\x53\x00\x51\x09\xAA\x4B\x0B\xA1\xB8\xA4\x0C\x52\x53\x33\x40\xA5\x52\x81\xDB\x5D\x01\xA2\x45\x00\x45\x51\x80\x2A\x36\x12\x8D\x42\x49\x51\x01\x44\xE5",
"\x18\x90\x22\x0A\x98\x8C\x46\xF0\x54\x14\x42\x6D\x7D\x3B\xE4\x1C\x75\x41\xAD\xB7\x1D\x3C\x55\x85\x60\x32\x19\x41\x8A\x2A\xDC\x57\x5C\x74\x12\x28\x47\xA5\x8E\x44\xE4\xF0\x76\x5B",
"\x82\xA6\xCD\x5B\x0D\xB2\x12\xE6\xE4\x06\xB5\x1A\x66\xA7\x26\x41\x92\xC2\xA0\xD5\x6A\x60\x67\x92\x19\xAE\x7B\xCE\x70\x4D\x15\xAB\x01\xAD\xC1\x08\x3F\x46\x64\x6E\x8E\x9D\xF9\x13",
"\xE8\x1A\xFF\xE4\x63\x8A\x0E\xE6\x02\x41\xF8\x3F\x18\x82\x40\x28\x04\xFD\xDD\x75\xF0\xB6\xFF\x2E\x75\x9A\x89\x27\x9D\xFB\xC8\x4F\x39\xBE\xE0\xB4\xAB\xCE\x35\xFE\x71\x00\x16\x17",
"\x25\x76\x50\x26\x76\x6B\x61\x86\x08\xE4\x1D\xAF\x81\xBC\x13\x97\xA9\xD3\x4C\x3C\xE9\xDC\x47\x7E\xCA\xF1\x05\x0C\x5F\x7D\xFE\xEF\x35\x03\xAF\x9F\x00\xB0\x73\x30\x9A\xE2\x81\x0E",
"\xF6\xC1\xED\x52\xB8\x77\xAB\x98\x3A\xCD\xC4\x73\x9D\x7C\x6F\xDE\xF9\xCF\x53\x0E\xFE\xA9\xCD\xAE\xB3\x87\xCE\x75\x35\x54\xE1\xD0\xCB\x47\x38\x39\x36\x88\xFF\x4D\xF8\x57\x41\x33",
"\xF1\xA4\x93\x0F\x00\x36\xAD\x3E\x4C\x6B\xC5\xC9\x5D\x77\x6A\x2F\xB4\x31\xA3\xC4\x40\x4F\x21\x0F\xD1\x4C\x3C\xE9\x2B\xE1\xF5\x0B\xD6\x90\xC8\x90\x4C\xE6\x35\xD0\xCC\x79\x5E\xFF",
"\x2E\xF8\x0B\x2F\x3D\xE5\xC3\x97\x06\xCF\xCF\x00\x00\x00\x00\x49\x45\x4E\x44\xAE\x42\x60\x82"])
act_icon = idaapi.load_custom_icon(data=icon_data, format="png")
hooks = None
act_name = "example:add_action"
if idaapi.register_action(idaapi.action_desc_t(
act_name, # Name. Acts as an ID. Must be unique.
"Say hi!", # Label. That's what users see.
SayHi("developer"), # Handler. Called when activated, and for updating
"Ctrl+F12", # Shortcut (optional)
"Greets the user", # Tooltip (optional)
act_icon)): # Icon ID (optional)
print("Action registered. Attaching to menu.")
# Insert the action in the menu
if idaapi.attach_action_to_menu("Edit/Export data", act_name, idaapi.SETMENU_APP):
NETNODE_STORE = "$ SYNC_STORE"
NETNODE_INDEX = 0xFFC0DEFF
DBG_DIALECTS = {
'windbg': {'prefix': '!', 'si': 't', 'so': 'p', 'go': 'g', 'bp': 'bp ', 'hbp': 'ba e 1 ', 'bp1': 'bp /1 ',
'hbp1': 'ba e 1 /1 '},
'gdb': {'prefix': '', 'si': 'si', 'so': 'ni', 'go': 'continue', 'bp': 'b *', 'hbp': 'hb *', 'bp1': 'tb *',
'hbp1': 'thb *'},
'ollydbg2': {'prefix': '', 'si': 'si', 'so': 'so', 'go': 'go', 'bp': 'bp ', 'hbp': 'xxx ', 'bp1': 'xxx ',
'hbp1': 'xxx '},
'x64_dbg': {'prefix': '', 'si': 'sti', 'so': 'sto', 'go': 'go', 'bp': 'bp ', 'hbp': 'bph ', 'bp1': 'xxx ',
'hbp1': 'xxx '},
}
# TODO: The icons need to be released on termination.
SYNC_ON_ICON = idaapi.load_custom_icon(os.path.join(os.path.dirname(__file__), 'sync_on.png'))
SYNC_OFF_ICON = idaapi.load_custom_icon(os.path.join(os.path.dirname(__file__), 'sync_off.png'))
# --------------------------------------------------------------------------
class RequestHandler(object):
# color callback
def cb_color(self, ea):
idaapi.set_item_color(ea, COL_CBTRACE)
# instruction step callback
def cb_curline(self, ea):
if self.prev_loc:
prev_ea, prev_color = self.prev_loc
def AddMenuElements(self):
idaapi.add_menu_item("File/", "Code editor", "Alt-E", 0, self.popeye,
())
idaapi.set_menu_item_icon("File/Code editor",
idaapi.load_custom_icon(":/ico/python.png"))
def AddMenuElements(self):
idaapi.add_menu_item("File/", "Code editor", "Alt-E", 0, self.popeye, ())
idaapi.set_menu_item_icon("File/Code editor", idaapi.load_custom_icon(":/ico/python.png"))
def __init__(self, cc):
idaapi.UI_Hooks.__init__(self)
self.cc = cc
self.selected_icon_number = idaapi.load_custom_icon(
config['icons_path'] + "icons8-asterisk-24.png")
def loadIcon(name):
scriptPath = os.path.dirname(os.path.abspath(inspect.getfile(inspect.currentframe())))
return idaapi.load_custom_icon(scriptPath + "/imgs/" + name + ".png")
def main():
print("\nUsage:\n\
save_x(\"unique_name\", start_addr, size) - save names, comments, breakpoints, functions\n\
restore_x(\"unique_name\", start_addr) - restore names, comments, breakpoints, functions\n\
Example:\n\t\
save_x(\"first_shellcode\", 0x12340000, 0x1000)\n\t\
restore_x(\"first_shellcode\", 0x12340000)\n\t\
save_x(\"f1\", here(), 0x1000)\n\t\
restore_x(\"f1\", here())\n\
\nBONUS: useful if a process allocated a new segment (e.g. VirtualAlloc) otherwise (HeapAlloc, new, etc.) use the first way\n\t\
save_x() == save_x(FIRST_0x10_BYTES_HASH_FROM_EA_SEGMENT, START_OF_EA_SEGMENT, SIZEOF_EA_SEGMENT)\n\t\
restore_x() == restore(FIRST_0x10_BYTES_HASH_FROM_EA_SEGMENT, START_OF_EA_SEGMENT)\n\
")
icon_data_save = "".join([
"\x89\x50\x4E\x47\x0D\x0A\x1A\x0A\x00\x00\x00\x0D\x49\x48\x44\x52\x00\x00\x00\x10\x00\x00\x00\x10\x04\x03\x00"
"\x00\x00\xED\xDD\xE2\x52\x00\x00\x00\x1E\x50\x4C\x54\x45\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"
"\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\xB7\x28\x6F\x6A\x00\x00\x00\x09\x74\x52"
"\x4E\x53\x00\xE0\x08\xB8\xD0\x58\x98\x85\x25\x4C\x7E\x68\xAA\x00\x00\x00\x49\x49\x44\x41\x54\x08\xD7\x63\x60"
"\x60\x60\x99\x39\xD3\x01\x48\x11\xC3\xE0\x08\x0D\x9C\x39\x53\x34\xB4\x81\x81\xC9\x72\x26\x10\x4C\x56\x60\x60"
"\x50\x06\x31\x8C\x80\x72\x40\x21\xB0\x00\x50\x08\x2C\x00\x16\x02\x09\x80\x85\x80\x02\x10\x21\x90\x00\x02\xB0"
"\x0B\x82\x41\x01\x03\xDB\x4C\x30\x48\x00\x00\xA9\xC1\x1A\x09\x2E\x8B\x71\x91\x00\x00\x00\x00\x49\x45\x4E\x44"
"\xAE\x42\x60\x82 "
])
icon_data_restore = "".join([
"\x89\x50\x4E\x47\x0D\x0A\x1A\x0A\x00\x00\x00\x0D\x49\x48\x44\x52\x00\x00\x00\x10\x00\x00\x00\x10\x04\x03\x00"
"\x00\x00\xED\xDD\xE2\x52\x00\x00\x00\x1E\x50\x4C\x54\x45\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"
"\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\xB7\x28\x6F\x6A\x00\x00\x00\x09\x74\x52"
"\x4E\x53\x00\x81\xE0\xD0\x98\x40\xEC\x34\x2D\xD9\x04\x16\x77\x00\x00\x00\x46\x49\x44\x41\x54\x08\xD7\x63\x00"
"\x02\x46\x01\x06\x08\x90\x9C\x08\xA1\x19\x67\xCE\x14\x80\x08\xCC\x9C\x39\x11\x2A\x00\x14\x82\x08\x80\x85\x38"
"\x5C\xDC\x66\xCE\x4C\x71\x69\x00\x0A\x31\xCF\x9C\x69\x00\xA4\x88\x63\xB0\x87\x86\x16\x30\x20\x01\x46\x25\x30"
"\x10\x60\x60\x99\x09\x06\x0E\x00\xB5\x68\x19\x1B\xBF\xF3\x8F\x71\x00\x00\x00\x00\x49\x45\x4E\x44\xAE\x42\x60"
"\x82 "
])
act_icon_save = idaapi.load_custom_icon(data=icon_data_save, format="png")
act_icon_restore = idaapi.load_custom_icon(data=icon_data_restore,
format="png")
act_name_save = "dumpDyn_save:action"
act_name_restore = "dumpDyn_restore:action"
if idaapi.register_action(
idaapi.action_desc_t(act_name_save, "save_x", save_class(), None,
"save_x", act_icon_save)):
# Insert the action in a toolbar
idaapi.attach_action_to_toolbar("DebugToolBar", act_name_save)
if idaapi.register_action(
idaapi.action_desc_t(act_name_restore, "restore_x",
restore_class(), None, "restore_x",
act_icon_restore)):
# Insert the action in a toolbar
idaapi.attach_action_to_toolbar("DebugToolBar", act_name_restore)
else:
idaapi.unregister_action(act_name_save)
idaapi.unregister_action(act_name_restore)
global MD5_hash_data_file
input_filepath = ida_nalt.get_input_file_path()
hasher = hashlib.md5()
with open(input_filepath, 'rb') as afile:
buf = afile.read()
hasher.update(buf)
MD5_hash = hasher.hexdigest() # str
MD5_hash_data_file = input_filepath + "____dumpDyn___" + MD5_hash
def AddMenuElements(self):
idaapi.add_menu_item("File/", "Geo", "ALT-G", 0, self.popeye, ())
idaapi.set_menu_item_icon("File/Geo",
idaapi.load_custom_icon(":/ico/python.png"))
"\x07\x3D\x9E\xF0\x10\x7C\x3D\x34\x3C\x3B\xA6\x99\xFE\x85\xBB\x7F",
"\x95\x0E\x0F\xA6\xA9\xF9\x4A\x52\x5B\x6B\x29\x8C\xB5\xBC\xC0\xB9",
"\x05\x0F\x3A\x1D\x84\x7E\xFF\x20\x5E\x85\xA7\xB4\xD3\xFF\xE6\xD0",
"\x4D\xC0\xED\xE2\xDD\xCA\x0B\x78\xFE\x80\x49\xB3\x95\x1A\xA9\x7B",
"\xB4\x0F\xB1\x5C\x02\x56\xA3\x05\xA1\xD4\x4F\xEC\xAA\x71\xA3\xB7",
"\xF5\x38\x18\x7F\x82\x7C\xED\x9B\xF3\x61\x37\x5D\x82\x23\x74\x15",
"\xB3\x89\x24\x22\x43\xCE\x4A\x81\x02\x1D\x8F\x7A\xB1\xB4\x1E\x87",
"\xCB\x52\x0B\x45\x55\x90\x55\x78\xFE\xDC\x2D\x0A\x46\x98\x8D\x66",
"\x64\xB0\x8C\x6F\x8B\x2A\x82\x7D\x93\x70\xD5\x15\x63\x36\xFD\x4C",
"\xDE\x99\x87\xB8\xF6\xE6\x2E\x8C\x3C\xC8\x2E\x5A\x78\xF1\x04\xE4",
"\x94\x3C\x17\x8E\xE1\xCC\xCE\x23\x18\x39\x71\x9B\x5F\x9D\xA8\xEF",
"\xDE\x42\x60\x83\x60\x32\x8C\x8F\xB1\x39\xE4\x55\x09\x3B\x6C\x8D",
"\xE8\x6A\xDC\xAB\x7B\xFE\x04\xF8\x0D\x1A\x8F\x87\xFA\x45\xCC\x17",
"\x75\x00\x00\x00\x00\x49\x45\x4E\x44\xAE\x42\x60\x82"])
act_icon = idaapi.load_custom_icon(data=icon_data, format="png")
class SearchHandler(idaapi.action_handler_t):
def __init__(self):
idaapi.action_handler_t.__init__(self)
def activate(self, ctx):
os.system("START chrome http://www.google.com/search?q=\"" + highlight[0] + "\"")
return 1
def update(self, ctx):
return idaapi.AST_ENABLE_ALWAYS
action_desc = idaapi.action_desc_t('search:action',
'Search Google for \"\"',
