Exemplo n.º 1
0
    def _markImmCompares(self):
        """
        Marks the immediate compares within the current function
        """
        self.output_window.append("Marking all immediate compares...")
        self.table_label.setText("Immediate compares within current function")

        INS_COLOR = 0x2020c0

        self.table.setColumnCount(2)
        self.table.setHorizontalHeaderLabels(("Address", "Disassembly"))
        self.table.clearContents()
        self.table.setRowCount(0)

        idx = 0
        for cmp_ea, dis in self.ba.find_imm_compares():

            self.table.insertRow(idx)

            addr_item = QTableWidgetItem("%x" % cmp_ea)
            addr_item.setFlags(addr_item.flags() ^ QtCore.Qt.ItemIsEditable)
            dis_item = cw.NumQTableWidgetItem("%s" % dis)

            self.table.setItem(idx, 0, addr_item)
            self.table.setItem(idx, 1, dis_item)

            misc.set_ins_color(cmp_ea, INS_COLOR)
            idx += 1
Exemplo n.º 2
0
    def _showMostReferenced(self):
        """
        Shows the most referenced functions.
        """
        self._console_output("Calculating most referenced functions...")
        self.table_label.setText("Most referenced functions")

        most_referenced = self.ba.most_referenced_functions()

        self.table.setColumnCount(3)
        self.table.setHorizontalHeaderLabels(("Address", "References", "Name"))
        self.table.clearContents()
        self.table.setRowCount(0)

        idx = 0

        # Fill with contents
        for f_ea, (ref_nr, ref_name) in most_referenced:

            self.table.insertRow(idx)
            addr_item = QTableWidgetItem("%x" % f_ea)
            addr_item.setFlags(addr_item.flags() ^ QtCore.Qt.ItemIsEditable)
            ref_item = cw.NumQTableWidgetItem("%d" % ref_nr)
            name_item = QTableWidgetItem(ref_name)

            self.table.setItem(idx, 0, addr_item)
            self.table.setItem(idx, 1, ref_item)
            self.table.setItem(idx, 2, name_item)

            idx += 1
Exemplo n.º 3
0
    def _showStringXrefs(self):
        """
        Displays string references in a table
        Optionally Shannon's misc.entropy as well
        """

        # Retrieve some config values
        show_misc_entropy = self.config.calculate_entropy
        show_unique_s = self.config.display_unique_strings

        self._console_output("Calculating string references...")

        self.ba.calculate_strings_list()
        s_ref_list = self.ba.get_string_references()

        # Found any references at all?
        nrows = len(s_ref_list)
        if not nrows:
            self._console_output("[!] No string references found", err=True)
            return

        if show_misc_entropy:
            self.table.setColumnCount(3)
            self.table.setHorizontalHeaderLabels(
                ("Address", "String", "Entropy"))

        else:
            self.table.setColumnCount(2)
            self.table.setHorizontalHeaderLabels(("Address", "String"))

        self.table_label.setText("String references in current function")
        self.table.clearContents()
        self.table.setRowCount(0)

        # Fill the table
        displayed_strings = []

        idx = 0
        for (addr, s) in s_ref_list:
            if show_unique_s and s in displayed_strings:
                continue

            displayed_strings.append(s)

            self.table.insertRow(idx)
            addr_item = QTableWidgetItem("%08x" % addr)
            addr_item.setFlags(addr_item.flags() ^ QtCore.Qt.ItemIsEditable)
            string_item = QTableWidgetItem(s.decode('utf-8'))
            string_item.setFlags(string_item.flags()
                                 ^ QtCore.Qt.ItemIsEditable)

            self.table.setItem(idx, 0, addr_item)
            self.table.setItem(idx, 1, string_item)

            if show_misc_entropy:
                misc_entropy_item = cw.NumQTableWidgetItem("%.4f" %
                                                           misc.entropy(s))
                self.table.setItem(idx, 2, misc_entropy_item)

            idx += 1
Exemplo n.º 4
0
    def _showConnectedBBs(self):
        """
        Shows a list of paths between selected basic blocks
        """
        self._console_output("Calculating paths between basic blocks...")
        bb_paths = self.ba.get_bb_connect_graph(self.config.connect_bb_cutoff)

        if not bb_paths:
            self._console_output("[!] Could not find paths between \
                basic blocks",
                                 err=True)
            return

        self.table.setColumnCount(2)
        self.table.setHorizontalHeaderLabels(("Path ID", "Length"))

        # Override the default double click callback
        self.table.cellDoubleClicked.connect(self._bbTableDoubleClicked)

        self.table_label.setText("Paths between Basic Blocks")
        self.table.clearContents()
        self.table.setRowCount(0)

        bb_paths_l = list(bb_paths)  # To reference by index :)

        if len(bb_paths_l) == 0:
            self._console_output("[!] Could not find paths. \
                Try increasing cutoff under Options",
                                 err=True)
            return

        for idx, path in enumerate(bb_paths_l):
            self.table.insertRow(idx)

            path_item = QTableWidgetItem("%d" % idx)
            path_item.setFlags(path_item.flags() ^ QtCore.Qt.ItemIsEditable)
            len_item = cw.NumQTableWidgetItem("%d" % len(path))
            len_item.setFlags(len_item.flags() ^ QtCore.Qt.ItemIsEditable)

            self.table.setItem(idx, 0, path_item)
            self.table.setItem(idx, 1, len_item)

        # Cache this
        self.ba.cache.bb_paths = bb_paths_l