def dump_memory(self, file_path=None, ptr=0, length=0): if ptr == 0: ptr, inp = InputDialog.input_pointer(self._app_window) if ptr > 0: if length == 0: accept, length = InputDialog.input( self._app_window, hint='insert length', placeholder='1024') if not accept: return try: if length.startswith('0x'): length = int(length, 16) else: length = int(length) except: return if file_path is None: r = QFileDialog.getSaveFileName(self._app_window, caption='Save binary dump to file') if len(r) == 0 or len(r[0]) == 0: return file_path = r[0] data = self.read_memory(ptr, length) if data is not None: with open(file_path, 'wb') as f: f.write(data)
def handler_find_symbol(self): accept, input = InputDialog().input(self.app_window, 'find symbol by pattern', placeholder='*_open*') if accept: SearchPanel.debug_symbol_search_panel( self.app_window.get_app_instance(), input)
def _on_cm_search(self): from ui.dialog_input import InputDialog accept, input = InputDialog.input(self, hint='Search something in this list', placeholder='search...', input_content=self._current_search) if accept: self._current_search = input have_result, search_results = self.contains_text( input, stop_at_match=False) if not have_result: return #rows = {} #for x in search_results: # rows[str(x[0])] = x for row in range(self.model().rowCount()): item = self.model().item(row, 0) hide = True for sr in search_results: if sr[0] == row: hide = False break self.setRowHidden(row, self.model().invisibleRootItem().index(), hide)
def hook_on_load(self): input = InputDialog.input(hint='insert module name') if input[0]: module = input[1] if not module.endswith('.so'): module += '.so' self.insertRow(self.rowCount()) h = Hook() h.set_ptr(0) h.set_input(module) h.set_widget_row(self.rowCount() - 1) self.onloads[module] = h q = HookWidget(h.get_input()) q.set_hook_data(h) q.setForeground(Qt.darkGreen) self.setItem(self.rowCount() - 1, 0, q) q = NotEditableTableWidgetItem(hex(0)) q.setForeground(Qt.gray) self.setItem(self.rowCount() - 1, 1, q) q = NotEditableTableWidgetItem('-') q.setForeground(Qt.gray) self.setItem(self.rowCount() - 1, 2, q) self.app.get_script().exports.onload(module)
def add_hook(self): input = InputDialog.input(hint='insert pointer') if input[0]: ptr = int(self.app.get_script().exports.getpt(input[1]), 16) if ptr > 0: hook = self.app.get_script().exports.hook(ptr) if hook: self.insertRow(self.rowCount()) h = Hook() h.set_ptr(ptr) h.set_input(input[1]) h.set_widget_row(self.rowCount() - 1) self.hooks[ptr] = h q = HookWidget(h.get_input()) q.set_hook_data(h) q.setForeground(Qt.gray) self.setItem(self.rowCount() - 1, 0, q) q = NotEditableTableWidgetItem(hex(ptr)) q.setForeground(Qt.red) self.setItem(self.rowCount() - 1, 1, q) q = NotEditableTableWidgetItem('0') self.setItem(self.rowCount() - 1, 2, q) self.resizeColumnsToContents()
def hook_onload(self, input=None): if input is None or not isinstance(input, str): input = InputDialog.input(hint='insert module name') if not input[0]: return input = input[1] if not input.endswith('.so'): input += '.so' if input in self.onloads: return self.insertRow(self.rowCount()) h = Hook() h.set_ptr(0) h.set_input(input) self.onloads[input] = h q = HookWidget(h.get_input()) q.set_hook_data(h) q.setForeground(Qt.darkGreen) self.setItem(self.rowCount() - 1, 0, q) q = NotEditableTableWidgetItem(hex(0)) q.setForeground(Qt.gray) self.setItem(self.rowCount() - 1, 1, q) q = NotEditableTableWidgetItem('-') q.setForeground(Qt.gray) self.setItem(self.rowCount() - 1, 2, q) self.app.get_script().exports.onload(input) self.resizeRowToContents(0) self.resizeRowToContents(1)
def hook_onload(self, input=None): if input is None or not isinstance(input, str): accept, input = InputDialog.input(self.app, hint='insert module name', placeholder='libtarget.so') if not accept: return if len(input) == 0: return if not input.endswith('.so'): input += '.so' if input in self.app.get_dwarf().on_loads: return self.dwarf_api('hookOnLoad', input) h = Hook(Hook.HOOK_ONLOAD) h.set_ptr(0) h.set_input(input) self.on_loads[input] = h if self.app.session_ui is not None and self.app.get_hooks_panel( ) is not None: self.app.get_hooks_panel().hook_onload_callback(h)
def handler_kernel_lookup_symbol(self): accept, input = InputDialog().input( self.app_window, 'lookup kernel symbol by exact name', placeholder='SyS_open') if accept and len(input) > 0: self.app_window.get_dwarf().get_kernel().lookup_symbol(input)
def handler_find_bytes(self): accept, input = InputDialog().input(self.app_window, 'find bytes', placeholder='ff b3 ac 9d 0f ...') if accept: self.action_find_bytes.setEnabled(False) SearchPanel.bytes_search_panel(self.app_window.get_app_instance(), input)
def hook_java(self, input=None, pending_args=None): if input is None or not isinstance(input, str): input = InputDialog.input(hint='com.package.class.[method or \'$new\']') if not input[1]: return input = input[1] self.java_pending_args = pending_args self.app.get_script().exports.jmh(input)
def set_condition(self): if len(self.selectedItems()) < 1: return item = self.item(self.selectedItems()[0].row(), 0) inp = InputDialog().input('insert condition', input_content=item.get_hook_data().get_condition()) if inp[0]: if self.app.get_script().exports.hookcond(item.get_hook_data().get_ptr(), inp[1]): item.get_hook_data().set_condition(inp[1])
def hook_java(self, input=None, pending_args=None): if input is None or not isinstance(input, str): input = InputDialog.input( hint='com.package.class or com.package.class.method') if not input[1]: return input = input[1] self.java_pending_args = pending_args self.app.dwarf_api('hookJava', input)
def hook_native(self, input=None, pending_args=None): if input is None or not isinstance(input, str): ptr, input = InputDialog.input_pointer(self.app) else: ptr = int(self.app.dwarf_api('evaluatePtr', input), 16) if ptr > 0: self.temporary_input = input self.native_pending_args = pending_args self.app.dwarf_api('hookNative', ptr)
def handle_start(self): ph = '' if self.until_address > 0: ph = hex(self.until_address) address, inp = InputDialog.input_pointer( self.app, input_content=ph, hint='pointer to last instruction') if address > 0: self.until_address = address self.emulator.emulate(self.until_address)
def _create_bookmark(self, index=-1, ptr=''): note = '' if ptr == '': if isinstance(index, int) and index >= 0: ptr = self._bookmarks_model.item(index, 0).text() note = self._bookmarks_model.item(index, 1).text() ptr, _ = InputDialog.input_pointer(parent=self._app_window, input_content=ptr) else: if not isinstance(ptr, int): try: if ptr.startswith('0x'): ptr = int(ptr, 16) else: ptr = int(ptr) except ValueError: ptr = 0 if ptr > 0: ptr = hex(ptr) if self._bookmarks_list.uppercase_hex: ptr = ptr.upper().replace('0X', '0x') index = self._bookmarks_model.findItems(ptr, Qt.MatchExactly) if len(index) > 0: index = index[0].row() note = self._bookmarks_model.item(index, 1).text() else: index = -1 accept, note = InputDialog.input(hint='Insert notes for %s' % ptr, input_content=note) if accept: if index < 0: self.insert_bookmark(ptr, note) else: item = self._bookmarks_model.item(index, 0) item.setText(ptr) item = self._bookmarks_model.item(index, 1) item.setText(note) self.bookmarks[ptr] = note
def hook_java(self, input=None, pending_args=None): if input is None or not isinstance(input, str): input = InputDialog.input( self.app, hint='insert java class or methos', placeholder='com.package.class or com.package.class.method') if not input[1]: return input = input[1] self.app.get_dwarf().hook_java(input, pending_args)
def hook_java(self, input_=None, pending_args=None): if input_ is None or not isinstance(input_, str): accept, input_ = InputDialog.input( self._app_window, hint='insert java class or method', placeholder='com.package.class or com.package.class.method') if not accept: return self.java_pending_args = pending_args input_ = input_.replace(' ', '') self.dwarf_api('hookJava', input_)
def set_condition(self, item): item = self.item(item.row(), 0) accept, input = InputDialog().input( self.app, 'insert condition', input_content=item.get_hook_data().get_condition()) if accept: what = item.get_hook_data().get_ptr() if what == 0: what = item.get_hook_data().get_input() if self.app.dwarf_api('setHookCondition', [what, input]): item.get_hook_data().set_condition(input)
def set_condition(self, item): inp = InputDialog().input( 'insert condition', input_content=item.get_hook_data().get_condition()) if inp[0]: what = item.get_hook_data().get_ptr() if what == 0: what = item.get_hook_data().get_input() if self.app.dwarf_api('setHookCondition', [what, inp[1]]): item.get_hook_data().set_condition(inp[1])
def hook_java(self, input=None, pending_args=None): if input is None or not isinstance(input, str): accept, input = InputDialog.input( self.app, hint='insert java class or methos', placeholder='com.package.class or com.package.class.method') if not accept: return self.java_pending_args = pending_args self.app.dwarf_api('hookJava', input)
def handle_start(self): ph = '' if self.until_address > 0: ph = hex(self.until_address) address, inp = InputDialog.input_pointer(self.app, input_content=ph, hint='pointer to last instruction') if address > 0: self.until_address = address self.app.console_panel.show_console_tab('emulator') self.emulator.emulate(self.until_address, user_arch=self._uc_user_arch, user_mode=self._uc_user_mode, cs_arch=self._cs_user_arch, cs_mode=self._cs_user_mode)
def hook_native(self, input_=None, pending_args=None, own_input=None): if input_ is None or not isinstance(input_, str): ptr, input_ = InputDialog.input_pointer(self._app_window) else: ptr = utils.parse_ptr(self._app_window.dwarf.dwarf_api('evaluatePtr', input_)) if ptr > 0: self.temporary_input = input_ if own_input is not None: self.temporary_input = own_input self.native_pending_args = pending_args self.dwarf_api('hookNative', ptr)
def hook_native(self, input=None, pending_args=None): if input is None or not isinstance(input, str): input = InputDialog.input(hint='insert pointer') if not input[0]: return input = input[1] ptr = int(self.app.get_script().exports.getpt(input), 16) if ptr > 0: self.temporary_input = input self.native_pending_args = pending_args self.app.get_script().exports.hook(ptr)
def hook_native_on_load(self, input_=None): if input_ is None or not isinstance(input_, str): accept, input_ = InputDialog.input(self._app_window, hint='insert module name', placeholder='libtarget.so') if not accept: return if len(input_) == 0: return if input_ in self._app_window.dwarf.native_on_loads: return self.dwarf_api('hookNativeOnLoad', input_)
def trigger_write_string(self): item = self.selectedItems()[0] if item.column() == 0: item = self.item(item.row(), 1) if isinstance(item, ByteWidget): ptr = item.get_ptr() content = InputDialog.input(hint='write utf8 string @%s' % hex(ptr)) if content[0]: if self.app.get_script().exports.writeutf8(ptr, content[1]): self.read_memory(ptr, self.data['len'], self.data['sub'])
def _create_bookmark(self, index=-1, ptr=''): note = '' if ptr == '': if isinstance(index, int) and index >= 0: ptr = self._bookmarks_model.item(index, 0).text() note = self._bookmarks_model.item(index, 1).text() ptr, input_ = InputDialog.input_pointer(parent=self._app_window, input_content=ptr) else: try: ptr = int(ptr, 16) except: ptr = 0 if ptr > 0: index = self._bookmarks_model.findItems(hex(ptr), Qt.MatchExactly) if len(index) > 0: index = index[0].row() note = self._bookmarks_model.item(index, 1).text() else: index = -1 accept, note = InputDialog.input(hint='Insert notes for %s' % hex(ptr), input_content=note) if accept: if index < 0: self._bookmarks_model.appendRow( [QStandardItem(hex(ptr)), QStandardItem(note)]) else: item = self._bookmarks_model.item(index, 0) item.setText(hex(ptr)) item = self._bookmarks_model.item(index, 1) item.setText(note) self.bookmarks[hex(ptr)] = note
def handle_start(self): ph = '' if self.until_address > 0: ph = hex(self.until_address) address, inp = InputDialog.input_pointer( self.app, input_content=ph, hint='pointer to last instruction') if address > 0: self.until_address = address err = self.emulator.start(self.until_address) if err > 0: self.until_address = 0 self.console.log('cannot start emulator. err: %d' % err) return
def trigger_write_string(self): item = self.selectedItems()[0] if item.column() == 0: item = self.item(item.row(), 1) if isinstance(item, ByteWidget): ptr = item.get_ptr() accept, content = InputDialog.input(hint='write utf8 string @%s' % hex(ptr)) if accept: if self.app.dwarf_api('writeUtf8', [ptr, content]): self.range.invalidate() self.read_memory(ptr)
def hook_java_on_load(self, input_=None): if input_ is None or not isinstance(input_, str): accept, input_ = InputDialog.input( self._app_window, hint='insert class name', placeholder='com.android.mytargetclass') if not accept: return if len(input_) == 0: return if input_ in self._app_window.dwarf.native_on_loads: return self.dwarf_api('hookJavaOnLoad', input_)
def handler_find_bytes(self): # invalidate modules list filter self._bytes_find_modules_list = None accept, input = InputDialog().input(self.app_window, 'find bytes', placeholder='ff b3 ac 9d 0f ...', options_callback=self.handler_find_bytes_options) if accept: self.action_find_bytes.setEnabled(False) SearchPanel.bytes_search_panel(self.app_window.get_app_instance(), input, self._bytes_find_modules_list) # invalidate it once again self._bytes_find_modules_list = None