def finish_populating_widget_popup(form, popup):
if idaapi.get_widget_type(form) == idaapi.BWN_DISASM:
idaapi.attach_action_to_popup(form, popup, VTGrepBytes.get_name(),
'VirusTotal/')
idaapi.attach_action_to_popup(
form,
popup,
VTGrepWildcards.get_name(),
'VirusTotal/',
)
idaapi.attach_action_to_popup(
form,
popup,
VTGrepWildCardsStrict.get_name(),
'VirusTotal/',
)
idaapi.attach_action_to_popup(
form,
popup,
VTGrepWildCardsFunction.get_name(),
'VirusTotal/',
)
elif idaapi.get_widget_type(form) == idaapi.BWN_STRINGS:
idaapi.attach_action_to_popup(form, popup,
VTGrepStrings.get_name(),
'VirusTotal/')
def finish_populating_widget_popup(self, widget, popup, ctx=None):
if idaapi.get_widget_type(widget) == idaapi.BWN_FUNCS:
idaapi.attach_action_to_popup(widget, popup, "BinaryAI:MatchSelected", "BinaryAI/")
idaapi.attach_action_to_popup(widget, popup, "BinaryAI:UploadSelected", "BinaryAI/")
funcs = map(idaapi.getn_func, ctx.chooser_selection)
funcs = map(lambda func: func.start_ea, funcs)
for ea in funcs:
if bai_mark.is_bai_func(ea):
idaapi.attach_action_to_popup(widget, popup, "BinaryAI:RevertSelected", "BinaryAI/")
break
if idaapi.get_widget_type(widget) == idaapi.BWN_CUSTVIEW:
idaapi.attach_action_to_popup(widget, popup, "BinaryAI:Apply", "BinaryAI/")
def finish_populating_widget_popup(self, form, popup):
try:
b = idaapi.get_widget_type(form) == idaapi.BWN_DISASM
except:
b = idaapi.get_tform_type(form) == idaapi.BWN_DISASM
if b:
# Add separator
idaapi.attach_action_to_popup(form, popup, None, None)
# Add actions
try:
currentAddress = idc.get_screen_ea()
except:
currentAddress = idc.ScreenEA()
if currentAddress in [
node.node_id
for node in self.cc.PatternGenerator.targetNodes
]:
idaapi.attach_action_to_popup(form, popup,
"grap:pg:remove_target", None)
elif self.cc.PatternGenerator.rootNode is None or currentAddress != self.cc.PatternGenerator.rootNode.node_id:
idaapi.attach_action_to_popup(form, popup, "grap:pg:set_root",
None)
idaapi.attach_action_to_popup(form, popup,
"grap:pg:add_target", None)
def ida_hook_screen_ea_changed(self, widget, new_ea, old_ea):
"""function hook for IDA "screen ea changed" action
called twice, once before action and once after action completes. this hook is currently only relevant
for limiting results displayed in the UI
@param widget: IDA widget type
@param new_ea: destination ea
@param old_ea: source ea
"""
if not self.view_tabs.currentIndex() in (0, 1):
return
if idaapi.get_widget_type(widget) != idaapi.BWN_DISASM:
# ignore views not the assembly view
return
if not idaapi.get_func(new_ea):
return
if idaapi.get_func(new_ea) == idaapi.get_func(old_ea):
# user navigated same function - ignore
return
if self.view_tabs.currentIndex(
) == 0 and self.view_limit_results_by_function.isChecked():
return self.update_view_tree_limit_results_to_function(new_ea)
def finish_populating_widget_popup(self, form, popup):
form_type = idaapi.get_widget_type(form)
if form_type == idaapi.BWN_DISASM or form_type == idaapi.BWN_DUMP:
idaapi.attach_action_to_popup(form, popup, ACTION_PASTE, None)
idaapi.attach_action_to_popup(form, popup, ACTION_DUMPER, None)
idaapi.attach_action_to_popup(form, popup, ACTION_JMP, None)
t0, t1, view = idaapi.twinpos_t(), idaapi.twinpos_t(
), idaapi.get_current_viewer()
if idaapi.read_selection(
view, t0,
t1) or idc.get_item_size(idc.get_screen_ea()) > 1:
idaapi.attach_action_to_popup(form, popup, ACTION_XORDATA,
None)
idaapi.attach_action_to_popup(form, popup, ACTION_FILLNOP,
None)
for action in ACTION_CONVERT:
idaapi.attach_action_to_popup(form, popup, action,
"Convert/")
if form_type == idaapi.BWN_DISASM and (ARCH, BITS) in [
(idaapi.PLFM_386, 32),
(idaapi.PLFM_386, 64),
(idaapi.PLFM_ARM, 32),
]:
idaapi.attach_action_to_popup(form, popup, ACTION_SCANVUL, None)
def ida_hook_screen_ea_changed(self, widget, new_ea, old_ea):
"""hook for IDA screen ea changed
@param widget: IDA widget type
@param new_ea: destination ea
@param old_ea: source ea
"""
if not self.view_limit_results_by_function.isChecked():
# ignore if checkbox not selected
return
if idaapi.get_widget_type(widget) != idaapi.BWN_DISASM:
# ignore views other than asm
return
# attempt to map virtual addresses to function start addresses
new_func_start = capa.ida.helpers.get_func_start_ea(new_ea)
old_func_start = capa.ida.helpers.get_func_start_ea(old_ea)
if new_func_start and new_func_start == old_func_start:
# navigated within the same function - do nothing
return
if new_func_start:
# navigated to new function - filter for function start virtual address
match = capa.ida.explorer.item.location_to_hex(new_func_start)
else:
# navigated to virtual address not in valid function - clear filter
match = ""
# filter on virtual address to avoid updating filter string if function name is changed
self.model_proxy.add_single_string_filter(CapaExplorerDataModel.COLUMN_INDEX_VIRTUAL_ADDRESS, match)
self.view_tree.resize_columns_to_content()
def finish_populating_widget_popup(self, widget, popup):
"""
A right click menu is about to be shown. (IDA 7)
"""
inject_api_search_actions(widget, popup,
idaapi.get_widget_type(widget))
return 0
def finish_populating_widget_popup(self, form, popup):
# Or here, after the popup is done being populated by its owner.
if idaapi.get_widget_type(form) == idaapi.BWN_DISASM:
idaapi.attach_action_to_popup(form, popup,
ShowXrefsGraphFrom.get_name(), '')
idaapi.attach_action_to_popup(form, popup,
ShowXrefsGraphTo.get_name(), '')
def finish_populating_widget_popup(self, widget, popup):
# We'll add our action to all "IDA View-*"s.
# If we wanted to add it only to "IDA View-A", we could
# also discriminate on the widget's title:
#
# if idaapi.get_widget_title(widget) == "IDA View-A":
# ...
#
if idaapi.get_widget_type(widget) == idaapi.BWN_DISASM:
idaapi.attach_action_to_popup(widget, popup, act_name, None)
def finish_populating_widget_popup(self, widget, popup):
# We'll add our action to all "IDA View-*"s.
# If we wanted to add it only to "IDA View-A", we could
# also discriminate on the widget's title:
#
# if idaapi.get_widget_title(widget) == "IDA View-A":
# ...
#
if idaapi.get_widget_type(widget) == idaapi.BWN_DISASM:
idaapi.attach_action_to_popup(widget, popup, act_name, None)
def finish_populating_widget_popup(self, form, popup):
tft = idaapi.get_widget_type(form)
if tft == idaapi.BWN_DISASM:
# Define a silly handler.
# Note the 'None' as action name (1st parameter).
# That's because the action will be deleted immediately
# after the context menu is hidden anyway, so there's
# really no need giving it a valid ID.
idaapi.attach_action_to_popup(form, popup, MyHandler.get_name(), "-")
def finish_populating_widget_popup(self, form, popup):
# We'll add our action to all "IDA View-*"s.
# If we wanted to add it only to "IDA View-A", we could
# also discriminate on the widget's title:
#
# if idaapi.get_tform_title(form) == "IDA View-A":
# ...
#
# if idaapi.get_tform_type(form) == idaapi.BWN_DISASM:
idaapi.attach_action_to_popup(form, popup, "binsync:test", None)
inject_binsync_actions(form, popup, idaapi.get_widget_type(form))
def finish_populating_widget_popup(self, form, popup):
form_type = idaapi.get_widget_type(form)
if form_type == idaapi.BWN_DISASM or form_type == idaapi.BWN_DUMP:
t0, t1, view = idaapi.twinpos_t(), idaapi.twinpos_t(
), idaapi.get_current_viewer()
if idaapi.read_selection(view, t0, t1) \
or idc.get_item_size(idc.get_screen_ea()) > 1:
idaapi.attach_action_to_popup(form, popup, GOLANG_FUNC, None)
idaapi.attach_action_to_popup(form, popup, GOLANG_STRING, None)
idaapi.attach_action_to_popup(form, popup, RENAME_POINTER,
None)
def get_cursor_func_ref():
"""
Get the function reference under the user cursor.
Returns BADADDR or a valid function address.
"""
current_widget = idaapi.get_current_widget()
form_type = idaapi.get_widget_type(current_widget)
vu = idaapi.get_widget_vdui(current_widget)
#
# hexrays view is active
#
if vu:
cursor_addr = vu.item.get_ea()
#
# disassembly view is active
#
elif form_type == idaapi.BWN_DISASM:
cursor_addr = idaapi.get_screen_ea()
opnum = idaapi.get_opnum()
if opnum != -1:
#
# if the cursor is over an operand value that has a function ref,
# use that as a valid rename target
#
op_addr = idc.get_operand_value(cursor_addr, opnum)
op_func = idaapi.get_func(op_addr)
if op_func and op_func.start_ea == op_addr:
return op_addr
# unsupported/unknown view is active
else:
return idaapi.BADADDR
#
# if the cursor is over a function definition or other reference, use that
# as a valid rename target
#
cursor_func = idaapi.get_func(cursor_addr)
if cursor_func and cursor_func.start_ea == cursor_addr:
return cursor_addr
# fail
return idaapi.BADADDR
def Show(self):
widget = idaapi.get_current_widget()
if idaapi.get_widget_title(widget) != self.title:
if idaapi.get_widget_type(widget) != idaapi.BWN_PSEUDOCODE:
pseudo_view = idaapi.open_pseudocode(self.ea, 1)
pseudo_view.refresh_view(1)
widget = pseudo_view.toplevel
pseudo_title = idaapi.get_widget_title(widget)
idaapi.display_widget(self.GetWidget(),
idaapi.PluginForm.WOPN_DP_TAB | idaapi.PluginForm.WOPN_RESTORE)
idaapi.set_dock_pos(self.title, pseudo_title, idaapi.DP_RIGHT)
def finish_populating_widget_popup(self, form, popup):
# TODO - Attach to the functions view.
# if idaapi.get_widget_type(form) == idaapi.BWN_FUNCS:
# idaapi.attach_action_to_popup(
# form, popup, "my:disasmsaction", None)
# Attach to the disassembler view only
if idaapi.get_widget_type(form) == idaapi.BWN_DISASMS:
idaapi.attach_action_to_popup(form, popup, "my:disasmsaction",
None)
idaapi.attach_action_to_popup(form, popup, "my:disasmtracker",
None)
idaapi.attach_action_to_popup(form, popup, "my:invalidatecache",
None)
def view_click(self, view, event):
form_type = idaapi.get_widget_type(view)
decomp_view = idaapi.get_widget_vdui(view)
if not form_type:
return
# check if view is decomp or disassembly before doing expensive ea lookup
if not decomp_view and not form_type == idaapi.BWN_DISASM:
return
ea = idc.get_screen_ea()
if not ea:
return
controller.update_active_context(ea)
def get_custom_viewer_hint(self, view, place):
if ((place is not None) and (idaapi.get_widget_type(view) == idaapi.BWN_DISASM)):
curea = place.toea()
label_set = self._taintinfo.get_instr_taint_labels(curea)
if (len(label_set) > 0):
# have to sort semantic labels differently than normal labels
if (self._taintinfo.have_semantic_labels()):
sorted_labels = sorted(label_set, key=self.semantic_label_sorter)
compressed_labels = self.compress_sorted_semantic_labels(sorted_labels)
else:
sorted_labels = sorted(label_set, key=int)
compressed_labels = self.compress_sorted_standard_labels(sorted_labels)
hint = "taint labels = " + compressed_labels
# in case someone wants to copy-n-paste the label list
idaapi.msg("Hint for " + ('0x%x' %curea) + ": " + hint + "\n")
numlinefeeds = hint.count("\n")
return(hint, (numlinefeeds+1))
def run(self, arg):
global tainted_pcs
# this is called when select the plugin from the Edit>Plugins menu
curwidget = idaapi.get_current_tform()
if (idaapi.BWN_PSEUDOCODE == idaapi.get_widget_type(curwidget)):
reuse = HIT2_ReuseDialog.GET_NEW_PROCESS
clear_old = False
if (len(tainted_pcs) > 0):
reuse = HIT2_ReuseDialog.askToReuse()
if (HIT2_ReuseDialog.GET_NEW_PROCESS == reuse):
tainted_pcs.clear()
# need to clear old colors in case changing process on the
# same decompiled function that colored before
clear_old = True
if (HIT2_ReuseDialog.CANCEL_REQUEST != reuse):
self.color_pseudocode(curwidget, clear_old)
else:
idaapi.msg("Current window is not a pseudocode window\n")
def finish_populating_widget_popup(self, form, popup):
# Or here, after the popup is done being populated by its owner.
if idaapi.get_widget_type(form) == idaapi.BWN_DISASM:
idaapi.attach_action_to_popup(form, popup,
MarkReachableNodesHandler.get_name(),
"Mark/")
idaapi.attach_action_to_popup(
form, popup, MarkUnReachableNodesHandler.get_name(), "Mark/")
idaapi.attach_action_to_popup(form, popup,
MarkReachingNodesHandler.get_name(),
"Mark/")
idaapi.attach_action_to_popup(
form, popup, MarkNotReachingNodesHandler.get_name(), "Mark/")
idaapi.attach_action_to_popup(form, popup, MarkExits.get_name(),
"Mark/")
idaapi.attach_action_to_popup(form, popup,
MarkClearHandler.get_name(), "Mark/")
def finish_populating_widget_popup(self, widget, popup):
widget_type = idaapi.get_widget_type(widget)
if widget_type == idaapi.BWN_DISASM or widget_type == idaapi.BWN_DUMP:
sel, _, _ = lazy_read_selection()
if sel:
for action in ACTION_CONVERT:
idaapi.attach_action_to_popup(widget, popup, action, "LazyIDA/Convert/")
idaapi.attach_action_to_popup(widget, popup, ACTION_COPYDATA, "LazyIDA/")
idaapi.attach_action_to_popup(widget, popup, ACTION_XORDATA, "LazyIDA/")
idaapi.attach_action_to_popup(widget, popup, ACTION_FILLNOP, "LazyIDA/")
idaapi.attach_action_to_popup(widget, popup, ACTION_COPYNAME, "LazyIDA/")
idaapi.attach_action_to_popup(widget, popup, ACTION_PASTENAME, "LazyIDA/")
if widget_type == idaapi.BWN_DISASM and (LAZY_ARCH, LAZY_BITS) in [(idaapi.PLFM_386, 32),
(idaapi.PLFM_386, 64),
(idaapi.PLFM_ARM, 32),]:
idaapi.attach_action_to_popup(widget, popup, ACTION_SCANVUL, "LazyIDA/")
def view_loc_changed(self, widget, curloc, prevloc):
"""
view_loc_changed is called each time the user clicks
somwhere. This is used to synchronize the IDA DISASM
view with the IDA DECOM view. The synchronization is
active only when the decompile view has been created
and the synch option has been selected in the pop-up
menu.
"""
# Check if the selected address has changed
# if curloc.plce.toea() != prevloc.plce.toea():
# return
# Hooking the IDA DISASM view only
if idaapi.get_widget_type(widget) != idaapi.BWN_DISASM:
return
# If the DECOMP view has already been created.
if DECOMP_VIEW:
# Get the new address
ca = curloc.plce.toea()
ea = gl.convert_address(ca)
# This is a valid function address
if ea:
# The synch is active
if GHIDA_CONF.disasm_tracker:
# The address in DECOMP view is different
if ea != DECOMP_VIEW.ea:
# Update DECOMP view
DECOMP_VIEW.switch_to_address(ea)
# Update the selection
return gl.highlight_symbol_in_DECOMP()
# This is not a valid function address
if not ea:
# If the synch is active
if GHIDA_CONF.disasm_tracker:
DECOMP_VIEW.clear(msg="[!] Function not found.",
do_show=False)
return
def finish_populating_widget_popup(self, form, popup):
if idaapi.get_widget_type(form) != idaapi.BWN_DISASM:
return
pos = idc.get_screen_ea()
register_dynamic_action(form, popup, 'Decode All IOCTLs in Function',
DecodeAllHandler())
register_dynamic_action(form, popup, 'Decode IOCTLs using Angr',
DecodeAngrHandler())
# If the second argument to the current selected instruction is an immediately
# then give the option to decode it.
if idc.get_operand_type(pos, 1) == 5:
register_dynamic_action(form, popup, 'Decode IOCTL',
DecodeHandler())
if pos in ioctl_tracker.ioctl_locs:
register_dynamic_action(form, popup, 'Invalid IOCTL',
InvalidHandler())
if len(ioctl_tracker.ioctl_locs) > 0:
register_dynamic_action(form, popup, 'Show All IOCTLs',
ShowAllHandler())
def finish_populating_widget_popup(self, widget, popup):
widget_type = idaapi.get_widget_type(widget)
if ((idaapi.BWN_FUNCS == widget_type) and self.taintinfo.showing_taint()):
# about to show context menu for "Functions window" - as taint is
# shown, add item to show window of tainted functions
ida_kernwin.unregister_action(ShowTaintedFuncs.ACTION_NAME)
# could also provide a shortcut and icon in the action_desc_t, if helpful
if ida_kernwin.register_action(
ida_kernwin.action_desc_t(
ShowTaintedFuncs.ACTION_NAME,
ShowTaintedFuncs.ACTION_LABEL,
ShowTaintedFuncs(self.taintinfo),
None,
ShowTaintedFuncs.ACTION_TOOLTIP)):
# if middle arg is None, this item is added permanently to the popup menu
# if it lists a TPopupMenu* handle, then this action is added just for this invocation
ida_kernwin.attach_action_to_popup(widget, popup, ShowTaintedFuncs.ACTION_NAME)
elif ((idaapi.BWN_DISASM == widget_type) and self.taintinfo.have_taint_info()):
# about to show context menu for a disassembly window - as taint
# information is available, add either a Show or Hide item
ida_kernwin.unregister_action(ShowHideTaint.ACTION_NAME)
if (self.taintinfo.showing_taint()):
if ida_kernwin.register_action(
ida_kernwin.action_desc_t(
ShowHideTaint.ACTION_NAME,
ShowHideTaint.HIDE_ACTION_LABEL,
ShowHideTaint(self.taintinfo),
None,
ShowHideTaint.HIDE_ACTION_TOOLTIP)):
ida_kernwin.attach_action_to_popup(widget, popup, ShowHideTaint.ACTION_NAME)
else:
if ida_kernwin.register_action(
ida_kernwin.action_desc_t(
ShowHideTaint.ACTION_NAME,
ShowHideTaint.SHOW_ACTION_LABEL,
ShowHideTaint(self.taintinfo),
None,
ShowHideTaint.SHOW_ACTION_TOOLTIP)):
ida_kernwin.attach_action_to_popup(widget, popup, ShowHideTaint.ACTION_NAME)
def finish_populating_widget_popup(self, widget, popup):
"""
A right click menu is about to be shown. (IDA 7.0+)
"""
#
# if lighthouse hasn't been used yet, there's nothing to do. we also
# don't want this event to trigger the creation of a lighthouse
# context! so we should bail early in this case...
#
if not self.integration.lighthouse_contexts:
return 0
# inject any of lighthouse's right click context menu's into IDA
lctx = self.integration.get_context(None)
if lctx.director.coverage_names:
self.integration._inject_ctx_actions(
widget, popup, idaapi.get_widget_type(widget))
# must return 0 for ida...
return 0
def retrieve_function_callback(self, __, ea=None):
if not self.check_before_use():
return
funcset_ids = [self.funcset] if not self.cfg['usepublic'] else None
func_ea = idaapi.get_screen_ea() if ea is None else ea
func_name = idaapi.get_func_name(func_ea)
targets = self.retrieve_function(func_ea, self.cfg['topk'],
funcset_ids)
succ, skip, fail = 0, 0, 0
if targets is None:
print("[{}] {} failed because get function feature error".format(
self.name, func_name))
fail += 1
else:
if not (self.cview and self.cview.is_alive()):
self.cview = SourceCodeViewer(self.name)
# CDVF_STATUSBAR 0x04, keep the status bar in the custom viewer
idaapi.set_code_viewer_is_source(
idaapi.create_code_viewer(self.cview.GetWidget(), 0x4))
self.cview.set_user_data(func_ea, targets)
widget = idaapi.get_current_widget()
if idaapi.get_widget_title(widget) == self.name:
skip += 1
else:
if idaapi.get_widget_type(widget) != idaapi.BWN_PSEUDOCODE:
pseudo_view = idaapi.open_pseudocode(func_ea, 1)
pseudo_view.refresh_view(1)
widget = pseudo_view.toplevel
pseudo_title = idaapi.get_widget_title(widget)
idaapi.display_widget(
self.cview.GetWidget(), idaapi.PluginForm.WOPN_DP_TAB
| idaapi.PluginForm.WOPN_RESTORE)
idaapi.set_dock_pos(self.name, pseudo_title, idaapi.DP_RIGHT)
succ += 1
print(
"[{}] {} functions successfully retrieved, {} functions failed, {} functions skipped"
.format(self.name, succ, fail, skip))
def finish_populating_widget_popup(self, widget, popup):
# attach Searchs menu to all widget
idaapi.attach_action_to_popup(widget, popup, ACTION_HOTKEY_SEARCH_GOOGLE[0], "LazyIDA/")
idaapi.attach_action_to_popup(widget, popup, ACTION_HOTKEY_SEARCH_MSDOC[0], "LazyIDA/")
idaapi.attach_action_to_popup(widget, popup, ACTION_HOTKEY_SEARCH_BING[0], "LazyIDA/")
idaapi.attach_action_to_popup(widget, popup, ACTION_HOTKEY_SEARCH_GITHUB[0], "LazyIDA/")
idaapi.attach_action_to_popup(widget, popup, None, "LazyIDA/")
widget_type = idaapi.get_widget_type(widget)
if widget_type in [idaapi.BWN_DISASM, idaapi.BWN_DUMP]:
for action in ACTION_MENU_CONVERT:
idaapi.attach_action_to_popup(widget, popup, action, "LazyIDA/Convert/")
idaapi.attach_action_to_popup(widget, popup, None, "LazyIDA/")
idaapi.attach_action_to_popup(widget, popup, ACTION_MENU_COPY_DATA, "LazyIDA/")
idaapi.attach_action_to_popup(widget, popup, ACTION_MENU_DUMP_DATA, "LazyIDA/")
idaapi.attach_action_to_popup(widget, popup, ACTION_MENU_XOR_DATA, "LazyIDA/")
idaapi.attach_action_to_popup(widget, popup, ACTION_MENU_FILL_NOP, "LazyIDA/")
idaapi.attach_action_to_popup(widget, popup, None, "LazyIDA/")
idaapi.attach_action_to_popup(widget, popup, ACTION_MENU_B64STD, "LazyIDA/")
idaapi.attach_action_to_popup(widget, popup, ACTION_MENU_B64URL, "LazyIDA/")
idaapi.attach_action_to_popup(widget, popup, None, "LazyIDA/")
idaapi.attach_action_to_popup(widget, popup, ACTION_HOTKEY_COPY_EA[0], "LazyIDA/")
idaapi.attach_action_to_popup(widget, popup, ACTION_HOTKEY_COPY_RVA[0], "LazyIDA/")
idaapi.attach_action_to_popup(widget, popup, ACTION_HOTKEY_COPY_FOFS[0], "LazyIDA/")
idaapi.attach_action_to_popup(widget, popup, None, "LazyIDA/")
idaapi.attach_action_to_popup(widget, popup, ACTION_HOTKEY_COPY_NAME[0], "LazyIDA/")
idaapi.attach_action_to_popup(widget, popup, ACTION_HOTKEY_PASTE_NAME[0], "LazyIDA/")
idaapi.attach_action_to_popup(widget, popup, None, "LazyIDA/")
idaapi.attach_action_to_popup(widget, popup, ACTION_HOTKEY_GOTO_CLIP[0], "LazyIDA/")
idaapi.attach_action_to_popup(widget, popup, ACTION_HOTKEY_GOTO_FOFS[0], "LazyIDA/")
idaapi.attach_action_to_popup(widget, popup, ACTION_HOTKEY_GOTO_RVA[0], "LazyIDA/")
if widget_type == idaapi.BWN_DISASM and (LAZY_ARCH, LAZY_BITS) in [(idaapi.PLFM_386, 32),
(idaapi.PLFM_386, 64),
(idaapi.PLFM_ARM, 32),]:
idaapi.attach_action_to_popup(widget, popup, None, "LazyIDA/")
idaapi.attach_action_to_popup(widget, popup, ACTION_MENU_SCAN_VUL, "LazyIDA/")
def ida_hook_screen_ea_changed(self, widget, new_ea, old_ea):
"""hook for IDA screen ea changed
this hook is currently only relevant for limiting results displayed in the UI
@param widget: IDA widget type
@param new_ea: destination ea
@param old_ea: source ea
"""
if not self.view_limit_results_by_function.isChecked():
# ignore if limit checkbox not selected
return
if idaapi.get_widget_type(widget) != idaapi.BWN_DISASM:
# ignore views not the assembly view
return
if idaapi.get_func(new_ea) == idaapi.get_func(old_ea):
# user navigated same function - ignore
return
self.limit_results_to_function(idaapi.get_func(new_ea))
self.view_tree.resize_columns_to_content()
def finish_populating_widget_popup(self, widget, popup):
if idaapi.get_widget_type(widget) == idaapi.BWN_FUNCS:
idaapi.attach_action_to_popup(widget, popup, "BinaryAI:RetrieveSelected", "BinaryAI/")
def finish_populating_widget_popup(self, form, popup):
global popup_action_names
form_type = idaapi.get_widget_type(form)
if form_type == idaapi.BWN_DISASM:
for action_name in popup_action_names:
idaapi.attach_action_to_popup(form, popup, action_name, None)
def finish_populating_widget_popup(self, form, popup):
try:
b = idaapi.get_widget_type(form) == idaapi.BWN_DISASM
except:
b = idaapi.get_tform_type(form) == idaapi.BWN_DISASM
if b:
# Add separator
idaapi.attach_action_to_popup(form, popup, None, None)
# Add actions
try:
currentAddress = idc.get_screen_ea()
except:
currentAddress = idc.ScreenEA()
#if currentAddress in [node.node_id for node in self.cc.PatternGenerator.targetNodes]:
if currentAddress in self.cc.PatternGenerator.coloredNodes:
idaapi.attach_action_to_popup(form, popup,
"grap:pg:match_default", None)
idaapi.attach_action_to_popup(form, popup,
"grap:pg:match_full", None)
idaapi.update_action_label(
"grap:pg:match_full",
self.cc.PatternGenerator.preview_match(
currentAddress, "[grap] Full match", "match_full"))
idaapi.attach_action_to_popup(form, popup,
"grap:pg:match_opcode_arg1",
None)
idaapi.update_action_label(
"grap:pg:match_opcode_arg1",
self.cc.PatternGenerator.preview_match(
currentAddress, "[grap] Opcode+arg1",
"match_opcode_arg1"))
idaapi.attach_action_to_popup(form, popup,
"grap:pg:match_opcode_arg2",
None)
idaapi.update_action_label(
"grap:pg:match_opcode_arg2",
self.cc.PatternGenerator.preview_match(
currentAddress, "[grap] Opcode+arg2",
"match_opcode_arg2"))
idaapi.attach_action_to_popup(form, popup,
"grap:pg:match_opcode", None)
idaapi.update_action_label(
"grap:pg:match_opcode",
self.cc.PatternGenerator.preview_match(
currentAddress, "[grap] Opcode", "match_opcode"))
idaapi.attach_action_to_popup(form, popup,
"grap:pg:match_wildcard", None)
idaapi.attach_action_to_popup(form, popup,
"grap:pg:remove_target", None)
for type in [
"match_default", "match_full", "match_opcode_arg1",
"match_opcode_arg2", "match_opcode", "match_wildcard"
]:
idaapi.update_action_icon("grap:pg:" + type, -1)
if currentAddress not in self.cc.PatternGenerator.targetNodeType:
type = "match_default"
else:
type = self.cc.PatternGenerator.targetNodeType[
currentAddress]
idaapi.update_action_icon("grap:pg:" + type,
self.selected_icon_number)
elif self.cc.PatternGenerator.rootNode is None or currentAddress != self.cc.PatternGenerator.rootNode.node_id:
idaapi.attach_action_to_popup(form, popup, "grap:pg:set_root",
None)
idaapi.attach_action_to_popup(form, popup,
"grap:pg:add_target", None)
