def do_trace(then_quit_ida=True):
debugHook = TraceHook()
debugHook.hook()
# Start tracing when entry point is hit
ep = ida_ida.inf_get_start_ip()
ida_dbg.enable_step_trace(1)
ida_dbg.set_step_trace_options(ida_dbg.ST_OVER_DEBUG_SEG
| ida_dbg.ST_OVER_LIB_FUNC)
print("Running to %x" % ep)
ida_dbg.run_to(ep)
while ida_dbg.get_process_state() != 0:
ida_dbg.wait_for_next_event(1, 0)
if not debugHook.epReached:
raise Exception("Entry point wasn't reached!")
if not debugHook.unhook():
raise Exception("Error uninstalling hooks!")
del debugHook
if then_quit_ida:
# we're done; exit IDA
ida_pro.qexit(0)
def OnFormChange(self, fid):
if fid == -2: # click on ok
print self._project_list[self.GetControlValue(self.iProject)]
if self._project_list[self.GetControlValue(self.iProject)] == "Select public project":
project_id = idc.AskStr("", "Project id:")
try:
headers = {"Authorization" : "Bearer {0}".format(shared.USER_TOKEN)}
data = json.loads(requests.get("{0}/{1}".format(shared.BASE_URL, constants.GET_PROJECT_HEADER.format(project_id)), headers = headers).content)
hash_of_program = data["body"]["hash"]
warning("{0} {1}".format(ida_nalt.retrieve_input_file_sha256().lower(), hash_of_program))
if ida_nalt.retrieve_input_file_sha256().lower() != hash_of_program:
warning("Wrong hash of program, exiting now")
ida_pro.qexit(1)
contributors = data["body"]["contributors"]
shared.MASTER_PAUSE_HOOK = True
for cont in contributors:
if cont["id"] == shared.USERID:
shared.MASTER_PAUSE_HOOK = False
shared.PAUSE_HOOK = True
break
shared.PROJECT_ID = data["body"]["id"]
except Exception as e:
warning("Cant get project information: " + str(e))
return 0
else:
headers = {"Authorization" : "Bearer {0}".format(shared.USER_TOKEN)}
data = json.loads(requests.get("{0}/{1}".format(shared.BASE_URL, constants.GET_PROJECT_HEADER.format(self._project_list[self.GetControlValue(self.iProject)].split(" ")[0])), headers = headers).content)
hash_of_program = data["body"]["hash"]
if ida_nalt.retrieve_input_file_sha256().lower() != hash_of_program:
warning("Wrong hash of program, exiting now")
ida_pro.qexit(1)
shared.PROJECT_ID = self._project_list[self.GetControlValue(self.iProject)].split(" ")[0]
return 1
else:
return 1
def plugin_main(signatures_root, project_name, symbols_file=None):
global fa_instance
fa_instance = IdaLoader()
fa_instance.set_input('ida')
if project_name is not None:
fa_instance.set_project(project_name)
load_ui()
IdaLoader.log(''' ---------------------------------
FA Loaded successfully
Quick usage:
print(fa_instance.find(symbol_name)) # searches for the specific symbol
fa_instance.get_python_symbols(filename=None) # run project's python
scripts (all or single)
fa_instance.set_symbol_template(status) # enable/disable template temp
signature
fa_instance.symbols() # searches for the symbols in the current project
---------------------------------''')
if symbols_file is not None:
fa_instance.set_signatures_root(signatures_root)
fa_instance.symbols(symbols_file)
ida_pro.qexit(0)
def main():
idc.auto_wait()
c = Config()
update_config(c)
if c.logenabled:
h = logging.FileHandler(c.logfile)
h.setLevel(c.loglevel)
logging.getLogger().addHandler(h)
filename = get_pat_file()
if filename is None:
g_logger.debug("No file selected")
return
sigs = make_func_sigs(c)
if c.pat_append:
with open(filename, "ab") as f:
for sig in sigs:
f.write(sig)
f.write("\r\n")
f.write("---")
f.write("\r\n")
else:
with open(filename, "wb") as f:
for sig in sigs:
f.write(sig)
f.write("\r\n")
f.write("---")
f.write("\r\n")
import ida_pro
ida_pro.qexit(0)
def main(signatures_root, project_name, symbols_file=None):
global fa_instance
IdaLoader.log('''
---------------------------------
FA Loaded successfully
Quick usage:
fa_instance.set_project(project_name) # select project name
print(fa_instance.list_projects()) # prints available projects
print(fa_instance.find(symbol_name)) # searches for the specific symbol
fa_instance.get_python_symbols(filename=None) # run project's python
scripts (all or single)
fa_instance.symbols() # searches for the symbols in the current project
HotKeys:
Ctrl-6: Set current project
Ctrl-7: Search project symbols
Ctrl-8: Create temporary signature
Ctrl-Shift-8: Create temporary signature and open an editor
Ctrl-9: Find temporary signature
Ctrl-0: Prompt for adding the temporary signature as permanent
---------------------------------''')
fa_instance = IdaLoader()
fa_instance.set_input('ida')
fa_instance.set_project(project_name)
idaapi.add_hotkey('Ctrl-6', fa_instance.interactive_set_project)
idaapi.add_hotkey('Ctrl-7', fa_instance.symbols)
idaapi.add_hotkey('Ctrl-8', fa_instance.create_symbol)
idaapi.add_hotkey('Ctrl-Shift-8', fa_instance.extended_create_symbol)
idaapi.add_hotkey('Ctrl-9', fa_instance.find_symbol)
idaapi.add_hotkey('Ctrl-0', fa_instance.prompt_save_signature)
if symbols_file is not None:
fa_instance.set_signatures_root(signatures_root)
fa_instance.symbols(symbols_file)
ida_pro.qexit(0)
def main():
idaapi.autoWait()
info = dict()
info["arch"] = dict()
info["arch"]["is_32bit"] = ida_ida.inf_is_32bit()
info["arch"]["is_64bit"] = ida_ida.inf_is_64bit()
info["imports"] = get_imports()
functions = get_functions()
info["histogram"] = dict()
for f_ea in functions:
disasm = get_mnemonics(f_ea)
h = histogram(disasm)
h_d = dict()
for t in h:
h_d[t[0]] = t[1]
info["histogram"][functions[f_ea]] = h_d
write_result(idc.ARGV[1], info)
ida_pro.qexit(0)
funcs = get_funcs()
text_segm = ida_segment.get_segm_by_name(".text")
for func in funcs:
# we only care about functions in .text segment
if not in_range(text_segm, func.start_ea):
continue
name = ida_funcs.get_func_name(func.start_ea)
code = ida_hexrays.decompile_func(func, None)
results[name] = { "name": name,
"start_ea": func.start_ea,
"end_ea": func.end_ea,
"code": code.__str__(),
"size": func.size()
}
print("JSON:")
print(json.dumps({"time": time.time() - start, "data": results}))
# wait for the analysis to complete
ida_auto.auto_wait()
# actually do stuff
print(BEGIN_BANNER)
main()
print(END_BANNER)
# quit to stop GUI from poping up
ida_pro.qexit(0)
import idc print idc.gen_file(idc.OFILE_LST, '2.lst', 0, idc.BADADDR, 0) import ida_pro ida_pro.qexit()
def exit(self):
"""Exit the disassembler (cleanly)."""
ida_pro.qexit(0)
else:
continue
f.writelines(result)
f.close
def build_result(items):
lines = []
for item in items:
data = [str(item.vuln), item.name, hexstr(item.ea)]
for x in [item.addr1, item.addr2]:
if x != None:
data.append(hexstr(x))
else:
continue
for x in [item.str1, item.str2, item.other1]:
if x != None:
data.append(repr(x))
else:
continue
data.append('\n')
lines.append('\t'.join(data))
return lines
if __name__ == "__main__":
analysis()
if "DO_EXIT" in os.environ:
ida_pro.qexit(1)
