def setUpClass(cls): super(SmdaIntegrationTestSuite, cls).setUpClass() disasm = Disassembler(config) with open( os.path.join(config.PROJECT_ROOT, "tests", "asprox_0x008D0000_xored"), "rb") as f_binary: binary = f_binary.read() decrypted = bytearray() for index, byte in enumerate(binary): if isinstance(byte, str): byte = ord(byte) decrypted.append(byte ^ (index % 256)) cls.asprox_disassembly = disasm.disassembleBuffer( bytes(decrypted), 0x8D0000)
def setUpClass(cls): super(SmdaIntegrationTestSuite, cls).setUpClass() disasm = Disassembler(config) # load encrypted Asprox with open( os.path.join(config.PROJECT_ROOT, "tests", "asprox_0x008D0000_xored"), "rb") as f_binary: binary = f_binary.read() decrypted_asprox = bytearray() for index, byte in enumerate(binary): if isinstance(byte, str): byte = ord(byte) decrypted_asprox.append(byte ^ (index % 256)) cls.asprox_binary = decrypted_asprox cls.asprox_disassembly = disasm.disassembleBuffer( bytes(decrypted_asprox), 0x8D0000) # load encrypted Cutwail with open(os.path.join(config.PROJECT_ROOT, "tests", "cutwail_xored"), "rb") as f_binary: binary = f_binary.read() decrypted_cutwail = bytearray() for index, byte in enumerate(binary): if isinstance(byte, str): byte = ord(byte) decrypted_cutwail.append(byte ^ (index % 256)) cls.cutwail_binary = decrypted_cutwail # run FileLoader and disassemble as file loader = FileLoader("/", map_file=True) loader._loadFile(decrypted_cutwail) file_content = loader.getData() binary_info = BinaryInfo(file_content) binary_info.raw_data = loader.getRawData() binary_info.file_path = "" binary_info.base_addr = loader.getBaseAddress() binary_info.bitness = loader.getBitness() binary_info.code_areas = loader.getCodeAreas() cls.cutwail_disassembly = disasm._disassemble(binary_info) cls.cutwail_unmapped_disassembly = disasm.disassembleUnmappedBuffer( decrypted_cutwail)
def detectBackend(): backend = "" version = "" try: import idaapi import idautils backend = "IDA" version = idaapi.IDA_SDK_VERSION except: pass return (backend, version) if __name__ == "__main__": BACKEND, VERSION = detectBackend() if BACKEND == "IDA": from smda.ida.IdaInterface import IdaInterface ida_interface = IdaInterface() binary = ida_interface.getBinary() base_addr = ida_interface.getBaseAddr() DISASSEMBLER = Disassembler(backend=BACKEND) REPORT = DISASSEMBLER.disassembleBuffer(binary, base_addr) output_path = ida_interface.getIdbDir() output_filepath = output_path + "ConvertedFromIdb.smda" with open(output_filepath, "w") as fout: json.dump(REPORT.toDict(), fout, indent=1, sort_keys=True) print("Output saved to: %s" % output_filepath) else: raise Exception("No supported backend found.")
SMDA_REPORT = None INPUT_FILENAME = "" if os.path.isfile(ARGS.input_path): # optionally create and set up a config, e.g. when using ApiScout profiles for WinAPI import usage discovery config = SmdaConfig() config.API_COLLECTION_FILES = { "win_7": os.sep.join([ config.PROJECT_ROOT, "data", "apiscout_win7_prof-n_sp1.json" ]) } DISASSEMBLER = Disassembler(config) print("now analyzing {}".format(ARGS.input_path)) INPUT_FILENAME = os.path.basename(ARGS.input_path) if ARGS.parse_header: SMDA_REPORT = DISASSEMBLER.disassembleFile( ARGS.input_path, pdb_path=ARGS.pdb_path) else: BUFFER = readFileContent(ARGS.input_path) BASE_ADDR = parseBaseAddrFromArgs(ARGS) SMDA_REPORT = DISASSEMBLER.disassembleBuffer(BUFFER, BASE_ADDR) SMDA_REPORT.filename = os.path.basename(ARGS.input_path) print(SMDA_REPORT) if SMDA_REPORT and os.path.isdir(ARGS.output_path): with open(ARGS.output_path + os.sep + INPUT_FILENAME + ".smda", "w") as fout: json.dump(SMDA_REPORT.toDict(), fout, indent=1, sort_keys=True) else: PARSER.print_help()
from smda.Disassembler import Disassembler LOGGER = logging.getLogger(__name__) def detectBackend(): backend = "" version = "" try: import idaapi import idc import idautils backend = "IDA" version = idaapi.IDA_SDK_VERSION except: pass return (backend, version) if __name__ == "__main__": BACKEND, VERSION = detectBackend() if BACKEND == "IDA": DISASSEMBLER = Disassembler(config, backend=BACKEND) REPORT = DISASSEMBLER.disassembleBuffer(None, None) output_path = idc.get_idb_path() with open(output_path + ".smda", "wb") as fout: json.dump(REPORT, fout, indent=1, sort_keys=True) LOGGER.info("Output saved to: %s.smda", output_path) else: raise Exception("No supported backend found.")