def run(self, arg):
start, end = sark.get_selection()
struct_name = idc.AskStr(self._prev_struct_name, "Struct Name")
if not struct_name:
return
self._prev_struct_name = struct_name
common_reg = sark.structure.get_common_register(start, end)
reg_name = idc.AskStr(common_reg, "Register")
if not reg_name:
return
offsets, operands = sark.structure.infer_struct_offsets(
start, end, reg_name)
try:
sark.structure.create_struct_from_offsets(struct_name, offsets)
except sark.exceptions.SarkStructAlreadyExists:
yes_no_cancel = idc.AskYN(
idaapi.ASKBTN_NO, "Struct already exists. Modify?\n"
"Cancel to avoid applying the struct.")
if yes_no_cancel == idaapi.ASKBTN_CANCEL:
return
elif yes_no_cancel == idaapi.ASKBTN_YES:
sid = sark.structure.get_struct(struct_name)
sark.structure.set_struct_offsets(offsets, sid)
else: # yes_no_cancel == idaapi.ASKBTN_NO:
pass
sark.structure.apply_struct(start, end, reg_name, struct_name)
def run(self, arg):
start, end = sark.get_selection()
struct_name = idc.AskStr(self._prev_struct_name, "Struct Name")
if not struct_name:
return
self._prev_struct_name = struct_name
common_reg = sark.structure.get_common_register(start, end)
reg_name = idc.AskStr(common_reg, "Register")
if not reg_name:
return
offsets, operands = sark.structure.infer_struct_offsets(start, end, reg_name)
try:
sark.structure.create_struct_from_offsets(struct_name, offsets)
except sark.exceptions.SarkStructAlreadyExists:
yes_no_cancel = idc.AskYN(idaapi.ASKBTN_NO,
"Struct already exists. Modify?\n"
"Cancel to avoid applying the struct.")
if yes_no_cancel == idaapi.ASKBTN_CANCEL:
return
elif yes_no_cancel == idaapi.ASKBTN_YES:
sid = sark.structure.get_struct(struct_name)
sark.structure.set_struct_offsets(offsets, sid)
else: # yes_no_cancel == idaapi.ASKBTN_NO:
pass
sark.structure.apply_struct(start, end, reg_name, struct_name)
def copy_current_file_offset():
"""Get the file-offset mapped to the current address."""
start, end = sark.get_selection()
try:
file_offset = sark.core.get_fileregion_offset(start)
clipboard.copy("0x{:08X}".format(file_offset))
except sark.exceptions.NoFileOffset:
message("The current address cannot be mapped to a valid offset of the input file.")
def apply_enum_by_name(enum, member_name):
member_value = enum.members[member_name].value
for line in sark.lines(*sark.get_selection()):
for operand in line.insn.operands:
if operand.type.is_imm:
if operand.imm == member_value:
idc.OpEnumEx(line.ea, operand.n, enum.eid, enum.members[member_name].serial)
elif operand.type.is_displ or operand.type.is_phrase:
if operand.addr == member_value:
idc.OpEnumEx(line.ea, operand.n, enum.eid, enum.members[member_name].serial)
def run(self, arg):
start, end = sark.get_selection()
if not sark.structure.selection_has_offsets(start, end):
message('No structure offsets in selection. Operation cancelled.')
idaapi.warning(
'No structure offsets in selection. Operation cancelled.')
return
struct_name = idc.AskStr(self._prev_struct_name, "Struct Name")
if not struct_name:
message("No structure name provided. Operation cancelled.")
return
self._prev_struct_name = struct_name
common_reg = sark.structure.get_common_register(start, end)
reg_name = idc.AskStr(common_reg, "Register")
if not reg_name:
message("No offsets found. Operation cancelled.")
return
try:
offsets, operands = sark.structure.infer_struct_offsets(
start, end, reg_name)
except sark.exceptions.InvalidStructOffset:
message(
"Invalid offset found. Cannot create structure.",
"Make sure there are no negative offsets in the selection.")
return
except sark.exceptions.SarkInvalidRegisterName:
message(
"Invalid register name {!r}. Cannot create structs.".format(
reg_name))
return
try:
sark.structure.create_struct_from_offsets(struct_name, offsets)
except sark.exceptions.SarkStructAlreadyExists:
yes_no_cancel = idc.AskYN(
idaapi.ASKBTN_NO, "Struct already exists. Modify?\n"
"Cancel to avoid applying the struct.")
if yes_no_cancel == idaapi.ASKBTN_CANCEL:
return
elif yes_no_cancel == idaapi.ASKBTN_YES:
sid = sark.structure.get_struct(struct_name)
sark.structure.set_struct_offsets(offsets, sid)
else: # yes_no_cancel == idaapi.ASKBTN_NO:
pass
sark.structure.apply_struct(start, end, reg_name, struct_name)
def apply_enum_by_name(enum, member_name):
member_value = enum.members[member_name].value
for line in sark.lines(*sark.get_selection()):
for operand in line.insn.operands:
if operand.type.is_imm:
if operand.imm == member_value:
idc.OpEnumEx(line.ea, operand.n, enum.eid,
enum.members[member_name].serial)
elif operand.type.is_displ or operand.type.is_phrase:
if operand.addr == member_value:
idc.OpEnumEx(line.ea, operand.n, enum.eid,
enum.members[member_name].serial)
def get_common_value():
values = defaultdict(int)
for line in sark.lines(*sark.get_selection()):
for operand in line.insn.operands:
if operand.type.is_imm:
values[operand.imm] += 1
elif operand.type.is_displ or operand.type.is_phrase:
values[operand.addr] += 1
# Ignore 0 as it is usually not interesting
values[0] = 0
# Get the most common value
common_value = max(values.iteritems(), key=lambda x: x[1])[0]
return common_value
def get_common_value():
values = defaultdict(int)
for line in sark.lines(*sark.get_selection()):
for operand in line.insn.operands:
if operand.type.is_imm:
values[operand.imm] += 1
elif operand.type.is_displ or operand.type.is_phrase:
values[operand.addr] += 1
# Ignore 0 as it is usually not interesting
values[0] = 0
# Get the most common value
common_value = max(values.iteritems(), key=lambda x: x[1])[0]
return common_value
def run(self, arg):
start, end = sark.get_selection()
struct_name = idc.AskStr(self._prev_struct_name, "Struct Name")
if not struct_name:
message("No structure name provided. Operation cancelled.")
return
self._prev_struct_name = struct_name
common_reg = sark.structure.get_common_register(start, end)
reg_name = idc.AskStr(common_reg, "Register")
if not reg_name:
message("No offsets found. Operation cancelled.")
return
try:
offsets, operands = sark.structure.infer_struct_offsets(start, end, reg_name)
except sark.exceptions.InvalidStructOffset:
message("Invalid offset found. Cannot create structure.",
"Make sure there are no negative offsets in the selection.")
return
except sark.exceptions.SarkInvalidRegisterName:
message("Invalid register name {!r}. Cannot create structs.".format(reg_name))
return
try:
sark.structure.create_struct_from_offsets(struct_name, offsets)
except sark.exceptions.SarkStructAlreadyExists:
yes_no_cancel = idc.AskYN(idaapi.ASKBTN_NO,
"Struct already exists. Modify?\n"
"Cancel to avoid applying the struct.")
if yes_no_cancel == idaapi.ASKBTN_CANCEL:
return
elif yes_no_cancel == idaapi.ASKBTN_YES:
sid = sark.structure.get_struct(struct_name)
sark.structure.set_struct_offsets(offsets, sid)
else: # yes_no_cancel == idaapi.ASKBTN_NO:
pass
sark.structure.apply_struct(start, end, reg_name, struct_name)
def run(self, arg):
start, _ = sark.get_selection()
regnamePluginStarter(start)
def copy_current_address():
start, end = sark.get_selection()
clipboard.copy("0x{:08X}".format(start))
def copy_current_selection():
start, end = sark.get_selection()
buffer = sark.data.read_memory(start, end)
clipboard.copy(buffer.encode("hex-bytes"))
def run(self, arg):
print arg
start, _ = sark.get_selection()
oregamiPluginStarter(start, tabMode=False, recursive_bool=False)
def run(self, arg):
start, _ = sark.get_selection()
typeregterPluginStarter(start)
def run(arg):
start, _ = sark.get_selection()
regname_plugin_starter(start)
