def run(self, arg): """ Ask user for BAP args to pass, BIR attributes to print; and run BAP. Allows users to also use {screen_ea} in the BAP args to get the address at the location pointed to by the cursor. """ args_msg = "Arguments that will be passed to `bap'" # If a user is not fast enough in providing the answer # IDA Python will popup a modal window that will block # a user from providing the answer. idaapi.disable_script_timeout() args = idaapi.askstr(ARGS_HISTORY, '--passes=', args_msg) if args is None: return attr_msg = "A comma separated list of attributes,\n" attr_msg += "that should be propagated to comments" attr_def = self.recipes.get(args, '') attr = idaapi.askstr(ATTR_HISTORY, attr_def, attr_msg) if attr is None: return # store a choice of attributes for the given set of arguments # TODO: store recipes in IDA's database self.recipes[args] = attr ea = idc.ScreenEA() attrs = [] if attr != '': attrs = attr.split(',') analysis = BapScripter(args, attrs) analysis.on_finish(lambda bap: self.load_script(bap, ea)) analysis.run()
def AskForAction(): global ImpExpForm #todo change [x for x in QtWidgets.QApplication.topLevelWidgets() if repr(x).find('QMainWindow') != -1][0] into something non-crazy parent = [ x for x in QtWidgets.QApplication.topLevelWidgets() if repr(x).find('QMainWindow') != -1 ][0] ImpExpForm = ActionPaletteForm_t(parent) ImpExpForm.setModal(True) idaapi.disable_script_timeout() #ImpExpForm.setStyleSheet("background:transparent;"); ImpExpForm.setAttribute(QtCore.Qt.WA_DeleteOnClose, True) #ImpExpForm.setAttribute(QtCore.Qt.WA_TranslucentBackground, True); result = None #print "result value:", repr( ImpExpForm.res ) #print "result action:", repr( ImpExpForm.action_name ) if ImpExpForm.exec_() == 1: global last_command last_command = ImpExpForm.action_name result = last_command del ImpExpForm return result
def __init__(self, addr, kind): super(PropagateTaint,self).__init__() # If a user is not fast enough in providing the answer # IDA Python will popup a modal window that will block # a user from providing the answer. idaapi.disable_script_timeout() engine = idaapi.askstr(ENGINE_HISTORY, self.ENGINE, ask_engine) \ or self.ENGINE depth = idaapi.asklong(self.DEPTH, ask_depth) \ or self.DEPTH # don't ask for the loop depth as a user is already annoyed. loop_depth = self.LOOP_DEPTH self.action = 'propagating taint from {:s}0x{:X}'.format( '*' if kind == 'ptr' else '', addr) propagate = 'run' if engine == 'primus' else 'propagate-taint' self.passes = ['taint', propagate, 'map-terms','emit-ida-script'] self.script = self.tmpfile('py') scheme = self.tmpfile('scm') stdin=self.tmpfile('stdin') stdout=self.tmpfile('stdout') for (pat,color) in patterns: scheme.write('(({0}) (color {1}))\n'.format(pat,color)) scheme.close() name = idc.GetFunctionName(addr) self.args += [ '--taint-'+kind, '0x{:X}'.format(addr), '--passes', ','.join(self.passes), '--map-terms-using', scheme.name, '--emit-ida-script-attr', 'color', '--emit-ida-script-file', self.script.name ] if engine == 'primus': self.args += [ '--run-entry-points={}'.format(name), '--primus-limit-max-length={}'.format(depth), '--primus-limit-max-visited={}'.format(loop_depth), '--primus-promiscuous-mode', '--primus-greedy-scheduler', '--primus-propagate-taint-from-attributes', '--primus-propagate-taint-to-attributes', '--primus-lisp-channel-redirect=<stdin>:{0},<stdout>:{1}'.format( stdin.name, stdout.name) ]
def run(self): """ Launch the hooks! """ idaapi.disable_script_timeout() init_sync = 0 if idc.ask_yn(init_sync, "Do you want to push your names and comments") == 1: self.send_names() self.send_comments() if self.skel_settings.use_ui: self.skel_ui.Show() self.skel_sync_agent.start() self.skel_hooks.hook()
def __init__(self, addr, kind): super(PropagateTaint, self).__init__() # If a user is not fast enough in providing the answer # IDA Python will popup a modal window that will block # a user from providing the answer. idaapi.disable_script_timeout() engine = idaapi.askstr(ENGINE_HISTORY, self.ENGINE, ask_engine) \ or self.ENGINE depth = idaapi.asklong(self.DEPTH, ask_depth) \ or self.DEPTH # don't ask for the loop depth as a user is already annoyed. loop_depth = self.LOOP_DEPTH self.action = 'propagating taint from {:s}0x{:X}'.format( '*' if kind == 'ptr' else '', addr) propagate = 'run' if engine == 'primus' else 'propagate-taint' self.passes = ['taint', propagate, 'map-terms', 'emit-ida-script'] self.script = self.tmpfile('py') scheme = self.tmpfile('scm') stdin = self.tmpfile('stdin') stdout = self.tmpfile('stdout') for (pat, color) in patterns: scheme.write('(({0}) (color {1}))\n'.format(pat, color)) scheme.close() name = idc.GetFunctionName(addr) self.args += [ '--taint-' + kind, '0x{:X}'.format(addr), '--passes', ','.join(self.passes), '--map-terms-using', scheme.name, '--emit-ida-script-attr', 'color', '--emit-ida-script-file', self.script.name ] if engine == 'primus': self.args += [ '--run-entry-points={}'.format(name), '--primus-limit-max-length={}'.format(depth), '--primus-limit-max-visited={}'.format(loop_depth), '--primus-promiscuous-mode', '--primus-greedy-scheduler', '--primus-propagate-taint-from-attributes', '--primus-propagate-taint-to-attributes', '--primus-lisp-channel-redirect=<stdin>:{0},<stdout>:{1}'. format(stdin.name, stdout.name) ]
def run(self): """ Launch the hooks! """ idaapi.disable_script_timeout() if self.skel_settings.initial_sync: init_sync = 0 if idc.AskYN(init_sync, "Do you want to synchronize defined names?") == 1: self.send_names() if idc.AskYN(init_sync, "Do you want to synchronize defined comments?") == 1: self.send_comments() self.skel_ui.Show() self.skel_sync_agent.start() self.skel_hooks.hook()
def init(self): # Print header print("=" * 60) print("GhIDA Decompiler v{0}".format(gl.ghida_vv)) print("Andrea Marcelli <*****@*****.**>") print("Cisco Talos, June 2019") print("GhIDA Decompiler shortcut key is Ctrl-Alt-D") print("=" * 60) self.__uihooks = None self.__seh = None try: import pygments except Exception: print("GhIDA:: [!] pygments library is missing") print("pip2 install pygments") return idaapi.PLUGIN_SKIP try: import requests except Exception: print("GhIDA:: [!] requests library is missing") print("pip2 install requests") return idaapi.PLUGIN_SKIP load_configuration() register_handlers() # Avoid displaying Running python script dialog # Otherwise, it breaks the UI and Cancel button idaapi.disable_script_timeout() # Hooking self.__uihooks = DisasmsHooks() self.__uihooks.hook() self.__seh = ScreenEAHook() self.__seh.hook() return idaapi.PLUGIN_KEEP
def AskForAPI(): global ApiForm #todo change [x for x in QtWidgets.QApplication.topLevelWidgets() if repr(x).find('QMainWindow') != -1][0] into something non-crazy parent = [ x for x in QtWidgets.QApplication.topLevelWidgets() if repr(x).find('QMainWindow') != -1 ][0] ApiForm = ApiPaletteForm_t(parent) ApiForm.setModal(True) idaapi.disable_script_timeout() #ApiForm.setStyleSheet("background:transparent;"); ApiForm.setAttribute(QtCore.Qt.WA_DeleteOnClose, True) #ApiForm.setAttribute(QtCore.Qt.WA_TranslucentBackground, True); result = None if ApiForm.exec_() == 1: global last_api last_api = ApiForm.action_name result = last_api del ApiForm return result
def run(self, argument): """Execute the script when invoked.""" try: # Remove the modal dialogue old = idaapi.disable_script_timeout() idaapi.show_wait_box("Decompiling function...") self.decompiler.set_screen_address_to_decompile() self.decompiler.decompile() # Re-enable the original timeout. idaapi.set_script_timeout(old) except PointSourceException, err: print "[-] Unable to run decompiler : %s" % err