def dump_memory(self, file_path=None, ptr=0, length=0): if ptr == 0: ptr = InputDialog.input_pointer(self.app) if ptr > 0: if length == 0: accept, length = InputDialog.input(self.app, hint='insert length', placeholder='1024') if not accept: return try: if length.startswith('0x'): length = int(length, 16) else: length = int(length) except: return if file_path is None: r = QFileDialog.getSaveFileName( self.app, caption='Save binary dump to file') if len(r) == 0 or len(r[0]) == 0: return file_path = r[0] data = self.read_memory(ptr, length) with open(file_path, 'wb') as f: f.write(data)
def hook_onload(self, input=None): if input is None or not isinstance(input, str): accept, input = InputDialog.input(self.app, hint='insert module name', placeholder='libtarget.so') if not accept: return if len(input) == 0: return if not input.endswith('.so'): input += '.so' if input in self.app.get_dwarf().on_loads: return self.dwarf_api('hookOnLoad', input) h = Hook(Hook.HOOK_ONLOAD) h.set_ptr(0) h.set_input(input) self.on_loads[input] = h if self.app.session_ui is not None and self.app.get_hooks_panel( ) is not None: self.app.get_hooks_panel().hook_onload_callback(h)
def hook_on_load(self): input = InputDialog.input(hint='insert module name') if input[0]: module = input[1] if not module.endswith('.so'): module += '.so' self.insertRow(self.rowCount()) h = Hook() h.set_ptr(0) h.set_input(module) h.set_widget_row(self.rowCount() - 1) self.onloads[module] = h q = HookWidget(h.get_input()) q.set_hook_data(h) q.setForeground(Qt.darkGreen) self.setItem(self.rowCount() - 1, 0, q) q = NotEditableTableWidgetItem(hex(0)) q.setForeground(Qt.gray) self.setItem(self.rowCount() - 1, 1, q) q = NotEditableTableWidgetItem('-') q.setForeground(Qt.gray) self.setItem(self.rowCount() - 1, 2, q) self.app.get_script().exports.onload(module)
def _on_cm_search(self): from ui.dialog_input import InputDialog accept, input = InputDialog.input(self, hint='Search something in this list', placeholder='search...', input_content=self._current_search) if accept: self._current_search = input have_result, search_results = self.contains_text( input, stop_at_match=False) if not have_result: return #rows = {} #for x in search_results: # rows[str(x[0])] = x for row in range(self.model().rowCount()): item = self.model().item(row, 0) hide = True for sr in search_results: if sr[0] == row: hide = False break self.setRowHidden(row, self.model().invisibleRootItem().index(), hide)
def add_hook(self): input = InputDialog.input(hint='insert pointer') if input[0]: ptr = int(self.app.get_script().exports.getpt(input[1]), 16) if ptr > 0: hook = self.app.get_script().exports.hook(ptr) if hook: self.insertRow(self.rowCount()) h = Hook() h.set_ptr(ptr) h.set_input(input[1]) h.set_widget_row(self.rowCount() - 1) self.hooks[ptr] = h q = HookWidget(h.get_input()) q.set_hook_data(h) q.setForeground(Qt.gray) self.setItem(self.rowCount() - 1, 0, q) q = NotEditableTableWidgetItem(hex(ptr)) q.setForeground(Qt.red) self.setItem(self.rowCount() - 1, 1, q) q = NotEditableTableWidgetItem('0') self.setItem(self.rowCount() - 1, 2, q) self.resizeColumnsToContents()
def hook_onload(self, input=None): if input is None or not isinstance(input, str): input = InputDialog.input(hint='insert module name') if not input[0]: return input = input[1] if not input.endswith('.so'): input += '.so' if input in self.onloads: return self.insertRow(self.rowCount()) h = Hook() h.set_ptr(0) h.set_input(input) self.onloads[input] = h q = HookWidget(h.get_input()) q.set_hook_data(h) q.setForeground(Qt.darkGreen) self.setItem(self.rowCount() - 1, 0, q) q = NotEditableTableWidgetItem(hex(0)) q.setForeground(Qt.gray) self.setItem(self.rowCount() - 1, 1, q) q = NotEditableTableWidgetItem('-') q.setForeground(Qt.gray) self.setItem(self.rowCount() - 1, 2, q) self.app.get_script().exports.onload(input) self.resizeRowToContents(0) self.resizeRowToContents(1)
def hook_java(self, input=None, pending_args=None): if input is None or not isinstance(input, str): input = InputDialog.input(hint='com.package.class.[method or \'$new\']') if not input[1]: return input = input[1] self.java_pending_args = pending_args self.app.get_script().exports.jmh(input)
def hook_java(self, input=None, pending_args=None): if input is None or not isinstance(input, str): input = InputDialog.input( hint='com.package.class or com.package.class.method') if not input[1]: return input = input[1] self.java_pending_args = pending_args self.app.dwarf_api('hookJava', input)
def hook_java(self, input=None, pending_args=None): if input is None or not isinstance(input, str): input = InputDialog.input( self.app, hint='insert java class or methos', placeholder='com.package.class or com.package.class.method') if not input[1]: return input = input[1] self.app.get_dwarf().hook_java(input, pending_args)
def hook_java(self, input=None, pending_args=None): if input is None or not isinstance(input, str): accept, input = InputDialog.input( self.app, hint='insert java class or methos', placeholder='com.package.class or com.package.class.method') if not accept: return self.java_pending_args = pending_args self.app.dwarf_api('hookJava', input)
def hook_java(self, input_=None, pending_args=None): if input_ is None or not isinstance(input_, str): accept, input_ = InputDialog.input( self._app_window, hint='insert java class or method', placeholder='com.package.class or com.package.class.method') if not accept: return self.java_pending_args = pending_args input_ = input_.replace(' ', '') self.dwarf_api('hookJava', input_)
def trigger_write_string(self): item = self.selectedItems()[0] if item.column() == 0: item = self.item(item.row(), 1) if isinstance(item, ByteWidget): ptr = item.get_ptr() content = InputDialog.input(hint='write utf8 string @%s' % hex(ptr)) if content[0]: if self.app.get_script().exports.writeutf8(ptr, content[1]): self.read_memory(ptr, self.data['len'], self.data['sub'])
def hook_native_on_load(self, input_=None): if input_ is None or not isinstance(input_, str): accept, input_ = InputDialog.input(self._app_window, hint='insert module name', placeholder='libtarget.so') if not accept: return if len(input_) == 0: return if input_ in self._app_window.dwarf.native_on_loads: return self.dwarf_api('hookNativeOnLoad', input_)
def hook_native(self, input=None, pending_args=None): if input is None or not isinstance(input, str): input = InputDialog.input(hint='insert pointer') if not input[0]: return input = input[1] ptr = int(self.app.get_script().exports.getpt(input), 16) if ptr > 0: self.temporary_input = input self.native_pending_args = pending_args self.app.get_script().exports.hook(ptr)
def hook_java_on_load(self, input_=None): if input_ is None or not isinstance(input_, str): accept, input_ = InputDialog.input( self._app_window, hint='insert class name', placeholder='com.android.mytargetclass') if not accept: return if len(input_) == 0: return if input_ in self._app_window.dwarf.native_on_loads: return self.dwarf_api('hookJavaOnLoad', input_)
def trigger_write_string(self): item = self.selectedItems()[0] if item.column() == 0: item = self.item(item.row(), 1) if isinstance(item, ByteWidget): ptr = item.get_ptr() accept, content = InputDialog.input(hint='write utf8 string @%s' % hex(ptr)) if accept: if self.app.dwarf_api('writeUtf8', [ptr, content]): self.range.invalidate() self.read_memory(ptr)
def hook_native(self, input=None, pending_args=None): if input is None or not isinstance(input, str): accept, input = InputDialog.input(hint='insert pointer') if not accept: return ptr = 0 try: ptr = int(self.app.dwarf_api('evaluatePtr', input), 16) except: pass if ptr > 0: self.temporary_input = input self.native_pending_args = pending_args self.app.dwarf_api('hookNative', ptr)
def search(self): accept, input = InputDialog.input( self.app, hint='Search', input_content=self.current_class_search, placeholder='Search something...') if accept: self.current_class_search = input.lower() for i in range(0, self.class_list.count()): try: if self.class_list.item(i).text().lower().index( self.current_class_search.lower()) >= 0: self.class_list.setRowHidden(i, False) except: self.class_list.setRowHidden(i, True)
def hook_onload(self, input=None): if input is None or not isinstance(input, str): accept, input = InputDialog.input(self.app, hint='insert module name', placeholder='libtarget.so') if not accept: return if len(input) == 0: return if not input.endswith('.so'): input += '.so' if input in self.app.get_dwarf().on_loads: return self.dwarf_api('hookOnLoad', input)
def native_tracer_start(self, tid=0): if self.native_traced_tid > 0: return if tid == 0: accept, tid = InputDialog.input(self._app_window, hint='insert thread id to trace', placeholder=str(self.pid)) if not accept: return try: if tid.startswith('0x'): tid = int(tid, 16) else: tid = int(tid) except: return self.native_traced_tid = tid return self.dwarf_api('startNativeTracer', [tid, True])
def trigger_write_bytes(self): item = self.selectedItems()[0] if item.column() == 0: item = self.item(item.row(), 1) if isinstance(item, ByteWidget): ptr = item.get_ptr() if ptr + 16 > self.data['end']: if self.read_memory(ptr) == 0: return mem = self.app.get_script().exports.memread(ptr, 16) mem = binascii.hexlify(mem).decode('utf8') mem = ' '.join(re.findall('.{1,2}', mem)) content = InputDialog.input(hint='write bytes @%s' % hex(ptr), input_content=mem) if content[0]: if self.app.get_script().exports.writebytes( ptr, content[1].replace(' ', '')): self.read_memory(ptr, self.data['len'], self.data['sub'])
def _create_bookmark(self, index=-1, ptr=''): note = '' if ptr == '': if isinstance(index, int) and index >= 0: ptr = self._bookmarks_model.item(index, 0).text() note = self._bookmarks_model.item(index, 1).text() ptr, _ = InputDialog.input_pointer(parent=self._app_window, input_content=ptr) else: if not isinstance(ptr, int): try: if ptr.startswith('0x'): ptr = int(ptr, 16) else: ptr = int(ptr) except ValueError: ptr = 0 if ptr > 0: ptr = hex(ptr) if self._bookmarks_list.uppercase_hex: ptr = ptr.upper().replace('0X', '0x') index = self._bookmarks_model.findItems(ptr, Qt.MatchExactly) if len(index) > 0: index = index[0].row() note = self._bookmarks_model.item(index, 1).text() else: index = -1 accept, note = InputDialog.input(hint='Insert notes for %s' % ptr, input_content=note) if accept: if index < 0: self.insert_bookmark(ptr, note) else: item = self._bookmarks_model.item(index, 0) item.setText(ptr) item = self._bookmarks_model.item(index, 1) item.setText(note) self.bookmarks[ptr] = note
def trigger_write_bytes(self): item = self.selectedItems()[0] if item.column() == 0: item = self.item(item.row(), 1) if isinstance(item, ByteWidget): ptr = item.get_ptr() if ptr + 16 > self.data['end']: if self.read_memory(ptr) > 0: return mem = self.app.dwarf_api('readBytes', ptr, 16) mem = binascii.hexlify(mem).decode('utf8') mem = ' '.join(re.findall('.{1,2}', mem)) content = InputDialog.input(hint='write bytes @%s' % hex(ptr), input_content=mem) if content[0]: if self.app.dwarf_api('writeBytes', [ptr, content[1].replace(' ', '')]): self.range.invalidate() self.read_memory(ptr)
def search(self): accept, input = InputDialog.input(self.app, hint='Search', input_content=self.current_search, placeholder='Search something...') if accept: self.current_search = input.lower() for i in range(0, self.rowCount()): match = False for c in range(0, self.columnCount()): item = self.item(i, c) try: if str(item.text().lower()).index( self.current_search) >= 0: match = True break except: pass self.setRowHidden(i, not match)
def native_tracer_start(self, tid=0): if self.native_traced_tid > 0: return if tid == 0: accept, tid = InputDialog.input(self.app, hint='insert thread id to trace', placeholder=str(self.pid)) if not accept: return try: if tid.startswith('0x'): tid = int(tid, 16) else: tid = int(tid) except: return self.native_traced_tid = tid self.app.dwarf_api('startNativeTracer', [tid, True]) if self.app.get_trace_panel() is None: self.app.get_session_ui().add_dwarf_tab('trace', request_focus=True) self.app_window.get_menu().on_native_tracer_change(True)
def _create_bookmark(self, index=-1, ptr=''): note = '' if ptr == '': if isinstance(index, int) and index >= 0: ptr = self._bookmarks_model.item(index, 0).text() note = self._bookmarks_model.item(index, 1).text() ptr, input_ = InputDialog.input_pointer(parent=self._app_window, input_content=ptr) else: try: ptr = int(ptr, 16) except: ptr = 0 if ptr > 0: index = self._bookmarks_model.findItems(hex(ptr), Qt.MatchExactly) if len(index) > 0: index = index[0].row() note = self._bookmarks_model.item(index, 1).text() else: index = -1 accept, note = InputDialog.input(hint='Insert notes for %s' % hex(ptr), input_content=note) if accept: if index < 0: self._bookmarks_model.appendRow( [QStandardItem(hex(ptr)), QStandardItem(note)]) else: item = self._bookmarks_model.item(index, 0) item.setText(hex(ptr)) item = self._bookmarks_model.item(index, 1) item.setText(note) self.bookmarks[hex(ptr)] = note
def hook_onload(self, input=None): if input is None or not isinstance(input, str): input = InputDialog.input(hint='insert module name') if not input[0]: return input = input[1] if len(input) == 0: return if not input.endswith('.so'): input += '.so' if input in self.onloads: return self.insertRow(self.rowCount()) h = Hook(Hook.HOOK_ONLOAD) h.set_ptr(0) h.set_input(input) self.onloads[input] = h q = HookWidget(h.get_input()) q.set_hook_data(h) q.setFlags(Qt.NoItemFlags) q.setForeground(Qt.darkGreen) self.setItem(self.rowCount() - 1, 0, q) q = NotEditableTableWidgetItem(hex(0)) q.setFlags(Qt.NoItemFlags) q.setForeground(Qt.gray) self.setItem(self.rowCount() - 1, 1, q) self.app.dwarf_api('hookOnLoad', input) self.resizeRowsToContents() self.horizontalHeader().setStretchLastSection(True)
def hook_onload(self, input=None): if input is None or not isinstance(input, str): input = InputDialog.input(self.app, hint='insert module name', placeholder='libtarget.so') if not input[0]: return input = input[1] if len(input) == 0: return if not input.endswith('.so'): input += '.so' if input in self.app.get_dwarf().on_loads: return if self.columnCount() == 0: self.setColumnCount(2) self.setHorizontalHeaderLabels(['input', 'address']) h = self.app.get_dwarf().hook_onload(input) self.insertRow(self.rowCount()) q = HookWidget(h.get_input()) q.set_hook_data(h) q.setFlags(Qt.NoItemFlags) q.setForeground(Qt.darkGreen) self.setItem(self.rowCount() - 1, 0, q) q = NotEditableTableWidgetItem(hex(0)) q.setFlags(Qt.NoItemFlags) q.setForeground(Qt.gray) self.setItem(self.rowCount() - 1, 1, q) self.resizeRowsToContents() self.horizontalHeader().setStretchLastSection(True)
def trigger_jump_to(self): pt = InputDialog.input(hint='insert pointer', size=True) if pt[0]: ptr = self.app.get_script().exports.getpt(pt[1]) self.read_memory(ptr, int(pt[2]), sub_start=int(pt[3]))
def trigger_jump_to(self): accept, ptr = InputDialog.input(hint='insert pointer') if accept: ptr = int(self.app.dwarf_api('evaluatePtr', ptr), 16) self.read_memory(ptr)