def get_type():
#without this line, waiting a few seconds for user input will cause the 'Please wait...' msgbox to jump and make the system freeze.
orig_timeout = idaapi.set_script_timeout(0x7fffffff)
struc_type = ida_kernwin.choose_struc('Choose type')
idaapi.set_script_timeout(orig_timeout)
if struc_type is None:
return None
#print struc_type
type_name = ida_struct.get_struc_name(struc_type.id)
return type_name
print type(a)
type_name = AskStr('', 'Type for %s' % get_reg_full_name(ea, reg))
if type_name is None:
print 'Escaped'
return None
if ida_struct.get_struc_id(type_name) == 0xffffffff:
print 'Not a type'
return None
return type_name
def run(self):
self.logger.info('Starting up')
try:
here = idc.here()
self.logger.info('Using ea: 0x%08x', here)
if not idc.GetMnem(here).startswith('call'):
self.logger.info(
'Not running at a call instruction. Bailing out now')
return
if idc.GetOpType(here, 0) == idc.o_near:
self.logger.info(
"Cannot (or shouldn't) run when call optype is o_near")
return
dlg = ApplyCalleeTypeWidget()
oldTo = idaapi.set_script_timeout(0)
res = dlg.exec_()
idaapi.set_script_timeout(oldTo)
if res == QtWidgets.QDialog.Accepted:
self.logger.debug('Dialog accepted. Input type: %d',
dlg.inputType)
else:
self.logger.debug('Dialog rejected')
return
tinfo = None
#check user input type
if dlg.inputType == dlg.USER_TYPE:
decl = self.convertUserType(str(dlg.getUserText()))
tinfo = self.getUserDeclType(decl)
elif dlg.inputType == dlg.STANDARD_TYPE:
tinfo = self.getBuiltinGlobalType()
elif dlg.inputType == dlg.LOCAL_TYPE:
tinfo = self.getLocalType()
else:
self.logger.info('Bad user input type')
return
if tinfo is None:
self.logger.debug('Bailing due to null tinfo')
return
#self.logger.info('Deserialize result: %r', ret)
#not 100% sure if i need to explicitly convert from func to funcptr - seemed
# to pretty much work without this, but doing it just to be sure
if not tinfo.is_funcptr():
self.logger.debug('Converting to func pointer')
tinfo.create_ptr(tinfo)
typename = idaapi.print_tinfo('', 0, 0, idaapi.PRTYPE_1LINE, tinfo,
'', '')
self.logger.info('Applying tinfo: "%s"', str(typename))
#both applying callee type & setting op type -> not sure if both are needed?
# set op type causes change in hexrays decompilation
# apply callee type updates ida's stack analysis
ret = idaapi.apply_callee_tinfo(here, tinfo)
ret = idaapi.set_op_tinfo2(here, 0, tinfo)
self.logger.debug('set_op_tinfo2 result: %r', ret)
except Exception, err:
self.logger.exception("Exception caught: %s", str(err))
def Go(self):
self.setWindowModality(Qt.ApplicationModal)
# self.setWindowModality(Qt.WindowModal)
oldTo = idaapi.set_script_timeout(0)
res = self.exec_()
idaapi.set_script_timeout(oldTo)
return res
def main():
dialog = HighlighterDialog()
# Disable script timeout -> otherwise cancel script dialog pops up
old_timeout = idaapi.set_script_timeout(0)
dialog.exec_()
# Restore the timeout
idaapi.set_script_timeout(old_timeout)
def run(self):
self.logger.info('Starting up')
try:
here = idc.here()
self.logger.info('Using ea: 0x%08x', here)
if not idc.GetMnem(here).startswith('call'):
self.logger.info('Not running at a call instruction. Bailing out now')
return
if idc.GetOpType(here, 0) == idc.o_near:
self.logger.info("Cannot (or shouldn't) run when call optype is o_near")
return
dlg = ApplyCalleeTypeWidget()
oldTo = idaapi.set_script_timeout(0)
res = dlg.exec_()
idaapi.set_script_timeout(oldTo)
if res == QtGui.QDialog.DialogCode.Accepted:
self.logger.debug('Dialog accepted. Input type: %d', dlg.inputType)
else:
self.logger.debug('Dialog rejected')
return
tinfo = None
#check user input type
if dlg.inputType == dlg.USER_TYPE:
decl = self.convertUserType(str(dlg.getUserText()))
tinfo = self.getUserDeclType(decl)
elif dlg.inputType == dlg.STANDARD_TYPE:
tinfo = self.getBuiltinGlobalType()
elif dlg.inputType == dlg.LOCAL_TYPE:
tinfo = self.getLocalType()
else:
self.logger.info('Bad user input type')
return
if tinfo is None:
self.logger.debug('Bailing due to null tinfo')
return
#self.logger.info('Deserialize result: %r', ret)
#not 100% sure if i need to explicitly convert from func to funcptr - seemed
# to pretty much work without this, but doing it just to be sure
if not tinfo.is_funcptr():
self.logger.debug('Converting to func pointer')
tinfo.create_ptr(tinfo)
typename = idaapi.print_tinfo('', 0, 0, idaapi.PRTYPE_1LINE, tinfo, '', '')
self.logger.info('Applying tinfo: "%s"', str(typename))
#both applying callee type & setting op type -> not sure if both are needed?
# set op type causes change in hexrays decompilation
# apply callee type updates ida's stack analysis
ret = idaapi.apply_callee_tinfo(here, tinfo)
ret = idaapi.set_op_tinfo2(here, 0, tinfo)
self.logger.debug('set_op_tinfo2 result: %r', ret)
except Exception, err:
self.logger.exception("Exception caught: %s", str(err))
def run(self):
try:
self.logger.debug('Starting up')
dlg = StructTyperWidget()
dlg.setStructs(loadStructs())
oldTo = idaapi.set_script_timeout(0)
res = dlg.exec_()
idaapi.set_script_timeout(oldTo)
if res == QtGui.QDialog.DialogCode.Accepted:
regPrefix = dlg.getRegPrefix()
sid = None
struc = None
if dlg.ui.rb_useStackFrame.isChecked():
ea = idc.here()
sid = idc.GetFrame(ea)
struc = idaapi.get_frame(ea)
self.logger.debug('Dialog result: accepted stack frame')
if (sid is None) or (sid == idc.BADADDR):
#i should really figure out which is the correct error case
raise RuntimeError('Failed to get sid for stack frame at 0x%x' % ea)
if (struc is None) or (struc == 0) or (struc == idc.BADADDR):
raise RuntimeError('Failed to get struc_t for stack frame at 0x%x' % ea)
#need the actual pointer value, not the swig wrapped struc_t
struc= long(struc.this)
else:
structName = dlg.getActiveStruct()
self.logger.debug('Dialog result: accepted %s "%s"', type(structName), structName)
sid = idc.GetStrucIdByName(structName)
if (sid is None) or (sid == idc.BADADDR):
#i should really figure out which is the correct error case
raise RuntimeError('Failed to get sid for %s' % structName)
tid = idaapi.get_struc_id(structName)
if (tid is None) or (tid == 0) or (tid == idc.BADADDR):
#i should really figure out which is the correct error case
raise RuntimeError('Failed to get tid_t for %s' % structName)
struc = g_dll.get_struc(tid)
if (struc is None) or (struc == 0) or (struc == idc.BADADDR):
raise RuntimeError('Failed to get struc_t for %s' % structName)
foundMembers = self.processStruct(regPrefix, struc, sid)
if dlg.ui.rb_useStackFrame.isChecked() and (foundMembers != 0):
#reanalyze current function if we're analyzing a stack frame & found some func pointers
funcstart = idc.GetFunctionAttr(idc.here(), idc.FUNCATTR_START)
funcend = idc.GetFunctionAttr(idc.here(), idc.FUNCATTR_END)
if (funcstart != idc.BADADDR) and (funcend != idc.BADADDR):
idc.AnalyzeArea(funcstart, funcend)
elif res == QtGui.QDialog.DialogCode.Rejected:
self.logger.info('Dialog result: canceled by user')
else:
self.logger.debug('Unknown result')
raise RuntimeError('Dialog unknown result')
except Exception, err:
self.logger.exception("Exception caught: %s", str(err))
def display_ui(self, bit_test_value):
matches = []
value_str = ''
if bit_test_value:
# Shift the value to get our search parameter
enum_value = 1 << int(bit_test_value)
value_str = hex(enum_value)
# Go through all loaded enums to see if it's in there
enum_count = ida_enum.get_enum_qty()
for i in range(enum_count):
enum_id = ida_enum.getn_enum(i)
if not enum_id:
continue
enum_is_bitfield = ida_enum.is_bf(enum_id)
if enum_is_bitfield:
# If the enum is a bitfield which contains (binary) flags, chances are
# the mask for each member is equal to the flag.
const_id = ida_enum.get_enum_member(
enum_id, enum_value, 0, enum_value)
else:
# Otherwise, no mask!
const_id = ida_enum.get_enum_member(
enum_id, enum_value, 0, 0)
# Returns BADNODE if not found
if const_id != ida_netnode.BADNODE:
# Looks legitimate, grab the enum name and const name
const_name = ida_enum.get_enum_member_name(const_id)
enum_name = ida_enum.get_enum_name(enum_id)
matches.append((const_name, enum_name))
# Populate and show the dialog box
dialog = BitTesterWidget(value_str)
for match in matches:
const_name, enum_name = match
dialog.addEnumEntry(const_name, enum_name)
dialog.table.resizeRowsToContents()
old_timeout = idaapi.set_script_timeout(0)
res = dialog.exec_()
idaapi.set_script_timeout(old_timeout)
if res != QtWidgets.QDialog.Accepted:
self.logger.debug('Dialog rejected')
return None, None
self.logger.debug('Dialog accepted. Fetching values.')
enum_choice, const_choice = dialog.getChoice()
return enum_choice, const_choice
def run(self, argument):
"""Execute the script when invoked."""
try:
# Remove the modal dialogue
old = idaapi.disable_script_timeout()
idaapi.show_wait_box("Decompiling function...")
self.decompiler.set_screen_address_to_decompile()
self.decompiler.decompile()
# Re-enable the original timeout.
idaapi.set_script_timeout(old)
except PointSourceException, err:
print "[-] Unable to run decompiler : %s" % err
def launchGuiInput(self):
logger.debug('Launching dialog')
dlg = ShellcodeWidget(self.dbstore, self.params)
#disable script timeout -> otherwise cancel script dialog pops up
oldTo = idaapi.set_script_timeout(0)
res = dlg.exec_()
#restore the timeout
idaapi.set_script_timeout(oldTo)
if res == QtWidgets.QDialog.Accepted:
logger.debug('Dialog result: accepted')
elif res == QtWidgets.QDialog.Rejected:
logger.debug('Dialog result: rejected')
raise RejectionException()
else:
logger.debug('Unknown result')
raise RuntimeError('Dialog unknown result')
def launchGuiInput(self):
self.logger.debug('Launching dialog')
dlg = ShellcodeWidget(self.dbstore, self.params)
#disable script timeout -> otherwise cancel script dialog pops up
oldTo = idaapi.set_script_timeout(0)
res = dlg.exec_()
#restore the timeout
idaapi.set_script_timeout(oldTo)
if res == QtGui.QDialog.DialogCode.Accepted:
self.logger.debug('Dialog result: accepted')
elif res == QtGui.QDialog.DialogCode.Rejected:
self.logger.debug('Dialog result: rejected')
raise RejectionException()
else:
self.logger.debug('Unknown result')
raise RuntimeError('Dialog unknown result')
def run(self):
try:
self.logger.debug('Starting up')
dlg = StructTyperWidget()
dlg.setStructs(loadStructs())
oldTo = idaapi.set_script_timeout(0)
res = dlg.exec_()
idaapi.set_script_timeout(oldTo)
if res == QtGui.QDialog.DialogCode.Accepted:
structName = dlg.getActiveStruct()
regPrefix = dlg.getRegPrefix()
self.logger.debug('Dialog result: accepted %s "%s"', type(structName), structName)
self.processStruct(regPrefix, structName)
elif res == QtGui.QDialog.DialogCode.Rejected:
self.logger.info('Dialog result: canceled by user')
else:
self.logger.debug('Unknown result')
raise RuntimeError('Dialog unknown result')
except Exception, err:
self.logger.exception("Exception caught: %s", str(err))
def run(self):
try:
self.logger.debug('Starting up')
dlg = StructTyperWidget()
dlg.setStructs(loadStructs())
oldTo = idaapi.set_script_timeout(0)
res = dlg.exec_()
idaapi.set_script_timeout(oldTo)
if res == QtGui.QDialog.DialogCode.Accepted:
structName = dlg.getActiveStruct()
regPrefix = dlg.getRegPrefix()
self.logger.debug('Dialog result: accepted %s "%s"',
type(structName), structName)
self.processStruct(regPrefix, structName)
elif res == QtGui.QDialog.DialogCode.Rejected:
self.logger.info('Dialog result: canceled by user')
else:
self.logger.debug('Unknown result')
raise RuntimeError('Dialog unknown result')
except Exception, err:
self.logger.exception("Exception caught: %s", str(err))
def on_ok_button(self):
# test the msdn data dir
msdnpath = os.path.join(self.dirText.text(),
IDB_MSDN_Annotator.MSDN_INFO_FILE)
if not os.path.exists(msdnpath):
g_logger.info('Error - no msdn info file: %s', msdnpath)
ret = QtWidgets.QMessageBox.warning(
self, 'MSDN Info Not Found',
'The file %s was not found in the specified MSDN Data Directory'
% IDB_MSDN_Annotator.MSDN_INFO_FILE, QtWidgets.QMessageBox.Ok)
# self.done(QtWidgets.QDialog.Rejected)
return
self.done(QtWidgets.QDialog.Accepted)
g_logger.info('Saving config')
self.save_config()
config = self.read_config()
idaapi.set_script_timeout(1)
IDB_MSDN_Annotator.main(config)
idaapi.set_script_timeout(0)
def scriptTimeout(self, timeout):
return idaapi.set_script_timeout(timeout)
def AskStr(def_val, q_str):
#without this line, waiting a few seconds for user input will cause the 'Please wait...' msgbox to jump and make the system freeze.
orig_timeout = idaapi.set_script_timeout(0x7fffffff)
ret = idc.AskStr(def_val, q_str)
idaapi.set_script_timeout(orig_timeout)
return ret
from binsync.common.ui.version import set_ui_version
set_ui_version("PyQt5")
from binsync.common.ui.config_dialog import SyncConfig
from binsync.common.ui.control_panel import ControlPanel
from binsync.common.ui.magic_sync_dialog import display_magic_sync_dialog
from .hooks import MasterHook
from . import IDA_DIR, VERSION
from .controller import IDABinSyncController
l = logging.getLogger(__name__)
controller = IDABinSyncController()
# disable the annoying "Running Python script" wait box that freezes IDA at times
idaapi.set_script_timeout(0)
#
# UI Hook, placed here for convenience of reading UI implementation
#
class ScreenHook(ida_kernwin.View_Hooks):
def __init__(self):
super(ScreenHook, self).__init__()
self.hooked = False
def view_click(self, view, event):
form_type = idaapi.get_widget_type(view)
decomp_view = idaapi.get_widget_vdui(view)
if not form_type:
def scriptTimeout(self, timeout):
return idaapi.set_script_timeout(timeout)
def __init__(self):
super().__init__()
self.config = Config()
# disable timeout for scripts
self.old_timeout = idaapi.set_script_timeout(0)
def add_bp_to_virtual_calls(cur_addr, end):
while cur_addr < end:
if cur_addr == idc.BADADDR:
break
elif idc.GetMnem(cur_addr) == 'call' or idc.GetMnem(cur_addr) == 'BLR':
if True in [idc.GetOpnd(cur_addr, 0).find(reg) != -1 for reg in REGISTERS]: # idc.GetOpnd(cur_addr, 0) in REGISTERS:
cond, bp_address = vtableAddress.write_vtable2file(cur_addr)
if cond != '':
bp_vtable = AddBP.add(bp_address, cond)
cur_addr = idc.NextHead(cur_addr)
def set_values(start, end):
start = start
end = end
return start, end
if __name__ == '__main__':
start_addr_range = idc.MinEA() # You can change the virtual calls address range
end_addr_range = idc.MaxEA()
oldTo = idaapi.set_script_timeout(0)
# Initializes the GUI: Deletes the 0x in the beginning and the L at the end:
gui = GUI.VirtuailorBasicGUI(set_values, {'start': hex(start_addr_range)[2:-1], 'end': hex(end_addr_range)[2:-1]})
gui.exec_()
if gui.start_line.text != "banana":
add_bp_to_virtual_calls(int(gui.start_line.text(),16), int(gui.stop_line.text(), 16))
def OnClose(self, form):
idaapi.set_script_timeout(self.old_timeout)
print("[%s] Form closed." % PLUG_NAME)
def run(self):
try:
logger.debug('Starting up')
dlg = StructTyperWidget()
dlg.setStructs(loadStructs())
oldTo = idaapi.set_script_timeout(0)
res = dlg.exec_()
idaapi.set_script_timeout(oldTo)
if res == QtWidgets.QDialog.Accepted:
regPrefix = dlg.getRegPrefix()
sid = None
struc = None
if dlg.ui.rb_useStackFrame.isChecked():
ea = idc.here()
if using_ida7api:
sid = idc.get_frame_id(ea)
else:
sid = idc.GetFrame(ea)
struc = idaapi.get_frame(ea)
logger.debug('Dialog result: accepted stack frame')
if (sid is None) or (sid == idc.BADADDR):
#i should really figure out which is the correct error case
raise RuntimeError(
'Failed to get sid for stack frame at 0x%x' % ea)
if (struc is None) or (struc == 0) or (struc
== idc.BADADDR):
raise RuntimeError(
'Failed to get struc_t for stack frame at 0x%x' %
ea)
if using_ida7api:
pass
else:
#need the actual pointer value, not the swig wrapped struc_t
struc = long(struc.this)
else:
structName = dlg.getActiveStruct()
if structName is None:
print("No struct selected. Bailing out")
return
logger.debug('Dialog result: accepted %s "%s"',
type(structName), structName)
if using_ida7api:
sid = idc.get_struc_id(structName)
else:
sid = idc.GetStrucIdByName(structName)
if (sid is None) or (sid == idc.BADADDR):
#i should really figure out which is the correct error case
raise RuntimeError('Failed to get sid for %s' %
structName)
tid = idaapi.get_struc_id(structName)
if (tid is None) or (tid == 0) or (tid == idc.BADADDR):
#i should really figure out which is the correct error case
raise RuntimeError('Failed to get tid_t for %s' %
structName)
if using_ida7api:
struc = idaapi.get_struc(tid)
else:
struc = g_dll.get_struc(tid)
if (struc is None) or (struc == 0) or (struc
== idc.BADADDR):
raise RuntimeError('Failed to get struc_t for %s' %
structName)
foundMembers = self.processStruct(regPrefix, struc, sid)
if dlg.ui.rb_useStackFrame.isChecked() and (foundMembers != 0):
#reanalyze current function if we're analyzing a stack frame & found some func pointers
if using_ida7api:
funcstart = idc.get_func_attr(idc.here(),
idc.FUNCATTR_START)
funcend = idc.get_func_attr(idc.here(),
idc.FUNCATTR_END)
else:
funcstart = idc.GetFunctionAttr(
idc.here(), idc.FUNCATTR_START)
funcend = idc.GetFunctionAttr(idc.here(),
idc.FUNCATTR_END)
if (funcstart != idc.BADADDR) and (funcend != idc.BADADDR):
if using_ida7api:
idc.plan_and_wait(funcstart, funcend)
else:
idc.AnalyzeArea(funcstart, funcend)
elif res == QtWidgets.QDialog.Rejected:
logger.info('Dialog result: canceled by user')
else:
logger.debug('Unknown result')
raise RuntimeError('Dialog unknown result')
except Exception, err:
logger.exception("Exception caught: %s", str(err))