def _markImmCompares(self):
"""
Marks the immediate compares within the current function
"""
self.output_window.append("Marking all immediate compares...")
self.table_label.setText("Immediate compares within current function")
INS_COLOR = 0x2020c0
self.table.setColumnCount(2)
self.table.setHorizontalHeaderLabels(("Address", "Disassembly"))
self.table.clearContents()
self.table.setRowCount(0)
idx = 0
for cmp_ea, dis in self.ba.find_imm_compares():
self.table.insertRow(idx)
addr_item = QTableWidgetItem("%x" % cmp_ea)
addr_item.setFlags(addr_item.flags() ^ QtCore.Qt.ItemIsEditable)
dis_item = cw.NumQTableWidgetItem("%s" % dis)
self.table.setItem(idx, 0, addr_item)
self.table.setItem(idx, 1, dis_item)
misc.set_ins_color(cmp_ea, INS_COLOR)
idx += 1
def _showMostReferenced(self):
"""
Shows the most referenced functions.
"""
self._console_output("Calculating most referenced functions...")
self.table_label.setText("Most referenced functions")
most_referenced = self.ba.most_referenced_functions()
self.table.setColumnCount(3)
self.table.setHorizontalHeaderLabels(("Address", "References", "Name"))
self.table.clearContents()
self.table.setRowCount(0)
idx = 0
# Fill with contents
for f_ea, (ref_nr, ref_name) in most_referenced:
self.table.insertRow(idx)
addr_item = QTableWidgetItem("%x" % f_ea)
addr_item.setFlags(addr_item.flags() ^ QtCore.Qt.ItemIsEditable)
ref_item = cw.NumQTableWidgetItem("%d" % ref_nr)
name_item = QTableWidgetItem(ref_name)
self.table.setItem(idx, 0, addr_item)
self.table.setItem(idx, 1, ref_item)
self.table.setItem(idx, 2, name_item)
idx += 1
def _showStringXrefs(self):
"""
Displays string references in a table
Optionally Shannon's misc.entropy as well
"""
# Retrieve some config values
show_misc_entropy = self.config.calculate_entropy
show_unique_s = self.config.display_unique_strings
self._console_output("Calculating string references...")
self.ba.calculate_strings_list()
s_ref_list = self.ba.get_string_references()
# Found any references at all?
nrows = len(s_ref_list)
if not nrows:
self._console_output("[!] No string references found", err=True)
return
if show_misc_entropy:
self.table.setColumnCount(3)
self.table.setHorizontalHeaderLabels(
("Address", "String", "Entropy"))
else:
self.table.setColumnCount(2)
self.table.setHorizontalHeaderLabels(("Address", "String"))
self.table_label.setText("String references in current function")
self.table.clearContents()
self.table.setRowCount(0)
# Fill the table
displayed_strings = []
idx = 0
for (addr, s) in s_ref_list:
if show_unique_s and s in displayed_strings:
continue
displayed_strings.append(s)
self.table.insertRow(idx)
addr_item = QTableWidgetItem("%08x" % addr)
addr_item.setFlags(addr_item.flags() ^ QtCore.Qt.ItemIsEditable)
string_item = QTableWidgetItem(s.decode('utf-8'))
string_item.setFlags(string_item.flags()
^ QtCore.Qt.ItemIsEditable)
self.table.setItem(idx, 0, addr_item)
self.table.setItem(idx, 1, string_item)
if show_misc_entropy:
misc_entropy_item = cw.NumQTableWidgetItem("%.4f" %
misc.entropy(s))
self.table.setItem(idx, 2, misc_entropy_item)
idx += 1
def _showConnectedBBs(self):
"""
Shows a list of paths between selected basic blocks
"""
self._console_output("Calculating paths between basic blocks...")
bb_paths = self.ba.get_bb_connect_graph(self.config.connect_bb_cutoff)
if not bb_paths:
self._console_output("[!] Could not find paths between \
basic blocks",
err=True)
return
self.table.setColumnCount(2)
self.table.setHorizontalHeaderLabels(("Path ID", "Length"))
# Override the default double click callback
self.table.cellDoubleClicked.connect(self._bbTableDoubleClicked)
self.table_label.setText("Paths between Basic Blocks")
self.table.clearContents()
self.table.setRowCount(0)
bb_paths_l = list(bb_paths) # To reference by index :)
if len(bb_paths_l) == 0:
self._console_output("[!] Could not find paths. \
Try increasing cutoff under Options",
err=True)
return
for idx, path in enumerate(bb_paths_l):
self.table.insertRow(idx)
path_item = QTableWidgetItem("%d" % idx)
path_item.setFlags(path_item.flags() ^ QtCore.Qt.ItemIsEditable)
len_item = cw.NumQTableWidgetItem("%d" % len(path))
len_item.setFlags(len_item.flags() ^ QtCore.Qt.ItemIsEditable)
self.table.setItem(idx, 0, path_item)
self.table.setItem(idx, 1, len_item)
# Cache this
self.ba.cache.bb_paths = bb_paths_l