def main(doAllFuncs=True): #doAllFuncs=False #jayutils.configLogger('', logging.DEBUG) jayutils.configLogger('', logging.INFO) logger = jayutils.getLogger('stackstrings') logger.debug('Starting up now') filePath = jayutils.getInputFilepath() if filePath is None: self.logger.info('No input file provided. Stopping') return vw = jayutils.loadWorkspace(filePath) ea = idc.ScreenEA() res = idc.AskYN(0, 'Use basic-block local aggregator') if res == -1: print 'User canceled' return uselocalagg = (res == 1) ranges = getFuncRanges(ea, doAllFuncs) for funcStart, funcEnd in ranges: try: logger.debug('Starting on function: 0x%x', funcStart) stringList = runStrings(vw, funcStart, uselocalagg) for node, string in stringList: if isLikelyFalsePositiveString(string): #if it's very likely a FP, skip annotating continue print '0x%08x: %s' % (node[0], string) #print '0x%08x: 0x%08x: %s %s' % (node[0], node[1], binascii.hexlify(string), string) idc.MakeComm(node[0], string.strip()) except Exception, err: logger.exception('Error during parse: %s', str(err))
def main(): #jayutils.configLogger(__name__, logging.DEBUG) jayutils.configLogger(__name__, logging.INFO) logger = jayutils.getLogger('') logger.debug('Starting up in main') #name = idc.AskStr('CreateThread', 'Enter function to find args for') #argNum = idc.AskLong(6) filePath = jayutils.getInputFilepath() if filePath is None: self.logger.info('No input file provided. Stopping') return vw = jayutils.loadWorkspace(filePath) logger.debug('Loaded workspace') tracker = ArgTracker(vw) import idautils funcEa = idc.get_name_ea_simple('CreateThread') if funcEa == idc.BADADDR: logger.info('CreateThread not found. Returning now') return for xref in idautils.XrefsTo(funcEa): argsList = tracker.getPushArgs(xref.frm, 6) for argDict in argsList: print '-' * 60 pc, value = argDict[3] print '0x%08x: 0x%08x: 0x%08x' % (xref.frm, pc, value)
def main(): #jayutils.configLogger(__name__, logging.DEBUG) jayutils.configLogger(__name__, logging.INFO) logger = jayutils.getLogger('') logger.debug('Starting up in main') #name = idc.AskStr('CreateThread', 'Enter function to find args for') #argNum = idc.AskLong(6) filePath = jayutils.getInputFilepath() if filePath is None: self.logger.info('No input file provided. Stopping') return vw = jayutils.loadWorkspace(filePath) logger.debug('Loaded workspace') tracker = ArgTracker(vw) import idautils funcEa = idc.LocByName('CreateThread') if funcEa == idc.BADADDR: logger.info('CreateThread not found. Returning now') return for xref in idautils.XrefsTo(funcEa): argsList = tracker.getPushArgs(xref.frm, 6) for argDict in argsList: print '-'*60 pc, value = argDict[3] print '0x%08x: 0x%08x: 0x%08x' % (xref.frm, pc, value)