def add_random_item(self):
R = random.random
s = ida_segment.getnseg(int(ida_segment.get_segm_qty() * R()))
ea = s.start_ea + int((s.end_ea - s.start_ea) * R())
radius = 4 + int(R() * 8)
color = QtGui.QColor(int(255 * R()), int(255 * R()), int(255 * R()))
self.add_item(ea, radius, color)
def get_code_segs():
codesegs = []
for n in range(ida_segment.get_segm_qty()):
seg = ida_segment.getnseg(n)
if seg.type == ida_segment.SEG_CODE:
codesegs.append(seg)
return codesegs
def map_segments(self):
"""Sets segment pages for delayed retrieval"""
for n in range(ida_segment.get_segm_qty()):
seg = ida_segment.getnseg(n)
if seg:
for page_index in range(seg.start_ea >> 12,
((seg.end_ea - 1) >> 12) + 1):
self[page_index] = None
def get_base(self, ea):
base = ida_idaapi.BADADDR
qty = ida_segment.get_segm_qty()
for i in xrange(qty):
seg = ida_segment.getnseg(i)
if seg and seg.contains(ea):
base = seg.startEA
break
return base
def Segments():
"""
Get list of segments (sections) in the binary image
@return: List of segment start addresses.
"""
for n in xrange(ida_segment.get_segm_qty()):
seg = ida_segment.getnseg(n)
if seg:
yield seg.start_ea
def __get_segments_map(self):
segments = dict()
for n in xrange(ida_segment.get_segm_qty()):
seg = ida_segment.getnseg(n)
if seg.sel not in segments:
segments[seg.sel] = seg.start_ea
elif seg.start_ea < segments[seg.sel]:
segments[seg.sel] = seg.start_ea
return segments
def update_protocols():
for n in range(get_segm_qty()):
seg = getnseg(n)
if seg.type == SEG_CODE or get_segm_name(seg.start_ea) == ".code":
seg_beg = seg.start_ea
seg_end = seg.end_ea
for function in map(lambda x: Function(x),
Functions(seg_beg, seg_end)):
_process_function(function)
return protocols
def processSegments():
segments = list()
for n in xrange(ida_segment.get_segm_qty()):
seg = ida_segment.getnseg(n)
if seg:
segm = {
'name': ida_segment.get_segm_name(seg),
'start_ea': seg.start_ea,
'class': ida_segment.get_segm_class(seg)
}
segments.append(segm)
return segments
def __process_segments(self):
segments = list()
for n in xrange(ida_segment.get_segm_qty()):
seg = ida_segment.getnseg(n)
if seg:
segm = {
'name' : ida_segment.get_segm_name(seg),
'start_rva' : seg.start_ea - self._base,
'class' : ida_segment.get_segm_class(seg),
'selector' : seg.sel
}
segments.append(segm)
return segments
def dump_binary(path):
sections = []
current_offset = 0
with open(path, 'wb+') as f:
# over all segments
for n in range(ida_segment.get_segm_qty()):
seg = ida_segment.getnseg(n)
start_ea = seg.start_ea
end_ea = seg.end_ea
size = end_ea - start_ea
dump_log.debug("Dumping 0x%x bytes from 0x%x", size, start_ea)
f.write(ida_bytes.get_bytes(start_ea, size))
sections.append((ida_segment.get_segm_name(seg), start_ea, size,
current_offset, size))
current_offset += size
dump_log.debug(repr(sections))
return sections
def __process_segments(self):
segments = list()
for n in range(0, ida_segment.get_segm_qty()):
seg = ida_segment.getnseg(n)
if seg:
segm = {
'align' : self.__describe_alignment(seg.align),
'bitness' : self.__describe_bitness(seg.bitness),
'name' : ida_segment.get_segm_name(seg),
'rva_start' : seg.start_ea - self._base,
'rva_end' : seg.end_ea - self._base,
'permission': self.__describe_permission(seg.perm),
'selector' : seg.sel,
'type' : ida_segment.get_segm_class(seg),
}
segments.append(segm)
return segments
def define_missed_functions():
def match(F):
return ida_bytes.is_code(F) and not ida_bytes.is_flow(F)
for n in range(ida_segment.get_segm_qty()):
seg = ida_segment.getnseg(n)
if seg.type != ida_segment.SEG_CODE:
continue
print("[*] Browsing segment from %#x for %#x" %
(seg.start_ea, seg.end_ea))
ea = seg.start_ea
while ea < seg.end_ea:
ea = ida_bytes.next_that(ea, seg.end_ea, match)
if ea == ida_idaapi.BADADDR:
break
if ida_funcs.get_func(ea):
continue
s = "[*] Trying to define function at %#x... " % ea
if not ida_funcs.add_func(ea):
print(s + " Failed!")
else:
print(s + " Success!")
def find_first_moduledata_addr_by_brute():
magic_num = pclntbl.Pclntbl.MAGIC
first_moduledata_addr = idc.BADADDR
segn = ida_segment.get_segm_qty()
for idx in range(segn):
curr_seg = ida_segment.getnseg(idx)
curr_addr = curr_seg.start_ea
while curr_addr <= curr_seg.end_ea:
if idc.Dword(
read_mem(curr_addr, read_only=True)
) & 0xFFFFFFFF == magic_num: # possible firstmoduledata
if test_firstmoduledata(curr_addr):
break
curr_addr += ADDR_SZ
if curr_addr >= curr_seg.end_ea:
continue
first_moduledata_addr = curr_addr
break
return first_moduledata_addr
def _map_segments(self):
"""Maps segments into memory."""
for n in range(ida_segment.get_segm_qty()):
seg = ida_segment.getnseg(n)
seg_bytes = utils.get_segment_bytes(seg.start_ea)
self.write(seg.start_ea, seg_bytes)
