def remake_main(): # 先新建好所有函数, 再执行 # -- 脚本将start~end所有函数 undefined, 在start处make function import ida_bytes start_addr = 0x0402126 end_addr = 0x0402220 for i in range(start_addr, end_addr): ida_bytes.del_items(i) idc.jumpto(start_addr) idc.add_func(start_addr) import ida_hexrays # open pseudocode view ida_hexrays.open_pseudocode(0x0402126, ida_hexrays.OPF_NO_WAIT)
def cb_loc(self, ea): update = False # find_item_coords is only available for versions >= 7.2 if self.safe_mode: return func = idaapi.get_func(ea) if not func: return if self.last_func != func.start_ea: self.vdui_t = ida_hexrays.open_pseudocode(ea, 0) if not self.vdui_t: return self.cfunc = self.vdui_t.cfunc if not self.cfunc: # may happen in case of decompilation error return self.eamap = self.cfunc.get_eamap() self.prev_ea = None self.last_func = func.start_ea self.lines = self.cfunc.get_pseudocode() self.color_ins_vec(self.discarded_ea, rsconfig.COL_BLANK_HEX) self.color_ins_vec(self.prev_ea, rsconfig.COL_PREVLINE_HEX) update = self.color_ins_vec(ea, rsconfig.COL_CURLINE_HEX) if update: self.discarded_ea = self.prev_ea self.prev_ea = ea
def acquire_pseudocode_vdui(addr): """ Acquires a IDA HexRays vdui pointer, which is a pointer to a pseudocode view that contains the cfunc which describes the code on the screen. Using this function optimizes the switching of code views by using in-place switching if a view is already present. @param addr: @return: """ func = ida_funcs.get_func(addr) if not func: return None names = ["Pseudocode-%c" % chr(ord("A") + i) for i in range(5)] for name in names: widget = ida_kernwin.find_widget(name) if not widget: continue vu = ida_hexrays.get_widget_vdui(widget) break else: vu = ida_hexrays.open_pseudocode(func.start_ea, False) if func.start_ea != vu.cfunc.entry_ea: target_cfunc = idaapi.decompile(func.start_ea) vu.switch_to(target_cfunc, False) return vu
def open_control_panel(self): """ Open the control panel view and attach it to IDA View-A or Pseudocode-A. """ wrapper = ControlPanelViewWrapper(controller) if not wrapper.twidget: l.info( "BinSync is unable to find a widget to attach to. You are likely running headlessly" ) return None flags = idaapi.PluginForm.WOPN_TAB | idaapi.PluginForm.WOPN_RESTORE | idaapi.PluginForm.WOPN_PERSIST idaapi.display_widget(wrapper.twidget, flags) wrapper.widget.visible = True # casually open a pseudocode window, this prevents magic sync from spawning pseudocode windows # in weird locations upon an initial run func_addr = next(idautils.Functions()) ida_hexrays.open_pseudocode( func_addr, ida_hexrays.OPF_NO_WAIT | ida_hexrays.OPF_REUSE) # then attempt to flip back to IDA View-A twidget = idaapi.find_widget("IDA View-A") if twidget is not None: ida_kernwin.activate_widget(twidget, True) target = "Functions" fwidget = idaapi.find_widget(target) if not fwidget: # prioritize attaching the binsync panel to a decompilation window target = "Pseudocode-A" dwidget = idaapi.find_widget(target) if not dwidget: target = "IDA View-A" if target == "Functions": idaapi.set_dock_pos(ControlPanelViewWrapper.NAME, target, idaapi.DP_INSIDE) else: # attach the panel to the found target idaapi.set_dock_pos(ControlPanelViewWrapper.NAME, target, idaapi.DP_RIGHT)
def get_ctree_graph(ea): """ 在当前反编译窗口中创建当前函数的 ctree 图 """ vu = ida_hexrays.open_pseudocode(ea, 0) w = ida_kernwin.get_current_widget() vu_title = ida_kernwin.get_widget_title(w) vu.get_current_item(ida_hexrays.USE_KEYBOARD) focusitem = vu.item.e if vu.item.is_citem() else None # 创建 graphviewer cg = cfunc_graph_t(focusitem, CONFIG, close_open=True) # 为当前函数创建图像 gb = graph_builder_t(cg) gb.apply_to(vu.cfunc.body, None) # 显示图像 cg.Show() # 设置窗口位置 cg.zoom_and_dock(vu_title, CONFIG["options"]["zoom"], CONFIG["options"]["dockpos"])
def cb_loc(self, ea): # find_item_coords is only available for versions >= 7.2 if self.safe_mode: return update = False func_ea = idaapi.get_func(ea).startEA if self.last_func != func_ea: self.vdui_t = ida_hexrays.open_pseudocode(ea, 0) self.cfunc = self.vdui_t.cfunc self.eamap = self.cfunc.get_eamap() self.prev_ea = None self.last_func = func_ea self.lines = self.cfunc.get_pseudocode() self.color_ins_vec(self.discarded_ea, rsconfig.COL_BLANK_HEX) self.color_ins_vec(self.prev_ea, rsconfig.COL_PREVLINE_HEX) update = self.color_ins_vec(ea, rsconfig.COL_CURLINE_HEX) if update: self.discarded_ea = self.prev_ea self.prev_ea = ea
def double_clicked(self, row, column): ea = self.functions[row] ida_hexrays.open_pseudocode(ea, True) return
def __init__(self, func_addr): self.view = ida_hexrays.open_pseudocode(func_addr, 0)