from binaryninja.plugin import PluginCommand from binaryninja.log import log_error def write_breakpoint(view, start, length): """Sample function to show registering a plugin menu item for a range of bytes. Also possible: register register_for_address register_for_function """ bkpt_str = { "x86": "int3", "x86_64": "int3", "armv7": "bkpt", "aarch64": "brk #0", "mips32": "break"} if view.arch.name not in bkpt_str: log_error("Architecture %s not supported" % view.arch.name) return bkpt, err = view.arch.assemble(bkpt_str[view.arch.name]) if bkpt is None: log_error(err) return view.write(start, bkpt * length // len(bkpt)) PluginCommand.register_for_range("Convert to breakpoint", "Fill region with breakpoint instructions.", write_breakpoint)
# tell Binary Ninja we're a plugin from binaryninja.plugin import PluginCommand from . import thunk def on_select(bv, start, length): shellcode = bv.read(start, length) thunk.doit(shellcode) PluginCommand.register_for_range('call shellcode', 'call selected code (dangerous!)', on_select)
print "[linsweep] User Defined Search Start" fs = len(bv.functions) self.find_functions(bv, tgt, bv.start, bv.end, "-U") print "[linsweep] User: Found %d New Functions" % (len(bv.functions) - fs) interaction.show_message_box('Linear Sweep', "Created %d new functions" % (len(bv.functions) - fs), buttons=MessageBoxButtonSet.OKButtonSet) PluginCommand.register("Simple Linear Sweep - Cautious", "Search for existing prologues in text section", lambda bv: Searcher(CAUTIOUS, bv, None, None).start()) PluginCommand.register("Simple Linear Sweep - Aggressive", "Search for function prologues from bv.start", lambda bv: Searcher(AGGRESSIVE, bv, None, None).start()) PluginCommand.register("Simple Linear Sweep - Exhaustive", "Search for function prologues from bv.start", lambda bv: Searcher(EXHAUSTIVE, bv, None, None).start()) PluginCommand.register_for_range( "Simple Linear Sweep - User", "Search for selected data as a prologue", lambda bv, addr, size: Searcher(USER, bv, addr, size).start()) if "bv" in locals(): # noinspection PyUnresolvedReferences print "Detected execfile from console " + str(bv) print "Starting aggressive search" # noinspection PyUnresolvedReferences Searcher(EXHAUSTIVE, bv, None, None).start()