def remake_main():
# 先新建好所有函数, 再执行
# -- 脚本将start~end所有函数 undefined, 在start处make function
import ida_bytes
start_addr = 0x0402126
end_addr = 0x0402220
for i in range(start_addr, end_addr):
ida_bytes.del_items(i)
idc.jumpto(start_addr)
idc.add_func(start_addr)
import ida_hexrays # open pseudocode view
ida_hexrays.open_pseudocode(0x0402126, ida_hexrays.OPF_NO_WAIT)
def cb_loc(self, ea):
update = False
# find_item_coords is only available for versions >= 7.2
if self.safe_mode:
return
func = idaapi.get_func(ea)
if not func:
return
if self.last_func != func.start_ea:
self.vdui_t = ida_hexrays.open_pseudocode(ea, 0)
if not self.vdui_t:
return
self.cfunc = self.vdui_t.cfunc
if not self.cfunc:
# may happen in case of decompilation error
return
self.eamap = self.cfunc.get_eamap()
self.prev_ea = None
self.last_func = func.start_ea
self.lines = self.cfunc.get_pseudocode()
self.color_ins_vec(self.discarded_ea, rsconfig.COL_BLANK_HEX)
self.color_ins_vec(self.prev_ea, rsconfig.COL_PREVLINE_HEX)
update = self.color_ins_vec(ea, rsconfig.COL_CURLINE_HEX)
if update:
self.discarded_ea = self.prev_ea
self.prev_ea = ea
def acquire_pseudocode_vdui(addr):
"""
Acquires a IDA HexRays vdui pointer, which is a pointer to a pseudocode view that contains
the cfunc which describes the code on the screen. Using this function optimizes the switching of code views
by using in-place switching if a view is already present.
@param addr:
@return:
"""
func = ida_funcs.get_func(addr)
if not func:
return None
names = ["Pseudocode-%c" % chr(ord("A") + i) for i in range(5)]
for name in names:
widget = ida_kernwin.find_widget(name)
if not widget:
continue
vu = ida_hexrays.get_widget_vdui(widget)
break
else:
vu = ida_hexrays.open_pseudocode(func.start_ea, False)
if func.start_ea != vu.cfunc.entry_ea:
target_cfunc = idaapi.decompile(func.start_ea)
vu.switch_to(target_cfunc, False)
return vu
def open_control_panel(self):
"""
Open the control panel view and attach it to IDA View-A or Pseudocode-A.
"""
wrapper = ControlPanelViewWrapper(controller)
if not wrapper.twidget:
l.info(
"BinSync is unable to find a widget to attach to. You are likely running headlessly"
)
return None
flags = idaapi.PluginForm.WOPN_TAB | idaapi.PluginForm.WOPN_RESTORE | idaapi.PluginForm.WOPN_PERSIST
idaapi.display_widget(wrapper.twidget, flags)
wrapper.widget.visible = True
# casually open a pseudocode window, this prevents magic sync from spawning pseudocode windows
# in weird locations upon an initial run
func_addr = next(idautils.Functions())
ida_hexrays.open_pseudocode(
func_addr, ida_hexrays.OPF_NO_WAIT | ida_hexrays.OPF_REUSE)
# then attempt to flip back to IDA View-A
twidget = idaapi.find_widget("IDA View-A")
if twidget is not None:
ida_kernwin.activate_widget(twidget, True)
target = "Functions"
fwidget = idaapi.find_widget(target)
if not fwidget:
# prioritize attaching the binsync panel to a decompilation window
target = "Pseudocode-A"
dwidget = idaapi.find_widget(target)
if not dwidget:
target = "IDA View-A"
if target == "Functions":
idaapi.set_dock_pos(ControlPanelViewWrapper.NAME, target,
idaapi.DP_INSIDE)
else:
# attach the panel to the found target
idaapi.set_dock_pos(ControlPanelViewWrapper.NAME, target,
idaapi.DP_RIGHT)
def get_ctree_graph(ea):
"""
在当前反编译窗口中创建当前函数的 ctree 图
"""
vu = ida_hexrays.open_pseudocode(ea, 0)
w = ida_kernwin.get_current_widget()
vu_title = ida_kernwin.get_widget_title(w)
vu.get_current_item(ida_hexrays.USE_KEYBOARD)
focusitem = vu.item.e if vu.item.is_citem() else None
# 创建 graphviewer
cg = cfunc_graph_t(focusitem, CONFIG, close_open=True)
# 为当前函数创建图像
gb = graph_builder_t(cg)
gb.apply_to(vu.cfunc.body, None)
# 显示图像
cg.Show()
# 设置窗口位置
cg.zoom_and_dock(vu_title, CONFIG["options"]["zoom"],
CONFIG["options"]["dockpos"])
def cb_loc(self, ea):
# find_item_coords is only available for versions >= 7.2
if self.safe_mode:
return
update = False
func_ea = idaapi.get_func(ea).startEA
if self.last_func != func_ea:
self.vdui_t = ida_hexrays.open_pseudocode(ea, 0)
self.cfunc = self.vdui_t.cfunc
self.eamap = self.cfunc.get_eamap()
self.prev_ea = None
self.last_func = func_ea
self.lines = self.cfunc.get_pseudocode()
self.color_ins_vec(self.discarded_ea, rsconfig.COL_BLANK_HEX)
self.color_ins_vec(self.prev_ea, rsconfig.COL_PREVLINE_HEX)
update = self.color_ins_vec(ea, rsconfig.COL_CURLINE_HEX)
if update:
self.discarded_ea = self.prev_ea
self.prev_ea = ea
def double_clicked(self, row, column):
ea = self.functions[row]
ida_hexrays.open_pseudocode(ea, True)
return
def __init__(self, func_addr):
self.view = ida_hexrays.open_pseudocode(func_addr, 0)
