def publish(self, rename=True, patch=True):
"""
- Saves encoded string to external kordesii Reporter
- Prints a report about the string to the console
- renames and patches the IDB with decoded data
:param rename: Whether to rename the string in the IDB.
:param patch: Whether to patch the string with the decoded variant in the IDB.
"""
if not self.decoded_data:
logger.warning('Unable to publish string {!r}. Missing decoded_data.'.format(self))
return
# FIXME: Even though we strip nulls in __unicode__(), there still seems to be some strings
# with null characters seeping through.
kordesii.append_string(self._decode_unknown_charset().rstrip(u'\x00'))
print('\n')
display = self.report()
print(display)
if rename:
self.rename()
if patch:
self.patch()
def publish(self, rename=True, patch=True, fill_char=b'\x00', define=True):
"""
- Saves encoded string to external kordesii Reporter
- Prints a report about the string to the console
- renames and patches the IDB with decoded data
:param rename: Whether to rename the string in the IDB.
:param patch: Whether to patch the string with the decoded variant in the IDB.
:param str fill_char:
Character to use to fill left over space if decoded data
is shorter than its encoded data.
Set to None leaving the original data.
:param bool define: Whether to define the string after patching.
"""
if not self.decoded_data:
logger.warning(
"Unable to publish string {!r}. Missing decoded_data.".format(self)
)
return
# FIXME: Even though we strip nulls in __unicode__(), there still seems to be some strings
# with null characters seeping through.
kordesii.append_string(str(self).rstrip(u"\x00"))
print("\n")
display = self.report()
print(display)
if rename:
self.rename()
if patch:
self.patch(fill_char=fill_char, define=define)
def main():
stacked = getstackstrings()
print("\n")
for loc, end, string in sorted(stacked.strings, key=lambda tup: tup[0]):
func_name: str = idaapi.get_func_name(loc)
line = func_name.encode() + f", 0x{loc:X}: \x00".encode() + string + b'"' # Use the \x00 for the replace below
print((line.replace(b"\\x00", b'"\n\t\t"').replace(b'"\n', b"\n", 1) + b"\n").decode())
kordesii.append_string(string.replace(b"\\x00", b"\n"))
print("Found " + str(len(stacked.strings)) + " stack strings.")
def main():
stacked = getstackstrings()
print '\n'
for loc, end, string in sorted(stacked.strings, key=lambda tup: tup[0]):
func_name = idaapi.get_func_name(loc)
line = func_name + ', 0x%X: \x00' % loc + string + '"' # Use the \x00 for the replace below
print line.encode('string-escape').replace('\\x00', '"\n\t\t"').replace('"\n', '\n', 1) + '\n'
kordesii.append_string(string.replace('\\x00', '\n'))
print "Found " + str(len(stacked.strings)) + " stack strings."