예제 #1
0
def ida_main():
    import idc

    import capa.features.extractors.ida.extractor

    function = idc.get_func_attr(idc.here(), idc.FUNCATTR_START)
    print("getting features for current function 0x%X" % function)

    extractor = capa.features.extractors.ida.extractor.IdaFeatureExtractor()

    if not function:
        for feature, va in extractor.extract_file_features():
            if va:
                print("file: 0x%08x: %s" % (va, feature))
            else:
                print("file: 0x00000000: %s" % (feature))
        return

    functions = extractor.get_functions()

    if function:
        functions = tuple(filter(lambda f: f.start_ea == function, functions))

        if len(functions) == 0:
            print("0x%X not a function" % function)
            return -1

    print_features(functions, extractor)

    return 0
예제 #2
0
파일: form.py 프로젝트: gunjin1/capa
def find_file_features(extractor):
    """ """
    file_features = collections.defaultdict(set)
    for (feature, ea) in extractor.extract_file_features():
        if ea:
            file_features[feature].add(ea)
        else:
            if feature not in file_features:
                file_features[feature] = set()
    return file_features