def run(self): for ref in self.func.xrefs: self.log(4, "[-] checking near " + hex(ref)) self.parseArgs(ref) self.debugCtrl.start() self.log(1, "[*] debugger launched") if (self.func.runUntilEA['end'] != BADADDR) and (self.func.runUntilEA['start'] != BADADDR): idc.SetRegValue(self.func.runUntilEA['start'], 'EIP') idc.RunTo(self.func.runUntilEA['end']) self.decRes = None self.decRes = {} for ref in self.func.xrefs: try: arg = self.params[ref] except: self.log(3, "[-!] Couldn't find arg, skipping call at 0x%x" % ref) continue try: if (self.execute(ref, arg) == -1): break except Exception, e: kprint("Exception!! @decryptor:run, ", e) pass
def signalClient(self, norev=False): start_eip = idc.GetRegValue(self.PC) #print('signalClient eip was at 0x%x, then after rev 1 0x%x call setAndDisable string is %s' % (start_eip, eip, simicsString)) if norev: idaapi.step_into() idc.GetDebuggerEvent(idc.WFNE_SUSP, -1) simicsString = gdbProt.Evalx('SendGDBMonitor("@cgc.printRegJson()");') try: regs = json.loads(simicsString) except: print('failed to get regs from %s' % simicsString) return for reg in regs: r = str(reg.upper()) if r == 'EFLAGS': r = 'EFL' #print('set %s to 0x%x' % (r, regs[reg])) idc.SetRegValue(regs[reg], r) idc.RefreshDebuggerMemory() new_eip = idc.GetRegValue(self.PC) #print('signalClient back from cont new_eip is 0x%x' % new_eip) if new_eip >= self.kernel_base: print('in kernel, run to user') self.updateStackTrace()
def zero_reg(self): reg = self.get_selected_reg() if not reg: return idc.SetRegValue(0, reg) self.reload_info()
def dec_reg(self): reg = self.get_selected_reg() if not reg: return val = dbg.to_uint(self.reg_vals[reg] - 1) idc.SetRegValue(val, reg) self.reload_info()
def PreFunctionCall(self, function): ''' Configure architecture-specific pre-requisites before calling a function. Called internally by Application.Call. @function - The address of the function to call. Returns None. ''' if self.cpu.has_key('callreg'): idc.SetRegValue(function, self.cpu['callreg'])
def __reg_value(self, reg, value=None): if value is not None: if reg.startswith('*'): idc.DbgWrite(idc.GetRegValue(reg[1:]), self.ToString(value)) else: idc.SetRegValue(value, reg) if reg.startswith('*'): return idc.DbgDword(idc.GetRegValue(reg[1:])) else: return idc.GetRegValue(reg)
def switch_value(self): lineno = self.GetLineNo() if lineno > len(dbg.registers.flags): return line = self.GetLine(lineno) line = idaapi.tag_remove(line[0]) flag = line[:4].strip() new_val = not self.flag_vals[flag] rc = idc.SetRegValue(int(new_val), flag) if not rc: idaapi.warning("Unable to update the register value") return self.parent.reload_view()
def to_dbg(self, found_state): if type(found_state) == StateManager: return self.to_dbg(found_state.state) for key in self.symbolics: try: if key in load_project().arch.registers: r = found_state.solver.eval(self.symbolics[key][0], cast_to=int) idc.SetRegValue(r, key) else: r = found_state.solver.eval(self.symbolics[key][0], cast_to=str) for i in xrange(len(r)): idc.PatchByte(key + i, ord(r[i])) except Exception as ee: print " >> failed to write %s to debugger" % key
def modify_value(self): reg = self.get_selected_reg() if not reg: return reg_val = idc.GetRegValue(reg) b = idc.AskStr("0x%X" % reg_val, "Modify register value") if b is not None: try: value = int(idaapi.str2ea(b)) idc.SetRegValue(value, reg) self.reload_info() if reg == dbg.registers.flags: self.reload_flags_view() except: idaapi.warning("Invalid expression")
def __setattr__(self, name, value): #print "cpu.set(%s)" % name return idc.SetRegValue(value, name)
def set_reg_value(reg, value): if idaapi.IDA_SDK_VERSION <= 699: idc.SetRegValue(reg, value) else: idc.set_reg_value(reg, value)
def set(name, value): return idc.SetRegValue(value, name)