def _activate(self, ctx):
ea = idaapi.asklong(0, "Add LCA Target")
if ea is None:
return
lca_viewer.add_target(ea)
lca_viewer.rebuild_graph()
lca_viewer.Refresh()
def _activate(self, ctx):
ea = idaapi.asklong(0, "Add LCA Target")
if ea is None:
return
lca_viewer.add_target(ea)
lca_viewer.rebuild_graph()
lca_viewer.Refresh()
def __init__(self, addr, kind):
super(PropagateTaint,self).__init__()
# If a user is not fast enough in providing the answer
# IDA Python will popup a modal window that will block
# a user from providing the answer.
idaapi.disable_script_timeout()
engine = idaapi.askstr(ENGINE_HISTORY, self.ENGINE, ask_engine) \
or self.ENGINE
depth = idaapi.asklong(self.DEPTH, ask_depth) \
or self.DEPTH
# don't ask for the loop depth as a user is already annoyed.
loop_depth = self.LOOP_DEPTH
self.action = 'propagating taint from {:s}0x{:X}'.format(
'*' if kind == 'ptr' else '',
addr)
propagate = 'run' if engine == 'primus' else 'propagate-taint'
self.passes = ['taint', propagate, 'map-terms','emit-ida-script']
self.script = self.tmpfile('py')
scheme = self.tmpfile('scm')
stdin=self.tmpfile('stdin')
stdout=self.tmpfile('stdout')
for (pat,color) in patterns:
scheme.write('(({0}) (color {1}))\n'.format(pat,color))
scheme.close()
name = idc.GetFunctionName(addr)
self.args += [
'--taint-'+kind, '0x{:X}'.format(addr),
'--passes', ','.join(self.passes),
'--map-terms-using', scheme.name,
'--emit-ida-script-attr', 'color',
'--emit-ida-script-file', self.script.name
]
if engine == 'primus':
self.args += [
'--run-entry-points={}'.format(name),
'--primus-limit-max-length={}'.format(depth),
'--primus-limit-max-visited={}'.format(loop_depth),
'--primus-promiscuous-mode',
'--primus-greedy-scheduler',
'--primus-propagate-taint-from-attributes',
'--primus-propagate-taint-to-attributes',
'--primus-lisp-channel-redirect=<stdin>:{0},<stdout>:{1}'.format(
stdin.name,
stdout.name)
]
def __init__(self, addr, kind):
super(PropagateTaint, self).__init__()
# If a user is not fast enough in providing the answer
# IDA Python will popup a modal window that will block
# a user from providing the answer.
idaapi.disable_script_timeout()
engine = idaapi.askstr(ENGINE_HISTORY, self.ENGINE, ask_engine) \
or self.ENGINE
depth = idaapi.asklong(self.DEPTH, ask_depth) \
or self.DEPTH
# don't ask for the loop depth as a user is already annoyed.
loop_depth = self.LOOP_DEPTH
self.action = 'propagating taint from {:s}0x{:X}'.format(
'*' if kind == 'ptr' else '', addr)
propagate = 'run' if engine == 'primus' else 'propagate-taint'
self.passes = ['taint', propagate, 'map-terms', 'emit-ida-script']
self.script = self.tmpfile('py')
scheme = self.tmpfile('scm')
stdin = self.tmpfile('stdin')
stdout = self.tmpfile('stdout')
for (pat, color) in patterns:
scheme.write('(({0}) (color {1}))\n'.format(pat, color))
scheme.close()
name = idc.GetFunctionName(addr)
self.args += [
'--taint-' + kind, '0x{:X}'.format(addr), '--passes',
','.join(self.passes), '--map-terms-using', scheme.name,
'--emit-ida-script-attr', 'color', '--emit-ida-script-file',
self.script.name
]
if engine == 'primus':
self.args += [
'--run-entry-points={}'.format(name),
'--primus-limit-max-length={}'.format(depth),
'--primus-limit-max-visited={}'.format(loop_depth),
'--primus-promiscuous-mode', '--primus-greedy-scheduler',
'--primus-propagate-taint-from-attributes',
'--primus-propagate-taint-to-attributes',
'--primus-lisp-channel-redirect=<stdin>:{0},<stdout>:{1}'.
format(stdin.name, stdout.name)
]
def get_similarity_cut():
"""
Get similarity cut value from the user.
"""
# The default similarity cut grade is just above half:
default_sim_cut = (MAX_SIM_GRADE // 2) + 1
# We have to make sure that default_sim_cut is not more than
# MAX_SIM_GRADE:
default_sim_cut = min([default_sim_cut,MAX_SIM_GRADE])
# Keep going until we get a valid sim_cut from the user, or the user picks
# cancel.
while True:
sim_cut = idaapi.asklong(default_sim_cut,\
"Please choose a similarity grade cut (1 - {}): ".\
format(MAX_SIM_GRADE))
if sim_cut is None:
# If the user has aborted, we return None:
return None
if (1 <= sim_cut <= MAX_SIM_GRADE):
break
return sim_cut
def get_similarity_cut():
"""
Get similarity cut value from the user.
"""
# The default similarity cut grade is just above half:
default_sim_cut = (MAX_SIM_GRADE // 2) + 1
# We have to make sure that default_sim_cut is not more than
# MAX_SIM_GRADE:
default_sim_cut = min([default_sim_cut, MAX_SIM_GRADE])
# Keep going until we get a valid sim_cut from the user, or the user picks
# cancel.
while True:
sim_cut = idaapi.asklong(default_sim_cut,\
"Please choose a similarity grade cut (1 - {}): ".\
format(MAX_SIM_GRADE))
if sim_cut is None:
# If the user has aborted, we return None:
return None
if (1 <= sim_cut <= MAX_SIM_GRADE):
break
return sim_cut
def _activate(self, ctx):
distance = idaapi.asklong(4, 'Distance From Source')
show_xref_graph(ctx.cur_ea, to=False, distance=distance)
def show_xrefs_to(*args):
distance = idaapi.asklong(4, 'Distance To Source')
show_xref_graph(idc.here(), to=True, distance=distance)
def show_xrefs_from(*args):
distance = idaapi.asklong(4, 'Distance From Source')
show_xref_graph(idc.here(), to=False, distance=distance)
def _activate(self, ctx):
distance = idaapi.asklong(4, 'Distance From Source')
show_xref_graph(ctx.cur_ea, to=False, distance=distance)
def show_xrefs_to(*args):
distance = idaapi.asklong(4, 'Distance To Source')
show_xref_graph(idc.here(), to=True, distance=distance)
def show_xrefs_from(*args):
distance = idaapi.asklong(4, 'Distance From Source')
show_xref_graph(idc.here(), to=False, distance=distance)
def _print(self):
if (len(self.start_points) > 0):
self.print_intersections(self.start_points, idaapi.asklong(4, 'Scan depth'))
else:
idc.Warning("Too few points to perform an intersection.")
# Step Nr. 4: Let user select module
moduleList = []
for module in modules.values():
moduleList.append((str(module[0]), module[1]))
a = SelectBox("Select a module", moduleList)
selected_module = a.Show(True) + 1
print "Selected module: %d" % selected_module
rawModule = False
if moduleList[selected_module - 1][1] == 'NULL':
rawModule = True
# Step Nr. 5: Let user change offset (optional)
offset = idaapi.asklong(0, "Add offset")
# Step Nr. 6: Retrieve covered blocks
engine = create_engine(database_string)
with engine.connect() as con:
#blocksDB = con.execute('SELECT Offset FROM covered_blocks WHERE ModuleID = %d' % selected_module)
blocksDistinctDB = con.execute(
'SELECT DISTINCT Offset FROM covered_blocks WHERE ModuleID = %d' %
selected_module)
print "Found ? block(s) (%d distinct)" % (blocksDistinctDB.rowcount)
# Step Nr. 7: Color the currently loaded binary
for (bb, ) in blocksDistinctDB:
absPos = bb + offset
if not rawModule:
absPos += ida_nalt.get_imagebase()