Exemplo n.º 1
0
    def init(brutal_self):
        idaapi.unregister_action('Undo')
        idaapi.unregister_action('Redo')

        brutal_self.brutal_action_handler = BrutalActionHandler()
        brutal_action_desc = idaapi.action_desc_t(
            'BRUTAL', 'BRUTAL IDA', brutal_self.brutal_action_handler, '',
            'IDA', BRUTAL6_ICON)
        idaapi.register_action(brutal_action_desc)
        idaapi.create_toolbar('BRUTAL IDA', 'BRUTAL IDA')

        brutal_self.brutal_letter_handlers = []

        for brutal_letter in 'BRUTAL':
            brutal_letter_handler = BrutalLetterHandler()
            brutal_self.brutal_letter_handlers.append(brutal_letter_handler)

            brutal_label = 'BRUTAL {}'.format(brutal_letter)
            brutal_letter_desc = idaapi.action_desc_t(
                brutal_label, brutal_label, brutal_letter_handler, '',
                brutal_letter, BRUTAL_LETTERS[brutal_letter])
            idaapi.register_action(brutal_letter_desc)
            idaapi.attach_action_to_toolbar('BRUTAL IDA', brutal_label)

        idaapi.attach_action_to_toolbar('BRUTAL IDA', 'BRUTAL')

        brutal_self.brutal_hotkey = idaapi.add_hotkey(
            'Ctrl+Z', brutal_self.dispatch_brutality)

        return idaapi.PLUGIN_KEEP
Exemplo n.º 2
0
    def init(self):
        act_icon = idaapi.load_custom_icon(data=icon_data, format="png")
        act_name = "idenLib:action"
        idaapi.register_action(
            idaapi.action_desc_t(act_name, "idenLib - Function Identification",
                                 idenLib_class(), None, "idenLib", act_icon))
        # Insert the action in a toolbar
        idaapi.attach_action_to_toolbar("DebugToolBar", act_name)
        idaapi.attach_action_to_menu('Edit/idenLib/', act_name,
                                     idaapi.SETMENU_APP)

        # refresh signatures
        act_name = "idenLib:refresh"
        idaapi.register_action(
            idaapi.action_desc_t(act_name, "Refresh Signatures",
                                 RefreshHandler(), None, "idenLib - Refresh"))
        idaapi.attach_action_to_menu('Edit/idenLib/', act_name,
                                     idaapi.SETMENU_APP)

        # about
        act_name = "idenLib:about"
        idaapi.register_action(
            idaapi.action_desc_t(act_name, "About", AboutHandler(), None,
                                 "idenLib - About"))
        idaapi.attach_action_to_menu('Edit/idenLib/', act_name,
                                     idaapi.SETMENU_APP)

        return idaapi.PLUGIN_OK
Exemplo n.º 3
0
 def init(self):
     self.handler = SyncHandler()
     action_desc = idaapi.action_desc_t(SYNC_ACTION_NAME, 'Ret-Sync', self.handler, '',
                                        'Enable/Disable Debugger Sync', SYNC_OFF_ICON)
     idaapi.register_action(action_desc)
     idaapi.attach_action_to_toolbar('DebugToolBar', SYNC_ACTION_NAME)
     return idaapi.PLUGIN_KEEP
Exemplo n.º 4
0
 def init(self):
     self.handler = SyncHandler()
     action_desc = idaapi.action_desc_t(SYNC_ACTION_NAME, 'Ret-Sync',
                                        self.handler, '',
                                        'Enable/Disable Debugger Sync',
                                        SYNC_OFF_ICON)
     idaapi.register_action(action_desc)
     idaapi.attach_action_to_toolbar('DebugToolBar', SYNC_ACTION_NAME)
     return idaapi.PLUGIN_KEEP
Exemplo n.º 5
0
    def init(self):
        #
        # Ensure symEx and cache dir existed
        #
        if not os.path.isdir(symEx_dir):
            print("[idenLib] default sig directory {} not existed !!!".format(symEx_dir))
            os.mkdir(symEx_dir)

        if not os.path.isdir(symEx_cache_dir):
            os.mkdir(symEx_cache_dir)

        act_icon = idaapi.load_custom_icon(data=icon_data, format="png")
        act_name = "idenLib:action"
        idaapi.register_action(idaapi.action_desc_t(
            act_name,
            "idenLib - Function Identification",
            idenLibHandler(),
            None,
            "idenLib",
            act_icon))

        # Insert the action in a toolbar
        idaapi.attach_action_to_toolbar("DebugToolBar", act_name)
        idaapi.attach_action_to_menu(
            'Edit/idenLib/',
            act_name,
            idaapi.SETMENU_APP)

        # refresh signatures
        act_name = "idenLib:refresh"
        idaapi.register_action(idaapi.action_desc_t(
            act_name,
            "Refresh Signatures",
            RefreshHandler(),
            None,
            "idenLib - Refresh"))
        idaapi.attach_action_to_menu(
            'Edit/idenLib/',
            act_name,
            idaapi.SETMENU_APP)

        # about
        act_name = "idenLib:about"
        idaapi.register_action(idaapi.action_desc_t(
            act_name,
            "About",
            AboutHandler(),
            None,
            "idenLib - About"))
        idaapi.attach_action_to_menu(
            'Edit/idenLib/',
            act_name,
            idaapi.SETMENU_APP)

        return idaapi.PLUGIN_OK
Exemplo n.º 6
0
def main():
    # icon author: https://www.flaticon.com/authors/freepik
    icon_data = "".join([
        "\x89\x50\x4E\x47\x0D\x0A\x1A\x0A\x00\x00\x00\x0D\x49\x48\x44\x52\x00\x00\x00\x18\x00\x00\x00\x18\x08\x03\x00\x00\x00\xD7\xA9\xCD\xCA\x00\x00\x00\x4E\x50\x4C\x54\x45\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\xC4\xA2\xA6\x59\x00\x00\x00\x19\x74\x52\x4E\x53\x00\x20\xEE\x4F\xC9\x64\xD3\xB3\x32\x99\x88\x17\x0C\xC1\x5C\x28\xF6\x7F\xE6\xDD\xBB\xA2\x47\x41\x90\xCE\x19\x07\xA1\x00\x00\x00\xC8\x49\x44\x41\x54\x28\xCF\x75\xD1\xDB\xAE\x83\x20\x10\x85\xE1\x35\x08\x0E\xCA\x16\x3C\xDB\xF5\xFE\x2F\xBA\xC7\x58\xDB\xB4\xA1\xFF\x8D\xC8\x27\x48\x02\x7E\x26\xD6\xDF\xE7\x58\x70\x46\xAB\x79\x82\x23\x19\xD4\x31\x55\xC1\x93\x47\x75\xAB\xFD\x10\xA9\xAE\x38\x16\xEA\x0B\x36\x6F\x6D\x88\x56\x8A\xE4\xFC\x02\xA5\xA5\x58\x9C\x73\x19\x23\x99\x6E\x88\x12\xA3\x94\x6B\x2B\x78\x9B\xB8\xA1\xA5\x9B\xE9\x9F\xF0\x20\xA7\x37\x58\x37\x64\x52\xAB\x50\x48\x57\x85\xF3\x21\x55\x18\x6C\xA6\x0A\x3D\xD9\x1B\x68\x37\x7E\x41\xD3\x4E\x0A\x2C\x40\xF7\x05\x12\x60\x2B\x5C\xC2\x70\x43\x0E\x21\x14\xD8\x97\xD0\x02\x8E\xB3\xFD\xA3\x1D\xD4\x0F\xD0\x75\x5D\x77\x03\x1D\x99\xD1\x5B\x25\xED\x21\x34\x09\x93\x8D\xA3\x41\x9E\xEC\xA5\xB3\xA2\xBF\xB6\x7A\xD8\xF8\x04\xD9\xDA\xA1\x76\x5C\x24\x3A\xBD\x6E\x4D\xCE\xD2\xFB\x36\x05\xBF\xFB\x07\x19\xFC\x16\xA4\x38\xC6\x08\x3D\x00\x00\x00\x00\x49\x45\x4E\x44\xAE\x42\x60\x82"
    ])

    act_icon = idaapi.load_custom_icon(data=icon_data, format="png")
    act_name = "idenLib:action"
    idaapi.register_action(
        idaapi.action_desc_t(act_name, "idenLib", idenLib_class(), None,
                             "idenLib", act_icon))
    # Insert the action in a toolbar
    idaapi.attach_action_to_toolbar("DebugToolBar", act_name)
    print(PLUGIN_VERSION)
Exemplo n.º 7
0
 def register_action(self, callback, toolbar_name=None, menupath=None):
     self.callback = callback
     if not idaapi.register_action(self.action_desc):
         return False
     if toolbar_name and not idaapi.attach_action_to_toolbar(toolbar_name, self.name):
         return False
     if menupath and not idaapi.attach_action_to_menu(menupath, self.name, idaapi.SETMENU_APP):
         return False
     return True
Exemplo n.º 8
0
 def register_action(self):
     action_desc = idaapi.action_desc_t(self.id, self.name, self,
                                        self.hotkey, self.tooltip,
                                        self.icon)
     if not idaapi.register_action(action_desc):
         return False
     if not idaapi.attach_action_to_toolbar("SearchToolBar", self.id):
         return False
     return True
Exemplo n.º 9
0
 def registerAction(self):
     action_desc = idaapi.action_desc_t(self.id, self.name, self, "",
                                        self.tooltip, self.icon)
     if not idaapi.register_action(action_desc):
         return False
     if not idaapi.attach_action_to_menu(self.menuPath, self.id, 0):
         return False
     if not idaapi.attach_action_to_toolbar("AnalysisToolBar", self.id):
         return False
     return True
Exemplo n.º 10
0
    def init(self):
        self.handler = SyncHandler()

        self.toolbar_name = 'DebugToolBar'

        try:
            if idaapi.create_toolbar('Ret-Sync', 'Ret-Sync'):
                self.toolbar_name = 'Ret-Sync'
        except AttributeError:
            # Can't create own toolbar. Probably older version of IDA. Never-mind.
            pass

        action_desc = idaapi.action_desc_t(SYNC_ACTION_NAME, 'Ret-Sync',
                                           self.handler, '',
                                           'Enable/Disable Debugger Sync',
                                           SYNC_OFF_ICON)
        idaapi.register_action(action_desc)
        idaapi.attach_action_to_toolbar(self.toolbar_name, SYNC_ACTION_NAME)
        return idaapi.PLUGIN_KEEP
Exemplo n.º 11
0
 def register(cls):
     action = cls()
     r = idaapi.register_action(action.get_desc())
     if not r:
         logger('actions').warn("failed registering %s: %s", cls, r)
         return
     idaapi.attach_action_to_menu(action.get_action_path(), action.get_id(),
                                  idaapi.SETMENU_APP)
     r = idaapi.attach_action_to_toolbar("AnalysisToolBar", action.get_id())
     if not r:
         logger('actions').warn("registration of %s failed: %s", cls, r)
     return action
Exemplo n.º 12
0
    def registerAction(self):
        action_desc = idaapi.action_desc_t(
        self.id,
        self.name,
        self,
		"",
        self.tooltip,
		self.icon
		)      
        if not idaapi.register_action(action_desc):
            return False
        if not idaapi.attach_action_to_menu(self.menuPath, self.id, 0):
            return False
        if not idaapi.attach_action_to_toolbar("AnalysisToolBar", self.id):
            return False
        return True
Exemplo n.º 13
0
 def registerAction(self, addToToolBar = True):
     action_desc = idaapi.action_desc_t(
     self.id,        # The action id
     self.name,      # The action text.
     self,           # The action handler.
     self.shortcut,  # Optional: the action shortcut
     self.tooltip,   # Optional: the action tooltip (available in menus/toolbar)
     self.icon)      # Optional: the action icon (shows when in menus/toolbars)
     if not idaapi.register_action(action_desc):
         return False
     if not idaapi.attach_action_to_menu(self.menuPath, self.id, 0):
         return False
     if addToToolBar:
         if not idaapi.attach_action_to_toolbar("SearchToolBar", self.id):
             return False
     return True
Exemplo n.º 14
0
    def OnCreate(self, form):
        rs_debug("form create")

        # get parent widget
        parent = self.FormToPyQtWidget(form)

        # create global sync checkbox
        self.cb_sync = QtWidgets.QCheckBox('Synchronization enable')
        self.cb_sync.move(20, 20)
        self.cb_sync.stateChanged.connect(self.cb_change_state)

        # create hexrays sync checkbox
        self.cb_hexrays = QtWidgets.QCheckBox(
            'Hex-Rays Synchronization enable')
        self.cb_hexrays.move(20, 20)
        self.cb_hexrays.stateChanged.connect(self.cb_hexrays_sync_state)

        # create label
        label = QtWidgets.QLabel('Overwrite idb name:')
        name = self.handle_name_aliasing()

        # create input field
        self.input = QtWidgets.QLineEdit(parent)
        self.input.setText(name)
        self.input.setMaxLength = 256
        self.input.setFixedWidth(300)

        # create restart button
        self.btn = QtWidgets.QPushButton('restart', parent)
        self.btn.setToolTip('Restart broker.')
        self.btn.clicked.connect(self.cb_btn_restart)

        # create layout
        layout = QtWidgets.QGridLayout()
        layout.addWidget(self.cb_sync)
        layout.addWidget(self.cb_hexrays)
        layout.addWidget(label)
        layout.addWidget(self.input)
        layout.addWidget(self.btn, 2, 2)
        layout.setColumnStretch(4, 1)
        layout.setRowStretch(4, 1)
        parent.setLayout(layout)

        self.parser = argparse.ArgumentParser()
        self.parser.add_argument('-a', '--address', nargs=1, action='store')
        self.parser.add_argument('msg', nargs=argparse.REMAINDER)

        # synchronization is enabled by default
        self.cb_sync.toggle()

        # register action for hexrays sync
        action_hex_sync_desc = idaapi.action_desc_t(
            'hexrays_sync_toogle:action', 'Toggle Hex-Rays syncing',
            CheckBoxActionHandler(self.cb_hexrays), 'Ctrl+H',
            'Toggle Hex-Rays syncing', 198)

        idaapi.register_action(action_hex_sync_desc)
        idaapi.attach_action_to_toolbar("DebugToolBar",
                                        'hexrays_sync_toogle:action')

        # register action for global sync
        action_g_sync_desc = idaapi.action_desc_t(
            'g_sync_toogle:action', 'Toggle syncing',
            CheckBoxActionHandler(self.cb_sync), 'Ctrl+Shift+S',
            'Toggle syncing', 203)

        idaapi.register_action(action_g_sync_desc)
        idaapi.attach_action_to_toolbar("DebugToolBar", 'g_sync_toogle:action')
Exemplo n.º 15
0
    def OnCreate(self, form):
        print("[sync] form create")

        # get parent widget
        parent = self.FormToPyQtWidget(form)

        # create global sync checkbox
        self.cb_sync = QtWidgets.QCheckBox('Synchronization enable')
        self.cb_sync.move(20, 20)
        self.cb_sync.stateChanged.connect(self.cb_change_state)

        # create hexrays sync checkbox
        self.cb_hexrays = QtWidgets.QCheckBox('Hex-Rays Synchronization enable')
        self.cb_hexrays.move(20, 20)
        self.cb_hexrays.stateChanged.connect(self.cb_hexrays_sync_state)

        # create label
        label = QtWidgets.QLabel('Overwrite idb name:')

        name = idaapi.get_root_filename()
        print("[sync] default idb name: %s" % name)

        # check in conf for name overwrite
        confpath = os.path.join(os.path.realpath(IDB_PATH), '.sync')
        if os.path.exists(confpath):
            print("[sync] found config file: %s" % confpath)
            config = SafeConfigParser()
            config.read(confpath)
            if config.has_option(name, 'name'):
                name = config.get(name, 'name')
                print("[sync] overwrite idb name with %s" % name)

        # create input field
        self.input = QtWidgets.QLineEdit(parent)
        self.input.setText(name)
        self.input.setMaxLength = 256
        self.input.setFixedWidth(300)

        # create restart button
        self.btn = QtWidgets.QPushButton('restart', parent)
        self.btn.setToolTip('Restart broker.')
        self.btn.clicked.connect(self.cb_btn_restart)

        # create layout
        layout = QtWidgets.QGridLayout()
        layout.addWidget(self.cb_sync)
        layout.addWidget(self.cb_hexrays)
        layout.addWidget(label)
        layout.addWidget(self.input)
        layout.addWidget(self.btn, 2, 2)
        layout.setColumnStretch(4, 1)
        layout.setRowStretch(4, 1)
        parent.setLayout(layout)

        self.parser = argparse.ArgumentParser()
        self.parser.add_argument('-a', '--address', nargs=1, action='store')
        self.parser.add_argument('msg', nargs=argparse.REMAINDER)

        # synchronization is enabled by default
        self.cb_sync.toggle()

        # register action for hexrays sync
        action_hex_sync_desc = idaapi.action_desc_t(
            'hexrays_sync_toogle:action',
            'Toggle Hex-Rays syncing',
            CheckBoxActionHandler(self.cb_hexrays),
            'Ctrl+H',
            'Toggle Hex-Rays syncing',
            198)

        idaapi.register_action(action_hex_sync_desc)
        idaapi.attach_action_to_toolbar(
            "DebugToolBar",
            'hexrays_sync_toogle:action')

        # register action for global sync
        action_g_sync_desc = idaapi.action_desc_t(
            'g_sync_toogle:action',
            'Toggle syncing',
            CheckBoxActionHandler(self.cb_sync),
            'Ctrl+Shift+S',
            'Toggle syncing',
            203)

        idaapi.register_action(action_g_sync_desc)
        idaapi.attach_action_to_toolbar(
            "DebugToolBar",
            'g_sync_toogle:action')
Exemplo n.º 16
0
def attach():
    ''' Determines where entry appears in menu '''
    idaapi.attach_action_to_menu('Debugger/Step into', 'do_step_over:action',
                                 idaapi.SETMENU_APP)
    idaapi.attach_action_to_menu('Debugger/Step over (RESim)',
                                 'do_rev_step_over:action', idaapi.SETMENU_APP)
    idaapi.attach_action_to_menu('Debugger/Step into',
                                 'do_rev_step_into:action', idaapi.SETMENU_APP)
    idaapi.attach_action_to_menu('Debugger/Run until return',
                                 'do_rev_finish:action', idaapi.SETMENU_APP)
    idaapi.attach_action_to_menu('Debugger/Run to Cursor',
                                 'do_rev_cursor:action', idaapi.SETMENU_APP)
    idaapi.attach_action_to_menu('Debugger/^ Rev to Cursor',
                                 'run_to_user:action', idaapi.SETMENU_APP)
    idaapi.attach_action_to_menu('Debugger/Continue process', 'resynch:action',
                                 idaapi.SETMENU_APP)
    '''
    RESim submenu
    '''
    idaapi.attach_action_to_menu('Debugger/ReSIM/', 'watch_data:action',
                                 idaapi.SETMENU_APP)
    idaapi.attach_action_to_menu('Debugger/ReSIM/', 'track_io:action',
                                 idaapi.SETMENU_APP)
    idaapi.attach_action_to_menu('Debugger/ReSIM/', 'retrack:action',
                                 idaapi.SETMENU_APP)
    idaapi.attach_action_to_menu('Debugger/ReSIM/runTo/', 'run_to_io:action',
                                 idaapi.SETMENU_APP)
    idaapi.attach_action_to_menu('Debugger/ReSIM/runTo/', 'run_to_bind:action',
                                 idaapi.SETMENU_APP)
    idaapi.attach_action_to_menu('Debugger/ReSIM/runTo/',
                                 'run_to_accept:action', idaapi.SETMENU_APP)
    idaapi.attach_action_to_menu('Debugger/ReSIM/runTo/',
                                 'run_to_connect:action', idaapi.SETMENU_APP)
    idaapi.attach_action_to_menu('Debugger/ReSIM/runTo/', 'run_to_text:action',
                                 idaapi.SETMENU_APP)
    idaapi.attach_action_to_menu('Debugger/ReSIM/runTo/', 'rev_to_text:action',
                                 idaapi.SETMENU_APP)
    idaapi.attach_action_to_menu('Debugger/ReSIM/backtrack/',
                                 'do_wrote_to_sp:action', idaapi.SETMENU_APP)
    idaapi.attach_action_to_menu('Debugger/ReSIM/backtrack/',
                                 'do_wrote_to_address:action',
                                 idaapi.SETMENU_APP)
    idaapi.attach_action_to_menu('Debugger/ReSIM/backtrack/',
                                 'track_address:action', idaapi.SETMENU_APP)
    idaapi.attach_action_to_menu('Debugger/ReSIM/backtrack/',
                                 'wrote_register:action', idaapi.SETMENU_APP)
    idaapi.attach_action_to_menu('Debugger/ReSIM/backtrack/',
                                 'track_register:action', idaapi.SETMENU_APP)
    idaapi.attach_action_to_menu('Debugger/ReSIM/backtrack/',
                                 'satisfy_condition:action',
                                 idaapi.SETMENU_APP)
    idaapi.attach_action_to_menu('Debugger/ReSIM/', 'do_show_cycle:action',
                                 idaapi.SETMENU_APP)
    idaapi.attach_action_to_menu('Debugger/ReSIM/', 'do_rebase:action',
                                 idaapi.SETMENU_APP)

    idaapi.attach_action_to_menu('Debugger/Continue process',
                                 'continue_forward:action', idaapi.SETMENU_APP)
    if idaapi.IDA_SDK_VERSION >= 740:
        idaapi.unregister_action("ProcessStart")
    idaapi.attach_action_to_toolbar("DebugToolBar", "continue_forward:action")
    idaapi.attach_action_to_menu('Debugger/Continue process(RESim)',
                                 'do_reverse:action', idaapi.SETMENU_APP)
Exemplo n.º 17
0
        act_name,           # Name. Acts as an ID. Must be unique.
        "Say hi!",          # Label. That's what users see.
        SayHi("developer"), # Handler. Called when activated, and for updating
        "Ctrl+F12",         # Shortcut (optional)
        "Greets the user",  # Tooltip (optional)
        act_icon)):         # Icon ID (optional)
    print("Action registered. Attaching to menu.")

    # Insert the action in the menu
    if idaapi.attach_action_to_menu("Edit/Export data", act_name, idaapi.SETMENU_APP):
        print("Attached to menu.")
    else:
        print("Failed attaching to menu.")

    # Insert the action in a toolbar
    if idaapi.attach_action_to_toolbar("AnalysisToolBar", act_name):
        print("Attached to toolbar.")
    else:
        print("Failed attaching to toolbar.")

    # We will also want our action to be available in the context menu
    # for the "IDA View-A" widget.
    #
    # To do that, we could in theory retrieve a reference to "IDA View-A", and
    # then request to "permanently" attach the action to it, using something
    # like this:
    #   idaapi.attach_action_to_popup(ida_view_a, None, act_name, None)
    #
    # but alas, that won't do: widgets in IDA are very "volatile", and
    # can be deleted & re-created on some occasions (e.g., starting a
    # debugging session), and our efforts to permanently register our
Exemplo n.º 18
0
 def toolbar(self, tbname):
     idaapi.attach_action_to_toolbar(tbname, self.id)
     return self
Exemplo n.º 19
0
def main():
    print("\nUsage:\n\
      save_x(\"unique_name\", start_addr, size) - save names, comments, breakpoints, functions\n\
      restore_x(\"unique_name\", start_addr) - restore names, comments, breakpoints, functions\n\
      Example:\n\t\
      save_x(\"first_shellcode\", 0x12340000, 0x1000)\n\t\
      restore_x(\"first_shellcode\", 0x12340000)\n\t\
      save_x(\"f1\", here(), 0x1000)\n\t\
      restore_x(\"f1\", here())\n\
      \nBONUS: useful if a process allocated a new segment (e.g. VirtualAlloc) otherwise (HeapAlloc, new, etc.) use the first way\n\t\
      save_x() == save_x(FIRST_0x10_BYTES_HASH_FROM_EA_SEGMENT, START_OF_EA_SEGMENT, SIZEOF_EA_SEGMENT)\n\t\
      restore_x() == restore(FIRST_0x10_BYTES_HASH_FROM_EA_SEGMENT, START_OF_EA_SEGMENT)\n\
      ")

    icon_data_save = "".join([
        "\x89\x50\x4E\x47\x0D\x0A\x1A\x0A\x00\x00\x00\x0D\x49\x48\x44\x52\x00\x00\x00\x10\x00\x00\x00\x10\x04\x03\x00"
        "\x00\x00\xED\xDD\xE2\x52\x00\x00\x00\x1E\x50\x4C\x54\x45\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"
        "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\xB7\x28\x6F\x6A\x00\x00\x00\x09\x74\x52"
        "\x4E\x53\x00\xE0\x08\xB8\xD0\x58\x98\x85\x25\x4C\x7E\x68\xAA\x00\x00\x00\x49\x49\x44\x41\x54\x08\xD7\x63\x60"
        "\x60\x60\x99\x39\xD3\x01\x48\x11\xC3\xE0\x08\x0D\x9C\x39\x53\x34\xB4\x81\x81\xC9\x72\x26\x10\x4C\x56\x60\x60"
        "\x50\x06\x31\x8C\x80\x72\x40\x21\xB0\x00\x50\x08\x2C\x00\x16\x02\x09\x80\x85\x80\x02\x10\x21\x90\x00\x02\xB0"
        "\x0B\x82\x41\x01\x03\xDB\x4C\x30\x48\x00\x00\xA9\xC1\x1A\x09\x2E\x8B\x71\x91\x00\x00\x00\x00\x49\x45\x4E\x44"
        "\xAE\x42\x60\x82 "
    ])
    icon_data_restore = "".join([
        "\x89\x50\x4E\x47\x0D\x0A\x1A\x0A\x00\x00\x00\x0D\x49\x48\x44\x52\x00\x00\x00\x10\x00\x00\x00\x10\x04\x03\x00"
        "\x00\x00\xED\xDD\xE2\x52\x00\x00\x00\x1E\x50\x4C\x54\x45\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"
        "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\xB7\x28\x6F\x6A\x00\x00\x00\x09\x74\x52"
        "\x4E\x53\x00\x81\xE0\xD0\x98\x40\xEC\x34\x2D\xD9\x04\x16\x77\x00\x00\x00\x46\x49\x44\x41\x54\x08\xD7\x63\x00"
        "\x02\x46\x01\x06\x08\x90\x9C\x08\xA1\x19\x67\xCE\x14\x80\x08\xCC\x9C\x39\x11\x2A\x00\x14\x82\x08\x80\x85\x38"
        "\x5C\xDC\x66\xCE\x4C\x71\x69\x00\x0A\x31\xCF\x9C\x69\x00\xA4\x88\x63\xB0\x87\x86\x16\x30\x20\x01\x46\x25\x30"
        "\x10\x60\x60\x99\x09\x06\x0E\x00\xB5\x68\x19\x1B\xBF\xF3\x8F\x71\x00\x00\x00\x00\x49\x45\x4E\x44\xAE\x42\x60"
        "\x82 "
    ])

    act_icon_save = idaapi.load_custom_icon(data=icon_data_save, format="png")
    act_icon_restore = idaapi.load_custom_icon(data=icon_data_restore,
                                               format="png")

    act_name_save = "dumpDyn_save:action"
    act_name_restore = "dumpDyn_restore:action"
    if idaapi.register_action(
            idaapi.action_desc_t(act_name_save, "save_x", save_class(), None,
                                 "save_x", act_icon_save)):

        # Insert the action in a toolbar
        idaapi.attach_action_to_toolbar("DebugToolBar", act_name_save)

        if idaapi.register_action(
                idaapi.action_desc_t(act_name_restore, "restore_x",
                                     restore_class(), None, "restore_x",
                                     act_icon_restore)):
            # Insert the action in a toolbar
            idaapi.attach_action_to_toolbar("DebugToolBar", act_name_restore)

    else:
        idaapi.unregister_action(act_name_save)
        idaapi.unregister_action(act_name_restore)

    global MD5_hash_data_file
    input_filepath = ida_nalt.get_input_file_path()
    hasher = hashlib.md5()
    with open(input_filepath, 'rb') as afile:
        buf = afile.read()
        hasher.update(buf)
    MD5_hash = hasher.hexdigest()  # str
    MD5_hash_data_file = input_filepath + "____dumpDyn___" + MD5_hash
Exemplo n.º 20
0
        act_name,           # Name. Acts as an ID. Must be unique.
        "Say hi!",          # Label. That's what users see.
        SayHi("developer"), # Handler. Called when activated, and for updating
        "Ctrl+F12",         # Shortcut (optional)
        "Greets the user",  # Tooltip (optional)
        act_icon)):         # Icon ID (optional)
    print "Action registered. Attaching to menu."

    # Insert the action in the menu
    if idaapi.attach_action_to_menu("Edit/Export data", act_name, idaapi.SETMENU_APP):
        print "Attached to menu."
    else:
        print "Failed attaching to menu."

    # Insert the action in a toolbar
    if idaapi.attach_action_to_toolbar("AnalysisToolBar", act_name):
        print "Attached to toolbar."
    else:
        print "Failed attaching to toolbar."

    # We will also want our action to be available in the context menu
    # for the "IDA View-A" widget.
    #
    # To do that, we could in theory retrieve a reference to "IDA View-A", and
    # then request to "permanently" attach the action to it, using something
    # like this:
    #   idaapi.attach_action_to_popup(ida_view_a, None, act_name, None)
    #
    # but alas, that won't do: widgets in IDA are very "volatile", and
    # can be deleted & re-created on some occasions (e.g., starting a
    # debugging session), and our efforts to permanently register our