def init(self): """ On script initalisation : load previous rop results and init menu items """ # Only Intel x86/x86-64 are supported if idaapi.ph_get_id() == idaapi.PLFM_386: global idarop_manager # Check if already initialized if not 'idarop_manager' in globals(): idarop_manager = IdaRopManager() if idarop_manager.add_menu_items(): print("[IdaRop] Failed to initialize IDA Sploiter.") idarop_manager.del_menu_items() del idarop_manager return idaapi.PLUGIN_SKIP else: try: idarop_manager.load_internal_db() except Exception as e: pass print("[IdaRop] IDA ROP View v%s initialized " % IDAROP_VERSION) return idaapi.PLUGIN_KEEP else: return idaapi.PLUGIN_SKIP
def init(self): if idaapi.ph_get_id( ) != idaapi.PLFM_ARM or idaapi.BADADDR <= 0xFFFFFFFF: return idaapi.PLUGIN_SKIP print "%s init" % self.comment self.hook = Aarch64PACHook() self.hook.hook() return idaapi.PLUGIN_KEEP
def init(self): if idaapi.ph_get_id( ) != idaapi.PLFM_ARM or idaapi.BADADDR <= 0xFFFFFFFF: print "%s won't load!" % self.wanted_name return idaapi.PLUGIN_SKIP self.hooks = CPUHooks() self.hooks.hook() print "%s is loaded!" % self.wanted_name return idaapi.PLUGIN_KEEP
def init(self): self.hook = None if idc.GetInputMD5() != input_md5 or idaapi.ph_get_id( ) != idaapi.PLFM_386: return idaapi.PLUGIN_SKIP self.hook = deobX86Hook() self.hook.hook() return idaapi.PLUGIN_KEEP
def init(self): self.prochook = None if idaapi.ph_get_id() != idaapi.PLFM_386: # print "dumbx86_t.init() skipped!" return idaapi.PLUGIN_SKIP self.prochook = dumbx86hook() self.prochook.hook() print "dumbx86_t.init() called!" return idaapi.PLUGIN_KEEP
def init(self): self.prochook = None if idaapi.ph_get_id() != idaapi.PLFM_386 or idaapi.cvar.inf.filetype != idaapi.f_ELF: print "linuxprocext_t.init() skipped!" return idaapi.PLUGIN_SKIP self.prochook = linux_idp_hook_t() self.prochook.hook() print "linuxprocext_t.init() called!" return idaapi.PLUGIN_KEEP
def init(self): global glob_lex global glob_parser if idaapi.ph_get_id() != idaapi.PLFM_386: return idaapi.PLUGIN_SKIP debug_out("Loading Parsers") self.lexer = glob_lex self.parser = glob_parser debug_out("Loaded SmartJumper") return idaapi.PLUGIN_KEEP
def init(self): self.hook = None if not ".mp.dll" in idc.GetInputFile( ) or idaapi.ph_get_id() != idaapi.PLFM_386: return idaapi.PLUGIN_SKIP print "\n\n-->MsMpEng apicall x86 Parser Invoked!\n\n" self.hook = parse_apicall_hook() self.hook.hook() return idaapi.PLUGIN_KEEP
def init(self): self.prochook = None if idaapi.ph_get_id( ) != idaapi.PLFM_386 or idaapi.cvar.inf.filetype != idaapi.f_ELF: print "linuxprocext_t.init() skipped!" return idaapi.PLUGIN_SKIP self.prochook = linux_idp_hook_t() self.prochook.hook() print "linuxprocext_t.init() called!" return idaapi.PLUGIN_KEEP
def init(self): self.hook = None if idaapi.ph_get_id( ) != idaapi.PLFM_ARM or idaapi.BADADDR <= 0xFFFFFFFF: return idaapi.PLUGIN_SKIP self.hook = simpA64Hook() flag = self.hook.n.altval(0) if flag: self.enabled = flag - 1 print "%s is %sabled" % (self.wanted_name, "en" if self.enabled else "dis") if self.enabled: self.hook.hook() return idaapi.PLUGIN_KEEP
def init(self): # Some initialization global hexnight_cb_info, hexnight_cb, inttype if idaapi.init_hexrays_plugin() and idaapi.ph_get_id() == idaapi.PLFM_ARM: inttype = idaapi.get_int_type_by_width_and_sign(4, True) hexnight_cb_info = hexrays_callback_info() hexnight_cb = hexnight_cb_info.event_callback if idaapi.install_hexrays_callback(hexnight_cb): print "Hexnight plugin installed" addon = idaapi.addon_info_t(); addon.id = "org.xerub.hexnight"; addon.name = "Hexnight"; addon.producer = "xerub"; addon.url = "https://twitter.com/xerub"; addon.version = "7.0"; idaapi.register_addon( addon ); return idaapi.PLUGIN_KEEP print "Hexnight plugin failed" return idaapi.PLUGIN_SKIP
def init(self): self.hexrays_inited = False self.registered_actions = [] self.registered_hx_actions = [] global ARCH global BITS ARCH = idaapi.ph_get_id() info = idaapi.get_inf_structure() if info.is_64bit(): BITS = 64 elif info.is_32bit(): BITS = 32 else: BITS = 16 print("Golang_Rev plugin has been loaded.") # Register menu actions menu_actions = ( idaapi.action_desc_t(GOLANG_STRING, "Set golang string", menu_action_handler_t(GOLANG_STRING), None, None, 9), idaapi.action_desc_t(GOLANG_FUNC, "Set golang function", menu_action_handler_t(GOLANG_FUNC), None, None, 9), idaapi.action_desc_t(RENAME_POINTER, "Set pointer", menu_action_handler_t(RENAME_POINTER), None, None, 9), ) for action in menu_actions: idaapi.register_action(action) self.registered_actions.append(action.name) # Add ui hook self.ui_hook = UI_Hook() self.ui_hook.hook() return idaapi.PLUGIN_KEEP
def init(self): # Only Intel x86/x86-64 are supported if idaapi.ph_get_id() == idaapi.PLFM_386: global heaptracer_manager # Check if already initialized if not 'heaptracer_manager' in globals(): heaptracer_manager = HeapTracerManager() if heaptracer_manager.add_menu_items(): print "Failed to initialize Heap Tracer." heaptracer_manager.del_menu_items() del heaptracer_manager return idaapi.PLUGIN_SKIP else: print("Initialized Heap Tracer v%s (c) Marcin Kalinowski <*****@*****.**>" % HEAPTRACER_VERSION) return idaapi.PLUGIN_KEEP else: return idaapi.PLUGIN_SKIP
def init(self): # Some initialization global hexnight_cb_info, hexnight_cb, inttype if idaapi.init_hexrays_plugin() and idaapi.ph_get_id( ) == idaapi.PLFM_ARM and idaapi.BADADDR > 0xFFFFFFFF: inttype = idaapi.get_int_type_by_width_and_sign(4, True) enu = idaapi.add_enum(0, myenum, 0) for i in regs.keys(): idaapi.add_enum_member(enu, regs[i], i) hexnight_cb_info = hexrays_callback_info() hexnight_cb = hexnight_cb_info.event_callback if idaapi.install_hexrays_callback(hexnight_cb): print "Hexnight plugin installed" addon = idaapi.addon_info_t() addon.id = "org.xerub.hexnight" addon.name = "Hexnight" addon.producer = "xerub" addon.url = "https://twitter.com/xerub" addon.version = "6.95" idaapi.register_addon(addon) return idaapi.PLUGIN_KEEP print "Hexnight plugin failed" return idaapi.PLUGIN_SKIP
def __init__(self): self.flags = idaapi.ph_get_flag() # instead of checking ph flags, should __EA64__ be used? self.is_64bit = (self.flags & idaapi.PR_USE64) != 0 self.is_32bit = (self.flags & idaapi.PR_USE32) != 0 self.is_stack_up = (self.flags & idaapi.PR_STACK_UP) != 0 self.id = idaapi.ph_get_id() self.is_assemble_supported = (self.flags & idaapi.PR_ASSEMBLE) != 0 self.is_delayslot_proc = (self.flags & idaapi.PR_DELAYED) != 0 # processor default ret instruction (icode, not opcode!) self.ret_icodes = [idaapi.ph_get_icode_return()] # ptrsize in bytes self.ptrsize = 2 if self.is_32bit: self.ptrsize = 4 if self.is_64bit: self.ptrsize = 8 self.ptrsize_pyfmt_mapper = {2:"H", 4:"I", 8:"Q"} self.ptrsize_mask_mapper = {2:0xFFFF, 4:0xFFFFFFFF, 8:0xFFFFFFFFFFFFFFFF} self.datafmt_mapper = {2:"%04X", 4:"%08X", 8:"%016X"} self.endianness = idaapi.get_inf_structure().mf
def init(self): self.hexrays_inited = False self.registered_actions = [] self.registered_hx_actions = [] global ARCH global BITS ARCH = idaapi.ph_get_id() info = idaapi.get_inf_structure() if info.is_64bit(): BITS = 64 elif info.is_32bit(): BITS = 32 else: BITS = 16 print("LazyIDA (v1.0.0.3) plugin has been loaded.") # Register menu actions menu_actions = ( idaapi.action_desc_t(ACTION_CONVERT[0], "Convert to string", menu_action_handler_t(ACTION_CONVERT[0]), None, None, 80), idaapi.action_desc_t(ACTION_CONVERT[1], "Convert to hex string", menu_action_handler_t(ACTION_CONVERT[1]), None, None, 8), idaapi.action_desc_t(ACTION_CONVERT[2], "Convert to C/C++ array (BYTE)", menu_action_handler_t(ACTION_CONVERT[2]), None, None, 38), idaapi.action_desc_t(ACTION_CONVERT[3], "Convert to C/C++ array (WORD)", menu_action_handler_t(ACTION_CONVERT[3]), None, None, 38), idaapi.action_desc_t(ACTION_CONVERT[4], "Convert to C/C++ array (DWORD)", menu_action_handler_t(ACTION_CONVERT[4]), None, None, 38), idaapi.action_desc_t(ACTION_CONVERT[5], "Convert to C/C++ array (QWORD)", menu_action_handler_t(ACTION_CONVERT[5]), None, None, 38), idaapi.action_desc_t(ACTION_CONVERT[6], "Convert to python list (BYTE)", menu_action_handler_t(ACTION_CONVERT[6]), None, None, 201), idaapi.action_desc_t(ACTION_CONVERT[7], "Convert to python list (WORD)", menu_action_handler_t(ACTION_CONVERT[7]), None, None, 201), idaapi.action_desc_t(ACTION_CONVERT[8], "Convert to python list (DWORD)", menu_action_handler_t(ACTION_CONVERT[8]), None, None, 201), idaapi.action_desc_t(ACTION_CONVERT[9], "Convert to python list (QWORD)", menu_action_handler_t(ACTION_CONVERT[9]), None, None, 201), idaapi.action_desc_t(ACTION_XORDATA, "Get xored data", menu_action_handler_t(ACTION_XORDATA), None, None, 9), idaapi.action_desc_t(ACTION_FILLNOP, "Fill with NOPs", menu_action_handler_t(ACTION_FILLNOP), None, None, 9), idaapi.action_desc_t(ACTION_SCANVUL, "Scan format string vulnerabilities", menu_action_handler_t(ACTION_SCANVUL), None, None, 160), ) for action in menu_actions: idaapi.register_action(action) self.registered_actions.append(action.name) # Register hotkey actions hotkey_actions = ( idaapi.action_desc_t(ACTION_COPYEA, "Copy EA", hotkey_action_handler_t(ACTION_COPYEA), "w", "Copy current EA", 0), idaapi.action_desc_t(ACTION_GOTOCLIP, "Goto clip EA", hotkey_action_handler_t(ACTION_GOTOCLIP), "Shift-G", "Goto clipboard EA", 0), ) for action in hotkey_actions: idaapi.register_action(action) self.registered_actions.append(action.name) # Add ui hook self.ui_hook = UI_Hook() self.ui_hook.hook() # Add hexrays ui callback if idaapi.init_hexrays_plugin(): addon = idaapi.addon_info_t() addon.id = "tw.l4ys.lazyida" addon.name = "LazyIDA" addon.producer = "Lays" addon.url = "https://github.com/L4ys/LazyIDA" addon.version = "1.0.0.3" idaapi.register_addon(addon) hx_actions = ( idaapi.action_desc_t(ACTION_HX_REMOVERETTYPE, "Remove return type", hexrays_action_handler_t(ACTION_HX_REMOVERETTYPE), "v"), idaapi.action_desc_t(ACTION_HX_COPYEA, "Copy ea", hexrays_action_handler_t(ACTION_HX_COPYEA), "w"), idaapi.action_desc_t(ACTION_HX_COPYNAME, "Copy name", hexrays_action_handler_t(ACTION_HX_COPYNAME), "c"), idaapi.action_desc_t(ACTION_HX_GOTOCLIP, "Goto clipboard ea", hexrays_action_handler_t(ACTION_HX_GOTOCLIP), "Shift-G"), ) for action in hx_actions: idaapi.register_action(action) self.registered_hx_actions.append(action.name) self.hx_hook = HexRays_Hook() idaapi.install_hexrays_callback(self.hx_hook.callback) self.hexrays_inited = True return idaapi.PLUGIN_KEEP
def init(self): self.hexrays_inited = False self.registered_actions = [] self.registered_hx_actions = [] global arch global bits global is_cgc arch = idaapi.ph_get_id() info = idaapi.get_inf_structure() if info.is_64bit(): bits = 64 elif info.is_32bit(): bits = 32 else: bits = 16 is_cgc = "CGC" in idaapi.get_file_type_name() print "LazyIDA (Python Version) (v1.0.0.1) plugin has been loaded." # Register menu actions menu_actions = ( idaapi.action_desc_t(ACTION_CONVERT[0], "Convert to string", menu_action_handler_t(ACTION_CONVERT[0]), None, None, 80), idaapi.action_desc_t(ACTION_CONVERT[1], "Convert to hex string", menu_action_handler_t(ACTION_CONVERT[1]), None, None, 8), idaapi.action_desc_t(ACTION_CONVERT[2], "Convert to C/C++ array (BYTE)", menu_action_handler_t(ACTION_CONVERT[2]), None, None, 38), idaapi.action_desc_t(ACTION_CONVERT[3], "Convert to C/C++ array (WORD)", menu_action_handler_t(ACTION_CONVERT[3]), None, None, 38), idaapi.action_desc_t(ACTION_CONVERT[4], "Convert to C/C++ array (DWORD)", menu_action_handler_t(ACTION_CONVERT[4]), None, None, 38), idaapi.action_desc_t(ACTION_CONVERT[5], "Convert to C/C++ array (QWORD)", menu_action_handler_t(ACTION_CONVERT[5]), None, None, 38), idaapi.action_desc_t(ACTION_CONVERT[6], "Convert to python list (BYTE)", menu_action_handler_t(ACTION_CONVERT[6]), None, None, 201), idaapi.action_desc_t(ACTION_CONVERT[7], "Convert to python list (WORD)", menu_action_handler_t(ACTION_CONVERT[7]), None, None, 201), idaapi.action_desc_t(ACTION_CONVERT[8], "Convert to python list (DWORD)", menu_action_handler_t(ACTION_CONVERT[8]), None, None, 201), idaapi.action_desc_t(ACTION_CONVERT[9], "Convert to python list (QWORD)", menu_action_handler_t(ACTION_CONVERT[9]), None, None, 201), idaapi.action_desc_t(ACTION_XORDATA, "Get xored data", menu_action_handler_t(ACTION_XORDATA), None, None, 9), idaapi.action_desc_t(ACTION_FILLNOP, "Fill with NOPs", menu_action_handler_t(ACTION_FILLNOP), None, None, 9), idaapi.action_desc_t(ACTION_SCANVUL, "Scan format string vulnerabilities", menu_action_handler_t(ACTION_SCANVUL), None, None, 160), ) for action in menu_actions: idaapi.register_action(action) self.registered_actions.append(action.name) # Register hotkey actions hotkey_actions = ( idaapi.action_desc_t(ACTION_COPYEA, "Copy EA", hotkey_action_handler_t(ACTION_COPYEA), "w", "Copy current EA", 0), ) for action in hotkey_actions: idaapi.register_action(action) self.registered_actions.append(action.name) # Add ui hook self.ui_hook = UI_Hook() self.ui_hook.hook() # Add idb hook self.idb_hook = IDB_Hook() self.idb_hook.hook() # Add idp hook self.idp_hook = IDP_Hook() self.idp_hook.hook() # Add hexrays ui callback if idaapi.init_hexrays_plugin(): hx_actions = ( idaapi.action_desc_t(ACTION_HX_REMOVERETTYPE, "Remove return type", hexrays_action_handler_t(ACTION_HX_REMOVERETTYPE), "v"), idaapi.action_desc_t(ACTION_HX_COPYEA , "Copy ea", hexrays_action_handler_t(ACTION_HX_COPYEA), "w"), idaapi.action_desc_t(ACTION_HX_COPYNAME, "Copy name", hexrays_action_handler_t(ACTION_HX_COPYNAME), "c"), ) for action in hx_actions: idaapi.register_action(action) self.registered_hx_actions.append(action.name) idaapi.install_hexrays_callback(hexrays_callback) self.hexrays_inited = True # Auto apply libcgc signature if is_cgc and os.path.exists(idaapi.get_sig_filename("libcgc.sig")): if "libcgc.sig" not in [idaapi.get_idasgn_desc(i)[0] for i in range(idaapi.get_idasgn_qty())]: idaapi.plan_to_apply_idasgn("libcgc.sig") return idaapi.PLUGIN_KEEP
def init(self): self.prochook = None # Enable controlable logging logging.basicConfig( level=logging.DEBUG, format= '%(asctime)s - %(levelname)s - %(filename)s:%(funcName)s@%(lineno)s: %(message)s' ) logging.debug( 'Module for MC68000 class CPU Step-Overs, and type information') # Random Debug to analyze PH mapping support # #print cdll.ida.ph #ph = structPH.in_dll(cdll.ida, "ph") #ph = structPH() #ph.values = cast( cdll.ida.ph, POINTER(structPH) ) # Map ida.dll into this Python module, and lets us change the flags to add TYPEINFO support. # # For O/S agnostic support this follow advice from: http://www.hexblog.com/?p=695 # idaname = "ida64" if ida_idaapi.__EA64__ else "ida" try: logging.debug("Platform for ida library loading: " + str(sys.platform)) if sys.platform == "win32": ida_dll = ctypes.windll[idaname + ".dll"] elif sys.platform == "linux2": ida_dll = ctypes.cdll["lib" + idaname + ".so"] elif sys.platform == "darwin": ida_dll = ctypes.cdll["lib" + idaname + ".dylib"] except: logging.error( "Python CTYPES probably couldnt find the dll, OR the MSCVR90.dll or other system DLL is missing" ) return idaapi.PLUGIN_SKIP # Access ph global in ida.dll using ctypes ph = structPH.in_dll(ida_dll, "ph") # Log Values via PH direct access logging.debug("- - - - - - - - - - - - - - - - - -") logging.debug(" ph.version = %d" % ph.version) logging.debug(" ph.id = %d" % ph.id) logging.debug(" ph.flag = %d" % ph.flag) # Enable TYPEINFO support ph.flag = ph.flag | ida_idp.PR_TYPEINFO # Official API, confirms PH was correctly accessed logging.debug("- - - - - - - - - - - - - - - - - -") logging.debug(" ph.version = %d" % idaapi.ph_get_version()) logging.debug(" ph.id = %d" % idaapi.ph_get_id()) logging.debug(" ph.flag = %d" % idaapi.ph_get_flag()) #print(hexlify(string_at(cdll.ida.ph, getsizeof(G)))) if idaapi.ph_get_id( ) != idaapi.PLFM_68K: # or idaapi.cvar.inf.filetype != idaapi.f_ELF: logging.error( "skipped this plugin because CPU being used is not 68000 derivative!" ) return idaapi.PLUGIN_SKIP # Connect the IDP hooks self.prochook = m68kstepover_idp_hook_t() self.prochook.hook() logging.debug( "succeeded, stepover support should now work for BSR/JSR!") return idaapi.PLUGIN_KEEP
def init(self): self.hexrays_inited = False self.registered_actions = [] self.registered_hx_actions = [] global ARCH global BITS ARCH = idaapi.ph_get_id() info = idaapi.get_inf_structure() if info.is_64bit(): BITS = 64 elif info.is_32bit(): BITS = 32 else: BITS = 16 print "LazyIDA (v1.0.0.3) plugin has been loaded." # Register menu actions menu_actions = ( idaapi.action_desc_t(ACTION_CONVERT[0], "Convert to string", menu_action_handler_t(ACTION_CONVERT[0]), None, None, 80), idaapi.action_desc_t(ACTION_CONVERT[1], "Convert to hex string", menu_action_handler_t(ACTION_CONVERT[1]), None, None, 8), idaapi.action_desc_t(ACTION_CONVERT[2], "Convert to C/C++ array (BYTE)", menu_action_handler_t(ACTION_CONVERT[2]), None, None, 38), idaapi.action_desc_t(ACTION_CONVERT[3], "Convert to C/C++ array (WORD)", menu_action_handler_t(ACTION_CONVERT[3]), None, None, 38), idaapi.action_desc_t(ACTION_CONVERT[4], "Convert to C/C++ array (DWORD)", menu_action_handler_t(ACTION_CONVERT[4]), None, None, 38), idaapi.action_desc_t(ACTION_CONVERT[5], "Convert to C/C++ array (QWORD)", menu_action_handler_t(ACTION_CONVERT[5]), None, None, 38), idaapi.action_desc_t(ACTION_CONVERT[6], "Convert to python list (BYTE)", menu_action_handler_t(ACTION_CONVERT[6]), None, None, 201), idaapi.action_desc_t(ACTION_CONVERT[7], "Convert to python list (WORD)", menu_action_handler_t(ACTION_CONVERT[7]), None, None, 201), idaapi.action_desc_t(ACTION_CONVERT[8], "Convert to python list (DWORD)", menu_action_handler_t(ACTION_CONVERT[8]), None, None, 201), idaapi.action_desc_t(ACTION_CONVERT[9], "Convert to python list (QWORD)", menu_action_handler_t(ACTION_CONVERT[9]), None, None, 201), idaapi.action_desc_t(ACTION_XORDATA, "Get xored data", menu_action_handler_t(ACTION_XORDATA), None, None, 9), idaapi.action_desc_t(ACTION_FILLNOP, "Fill with NOPs", menu_action_handler_t(ACTION_FILLNOP), None, None, 9), idaapi.action_desc_t(ACTION_SCANVUL, "Scan format string vulnerabilities", menu_action_handler_t(ACTION_SCANVUL), None, None, 160), ) for action in menu_actions: idaapi.register_action(action) self.registered_actions.append(action.name) # Register hotkey actions hotkey_actions = ( idaapi.action_desc_t(ACTION_COPYEA, "Copy EA", hotkey_action_handler_t(ACTION_COPYEA), "w", "Copy current EA", 0), ) for action in hotkey_actions: idaapi.register_action(action) self.registered_actions.append(action.name) # Add ui hook self.ui_hook = UI_Hook() self.ui_hook.hook() # Add hexrays ui callback if idaapi.init_hexrays_plugin(): addon = idaapi.addon_info_t() addon.id = "tw.l4ys.lazyida" addon.name = "LazyIDA" addon.producer = "Lays" addon.url = "https://github.com/L4ys/LazyIDA" addon.version = "1.0.0.3" idaapi.register_addon(addon) hx_actions = ( idaapi.action_desc_t(ACTION_HX_REMOVERETTYPE, "Remove return type", hexrays_action_handler_t(ACTION_HX_REMOVERETTYPE), "v"), idaapi.action_desc_t(ACTION_HX_COPYEA, "Copy ea", hexrays_action_handler_t(ACTION_HX_COPYEA), "w"), idaapi.action_desc_t(ACTION_HX_COPYNAME, "Copy name", hexrays_action_handler_t(ACTION_HX_COPYNAME), "c"), ) for action in hx_actions: idaapi.register_action(action) self.registered_hx_actions.append(action.name) self.hx_hook = HexRays_Hook() idaapi.install_hexrays_callback(self.hx_hook.callback) self.hexrays_inited = True return idaapi.PLUGIN_KEEP
def init(self): self.hexrays_inited = False self.registered_actions = [] self.registered_hx_actions = [] global arch global bits arch = idaapi.ph_get_id() info = idaapi.get_inf_structure() if info.is_64bit(): bits = 64 elif info.is_32bit(): bits = 32 else: bits = 16 print "LazyIDA (Python Version) (v1.0.0.1) plugin has been loaded." # Register menu actions menu_actions = ( idaapi.action_desc_t(ACTION_CONVERT[0], "Convert to string", menu_action_handler_t(ACTION_CONVERT[0]), None, None, 80), idaapi.action_desc_t(ACTION_CONVERT[1], "Convert to hex string", menu_action_handler_t(ACTION_CONVERT[1]), None, None, 8), idaapi.action_desc_t(ACTION_CONVERT[2], "Convert to C/C++ array (BYTE)", menu_action_handler_t(ACTION_CONVERT[2]), None, None, 38), idaapi.action_desc_t(ACTION_CONVERT[3], "Convert to C/C++ array (DWORD)", menu_action_handler_t(ACTION_CONVERT[3]), None, None, 38), idaapi.action_desc_t(ACTION_CONVERT[4], "Convert to C/C++ array (QWORD)", menu_action_handler_t(ACTION_CONVERT[4]), None, None, 38), idaapi.action_desc_t(ACTION_CONVERT[5], "Convert to python list (BYTE)", menu_action_handler_t(ACTION_CONVERT[5]), None, None, 201), idaapi.action_desc_t(ACTION_CONVERT[6], "Convert to python list (DWORD)", menu_action_handler_t(ACTION_CONVERT[6]), None, None, 201), idaapi.action_desc_t(ACTION_CONVERT[7], "Convert to python list (QWORD)", menu_action_handler_t(ACTION_CONVERT[7]), None, None, 201), idaapi.action_desc_t(ACTION_XORDATA, "Get xored data", menu_action_handler_t(ACTION_XORDATA), None, None, 9), idaapi.action_desc_t(ACTION_SCANVUL, "Scan format string vulnerabilities", menu_action_handler_t(ACTION_SCANVUL), None, None, 160), ) for action in menu_actions: idaapi.register_action(action) self.registered_actions.append(action.name) # Register hotkey actions hotkey_actions = ( idaapi.action_desc_t(ACTION_COPYEA, "Copy EA", hotkey_action_handler_t(ACTION_COPYEA), "w", "Copy current EA", 0), ) for action in hotkey_actions: idaapi.register_action(action) self.registered_actions.append(action.name) # Add ui hook self.ui_hook = UI_Hook() self.ui_hook.hook() # Add hexrays ui callback if idaapi.init_hexrays_plugin(): hx_actions = ( idaapi.action_desc_t(ACTION_HX_REMOVERETTYPE, "Remove return type", hexrays_action_handler_t(ACTION_HX_REMOVERETTYPE), "v"), idaapi.action_desc_t(ACTION_HX_COPYEA , "Copy ea", hexrays_action_handler_t(ACTION_HX_COPYEA), "w"), idaapi.action_desc_t(ACTION_HX_COPYNAME, "Copy name", hexrays_action_handler_t(ACTION_HX_COPYNAME), "c"), ) for action in hx_actions: idaapi.register_action(action) self.registered_hx_actions.append(action.name) self.hx_hook = HexRays_Hook() idaapi.install_hexrays_callback(self.hx_hook.callback) self.hexrays_inited = True return idaapi.PLUGIN_KEEP
def init(self): global LAZY_ARCH global LAZY_BITS LAZY_ARCH = idaapi.ph_get_id() info = idaapi.get_inf_structure() if info.is_64bit(): LAZY_BITS = 64 elif info.is_32bit(): LAZY_BITS = 32 else: LAZY_BITS = 16 plg_print("v1.0.0.4 - plugin has been loaded.") # Register hotkey actions for HK_ACT in ALL_HOTKEY_ACTIONS: action = idaapi.action_desc_t(HK_ACT[0], # name HK_ACT[1], # label hotkey_action_handler_t(HK_ACT[0]), # action handler HK_ACT[2], # shortcut HK_ACT[3], # tooltip HK_ACT[4]) # iconid idaapi.register_action(action) self.registered_hotkey_actions.append(action.name) # Register menu actions menu_actions = ( idaapi.action_desc_t(ACTION_MENU_CONVERT[0], "Convert to string", menu_action_handler_t(ACTION_MENU_CONVERT[0]), None, None, 80), idaapi.action_desc_t(ACTION_MENU_CONVERT[1], "Convert to hex string space", menu_action_handler_t(ACTION_MENU_CONVERT[1]), None, None, 8), idaapi.action_desc_t(ACTION_MENU_CONVERT[2], "Convert to C/C++ array (BYTE)", menu_action_handler_t(ACTION_MENU_CONVERT[2]), None, None, 38), idaapi.action_desc_t(ACTION_MENU_CONVERT[3], "Convert to C/C++ array (WORD)", menu_action_handler_t(ACTION_MENU_CONVERT[3]), None, None, 38), idaapi.action_desc_t(ACTION_MENU_CONVERT[4], "Convert to C/C++ array (DWORD)", menu_action_handler_t(ACTION_MENU_CONVERT[4]), None, None, 38), idaapi.action_desc_t(ACTION_MENU_CONVERT[5], "Convert to C/C++ array (QWORD)", menu_action_handler_t(ACTION_MENU_CONVERT[5]), None, None, 38), idaapi.action_desc_t(ACTION_MENU_CONVERT[6], "Convert to python list (BYTE)", menu_action_handler_t(ACTION_MENU_CONVERT[6]), None, None, 201), idaapi.action_desc_t(ACTION_MENU_CONVERT[7], "Convert to python list (WORD)", menu_action_handler_t(ACTION_MENU_CONVERT[7]), None, None, 201), idaapi.action_desc_t(ACTION_MENU_CONVERT[8], "Convert to python list (DWORD)", menu_action_handler_t(ACTION_MENU_CONVERT[8]), None, None, 201), idaapi.action_desc_t(ACTION_MENU_CONVERT[9], "Convert to python list (QWORD)", menu_action_handler_t(ACTION_MENU_CONVERT[9]), None, None, 201), idaapi.action_desc_t(ACTION_MENU_CONVERT[10], "Convert to MASM array (BYTE)", menu_action_handler_t(ACTION_MENU_CONVERT[10]), None, None, 38), idaapi.action_desc_t(ACTION_MENU_CONVERT[11], "Convert to GNU ASM array (BYTE)", menu_action_handler_t(ACTION_MENU_CONVERT[11]), None, None, 38), idaapi.action_desc_t(ACTION_MENU_COPY_DATA, "Copy hex data to clipboard", menu_action_handler_t(ACTION_MENU_COPY_DATA), None, None, 9), idaapi.action_desc_t(ACTION_MENU_DUMP_DATA, "Dump data to file", menu_action_handler_t(ACTION_MENU_DUMP_DATA), None, None, 0x1B), idaapi.action_desc_t(ACTION_MENU_XOR_DATA, "Get xored data", menu_action_handler_t(ACTION_MENU_XOR_DATA), None, None, 9), idaapi.action_desc_t(ACTION_MENU_FILL_NOP, "Fill with NOPs", menu_action_handler_t(ACTION_MENU_FILL_NOP), None, None, 9), idaapi.action_desc_t(ACTION_MENU_B64STD, "Base64Std decode", menu_action_handler_t(ACTION_MENU_B64STD), None, None, 9), idaapi.action_desc_t(ACTION_MENU_B64URL, "Base64Url decode", menu_action_handler_t(ACTION_MENU_B64URL), None, None, 9), idaapi.action_desc_t(ACTION_MENU_SCAN_VUL, "Scan format string vulnerabilities", menu_action_handler_t(ACTION_MENU_SCAN_VUL), None, None, 160), ) for action in menu_actions: idaapi.register_action(action) self.registered_menu_actions.append(action.name) # Add ui hook self.ui_hook = UI_Hook() self.ui_hook.hook() # Add hexrays ui callback if idaapi.init_hexrays_plugin(): hx_actions = ( idaapi.action_desc_t(ACTION_HX_REMOVE_RET_TYPE[0], ACTION_HX_REMOVE_RET_TYPE[1], hexrays_action_handler_t(ACTION_HX_REMOVE_RET_TYPE[0]), ACTION_HX_REMOVE_RET_TYPE[2], ACTION_HX_REMOVE_RET_TYPE[3], -1), ) for action in hx_actions: idaapi.register_action(action) self.registered_hexray_actions.append(action.name) self.hx_hook = HexRays_Hook() idaapi.install_hexrays_callback(self.hx_hook.callback) self.hexrays_inited = True addon = idaapi.addon_info_t() addon.id = "htc_lazyida" addon.name = "LazyIDA" addon.producer = "HTC (Original: Lays - tw.l4ys.lazyida)" addon.url = "https://github.com/HongThatCong/LazyIDA" addon.version = "1.0.0.5" idaapi.register_addon(addon) return idaapi.PLUGIN_KEEP
def init(self): self.hexrays_inited = False self.registered_actions = [] self.registered_hx_actions = [] global arch global bits arch = idaapi.ph_get_id() info = idaapi.get_inf_structure() if info.is_64bit(): bits = 64 elif info.is_32bit(): bits = 32 else: bits = 16 print "LazyIDA (Python Version) (v1.0.0.1) plugin has been loaded." # Register menu actions menu_actions = ( idaapi.action_desc_t(ACTION_CONVERT[0], "Convert to string", menu_action_handler_t(ACTION_CONVERT[0]), None, None, 80), idaapi.action_desc_t(ACTION_CONVERT[1], "Convert to hex string", menu_action_handler_t(ACTION_CONVERT[1]), None, None, 8), idaapi.action_desc_t(ACTION_CONVERT[2], "Convert to C/C++ array (BYTE)", menu_action_handler_t(ACTION_CONVERT[2]), None, None, 38), idaapi.action_desc_t(ACTION_CONVERT[3], "Convert to C/C++ array (DWORD)", menu_action_handler_t(ACTION_CONVERT[3]), None, None, 38), idaapi.action_desc_t(ACTION_CONVERT[4], "Convert to C/C++ array (QWORD)", menu_action_handler_t(ACTION_CONVERT[4]), None, None, 38), idaapi.action_desc_t(ACTION_CONVERT[5], "Convert to python list (BYTE)", menu_action_handler_t(ACTION_CONVERT[5]), None, None, 201), idaapi.action_desc_t(ACTION_CONVERT[6], "Convert to python list (DWORD)", menu_action_handler_t(ACTION_CONVERT[6]), None, None, 201), idaapi.action_desc_t(ACTION_CONVERT[7], "Convert to python list (QWORD)", menu_action_handler_t(ACTION_CONVERT[7]), None, None, 201), idaapi.action_desc_t(ACTION_XORDATA, "Get xored data", menu_action_handler_t(ACTION_XORDATA), None, None, 9), idaapi.action_desc_t(ACTION_SCANVUL, "Scan format string vulnerabilities", menu_action_handler_t(ACTION_SCANVUL), None, None, 160), ) for action in menu_actions: idaapi.register_action(action) self.registered_actions.append(action.name) # Register hotkey actions hotkey_actions = (idaapi.action_desc_t( ACTION_COPYEA, "Copy EA", hotkey_action_handler_t(ACTION_COPYEA), "w", "Copy current EA", 0), ) for action in hotkey_actions: idaapi.register_action(action) self.registered_actions.append(action.name) # Add ui hook self.ui_hook = UI_Hook() self.ui_hook.hook() # Add hexrays ui callback if idaapi.init_hexrays_plugin(): hx_actions = ( idaapi.action_desc_t( ACTION_HX_REMOVERETTYPE, "Remove return type", hexrays_action_handler_t(ACTION_HX_REMOVERETTYPE), "v"), idaapi.action_desc_t( ACTION_HX_COPYEA, "Copy ea", hexrays_action_handler_t(ACTION_HX_COPYEA), "w"), idaapi.action_desc_t( ACTION_HX_COPYNAME, "Copy name", hexrays_action_handler_t(ACTION_HX_COPYNAME), "c"), ) for action in hx_actions: idaapi.register_action(action) self.registered_hx_actions.append(action.name) self.hx_hook = HexRays_Hook() idaapi.install_hexrays_callback(self.hx_hook.callback) self.hexrays_inited = True return idaapi.PLUGIN_KEEP