def ports_analisys(): ports_struc = idc.AddEnum(-1, "ports", (FF_WRD|FF_DATA)) idc.AddConstEx(ports_struc, "PCI_CONFIG_ADDRESS", PCI_CONFIG_ADDRESS, -1) idc.AddConstEx(ports_struc, "PCI_CONFIG_DATA", PCI_CONFIG_DATA, -1) for each in idaapi.find_binary(start, stop, "", 0, 0): # find_binary(ea_t startea, ea_t endea, char ubinstr, int radix, int sflag) -> ea_t idc.MakeCode(each)
def createenum(self, symbols):
"""
Given full symbols and addresses create an enum name with the library name (the string before !)
Some constants will fail due to weird characters in symbols used by MS. eg( `$)
symbols: (dict) A set of symbols and addresses that have been cleaned.
"""
enum_name = symbols.keys()[0].split('!')[0]
enum = idc.AddEnum(0, enum_name, idaapi.hexflag())
if enum == idaapi.BADADDR:
print "[!] Failed to create enum: %s\n" % enum_name
return
for symbol, address in symbols.iteritems():
# "ADVAPI32!RegCreateKeyExWStub": "0xffff8007be2f89f0"
org_symb = symbol
symbol = str(symbol.split('!')[1].encode('utf-8'))
symbol = symbol.strip()
symbol = 's_'+symbol
address = int(address,16)
ret = idc.AddConstEx(enum, symbol, address, -1)
if ret !=0:
print "[!] Failed to create constant for symbol %s - (%s). %s" % (org_symb,symbol,ENUM_ERRORS[ret])
continue
self.enums[address] = enum
print "[+] Finished adding enum %s\n" % enum_name
def yatest_enums(self):
values = []
for flag in flags:
for prefix, enum_width, is_bitfield, num_fields in tests:
name = '%s_%x_%d_%x' % (prefix, enum_width, is_bitfield, flag)
ea = None
eid = idc.AddEnum(-1, name, flag)
self.assertNotEqual(eid, idaapi.BADADDR)
if enum_width != 0:
idc.SetEnumWidth(eid, enum_width)
if is_bitfield:
self.assertTrue(idc.SetEnumBf(eid, True))
idc.SetEnumCmt(eid, prefix + 'cmt', False)
idc.SetEnumCmt(eid, prefix + 'rpt', True)
for n in range(0, num_fields):
field = '%s_%d' % (name , n)
cid = None
if is_bitfield:
self.assertEqual(idc.AddConstEx(eid, field, 1 << n, 1 << n), 0)
else:
self.assertEqual(idc.AddConst(eid, field, n), 0)
if n == 0:
ea = get_ea()
self.assertNotEqual(idaapi.op_enum(ea, 1, eid, 0), idaapi.BADADDR)
cid = idc.GetConstByName(field)
self.assertTrue(idc.SetConstCmt(cid, field + 'cmt', False))
#self.assertTrue(idc.SetConstCmt(cid, field + 'rpt', True))
values.append((name, ea))
yaunit.save('enums', values)
def add_enums(function):
""" Add standard enums from parsed MSDN documentation for all imported
library calls and their arguments.
Arguments:
function -- function object
"""
enum_count = 0
for argument in function.arguments:
# Add standard enums
if not argument.enums:
g_logger.debug(' No standard constants available for %s' %
argument.name)
else:
for enum in argument.enums:
g_logger.debug(' Importing enum %s for argument %s' %
(enum, argument.name))
if idc.Til2Idb(-1, enum) != idaapi.BADADDR:
g_logger.debug(' ' + enum + ' ' + hex(idc.GetEnum(enum)) +
' added successfully')
enum_count = enum_count + 1
else:
g_logger.debug(' Could not add ' + enum)
if not argument.constants:
# No constants for this argument
continue
argument.name = argument.name.encode('utf-8')
function.name = function.name.encode('utf-8')
# Add constant descriptions
for constant in argument.constants:
constant.name = constant.name.encode('utf-8')
if constant.name == 'NULL':
# Create unique name, so we can add descriptive comment to it
constant.name = 'NULL_{}_{}'.format(argument.name,
function.name)
# Add custom enum for NULL values if it does not exist yet
enumid = idc.GetEnum(NULL_ENUM_NAME)
if enumid == idaapi.BADADDR:
enumid = idc.AddEnum(-1, NULL_ENUM_NAME, idaapi.hexflag())
idc.AddConstEx(enumid, constant.name, 0, -1)
constid = idc.GetConstByName(constant.name)
idc.SetConstCmt(constid, format_comment(constant.description),
False)
else:
constid = idc.GetConstByName(constant.name)
if constid:
if idc.SetConstCmt(constid,
format_comment(constant.description),
False):
g_logger.debug(' Description added for %s' %
constant.name)
else:
g_logger.debug(' No description added for %s' %
constant.name)
return enum_count
def createEnum(self, enum):
eid = idc.AddEnum(-1, enum[0], 0x1100000) #what is this flag?
idc.SetEnumBf(eid, 1)
val = 0
mask = 0x1f
idc.SetEnumWidth(eid, 1)
for i in enum[1]:
idc.AddConstEx(eid, i, val, mask)
val += 1
def make_enum_member(self, object_version, value):
name = object_version.get_name()
object_id = object_version.get_id()
enum_object_id = object_version.get_parent_object_id()
enum_id = 0
try:
enum_id = self.enum_ids[enum_object_id]
except:
return
self.hash_provider.put_hash_enum_member(idc.GetEnumName(enum_id), name,
value, object_id)
# create member
if not idc.IsBitfield(enum_id):
bmask = -1
else:
bmask = object_version.get_object_flags()
member_id = idc.GetConstEx(enum_id, value, 0, bmask)
if member_id == idc.BADADDR:
idc.AddConstEx(enum_id, name, value, bmask)
member_id = idc.GetConstEx(enum_id, value, 0, bmask)
else:
if idc.SetConstName(member_id, name) == 0:
logger.error("Failed to set const name for enum_id")
# apply comments
try:
repeatable_headercomment = self.sanitize_comment_to_ascii(
object_version.get_header_comment(True))
idc.SetConstCmt(member_id, repeatable_headercomment, 1)
except KeyError:
pass
try:
nonrepeatable_headercomment = self.sanitize_comment_to_ascii(
object_version.get_header_comment(True))
idc.SetConstCmt(member_id, nonrepeatable_headercomment, 0)
except KeyError:
pass
self.enum_member_ids[(idc.GetEnumName(enum_id), name,
value)] = (member_id, object_id)
def import_data_dumps():
key_value_regex = re.compile(r"^\s*(?P<key>[^ =]+)\s*=\s*"
r"(?P<value>.+)\s*$", re.MULTILINE)
is_intel = True
is_amd = False
# dmesg parse
# CPU Vendor/Model
if is_intel:
# inteltool output parse
# GPIOBASE ; PMBASE ; MCHBAR ; EPBAR ; DMIBAR ; PCIEXBAR
try:
log = open(filename, encoding="utf8")
self.clear()
for match in key_value_regex.finditer(log.read()):
data = {}
data[match.group("key")] = int(match.group("value"))
return True
except (RuntimeError) as err:
print "import error"
return False
finally:
if log is not None:
log.close()
BASE_GPIO = data["GPIOBASE"]
BASE_PM = data["PMBASE"]
BASE_MCH = data["MCHBAR"]
BASE_EP = data["EPBAR"]
BASE_DMI = data["DMIBAR"]
BASE_PCIE = data["PCIEXBAR"]
# BASE_SMBUS = data["SMBUSBAR"]
bases_struc = idc.AddEnum(-1, "bases", (FF_DWRD|FF_DATA))
idc.AddConstEx(bases_struc, "BASE_GPIO", BASE_GPIO, -1)
idc.AddConstEx(bases_struc, "BASE_PM", BASE_PM, -1)
idc.AddConstEx(bases_struc, "BASE_MCH", BASE_MCH, -1)
idc.AddConstEx(bases_struc, "BASE_EP", BASE_EP, -1)
idc.AddConstEx(bases_struc, "BASE_DMI", BASE_DMI, -1)
idc.AddConstEx(bases_struc, "BASE_PCIE", BASE_PCIE, -1)
# idc.AddConstEx(bases_struc, "BASE_SMBUS", BASE_SMBUS, -1)
elif is_amd:
#other outputs parse
else
print "Error: Unknown CPU"
def setMember(self, name, val, maskVal=None):
const = idc.GetConstByName(name)
if const and const != idc.BADADDR:
# remove constant
self.deleteConst(const)
idc.AddConstEx(self.id, name, val, maskVal if maskVal else idc.BADADDR)