def parse_function_type(ea: int, end: Optional[int] = None) -> str:
frame = idc.get_func_attr(ea, FUNCATTR_FRAME)
if frame is None:
return ""
if end is None: # try to find end
func = function_at(ea)
if not func:
return "?"
end = prev_addr(get_func_attr(func, FUNCATTR_END))
end_addr = end
mnem = GetDisasm(end_addr)
if "ret" not in mnem:
# it's not a real end, get instruction before...
end_addr = prev_addr(end)
if end_addr == BADADDR:
# cannot get the real end
return ""
mnem = GetDisasm(end_addr)
if "ret" not in mnem:
# cannot get the real end
return ""
op = get_operand_type(end_addr, 0)
if op == o_void:
# retn has NO parameters
return "__cdecl"
# retn has parameters
return "__stdcall"
def handleHookInstCust(self, screenEA=None):
if screenEA is not None:
address = screenEA
else:
address = ScreenEA()
# safety checks, can be start of the function
if address in self.idbHookMap and self.idbHookMap[
address].hook.type == "func":
dlg = AskYN(
0,
"Address contains function hook!\nDo you want to remove it?")
if dlg != 1:
return
# remove function hook
self.handleUnhookFunc(address)
offset, moduleName = self.getAddressDetails(address)
hookDlg = InstructionHookDialog(moduleName, "%X" % address,
GetDisasm(address), None)
hookDlg.Compile()
hookDlg.script.value = ""
ok = hookDlg.Execute()
if ok != 1:
return
hook = InstHook()
hook.id = address
hook.mnemonic = GetDisasm(address)
hook.address = offset
hook.module = moduleName
hook.once = True if hookDlg.trigger.value == 0 else False
hook.recentScriptFile = hookDlg.recentScriptFile
hook.script = hookDlg.script.value
entry = HookEntry(hook)
outJSON = json.dumps({
"req_id": kFridaLink_SetHookRequest,
"data": entry.genSetRequest()
})
SetColor(address, CIC_ITEM, kIDAViewColor_HookedInst)
refresh_idaview_anyway()
self.clientSocket.sendto(outJSON, self.clientAddress)
self.idbHookMap[address] = entry
self.idbHooksView.setContent(self.idbHookMap)
def handleQuickInstHook(self, address, once, breakpoint=False):
# safety checks, can be start of the function
if address in self.idbHookMap and self.idbHookMap[
address].hook.type == "func":
dlg = AskYN(
0,
"Address contains function hook!\nDo you want to remove it?")
if dlg != 1:
return
# remove function hook
self.handleUnhookFunc(address)
offset, moduleName = self.getAddressDetails(address)
hook = InstHook()
hook.id = address
hook.mnemonic = GetDisasm(address)
hook.address = offset
hook.module = moduleName
hook.once = once
hook.breakpoint = breakpoint
entry = HookEntry(hook)
outJSON = json.dumps({
"req_id": kFridaLink_SetHookRequest,
"data": entry.genSetRequest()
})
SetColor(address, CIC_ITEM, kIDAViewColor_HookedInst)
refresh_idaview_anyway()
self.clientSocket.sendto(outJSON, self.clientAddress)
self.idbHookMap[address] = entry
self.idbHooksView.setContent(self.idbHookMap)
def GetInstructions(start_ea, end_ea):
ins = []
for head in idautils.Heads(start_ea, end_ea):
if idaapi.isCode(idaapi.getFlags(head)):
ins.append(Instruction(head, GetDisasm(head)))
return ins
def GetInstructions(start_ea, end_ea):
"""
Return a list of all the instructions in the range [start_ea, end_ea].
"""
ins = []
for head in idautils.Heads(start_ea, end_ea):
if idaapi.isCode(idaapi.getFlags(head)):
ins.append(Instruction(head, GetDisasm(head)))
return ins
def handleDebugStepOver(self):
if self.clientSocket is None:
return
if self.debugBreakId is None:
return
cur_ea = self.debugBreakId
decode_insn(cur_ea)
next_ea = cur_ea + idaapi.cmd.size
if isCode(getFlags(next_ea)) == False:
return
entry = None
# remove current
if self.debugBreakId in self.idbHookMap:
entry = self.idbHookMap[self.debugBreakId]
outJSON = json.dumps({
"req_id": kFridaLink_DelHookRequest,
"data": entry.genDelRequest()
})
del self.idbHookMap[self.debugBreakId]
self.clientSocket.sendto(outJSON, self.clientAddress)
SetColor(self.debugBreakId, CIC_ITEM, kIDAViewColor_Reset)
refresh_idaview_anyway()
offset, moduleName = self.getAddressDetails(next_ea)
# install next
if entry == None:
hook = InstHook()
hook.id = next_ea
hook.once = once
hook.breakpoint = True
entry = HookEntry(hook)
entry.hook.id = next_ea
entry.hook.mnemonic = GetDisasm(next_ea)
entry.hook.address = offset
entry.hook.module = moduleName
outJSON = json.dumps({
"req_id": kFridaLink_SetHookRequest,
"data": entry.genSetRequest()
})
self.clientSocket.sendto(outJSON, self.clientAddress)
self.idbHookMap[next_ea] = entry
self.idbHooksView.setContent(self.idbHookMap)
self.handleDebugContinue()
def handleGetRealAddress(self, screenEA=None):
if screenEA is not None:
address = screenEA
else:
address = ScreenEA()
offset, moduleName = self.getAddressDetails(address)
for module in self.targetModules:
if module['name'] == moduleName:
moduleBase = module['base']
realAddr = int(moduleBase, 16) + offset
self.handleFraplLog(
"info", "[ %s ] 0x%X => 0x%X %s" %
(moduleName, address, realAddr, GetDisasm(address)))
break
def _hook_code(self, uc, address, size, user_data):
if self.traceOption & TRACE_CODE:
self._addTrace("### Trace Instruction at 0x%x, size = %u, %s" %
(address, size, GetDisasm(address)))
if address in self.altFunc.keys():
func, argc, balance = self.altFunc[address]
try:
sp = uc.reg_read(self.REG_SP)
if self.REG_RA == 0:
RA = unpack(self.pack_fmt, str(uc.mem_read(sp,
self.step)))[0]
sp += self.step
else:
RA = uc.reg_read(self.REG_RA)
args = []
i = 0
while i < argc and i < len(self.REG_ARGS):
args.append(uc.reg_read(self.REG_ARGS[i]))
i += 1
sp2 = sp
while i < argc:
args.append(
unpack(self.pack_fmt, str(uc.mem_read(sp2,
self.step)))[0])
sp2 += self.step
i += 1
res = func(uc, self.logBuffer, args)
if type(res) != int: res = 0
uc.reg_write(self.REG_RES, res)
uc.reg_write(self.REG_PC, RA)
if balance:
uc.reg_write(self.REG_SP, sp2)
else:
uc.reg_write(self.REG_SP, sp)
except Exception as e:
self._addTrace("alt exception: %s" % e)
def handleHookInstEdit(self, screenEA=None):
if self.hookedInstruction() == False:
return
if screenEA is not None:
address = screenEA
else:
address = ScreenEA()
entry = self.idbHookMap[address]
entry.hook.mnemonic = GetDisasm(address)
hookDlg = InstructionHookDialog(entry.hook.module,
"%X" % entry.hook.id,
entry.hook.mnemonic,
entry.hook.recentSrcFile)
hookDlg.Compile()
hookDlg.script.value = entry.hook.script
hookDlg.trigger.value = 0 if entry.hook.once == True else 1
ok = hookDlg.Execute()
if ok != 1:
return
flags = HookEntry.UDP_NONE
once = True if hookDlg.trigger.value == 0 else False
if entry.hook.once != once:
entry.hook.once = once
flags |= HookEntry.UPD_TRIGGER
entry.hook.recentSrcFile = hookDlg.recentScriptFile
if entry.hook.script != hookDlg.script.value:
entry.hook.script = hookDlg.script.value
flags |= HookEntry.UPD_SCRIPT
outJSON = json.dumps({
"req_id": kFridaLink_UpdHookRequest,
"data": entry.genUpdRequest(flags)
})
self.clientSocket.sendto(outJSON, self.clientAddress)
def resolveStackAddress(self, address, symbol):
if symbol[0] == "0x0":
return None
info = {}
info['module'] = str(symbol[1])
segm = get_segm_by_name(info['module'])
if segm is not None:
locEA = segm.startEA
delta = address - int(symbol[0], 16) + locEA
func = get_func(delta)
if func is not None:
info['symbol'] = str(get_func_name(delta))
else:
info['symbol'] = str(GetDisasm(delta))
elif symbol[2] != '':
if symbol[2] == '<redacted>':
info['symbol'] = "+0x%X" % (address - int(symbol[0], 16))
else:
info['symbol'] = str(symbol[2])
else:
info['symbol'] = ''
return info
def make_item(self, value):
#[["Address", 16], ["VTable addresses", 16], ["Name", 16], ["Instruction", 16]]
tmp = " | ".join(map(lambda x: "0x%.8x" % x, value[1]))
r = ["0x%.8x" % value[0], tmp, GetDisasm(value[0]).split(";")[0]]
self.n += 1
return r