def _work():
matches = app.dwarf_api('findSymbol', input)
if len(matches) > 0:
panel.setColumnCount(3)
panel.setHorizontalHeaderLabels(['name', 'address', 'module'])
for ptr in matches:
sym = app.dwarf_api('getSymbolByAddress', ptr)
if sym is None:
continue
if sym['name'] == '' or sym['name'] is None:
sym['name'] = sym['address']
row = panel.rowCount()
panel.insertRow(row)
q = NotEditableTableWidgetItem(sym['name'])
q.setFlags(Qt.NoItemFlags)
q.setForeground(Qt.white)
panel.setItem(row, 0, q)
q = MemoryAddressWidget(sym['address'])
panel.setItem(row, 1, q)
q = NotEditableTableWidgetItem(sym['moduleName'])
q.setFlags(Qt.NoItemFlags)
q.setForeground(Qt.lightGray)
panel.setItem(row, 2, q)
panel.sortByColumn(0, 0)
if row == 0:
panel.resizeColumnsToContents()
panel.horizontalHeader().setStretchLastSection(True)
def on_enumeration_complete(self, methods):
for method in sorted(methods):
row = self.rowCount()
self.insertRow(row)
q = NotEditableTableWidgetItem(method)
q.setFlags(Qt.ItemIsEnabled)
self.setItem(row, 0, q)
def __set_java_context(self, ptr, context):
self.__initialize_context()
self.context_ptr = ptr
self.is_java_context = True
self.setColumnCount(3)
self.setHorizontalHeaderLabels(['argument', 'class', 'value'])
for arg in context:
i = self.rowCount()
self.insertRow(i)
q = NotEditableTableWidgetItem(arg)
q.setForeground(Qt.gray)
self.setItem(i, 0, q)
q = NotEditableTableWidgetItem(context[arg]['className'])
if isinstance(context[arg]['handle'], str):
q.setFlags(Qt.NoItemFlags)
q.setForeground(Qt.lightGray)
self.item(i, 0).setFlags(Qt.NoItemFlags)
self.item(i, 0).setForeground(Qt.lightGray)
self.setItem(i, 1, q)
if context[arg] is not None:
q = QTableWidgetItem('null')
q.setForeground(Qt.gray)
q.setForeground(Qt.gray)
self.setItem(i, 2, q)
self.resizeRowsToContents()
self.horizontalHeader().setStretchLastSection(True)
def __set_emulator_context(self, ptr, context):
self.__initialize_context()
self.context_ptr = ptr
self.is_java_context = False
self.setColumnCount(3)
self.setHorizontalHeaderLabels(['reg', 'value', 'decimal'])
for reg in sorted(context.__dict__):
if reg.startswith('_'):
continue
i = self.rowCount()
self.insertRow(i)
q = NotEditableTableWidgetItem(reg)
q.setForeground(Qt.gray)
self.setItem(i, 0, q)
q = NotEditableTableWidgetItem(reg)
q.setFlags(Qt.NoItemFlags)
q.setForeground(Qt.gray)
self.setItem(i, 0, q)
q = NativeRegisterWidget(reg, {
'value': hex(context.__dict__[reg]),
'isValidPointer': False # @todo!
})
self.setItem(i, 1, q)
q = NotEditableTableWidgetItem(str(context.__dict__[reg]))
q.setForeground(Qt.darkCyan)
self.setItem(i, 2, q)
self.resizeRowsToContents()
self.horizontalHeader().setStretchLastSection(True)
def __set_native_context(self, ptr, context):
self.__initialize_context()
self.context_ptr = ptr
self.is_java_context = False
self.setColumnCount(4)
self.setHorizontalHeaderLabels(['reg', 'value', 'decimal', 'telescope'])
if self.app.get_dwarf().get_loading_library() is not None:
self.context_ptr = self.app.get_dwarf().get_loading_library()
for reg in context:
if reg.lower() == 'tojson':
continue
i = self.rowCount()
self.insertRow(i)
q = NotEditableTableWidgetItem(reg)
q.setFlags(Qt.NoItemFlags)
q.setForeground(Qt.gray)
self.setItem(i, 0, q)
if context[reg] is not None:
q = NativeRegisterWidget(reg, context[reg])
self.setItem(i, 1, q)
q = NotEditableTableWidgetItem(str(int(context[reg]['value'], 16)))
q.setForeground(Qt.darkCyan)
self.setItem(i, 2, q)
if context[reg]['isValidPointer']:
ts = context[reg]['telescope']
if ts is not None:
if ts[0] == 1:
q = MemoryAddressWidget(str(ts[1]))
else:
q = NotEditableTableWidgetItem(str(ts[1]))
q.setFlags(Qt.NoItemFlags)
if ts[0] == 0:
q.setForeground(Qt.darkGreen)
elif ts[0] == 2:
q.setForeground(Qt.white)
elif ts[0] != 1:
q.setForeground(Qt.darkGray)
self.setItem(i, 3, q)
self.resizeRowsToContents()
self.horizontalHeader().setStretchLastSection(True)
def set_backtrace(self, bt):
if 'type' not in bt:
return
self.setRowCount(0)
if self.columnCount() == 0:
self.setColumnCount(2)
if bt['type'] == 'native':
bt = bt['bt']
self.setHorizontalHeaderLabels(['symbol', 'address'])
for a in bt:
row = self.rowCount()
self.insertRow(row)
name = a['name']
if name is None:
q = NotEditableTableWidgetItem('-')
q.setFlags(Qt.NoItemFlags)
q.setForeground(Qt.gray)
self.setItem(row, 0, q)
else:
q = NotEditableTableWidgetItem(name)
q.setFlags(Qt.NoItemFlags)
q.setForeground(Qt.darkGreen)
self.setItem(row, 0, q)
q = MemoryAddressWidget(a['address'])
self.setItem(row, 1, q)
elif bt['type'] == 'java':
bt = bt['bt']
# Java backtrace
self.setHorizontalHeaderLabels(['method', 'source'])
parts = bt.split('\n')
for i in range(0, len(parts)):
if i == 0:
continue
p = parts[i].replace('\t', '')
p = p.split('(')
if len(p) != 2:
continue
row = self.rowCount()
self.insertRow(row)
q = NotEditableTableWidgetItem(p[0])
q.setFlags(Qt.NoItemFlags)
q.setForeground(Qt.darkYellow)
self.setItem(row, 0, q)
q = NotEditableTableWidgetItem(p[1].replace(')', ''))
q.setFlags(Qt.NoItemFlags)
q.setForeground(Qt.gray)
self.setItem(row, 1, q)
self.resizeRowsToContents()
self.horizontalHeader().setStretchLastSection(True)
def set_backtrace(self, bt):
self.setRowCount(0)
if type(bt) is list:
# native backtrace
self.is_java_bt = False
self.setHorizontalHeaderLabels(['symbol', 'address'])
for a in bt:
row = self.rowCount()
self.insertRow(row)
name = a['name']
if name is None:
q = NotEditableTableWidgetItem('-')
q.setFlags(Qt.NoItemFlags)
q.setForeground(Qt.gray)
self.setItem(row, 0, q)
else:
q = NotEditableTableWidgetItem(name)
q.setFlags(Qt.NoItemFlags)
q.setForeground(Qt.darkGreen)
self.setItem(row, 0, q)
q = NotEditableTableWidgetItem(a['address'])
q.setForeground(Qt.red)
self.setItem(row, 1, q)
elif type(bt) is str:
# Java backtrace
self.is_java_bt = True
self.setHorizontalHeaderLabels(['method', 'source'])
parts = bt.split('\n')
for i in range(0, len(parts)):
if i == 0:
continue
p = parts[i].replace('\t', '')
p = p.split('(')
if len(p) != 2:
continue
row = self.rowCount()
self.insertRow(row)
q = NotEditableTableWidgetItem(p[0])
q.setFlags(Qt.NoItemFlags)
q.setForeground(Qt.darkYellow)
self.setItem(row, 0, q)
q = NotEditableTableWidgetItem(p[1].replace(')', ''))
q.setFlags(Qt.NoItemFlags)
q.setForeground(Qt.gray)
self.setItem(row, 1, q)
self.resizeRowsToContents()
self.horizontalHeader().setStretchLastSection(True)
def set_ranges(self, ranges):
self.setRowCount(0)
i = 0
for range in sorted(ranges, key=lambda x: x['base'], reverse=True):
self.insertRow(i)
q = NotEditableTableWidgetItem(range['base'])
q.setForeground(Qt.red)
self.setItem(i, 0, q)
q = NotEditableTableWidgetItem(str(range['size']))
q.setFlags(Qt.NoItemFlags)
self.setItem(i, 1, q)
q = NotEditableTableWidgetItem(range['protection'])
q.setFlags(Qt.NoItemFlags)
q.setTextAlignment(Qt.AlignCenter)
self.setItem(i, 2, q)
if 'file' in range:
q = NotEditableTableWidgetItem(range['file']['path'])
q.setFlags(Qt.NoItemFlags)
q.setForeground(Qt.gray)
self.setItem(i, 3, q)
else:
self.setItem(i, 3, NotEditableTableWidgetItem(''))
i += 1
self.resizeRowsToContents()
self.horizontalHeader().setStretchLastSection(True)
def add_bytes_match_item(self, address, symbol):
r = self.rowCount()
if r == 0:
self.setColumnCount(2)
self.setHorizontalHeaderLabels(['address', 'symbol'])
self.insertRow(r)
self.setItem(r, 0, MemoryAddressWidget(address))
if symbol['moduleName'] is not None:
sym = symbol['moduleName']
if symbol['name'] is not None:
sym = '%s (%s)' % (symbol['name'], sym)
q = NotEditableTableWidgetItem(sym)
q.setFlags(Qt.NoItemFlags)
q.setForeground(Qt.lightGray)
else:
q = NotEditableTableWidgetItem('-')
q.setFlags(Qt.NoItemFlags)
q.setForeground(Qt.gray)
self.setItem(r, 1, q)
if r == 0:
self.resizeColumnsToContents()
self.horizontalHeader().setStretchLastSection(True)
def __init__(self, app):
super(ScriptsDialog, self).__init__(app)
self.script = None
self.setMinimumWidth(800)
box = QVBoxLayout(self)
table = ScriptsTable(app, self)
table.setMinimumWidth(800)
for script_name in sorted(
app.get_dwarf().get_scripts_manager().get_scripts().keys()):
script = app.get_dwarf().get_scripts_manager().get_script(
script_name)
info = script['info']
row = table.rowCount()
table.insertRow(row)
q = NotEditableTableWidgetItem(info['name'])
q.set_data(script_name)
table.setItem(row, 0, q)
if 'author' in info:
q = NotEditableTableWidgetItem(info['author'])
q.setFlags(Qt.NoItemFlags)
q.setForeground(Qt.lightGray)
table.setItem(row, 1, q)
if 'android' in info:
q = NotEditableTableWidgetItem('X')
q.setFlags(Qt.NoItemFlags)
q.setTextAlignment(Qt.AlignCenter)
q.setForeground(Qt.white)
table.setItem(row, 2, q)
if 'ios' in info:
q = NotEditableTableWidgetItem('X')
q.setFlags(Qt.NoItemFlags)
q.setTextAlignment(Qt.AlignCenter)
q.setForeground(Qt.white)
table.setItem(row, 3, q)
if 'description' in info:
q = NotEditableTableWidgetItem(info['description'])
q.setFlags(Qt.NoItemFlags)
q.setForeground(Qt.lightGray)
table.setItem(row, 4, q)
box.addWidget(table)
self.setLayout(box)
def set_modules(self, modules):
self.setRowCount(0)
i = 0
for module in sorted(modules, key=lambda x: x['name']):
self.insertRow(i)
q = NotEditableTableWidgetItem(module['name'])
q.setFlags(Qt.NoItemFlags)
q.setForeground(Qt.gray)
self.setItem(i, 0, q)
q = MemoryAddressWidget(module['base'])
self.setItem(i, 1, q)
q = NotEditableTableWidgetItem(str(module['size']))
q.setFlags(Qt.NoItemFlags)
self.setItem(i, 2, q)
q = NotEditableTableWidgetItem(module['path'])
q.setFlags(Qt.NoItemFlags)
q.setForeground(Qt.lightGray)
self.setItem(i, 3, q)
i += 1
self.resizeRowsToContents()
self.horizontalHeader().setStretchLastSection(True)
def on_enumeration_match(self, java_class):
row = self.rowCount()
self.insertRow(row)
q = NotEditableTableWidgetItem(java_class)
q.setFlags(Qt.ItemIsEnabled)
self.setItem(row, 0, q)
def disasm(self, range, offset):
self.setRowCount(0)
self.range = range
self.offset = offset
md = Cs(self.cs_arch, self.cs_mode)
md.detail = True
insts = 0
for i in md.disasm(self.range.data[self.offset:],
self.range.base + self.offset):
if insts > 128:
break
row = self.rowCount()
self.insertRow(row)
if insts == 0:
sym = self.app.dwarf_api('getSymbolByAddress', i.address)
if sym:
module = ''
if 'moduleName' in sym:
module = '- %s' % sym['moduleName']
w = NotEditableTableWidgetItem('%s %s' %
(sym['name'], module))
w.setFlags(Qt.NoItemFlags)
w.setForeground(Qt.lightGray)
self.setItem(row, 4, w)
w = MemoryAddressWidget('0x%x' % i.address)
w.setFlags(Qt.NoItemFlags)
w.setForeground(Qt.red)
w.set_address(i.address)
w.set_offset(self.range.base - i.address)
self.setItem(row, 0, w)
w = NotEditableTableWidgetItem(
binascii.hexlify(i.bytes).decode('utf8'))
w.setFlags(Qt.NoItemFlags)
w.setForeground(Qt.darkYellow)
self.setItem(row, 1, w)
is_jmp = False
op_imm_value = 0
if CS_GRP_JUMP in i.groups or CS_GRP_CALL in i.groups:
is_jmp = False
if len(i.operands) > 0:
for op in i.operands:
if op.type == CS_OP_IMM:
if len(i.operands) == 1:
is_jmp = True
if is_jmp:
op_imm_value = op.value.imm
sym = self.app.dwarf_api('getSymbolByAddress',
op_imm_value)
module = ''
if 'moduleName' in sym:
module = '- %s' % sym['moduleName']
w = NotEditableTableWidgetItem(
'%s %s' % (sym['name'], module))
w.setFlags(Qt.NoItemFlags)
w.setForeground(Qt.lightGray)
self.setItem(row, 4, w)
if is_jmp:
w = MemoryAddressWidget(i.op_str)
w.set_address(op_imm_value)
w.setForeground(Qt.red)
else:
w = NotEditableTableWidgetItem(i.op_str)
w.setFlags(Qt.NoItemFlags)
w.setForeground(Qt.lightGray)
self.setItem(row, 3, w)
w = NotEditableTableWidgetItem(i.mnemonic.upper())
w.setFlags(Qt.NoItemFlags)
w.setForeground(Qt.white)
w.setTextAlignment(Qt.AlignCenter)
w.setFont(QFont(None, 11, QFont.Bold))
self.setItem(row, 2, w)
insts += 1
self.resizeColumnsToContents()
self.scrollToTop()
def set_context(self, ptr, is_java, context):
self.setRowCount(0)
i = 0
self.context_ptr = ptr
if self.app.get_dwarf().get_loading_library() is not None:
self.context_ptr = self.app.get_dwarf().get_loading_library()
if is_java:
self.setColumnCount(3)
self.setHorizontalHeaderLabels(['argument', 'class', 'value'])
else:
self.setColumnCount(4)
self.setHorizontalHeaderLabels(['reg', 'value', 'decimal', 'telescope'])
for reg in context:
self.insertRow(i)
q = NotEditableTableWidgetItem(reg)
q.setFlags(Qt.NoItemFlags)
q.setForeground(Qt.gray)
self.setItem(i, 0, q)
if is_java:
q = NotEditableTableWidgetItem(context[reg]['className'])
q.setFlags(Qt.NoItemFlags)
q.setForeground(Qt.white)
self.setItem(i, 1, q)
if context[reg] is not None:
if is_java:
if context[reg]['arg'] is None:
q = QTableWidgetItem('null')
q.setForeground(Qt.gray)
else:
q = QTableWidgetItem(str(context[reg]['arg']))
else:
q = NativeRegisterWidget(self.app, reg, context[reg])
if is_java:
q.setFlags(Qt.NoItemFlags)
self.setItem(i, 2, q)
else:
self.setItem(i, 1, q)
q = NotEditableTableWidgetItem(str(int(context[reg], 16)))
q.setForeground(Qt.darkCyan)
q.setFlags(Qt.NoItemFlags)
self.setItem(i, 2, q)
data = self.app.dwarf_api('getAddressTs', context[reg])
if data is not None:
q = NotEditableTableWidgetItem(str(data[1]))
q.setFlags(Qt.NoItemFlags)
if data[0] == 0:
q.setForeground(Qt.darkGreen)
elif data[0] == 1:
q.setForeground(Qt.red)
elif data[0] == 2:
q.setForeground(Qt.white)
else:
q.setForeground(Qt.darkGray)
self.setItem(i, 3, q)
i += 1
self.resizeRowsToContents()
self.horizontalHeader().setStretchLastSection(True)
def set_context(self, ptr, is_java, context):
self.context_ptr = ptr
self.is_java_context = is_java
self.setRowCount(0)
self.setColumnCount(0)
i = 0
if self.app.get_dwarf().get_loading_library() is not None:
self.context_ptr = self.app.get_dwarf().get_loading_library()
if self.is_java_context:
self.setColumnCount(3)
self.setHorizontalHeaderLabels(['argument', 'class', 'value'])
else:
self.setColumnCount(4)
self.setHorizontalHeaderLabels(
['reg', 'value', 'decimal', 'telescope'])
for reg in context:
if reg.lower() == 'tojson':
continue
self.insertRow(i)
q = NotEditableTableWidgetItem(reg)
if not self.is_java_context:
q.setFlags(Qt.NoItemFlags)
q.setForeground(Qt.gray)
self.setItem(i, 0, q)
if self.is_java_context:
q = NotEditableTableWidgetItem(context[reg]['className'])
if isinstance(context[reg]['handle'], str):
q.setFlags(Qt.NoItemFlags)
q.setForeground(Qt.lightGray)
self.item(i, 0).setFlags(Qt.NoItemFlags)
self.item(i, 0).setForeground(Qt.lightGray)
self.setItem(i, 1, q)
if context[reg] is not None:
if self.is_java_context:
if context[reg]['arg'] is None:
q = QTableWidgetItem('null')
q.setForeground(Qt.gray)
else:
q = NotEditableTableWidgetItem(str(
context[reg]['arg']))
else:
q = NativeRegisterWidget(self.app, reg, context[reg])
if self.is_java_context:
q.setForeground(Qt.gray)
self.setItem(i, 2, q)
else:
self.setItem(i, 1, q)
q = NotEditableTableWidgetItem(
str(int(context[reg]['value'], 16)))
q.setForeground(Qt.darkCyan)
self.setItem(i, 2, q)
if context[reg]['isValidPointer']:
ts = context[reg]['telescope']
if ts is not None:
if ts[0] == 1:
q = MemoryAddressWidget(str(ts[1]))
else:
q = NotEditableTableWidgetItem(str(ts[1]))
q.setFlags(Qt.NoItemFlags)
if ts[0] == 0:
q.setForeground(Qt.darkGreen)
elif ts[0] == 2:
q.setForeground(Qt.white)
elif ts[0] != 1:
q.setForeground(Qt.darkGray)
self.setItem(i, 3, q)
i += 1
self.resizeRowsToContents()
self.horizontalHeader().setStretchLastSection(True)