def register_commands():
from .deoptimization import (
annotate_operations_ending_at_address,
annotate_operations_in_function,
)
PluginCommand.register_for_address(
"Deoptimize Operations - Line",
"Uses z3 to deoptimize divisions and modulos ending at the specified line.",
action=annotate_operations_ending_at_address,
)
PluginCommand.register_for_function(
"Deoptimize Operations - Function",
"Uses z3 to deoptimize divisions and modulos through the current function.",
action=annotate_operations_in_function,
)
for edge in block.outgoing_edges:
points = ""
x, y = edge.points[0]
points += str(
x * widthconst) + "," + str(y * heightconst + 12) + " "
for x, y in edge.points[1:-1]:
points += str(x * widthconst) + "," + str(
y * heightconst) + " "
x, y = edge.points[-1]
points += str(
x * widthconst) + "," + str(y * heightconst + 0) + " "
if edge.back_edge:
edges += ' <polyline class="back_edge {type}" points="{points}" marker-end="url(#arrow-{type})"/>\n'.format(
type=BranchType(edge.type).name, points=points)
else:
edges += ' <polyline class="edge {type}" points="{points}" marker-end="url(#arrow-{type})"/>\n'.format(
type=BranchType(edge.type).name, points=points)
output += ' ' + edges + '\n'
output += ' </g>\n'
output += '</svg>'
output += '<p>This CFG generated by <a href="https://binary.ninja/">Binary Ninja</a> from {filename} on {timestring}.</p>'.format(
filename=origname, timestring=time.strftime("%c"))
output += '</html>'
return output
PluginCommand.register_for_function("Export to SVG",
"Exports an SVG of the current function",
save_svg)
param_name = param_name.decode("utf-8")
func_params = [
param for param in func.parameter_vars if param.name == param_name
]
force = False
if len(func_params) != 1:
log_error("Unable to determine method name argument")
return
for name, func in discover_names(func, func_params).items():
# Skip if named correctly
if func.symbol.name == name:
continue
# Skip if we're not forcing and the user has named this already
if not func.symbol.auto and not force:
log_debug("Skipped %r due to no auto symbol" % name)
continue
log_info("Renaming %r to %r" % (func, name))
func.view.define_auto_symbol(
Symbol(func.symbol.type, func.symbol.address, short_name=name))
PluginCommand.register_for_function(
"Analysis\\Discover caller names by call parameters",
"Renames all unique callers based on call parameters to the current function",
do_discover_caller_names,
)
from binaryninja.plugin import PluginCommand
from .ief import ief_find_export_bg, ief_find_import_bg, ief_find_library_bg
PluginCommand.register(
'Import Export Find\\Find binaries that import library named',
'find binaries that import a library named', ief_find_library_bg)
PluginCommand.register_for_function(
'Import Export Find\\Find binaries that export current function',
'find binaries that export the current function', ief_find_export_bg)
PluginCommand.register_for_function(
'Import Export Find\\Find binaries that import current function',
'find binaries that import the current function', ief_find_import_bg)
for i, line in enumerate(block.lines):
output += ' <tspan id="instr-{address}" x="{x}" y="{y}">'.format(x=x + 6, y=y + 6 + (i + 0.7) * heightconst, address=hex(line.address)[:-1])
hover = instruction_data_flow(function, line.address)
output += '<title>{hover}</title>'.format(hover=hover)
for token in line.tokens:
# TODO: add hover for hex, function, and reg tokens
output += '<tspan class="{tokentype}">{text}</tspan>'.format(text=escape(token.text), tokentype=InstructionTextTokenType(token.type).name)
output += '</tspan>\n'
output += ' </text>\n'
output += ' </g>\n'
# Edges are rendered in a seperate chunk so they have priority over the
# basic blocks or else they'd render below them
for edge in block.outgoing_edges:
points = ""
x, y = edge.points[0]
points += str(x * widthconst) + "," + str(y * heightconst + 12) + " "
for x, y in edge.points[1:-1]:
points += str(x * widthconst) + "," + str(y * heightconst) + " "
x, y = edge.points[-1]
points += str(x * widthconst) + "," + str(y * heightconst + 0) + " "
edges += ' <polyline class="edge {type}" points="{points}" marker-end="url(#arrow-{type})"/>\n'.format(type=BranchType(edge.type).name, points=points)
output += ' ' + edges + '\n'
output += ' </g>\n'
output += '</svg></html>'
return output
PluginCommand.register_for_function("Export to SVG", "Exports an SVG of the current function", save_svg)
def render_output(self, code):
lexer = CLexer()
style = NativeStyle()
style.background_color = BG_COLOR
formatter = HtmlFormatter(full=True, style='native', noclasses=True)
colored_code = highlight(code, lexer, formatter)
show_html_report('{}.c'.format(self._function.name), colored_code)
def decompile_raw(view, function):
try:
retdec = RetDec(view, function)
retdec.decompile_raw()
except Exception as e:
log.log_error('failed to decompile function: {}'.format(e))
def decompile_bin(view, function):
try:
retdec = RetDec(view, function)
retdec.decompile_bin()
except Exception as e:
log.log_error('failed to decompile function: {}'.format(e))
PluginCommand.register_for_function('RetDec Offline Decompiler',
'Decompile-Fast', decompile_raw)
PluginCommand.register_for_function(
'RetDec Offline Decompiler (Full Binary Analysis)', 'Decompile-Slow',
decompile_bin)
print('WARNING: unfamiliar call operand in {}'.format(instruction))
continue
symbol = bv.get_symbol_at(instruction.prefix_operands[2])
if symbol and symbol.type == SymbolType.ImportedFunctionSymbol:
#print(symbol.name)
#demangler.demangleImport(bv, instruction.prefix_operands[2])
#demangler.demangleImport(bv, symbol.name)
name = symbol.name
if name[:2] == '__':
name = name[1:]
try:
result = demangler.demangleSymbolAsNode(bv, name)
if not result:
skipped.append(symbol.name)
print('SKIPPING: {}'.format(symbol.name))
continue
successful.append(symbol.name)
print(result)
#print(demangler.getNodeTreeAsString(result))
except Exception as e:
logging.exception(e)
print(len(skipped))
print(skipped)
print(len(successful))
print(successful)
PluginCommand.register("Define Objective-C classes", "Parses the objc_classlist section to define Objective C and Swift classes", define_classes)
PluginCommand.register_for_address("Demangle Swift symbol", "Demangles the Swift symbol name at the given address", demangler.demangleAddress)
PluginCommand.register_for_function("Demangle imported Swift symbols", "Demangles the imported Swift symbol names in the given function", demangleImportsInFunction)
def replace_symbols(self, line, address, string):
symbol = self._view.get_symbol_at(address)
if symbol is not None:
return line.replace(string, symbol.name)
function = self._view.get_function_at(address)
if function is not None:
return line.replace(string, function.name)
return line
def render_output(self, code):
lexer = CLexer()
style = NativeStyle()
style.background_color = BG_COLOR
formatter = HtmlFormatter(full=True, style='native', noclasses=True)
colored_code = highlight(code, lexer, formatter)
show_html_report('{}.c'.format(self._function.name), colored_code)
def decompile(view, function):
try:
retdec = RetDec(view, function)
retdec.decompile_function()
except Exception as e:
log_error('failed to decompile function\n{}'.format(e.message))
PluginCommand.register_for_function('RetDec Offline Decompiler', 'Decompile',
decompile)
harness = interaction.get_save_filename_input("Filename to write to?",
"cpp")
harness = csv_file.decode("utf-8") + ".cpp"
log.log_info("Writing new template to workspace")
with open(harness, "w+") as fd:
fd.write(template)
interaction.show_message_box("Success",
f"Done, wrote fuzzer harness to {harness}")
PluginCommand.register(
"Fuzzable\\Analyze fuzzable targets",
"Identify and generate targets for fuzzing",
run_fuzzable,
)
PluginCommand.register(
"Fuzzable\\Export fuzzability report as CSV",
"Identify and generate targets for fuzzing",
run_export_report,
)
PluginCommand.register_for_function(
"Fuzzable\\Generate fuzzing harness (EXPERIMENTAL, C/C++ ONLY)",
"For a target function, generate a AFL/libFuzzer C++ harness",
run_harness_generation,
)
