def graphStructureGroups(context, chains, originAddr=None): # TODO change generic fn chains.sort() decoder = dsa.FieldReverser(context.memory_handler) graph = networkx.DiGraph() for chain in chains: log.debug('\t[-] chain len:%d' % len(chain)) if originAddr is not None: if originAddr not in chain: continue # ignore chain if originAddr is not in it for addr in map(long, chain): record = context.get_record_for_address(addr) ## record.decodeFields() # can be long decoder.analyze_fields(record) print context.get_record_for_address(addr).to_string() targets = set() _record = context.get_record_for_address(addr) pointer_fields = [ f for f in _record.get_fields() if f.is_pointer() ] for f in pointer_fields: addr_child = f.get_value_for_field(_record) child = context.get_record_at_address(addr) targets.add(('%x' % addr, '%x' % child.address)) graph.add_edges_from(targets) print '#', '-' * 78 networkx.readwrite.gexf.write_gexf( graph, config.get_cache_filename(config.CACHE_GRAPH, context.dumpname))
def graphStructureGroups(context, chains, originAddr=None): # TODO change generic fn chains.sort() decoder = dsa.FieldReverser(context.memory_handler) graph = networkx.DiGraph() for chain in chains: log.debug('\t[-] chain len:%d' % len(chain)) if originAddr is not None: if originAddr not in chain: continue # ignore chain if originAddr is not in it for addr in map(long, chain): record = context.get_record_for_address(addr) ## record.decodeFields() # can be long decoder.analyze_fields(record) print context.get_record_for_address(addr).to_string() targets = set() _record = context.get_record_for_address(addr) pointer_fields = [f for f in _record.get_fields() if f.is_pointer()] for f in pointer_fields: addr_child = f.get_value_for_field(_record) child = context.get_record_at_address(addr) targets.add(('%x' % addr, '%x' % child.address)) graph.add_edges_from(targets) print '#', '-' * 78 networkx.readwrite.gexf.write_gexf( graph, config.get_cache_filename( config.CACHE_GRAPH, context.dumpname))
def printStructureGroups(context, chains, originAddr=None): chains.sort() decoder = dsa.FieldReverser(context.memory_handler) for chain in chains: log.debug('\t[-] chain len:%d' % len(chain)) if originAddr is not None: if originAddr not in chain: continue # ignore chain if originAddr is not in it for addr in map(long, chain): record = context.get_record_for_address(addr) ##record.decodeFields() # can be long decoder.analyze_fields(record) print context.get_record_for_address(addr).to_string() print '#', '-' * 78
def fixType(context, chains): ''' Fix the name of each structure to a generic word/type name ''' for chain in chains: name = getname() log.debug('\t[-] fix type of chain size:%d with name name:%s' % (len(chain), name)) for addr in chain: # chain is a numpy addr = int(addr) # FIXME instance = context.get_record_for_address(addr) # ctypes_type = fixInstanceType(context, instance, name) return
def fixType(context, chains): ''' Fix the name of each structure to a generic word/type name ''' for chain in chains: name = getname() log.debug( '\t[-] fix type of chain size:%d with name name:%s' % (len(chain), name)) for addr in chain: # chain is a numpy addr = int(addr) # FIXME instance = context.get_record_for_address(addr) # ctypes_type = fixInstanceType(context, instance, name) return