def run(self, ctx): if ctx.getSoftwareVersion() < Version.create(3, 8): print('You need JEB 3.8+ to run this script!') return if not isinstance(ctx, IGraphicalClientContext): print('This script must be run within a graphical client') return prj = ctx.getMainProject() csf_str = prj.getData(ConstStringFilter.CSF_KEY) if not csf_str: ctx.displayMessageBox( 'Constant String List', 'No recorded result yet!\nPlease run ConstStringFilter.py first.', IconType.INFORMATION, None) return csf_json = json.loads(csf_str) # print('Current Filter result (%d): %s' % (len(csf_json), csf_json)) headers = ['Address', 'Constant String', 'Comment'] rows = [] for unit_id, ocs_map in csf_json.items(): for ocs, e in ocs_map.items(): const_str, real_str, addr = e # note we're appended uid, but it won't be displayed (per the header's spec above, which specifies 6 columns - not 7) rows.append([addr, const_str, real_str, unit_id]) # e + uid index = ctx.displayList( 'Constant String filter results', 'Note: The <Comment> column may have the corresponding decoded/decrypted result.', headers, rows) if index < 0: return sel = rows[index] addr, ocs, cmt, unit_id = sel[0], sel[1], sel[2], int(sel[3]) # print('Selected: unit_id=%d,ConstStr=%s,addr=%s' % (uid, ocs, addr)) unit = RuntimeProjectUtil.findUnitByUid(prj, unit_id) if not unit: print( 'Unit with uid=%d was not found in the project or no longer exists!' % unit_id) return if not ctx.openView(unit): print('Could not open view for unit!') else: f = ctx.findFragment(unit, "Disassembly", True) if not f: print('Fragment Disassembly not found!') elif addr: f.setActiveAddress(addr) if not unit.getComment(addr) and cmt: unit.setComment(addr, cmt)
def run(self, ctx): if ctx.getSoftwareVersion() < Version.create(3, 8): print('You need JEB 3.8+ to run this script!') return prj = ctx.getMainProject() bmstr = prj.getData(BookmarkSet.BMKEY) if not bmstr: ctx.displayMessageBox('Bookmarks', 'No recorded boolmarks yet!', IconType.INFORMATION, None) return bm = json.loads(bmstr) log('Current bookmarks (%d): %s' % (len(bm), bm)) headers = [ 'Timestamp', 'Full Unit Path', 'Name', 'Fragment', 'Address', 'Comment' ] rows = [] for uid, labelmap in bm.items(): for label, addrmap in labelmap.items(): for addr, e in addrmap.items(): unitpath, unitname, comment, ts = e # note we're appended uid, but it won't be displayed (per the header's spec above, which specifies 6 columns - not 7) rows.append([ datetime.datetime.fromtimestamp(ts).ctime(), unitpath, unitname, label, addr, comment, uid ]) index = ctx.displayList( 'Bookmarks', 'List of currently set bookmarks in the active project', headers, rows) if index < 0: return sel = rows[index] uid, label, addr = int(sel[6]), sel[3], sel[4] log('Selected: uid=%d,fragment=%s,addr=%s' % (uid, label, addr)) unit = RuntimeProjectUtil.findUnitByUid(prj, uid) if not unit: print( 'Unit with uid=%d was not found in the project or no longer exists!' % uid) return if not ctx.openView(unit): print('Could not open view for unit!') else: f = ctx.findFragment(unit, label, True) if not f: print('Fragment "%s" not found!' % label) elif addr: f.setActiveAddress(addr)
def run(self, ctx): self.ctx = ctx if not isinstance(self.ctx, IGraphicalClientContext): print ('This script must be run within a graphical client') return engctx = ctx.getEnginesContext() if not engctx: print('Back-end engines not initialized') return projects = engctx.getProjects() if not projects: print('There is no opened project') self.prj = ctx.getMainProject() self.iiunit = self.prj.findUnit(IInteractiveUnit) self.dexunits = RuntimeProjectUtil.findUnitsByType(self.prj, IDexUnit, False) defaultValue = '5' caption = 'Search Java Methods' message = Template input = ctx.displayQuestionBox(caption, message, defaultValue) if input == None: return try: chosen = int(input) except Exception as e: chosen = 1 global custom_regex_pattern custom_regex_pattern = re.compile("JavascriptInterface") if chosen == 2: crp_caption = "Search Java methods by name pattern." elif chosen == 4: crp_caption = "Search Java methods by annotation pattern." if chosen in [2, 4]: message = "custom_regex_pattern = re.compile(input)" input = ctx.displayQuestionBox(crp_caption, message, "") if not input: return custom_regex_pattern = re.compile(input) print("Start search Java methods in dex . . .") rows = [] print(len(self.dexunits)) for unit in self.dexunits: assert isinstance(unit, IDexUnit) # print("unit") # for debug potential crash if unit.getName() != "Bytecode": continue for clazz in unit.getClasses(): assert isinstance(clazz, IDexClass) sourceIndex = clazz.getSourceStringIndex() clazzAddress = clazz.getAddress() #if "" != clazzAddress: continue DexAnnotationsDirectory = clazz.getAnnotationsDirectory() if chosen in [1, 2]: for mtd in clazz.getMethods(): assert isinstance(mtd, IDexMethod) flag = mtd.getGenericFlags() mtdname = mtd.getName() if chosen == 1 and flag & ICodeItem.FLAG_NATIVE or chosen == 2 and regex_pattern_search(mtdname, custom_regex_pattern): row = [mtd.getSignature(), clazz.getName(), mtd.getName(), unit.getUid()] rows.append(row) elif chosen in [3, 4] and DexAnnotationsDirectory: for DexAnnotationForMethod in DexAnnotationsDirectory.getMethodsAnnotations(): assert isinstance(DexAnnotationForMethod, IDexAnnotationForMethod) mtdidx = DexAnnotationForMethod.getMethodIndex() mtd = unit.getMethod(mtdidx) for DexAnnotationItem in DexAnnotationForMethod.getAnnotationItemSet(): assert isinstance(DexAnnotationItem, IDexAnnotationItem) typeidx = DexAnnotationItem.getAnnotation().getTypeIndex() typename = unit.getType(typeidx).getName() if regex_pattern_search(typename, custom_regex_pattern): row = [mtd.getSignature(), clazz.getName(), mtd.getName(), unit.getUid()] rows.append(row) elif chosen == 5: for mtd in clazz.getMethods(): assert isinstance(mtd, IDexMethod) mtdsig = mtd.getSignature() for sm_name, sm_address_suffix in Sensitive_dict.items(): print(sm_address_suffix) if mtdsig.endswith(sm_address_suffix): row = [mtd.getSignature(), clazz.getName(), mtd.getName(), unit.getUid()] rows.append(row) break out = list(set([x[0] for x in rows])) out.sort() for x in out: print(x) total = len(out) print("Search %d Java methods out." % total) headers = ['Address', 'Class', 'Method'] index = ctx.displayList('Display Java methods search result', None, headers, rows) if index < 0: return sel = rows[index] addr, unit_id = sel[0], int(sel[3]) unit = RuntimeProjectUtil.findUnitByUid(self.prj, unit_id) if not unit: print('Unit with uid=%d was not found in the project or no longer exists!' % unit_id) return if not ctx.openView(unit): print('Could not open view for unit!') else: f = ctx.findFragment(unit, "Disassembly", True) if not f: print('Fragment Disassembly not found!') elif addr: f.setActiveAddress(addr)
def run(self, ctx): self.ctx = ctx engctx = ctx.getEnginesContext() if not engctx: print('Back-end engines not initialized') return projects = engctx.getProjects() if not projects: print('There is no opened project') return self.prj = projects[0] if not isinstance(self.ctx, IGraphicalClientContext): print('This script must be run within a graphical client') return assert isinstance(ctx, IGraphicalClientContext) self.focusFragment = ctx.getFocusedFragment() self.focusUnit = self.focusFragment.getUnit() # JavaSourceUnit self.dexunits = RuntimeProjectUtil.findUnitsByType( self.prj, IDexUnit, False) if not self.focusFragment: print("You Should pick one method name before run this script.") return activeAddress = self.focusFragment.getActiveAddress( AddressConversionPrecision.FINE) activeItem = self.focusFragment.getActiveItem() activeItemText = self.focusFragment.getActiveItemAsText() dunit, mtd = get_mtd_by_addr(self.dexunits, activeAddress) self.xrefs_set = set() self.result = [] print("Cross-references Tree of: " + activeAddress) self.dfs(dunit, mtd, 0) print("\n") headers = ['Depth', 'Address'] index = ctx.displayList('Cross-references Tree of: ', activeAddress, headers, self.result) if index < 0: return sel = self.result[index] depth, addr, unit_id = int(sel[0]), sel[1], int(sel[2]) addr = addr[depth * PI:] unit = RuntimeProjectUtil.findUnitByUid(self.prj, unit_id) if not unit: print( 'Unit with uid=%d was not found in the project or no longer exists!' % unit_id) return if not ctx.openView(unit): print('Could not open view for unit!') else: f = ctx.findFragment(unit, "Disassembly", True) if not f: print('Fragment Disassembly not found!') elif addr: f.setActiveAddress(addr)
def run(self, ctx): init_dx() self.ctx = ctx engctx = ctx.getEnginesContext() if not engctx: print('Back-end engines not initialized') return projects = engctx.getProjects() if not projects: print('There is no opened project') return self.prj = projects[0] if not isinstance(self.ctx, IGraphicalClientContext): print('This script must be run within a graphical client') return assert isinstance(ctx, IGraphicalClientContext) self.dexunits = RuntimeProjectUtil.findUnitsByType( self.prj, IDexUnit, False) activeAddress = "Landroid/content/Context;->sendBroadcastAsUser(Landroid/content/Intent;Landroid/os/UserHandle;)V" self.result = [] # for UI table for sm_name, sm_address in Sensitive_dict.items(): activeAddress = sm_address dunit, mtd = get_mtd_by_addr(self.dexunits, activeAddress) self.xrefs_set = set() self.output = [] # for save/print Item self.dfs(sm_name, dunit, mtd, 0) if self.output: print("Cross-references Tree of: " + sm_name) for o in self.output: print(o) print("\n") # not available on 3.17 # if Need_save: # path = ctx.displayFileSaveSelector("Save output to file:") headers = ['Depth', 'Tag', 'Address'] index = ctx.displayList('List of security sensitive Java methods: ', activeAddress, headers, self.result) if index < 0: return sel = self.result[index] depth, tag, addr, unit_id = int(sel[0]), sel[1], sel[2], int(sel[3]) addr = addr[depth * PI:] unit = RuntimeProjectUtil.findUnitByUid(self.prj, unit_id) if not unit: print( 'Unit with uid=%d was not found in the project or no longer exists!' % unit_id) return if not ctx.openView(unit): print('Could not open view for unit!') else: f = ctx.findFragment(unit, "Disassembly", True) if not f: print('Fragment Disassembly not found!') elif addr: f.setActiveAddress(addr)