def create_function_data(symbol, overwrite_names, offset, identFunc, identData, import_functions, import_objects): typeSymbol = symbol.get("type") if (typeSymbol == identFunc) and import_functions: IDAtools.create_function(symbol, overwrite_names, offset) elif (typeSymbol == identData) and import_objects: IDAtools.create_object(symbol, overwrite_names, offset)
def build_enum(self, line): if not self.createCSV: name = self.clean_name(line.get("name")) IDAtools.set_enum(name) enumerators = line.get("enumerators") for i in enumerators: IDAtools.set_enum_member(name, i[1].get("name"), i[1].get("value"))
def build_function(self, line): name = self.clean_name(line.get("name")) parameter = line.get("parameter") functionType = line.get("functionType") if functionType != None: returntype = functionType.get("returnType") parametertypes = functionType.get("parameter") function_signature = self.get_type_string( returntype) + " " + name + "(" if len(parameter) > len(parametertypes): parameter_count = len(parameter) else: parameter_count = len(parametertypes) for parameter_index in range(parameter_count): if parameter_index != 0: function_signature = function_signature + " ," try: parameter_indentifier = str( parameter[parameter_index][1].get("name")) except (IndexError, TypeError): parameter_indentifier = "UNKNOWN" if parameter_indentifier == " " or parameter_indentifier == "" or parameter_indentifier == None: parameter_indentifier = "UNKNOWN" try: parameter_type = self.get_type_string( parametertypes[parameter_index][1]) if parameter_type == "" or parameter_type == " " or parameter_type == None: parameter_type = "_UNKNOWN" current_type = parametertypes[parameter_index][1] if current_type: if current_type.get("table") == "ArrayType": size = current_type.get("size") function_signature = function_signature + parameter_type + " " + parameter_indentifier + " [" + str( size) + "]" else: function_signature = function_signature + parameter_type + " " + parameter_indentifier except (IndexError): parameter_type = "_UNKNOWN" function_signature = function_signature + parameter_type + " " + parameter_indentifier function_signature = function_signature + ")" else: function_signature = "void " + name + "()" if not self.createCSV: IDAtools.set_function_type(name, function_signature) else: self.csvLines.append([name, function_signature])
def import_hardware_regs(overwrite_names, Path, import_segments): segements = ParseHardwareregisterFile.get_segments(Path) register = ParseHardwareregisterFile.get_register(Path) if import_segments: for seg in segements: IDAtools.create_segement(seg, 0) for regs in register: IDAtools.create_object(regs, overwrite_names, 0)
def build_typedef(self, line): if not self.createCSV: localType_name = self.clean_name(line.get("name")) localType_type = self.get_type_string(line.get("type")) type_string = "typedef " + localType_type + " " + localType_name if (line.get("type")) and (line.get("type").get("table") == "ArrayType"): size = line.get("type").get("size") type_string = type_string + " [" + str(size) + "]" IDAtools.set_local_type(type_string, localType_name)
def build_global_variable(self, line): if not self.createCSV: varibale_name = self.clean_name(line.get("name")) varibale_type = self.get_type_string(line.get("type")) typestring = str(varibale_type) + " " + str(varibale_name) if (line.get("type") ) and line.get("type").get("table") == "ArrayType": size = line.get("type").get("size") typestring = typestring + " [" + str(size) + "]" IDAtools.set_global_data(varibale_name, typestring)
def import_file(gui_Object, filePath, import_functions, import_objects, import_sections, overwrite_names, offset): progressCounter = 0 if filePath.endswith(".elf"): #elf file elfReader = Elfloader(filePath) if import_sections: for sections in elfReader.get_all_sections(): IDAtools.create_segement(sections, offset) listSymbols = elfReader.get_all_symbols() for symbol in listSymbols: gui_Object.set_progress( int(progressCounter / len(listSymbols) * 100)) progressCounter = progressCounter + 1 Controller.create_function_data(symbol, overwrite_names, offset, 'FUNC', 'OBJECT', import_functions, import_objects) else: #Polypyus csv export fileLines = open(filePath, 'r').readlines() fileLines = [x.strip() for x in fileLines] for i in fileLines: gui_Object.set_progress( int(progressCounter / len(fileLines) * 100)) progressCounter = progressCounter + 1 line = i.split(" ") line = list(filter(None, line)) try: symbol = { 'name': line[0], 'addr': str(int(line[1], 16)), 'size': line[2], 'type': line[4] } except (IndexError, ValueError): continue Controller.create_function_data(symbol, overwrite_names, offset, 'FUNC', 'OBJECT', import_functions, import_objects)
def read_cpp_enumeration(self, line): name = line.get("Name") if IDAtools.is_in_ida("Enumeration", name): return {"table": "PDOMCPPEnumeration","name" : name} enumerators = self.get_array_list("IEnumerator", line.get("ID"),"enumerators") result = {"table":"PDOMCPPEnumeration","name" : name ,"enumerators" : enumerators} self.symbol_builder.build_enum(result) return result
def read_cpp_constructor_specialization_type(self, line): name = line.get("Name") parameter = self.get_array_list("ICPPParameter",line.get("ID"), "parameters") functionType = self.call_cpp_function_by_owner(line.get("TypeTable"),line.get("ID"),"type") if IDAtools.is_in_ida("CPPFunction", name): return {"table":"CPPConstructorSpecialization","name":name ,"parameter":parameter,"functionType":functionType} result = {"table":"CPPConstructorSpecialization","name":name,"argumentCount ": argumentCount ,"parameter":parameter,"functionType":functionType} self.symbol_builder.build_function(result) return result
def read_c_structure(self, line): name = line.get("Name") if IDAtools.is_in_ida("Structure", name): return {"table": "PDOMCStructure", "name": name} fields = self.get_array_list("IField", line.get("ID"), "fields") result = {"table": "PDOMCStructure", "name": name, "fields": fields} self.symbol_builder.build_struct(result) return result
def read_cpp_class_template_partial_specialization(self, line): name = line.get("Name") if IDAtools.is_in_ida("Structure", name): return {"table": "PDOMCPPClassTemplatePartialSpecialization","name" : name} fields = self.get_array_list("IField", line.get("ID"),"fields") methods = self.get_array_list("ICPPMethod", line.get("ID"),"methods") result = {"table": "PDOMCPPClassTemplatePartialSpecialization", "name":line.get("Name"),"fields": fields,"methods": methods} self.symbol_builder.build_class_type(result) return result
def read_cpp_class_instance(self, line): name = line.get("Name") if IDAtools.is_in_ida("Structure", name): return {"table": "PDOMCPPClassType","name" : name} fields = self.get_array_list("IField", line.get("ID"),"fields") methods = self.get_array_list("ICPPMethod", line.get("ID"),"methods") result = {"table": "PDOMCPPClassInstance", "name":line.get("Name"),"fields": fields,"methods": methods} self.symbol_builder.build_class_type(result) return result
def read_cpp_method_instance(self, line): name = line.get("Name") argumentCount = line.get("requiredArgumentCount") parameter = self.get_array_list("ICPPParameter",line.get("ID"), "parameters") functionType = self.call_cpp_function_by_owner(line.get("TypeTable"),line.get("ID"),"type") if IDAtools.is_in_ida("CPPFunction", name): return {"table":"PDOMCPPMethodInstance","name":name,"argumentCount ": argumentCount ,"parameter":parameter,"functionType":functionType} result = {"table":"PDOMCPPMethodInstance","name":name,"argumentCount ": argumentCount ,"parameter":parameter,"functionType":functionType} self.symbol_builder.build_function(result) return result
def read_cpp_typedef_specialization(self, line): name = line.get("Name") if line.get("TypeTableSubId") == 0: type = self.call_cpp_function_by_owner(line.get("TypeTable"), line.get("ID"), "type") else: type = self.call_cpp_function_by_id(line.get("TypeTable"), line.get("TypeTableSubId")) result = {"table":"PDOMCPPTypedefSpecialization","name": name, "type" :type} if IDAtools.is_in_ida("Typedef", name): return result self.symbol_builder.build_typedef(result) return result
def read_cpp_variable(self, line): name = line.get("Name") if line.get("TypeTableSubId") == 0: type = self.call_cpp_function_by_owner(line.get("TypeTable"), line.get("ID"), "type") else: type = self.call_cpp_function_by_id(line.get("TypeTable"), line.get("TypeTableSubId")) result = {"table":"PDOMCPPVariable","name": name , "type": type} if IDAtools.is_in_ida("Variable", name): return result self.symbol_builder.build_global_variable(result) return result
def read_c_function(self, line): name = line.get("Name") parameter = self.get_array_list("IParameter", line.get("ID"), "parameters") functionType = self.call_c_function_by_owner(line.get("TypeTable"), line.get("ID"), "type") result = { "table": "PDOMCFunction", "name": name, "parameter": parameter, "functionType": functionType } if IDAtools.is_in_ida("CFunction", name): return result self.symbol_builder.build_function(result) return result
def read_cpp_constructor_template(self, line): name = line.get("Name") argumentCount = line.get("requiredArgumentCount") parameter = self.get_array_list("ICPPParameter",line.get("ID"), "parameters") functionType = self.call_cpp_function_by_owner(line.get("FunctionTypeTable"),line.get("ID"),"type") allInstances = self.get_array_list("ICPPTemplateInstance",line.get("ID"), "allInstances") templateParameters = self.get_array_list("IPDOMCPPTemplateParameter",line.get("ID"), "templateParameters") result = {"table":"PDOMCPPConstructorTemplate","name":name,"argumentCount ": argumentCount ,"parameter":parameter,"functionType":functionType} if IDAtools.is_in_ida("CPPFunctionTemplate", name): return result self.symbol_builder.build_function(result) return result
def build_struct(self, line): if not self.createCSV: structname = self.clean_name(line.get("name")) IDAtools.set_struct(structname) fields = line.get("fields") for field in fields: try: if field[1].get("table") == "PDOMCPPConstructor" or field[ 1].get("table") == "PDOMCPPMethod" or field[1].get( "table") == "PDOMCPPFunction" or field[1].get( "table") == "PDOMCFunction": fieldName = field[1].get("name") type = field[1].get("functionType") size = IDAtools.get_size(fieldName, type.get("table"), type) flag_andTypeID = IDAtools.get_flag_and_id(size, type) IDAtools.set_struct_member(structname, fieldName, flag_andTypeID, size) else: fieldName = field[1].get("name") type = field[1].get("type") size = 1 if type: if type.get("table") == "BasicType" and field[ 1].get("table") == "PDOMCField": size = IDAtools.get_size( type.get("name"), type.get("table"), type) else: size = IDAtools.get_size( fieldName, type.get("table"), type) flag_andTypeID = IDAtools.get_flag_and_id(size, type) IDAtools.set_struct_member(structname, fieldName, flag_andTypeID, size) except SyntaxError: pass
def import_database(gui_Object, referenceFilePath, additionalPathList): csvFiles = [] #save produced csv files referencePDOM = referenceFilePath.split("/")[-1] additionalPathList.append(referenceFilePath) pathMap = {} #save path of the database of each used pdom progress_counter = 1 symbol_builder = SymbolBuilder(True) #search in each database for possible signatures for database_path in additionalPathList: gui_Object.set_state("Build CSV " + str(progress_counter) + "/" + str(len(additionalPathList))) progress_counter = progress_counter + 1 currentPath = os.getcwd() try: os.mkdir(currentPath + "/comparedDatabases") except: pass csvFolder = currentPath + "/comparedDatabases/" created_csv_path = csvFolder + database_path.split( "/")[-1] + "." + str(time.time()) + ".csv" Controller = SqlController(database_path) #search for signatures and produce csv: listOfFunctioNames = IDAtools.get_names() ReadDatabase.import_symbols_from_list(Controller, gui_Object, listOfFunctioNames, symbol_builder) symbol_builder.write_csv(created_csv_path, database_path.split("/")[-1]) #clear searched symbols for next database IDAtools.clean_dict() symbol_builder.clean_csvLines() csvFiles.append(created_csv_path) pathMap[database_path.split("/")[-1]] = database_path #create final signature file finalSignaturesCSVPath = SignatureBuilder.get_final_signature_csv( csvFiles, referencePDOM, csvFolder) listImportSig = list( csv.reader(open(finalSignaturesCSVPath, 'r'), delimiter=";")) #import final signatures symbol_builder.set_writeCSV(False) controllerMap = {} progressCounter = 0 for line in listImportSig: #[symbolName, signature, databasePDOM1, databasePDOM2, ....] gui_Object.set_progress( int(progressCounter / len(listImportSig) * 100)) progressCounter = progressCounter + 1 gui_Object.set_state("Import best signatures") symbol = line[0] signature = line[1] for pdoms in line[2:]: if not pdoms in controllerMap: controllerMap[pdoms] = SqlController(pathMap[pdoms]) Controller = controllerMap[pdoms] ReadDatabase.import_symbols_from_list(Controller, gui_Object, [symbol], symbol_builder) IDAtools.set_function_type(symbol, signature, True)