def init(self):
"""
Ensure plugin's line modification function is called whenever needed.
If Hex-Rays is not installed, or is not initialized yet, then plugin
will not load. To ensure that the plugin loads after Hex-Rays, please
name your plugin's .py file with a name that starts lexicographically
after "hexx86f"
"""
try:
if idaapi.init_hexrays_plugin():
def hexrays_event_callback(event, *args):
if event == idaapi.hxe_refresh_pseudocode:
# We use this event instead of hxe_text_ready because
# MacOSX doesn't seem to work well with it
# TODO: Look into this
vu, = args
self.visit_func(vu.cfunc)
return 0
idaapi.install_hexrays_callback(hexrays_event_callback)
else:
return idaapi.PLUGIN_SKIP
except AttributeError:
idc.Warning('''init_hexrays_plugin() not found.
Skipping Hex-Rays plugin.''')
return idaapi.PLUGIN_KEEP
def init(self):
if not idaapi.init_hexrays_plugin():
print "[ERROR] Failed to initialize Hex-Rays SDK"
return isaapi.PLUGIN_SKIP
idaapi.register_action(
idaapi.action_desc_t(
"mee:DeepDecompile1",
"Deep Decompile Function",
DeepDecompile(1),
None
)
)
idaapi.register_action(
idaapi.action_desc_t(
"mee:DeepDecompile3",
"Deep Decompile Function 3 Deep",
DeepDecompile(3),
None
)
)
self.hooks = Hooks()
self.hooks.hook()
idaapi.attach_action_to_menu("View/Open subviews/Local types","mee:DeepDecompile3",idaapi.SETMENU_APP)
idaapi.attach_action_to_menu("View/Open subviews/Local types","mee:DeepDecompile1",idaapi.SETMENU_APP)
idaapi.install_hexrays_callback(hexrays_events_callback)
return idaapi.PLUGIN_KEEP
def _init_hexrays_hooks(self):
"""
Install Hex-Rrays hooks (when available).
NOTE: This is called when the ui_ready_to_run event fires.
"""
if idaapi.init_hexrays_plugin():
idaapi.install_hexrays_callback(self._hooks.hxe_callback)
def main():
if not idaapi.init_hexrays_plugin():
return False
print "Hex-rays version %s has been detected" % idaapi.get_hexrays_version(
)
idaapi.install_hexrays_callback(event_callback)
def init(self):
"""
Ensure plugin's line modification function is called whenever needed.
If Hex-Rays is not installed, or is not initialized yet, then plugin
will not load. To ensure that the plugin loads after Hex-Rays, please
name your plugin's .py file with a name that starts lexicographically
after "hexx86f"
"""
try:
if idaapi.init_hexrays_plugin():
def hexrays_event_callback(event, *args):
if event == idaapi.hxe_refresh_pseudocode:
# We use this event instead of hxe_text_ready because
# MacOSX doesn't seem to work well with it
# TODO: Look into this
vu, = args
self.run_over_cfunc(vu.cfunc)
return 0
idaapi.install_hexrays_callback(hexrays_event_callback)
else:
return idaapi.PLUGIN_SKIP
except AttributeError:
print "init_hexrays_plugin() not found. Skipping Hex-Rays plugin."
return idaapi.PLUGIN_KEEP
def init():
if not idaapi.init_hexrays_plugin():
print "[ERROR] Failed to initialize Hex-Rays SDK"
return idaapi.PLUGIN_SKIP
Helper.temporary_structure = TemporaryStructureModel()
# Actions.register(Actions.CreateVtable)
Actions.register(Actions.ShowGraph)
Actions.register(Actions.ShowClasses)
Actions.register(Actions.GetStructureBySize)
Actions.register(Actions.RemoveArgument)
Actions.register(Actions.AddRemoveReturn)
Actions.register(Actions.ConvertToUsercall)
Actions.register(Actions.ShallowScanVariable, Helper.temporary_structure)
Actions.register(Actions.DeepScanVariable, Helper.temporary_structure)
Actions.register(Actions.DeepScanReturn, Helper.temporary_structure)
Actions.register(Actions.RecognizeShape)
Actions.register(Actions.SelectContainingStructure, potential_negatives)
Actions.register(Actions.ResetContainingStructure)
Actions.register(Actions.RecastItemRight)
Actions.register(Actions.RecastItemLeft)
Actions.register(Actions.RenameOther)
Actions.register(Actions.RenameInside)
Actions.register(Actions.RenameOutside)
idaapi.attach_action_to_menu('View/Open subviews/Local types', Actions.ShowClasses.name, idaapi.SETMENU_APP)
idaapi.install_hexrays_callback(hexrays_events_callback)
Helper.touched_functions.clear()
Const.init()
return idaapi.PLUGIN_KEEP
def main():
# dummy way to register action to unload hexrays-callback, thus it won't be triggered multiple times at once
#
__register_action(UnloadCallbackAction())
# __register_action(ReloadScripts())
if not idaapi.init_hexrays_plugin():
print("Failed to initialize Hex-Rays SDK")
return
action = ShowScriptManager()
idaapi.register_action(
idaapi.action_desc_t(action.name, action.description, action,
action.hotkey))
for cb in ida_hexrays.__cbhooks_t.instances:
callback = cb.callback
if callback.__dict__.get("__reload_helper", False):
idaapi.remove_hexrays_callback(callback)
print('Hooking for HexRays events')
idaapi.install_hexrays_callback(herast_callback)
storage_manager.load_all_storages()
action_manager.initialize()
hx_callback_manager.initialize()
def _init_hexrays_hooks(self):
"""
Install Hex-Rrays hooks (when available).
NOTE: This is called when the ui_ready_to_run event fires.
"""
if idaapi.init_hexrays_plugin():
idaapi.install_hexrays_callback(self._hooks.hxe_callback)
def _init_hooks(self):
self._hooks = Hooks()
self._hooks.hook()
if not idaapi.init_hexrays_plugin():
idaapi.msg("[ERROR] Failed to initialize Hex-Rays SDK")
else:
idaapi.install_hexrays_callback(self._hooks.hxe_callback)
def init(self):
if not idaapi.init_hexrays_plugin():
return idaapi.PLUGIN_SKIP
idaapi.install_hexrays_callback(callback)
log.info(("Hex-Rays version {} has been detected; "
"{} is ready to use").format(
idaapi.get_hexrays_version(), self.wanted_name))
self.inited = True
return idaapi.PLUGIN_KEEP
def __init__(self):
if idaapi.init_hexrays_plugin():
adesc = idaapi.action_desc_t('vdsxrefs:show', 'Show xrefs', show_xrefs_ah_t(), "Ctrl+X")
if idaapi.register_action(adesc):
i = hexrays_callback_info()
idaapi.install_hexrays_callback(i.event_callback)
else:
print "[VDS XREFS] Couldn't register action."
else:
print '[VDS XREFS] hexrays is not available.'
def hook(self):
if self._available is None:
if not idaapi.init_hexrays_plugin():
logger.info("Hex-Rays SDK is not available")
self._available = False
else:
idaapi.install_hexrays_callback(self._hxe_callback)
self._available = True
if self._available:
self._installed = True
def init(self):
if idaapi.init_hexrays_plugin():
i = hexrays_callback_info()
idaapi.register_action(
idaapi.action_desc_t(force_width_actname, "Force lvar width",
force_width_action_handler_t(i),
"Shift-W"))
idaapi.install_hexrays_callback(i.event_callback)
print 'Hex-Rays lvar width forcer by ecx86 loaded!'
else:
print 'Force lvar width: Hexrays is not available.'
def _notify_status_changed(self, status):
# enable / disable hook based on the painter being enabled or disabled
if status:
self._idp_hooks.hook()
if hexrays_available():
idaapi.install_hexrays_callback(self._hxe_callback)
else:
self._idp_hooks.unhook()
if hexrays_available():
idaapi.remove_hexrays_callback(self._hxe_callback)
# send the status changed signal...
super(IDAPainter, self)._notify_status_changed(status)
def _init_hexrays_hooks(self):
"""
Install Hex-Rrays hooks (when available).
NOTE: This is called when the ui_ready_to_run event fires.
"""
if idaapi.init_hexrays_plugin():
idaapi.install_hexrays_callback(self._hxe_callback)
#
# we only use self._hooks (UI_Hooks) to install our hexrays hooks.
# since this 'init' function should only ever be called once, remove
# our UI_Hooks now to clean up after ourselves.
#
self._hooks.unhook()
def _init_hexrays_hooks(self, widget, _=None):
"""
Install Hex-Rrays hooks (when available).
NOTE:
This is called when the tform/widget_visible event fires. The
use of this event is somewhat arbitrary. It is simply an
event that fires at least once after things seem mostly setup.
We were using UI_Hooks.ready_to_run previously, but it appears
that this event fires *before* this plugin is loaded depending
on the user's individual copy of IDA.
This approach seems relatively consistent for inividuals and builds
from IDA 6.8 --> 7.0.
"""
result = False
if idaapi.init_hexrays_plugin():
logger.debug("HexRays present, installing hooks...")
result = idaapi.install_hexrays_callback(self._hxe_callback)
logger.debug("HexRays hooked: %r" % result)
#
# we only use self._hooks (IDP_Hooks) to install our hexrays hooks.
# since this 'init' function should only ever be called once, remove
# our IDP_Hooks now to clean up after ourselves.
#
self._hooks.unhook()
def run(self, arg_=None):
if idaapi.remove_hexrays_callback(hx_callback):
print "removed the callback"
else:
if idaapi.install_hexrays_callback(hx_callback):
print "installed the callback"
else:
print "failed to install the callback"
def __init__(self):
Logger.debug("Creating")
self.lastObj = None
self.lastExpr = None
self.installed = False
self.safe = False
if idaapi.init_hexrays_plugin():
if idaapi.install_hexrays_callback(self.callback):
self.installed = True
def main():
show_banner()
print "Unregistering old action..."
ida_kernwin.unregister_action(ACTION_NAME)
if ida_hexrays.init_hexrays_plugin():
ida_kernwin.register_action(
ida_kernwin.action_desc_t(ACTION_NAME,
"Keep sanity (stack strings)",
stack_strings_ah_t(), None))
print "Registered new action"
idaapi.install_hexrays_callback(cb)
else:
print "[x] No decompiler found!"
return
def init():
if not idaapi.init_hexrays_plugin():
print "[ERROR] Failed to initialize Hex-Rays SDK"
return idaapi.PLUGIN_SKIP
Cache.temporary_structure = TemporaryStructureModel()
# Actions.register(Actions.CreateVtable)
Actions.register(Actions.ShowGraph)
Actions.register(Actions.ShowClasses)
Actions.register(Actions.GetStructureBySize)
Actions.register(Actions.RemoveArgument)
Actions.register(Actions.AddRemoveReturn)
Actions.register(Actions.ConvertToUsercall)
Actions.register(Actions.ShallowScanVariable,
Cache.temporary_structure)
Actions.register(Actions.DeepScanVariable, Cache.temporary_structure)
Actions.register(Actions.DeepScanReturn, Cache.temporary_structure)
Actions.register(Actions.DeepScanFunctions, Cache.temporary_structure)
Actions.register(Actions.RecognizeShape)
Actions.register(Actions.CreateNewField)
Actions.register(Actions.SelectContainingStructure,
potential_negatives)
Actions.register(Actions.ResetContainingStructure)
Actions.register(Actions.RecastItemRight)
Actions.register(Actions.RecastItemLeft)
Actions.register(Actions.RenameOther)
Actions.register(Actions.RenameInside)
Actions.register(Actions.RenameOutside)
Actions.register(Actions.RenameUsingAssert)
Actions.register(Actions.SwapThenElse)
Actions.register(Actions.FindFieldXrefs)
Actions.register(Actions.PropagateName)
Actions.register(Actions.GuessAllocation)
idaapi.attach_action_to_menu('View/Open subviews/Local types',
Actions.ShowClasses.name,
idaapi.SETMENU_APP)
idaapi.install_hexrays_callback(hexrays_events_callback)
Const.init()
XrefStorage().open()
return idaapi.PLUGIN_KEEP
def _init_hexrays_hooks(self):
"""
Install Hex-Rays hooks (when available).
"""
result = False
if idaapi.init_hexrays_plugin():
logger.debug("HexRays present, installing hooks...")
result = idaapi.install_hexrays_callback(self._hxe_callback)
logger.debug("HexRays hooked: %r" % result)
def init(self):
"""
This is called by IDA when it is loading the plugin.
"""
# describe a custom IDA UI action
action_desc = idaapi.action_desc_t(
self.ACTION_LOAD_FILE, # Name. Acts as an ID. Must be unique.
"BbTrace Flow File...", # Label. That's what users see.
IDACtxEntry(self.interactive_load_file
), # Handler. Called when activated, and for updating
None, # Shortcut (optional)
"Load bbtrace flow file...", # Tooltip (optional)
ACT_ICON) # Icon ID (optional)
# register the action with IDA
result = idaapi.register_action(action_desc)
if not result:
RuntimeError("Failed to register load_file action with IDA")
# attach the action to the File-> dropdown menu
result = idaapi.attach_action_to_menu(
"File/Load file/", # Relative path of where to add the action
self.ACTION_LOAD_FILE, # The action ID (see above)
idaapi.SETMENU_APP # We want to append the action after ^
)
if not result:
RuntimeError("Failed action attach load_file")
if idaapi.init_hexrays_plugin():
idaapi.install_hexrays_callback(self.hexrays_event)
else:
print('hexrays is not available.')
self.display = None
print("BBTrace initialized.")
return idaapi.PLUGIN_KEEP
def register_actions():
AncestorGraphHandler = OpenGraphHandler()
def type_of_current_var(vdui):
var = vdui.item.get_lvar()
if var is None:
return None
return get_type_by_tinfo(var.type())
def graph_callback(event, *args):
if event == idaapi.hxe_curpos:
vdui = args[0]
type = type_of_current_var(vdui)
AncestorGraphHandler.target_type = type
elif event == idaapi.hxe_populating_popup:
form, popup, vdui = args
if AncestorGraphHandler.target_type is None:
return 0
action_desc = idaapi.action_desc_t(None,
'Open Ancestor Type Graph',
AncestorGraphHandler)
idaapi.attach_dynamic_action_to_popup(form, popup, action_desc,
None)
return 0
action_desc = idaapi.action_desc_t('devirtualize:open_ancestor_type_graph',
'Open Ancestor Type Graph',
AncestorGraphHandler, None,
'Open Ancestor Type Graph', 199)
idaapi.register_action(action_desc)
idaapi.attach_action_to_menu('View/Graphs/User xrefs char...',
'devirtualize:open_ancestor_type_graph',
idaapi.SETMENU_APP)
idaapi.install_hexrays_callback(graph_callback)
def init():
if fDebug:
pydevd.settrace('localhost', port=31337, stdoutToServer=True, stderrToServer=True,suspend=False)
if not idaapi.init_hexrays_plugin():
print "[ERROR] Failed to initialize Hex-Rays SDK"
return idaapi.PLUGIN_SKIP
Helper.temporary_structure = TemporaryStructureModel()
hex_pytools_config = Config()
for ac in hex_pytools_config.actions:
if hex_pytools_config.actions[ac]:
Actions.register(hex_pytools_config.actions_refs[ac])
# Actions.register(Actions.CreateVtable)
# Actions.register(Actions.ShowGraph)
# Actions.register(Actions.ShowClasses)
# Actions.register(Actions.GetStructureBySize)
# Actions.register(Actions.RemoveArgument)
# Actions.register(Actions.AddRemoveReturn)
# Actions.register(Actions.ConvertToUsercall)
# Actions.register(Actions.ShallowScanVariable, Helper.temporary_structure)
# Actions.register(Actions.DeepScanVariable, Helper.temporary_structure)
# Actions.register(Actions.RecognizeShape)
# Actions.register(Actions.SelectContainingStructure, potential_negatives)
# Actions.register(Actions.ResetContainingStructure)
# Actions.register(Actions.RecastItemRight)
# Actions.register(Actions.RecastItemLeft)
# Actions.register(Actions.RenameInside)
# Actions.register(Actions.RenameOutside)
idaapi.attach_action_to_menu('View/Open subviews/Local types', Actions.ShowClasses.name, idaapi.SETMENU_APP)
idaapi.install_hexrays_callback(hexrays_events_callback)
Helper.touched_functions.clear()
Const.init()
return idaapi.PLUGIN_KEEP
def init(self):
if not idaapi.init_hexrays_plugin():
log.error("Decompiler is not ready")
return idaapi.PLUGIN_SKIP
if not idaapi.install_hexrays_callback(callback):
log.error("Failed to install hexrays callback")
return idaapi.PLUGIN_SKIP
log.info(
"Hex-Rays version %s has been detected; %s is ready to use",
idaapi.get_hexrays_version(),
self.wanted_name,
)
self.inited = True
return idaapi.PLUGIN_KEEP
def init(self):
# Some initialization
global hexnight_cb_info, hexnight_cb, inttype
if idaapi.init_hexrays_plugin() and idaapi.ph_get_id() == idaapi.PLFM_ARM:
inttype = idaapi.get_int_type_by_width_and_sign(4, True)
hexnight_cb_info = hexrays_callback_info()
hexnight_cb = hexnight_cb_info.event_callback
if idaapi.install_hexrays_callback(hexnight_cb):
print "Hexnight plugin installed"
addon = idaapi.addon_info_t();
addon.id = "org.xerub.hexnight";
addon.name = "Hexnight";
addon.producer = "xerub";
addon.url = "https://twitter.com/xerub";
addon.version = "7.0";
idaapi.register_addon( addon );
return idaapi.PLUGIN_KEEP
print "Hexnight plugin failed"
return idaapi.PLUGIN_SKIP
def init(self):
# Some initialization
global hexlight_cb_info, hexlight_cb
if idaapi.init_hexrays_plugin():
hexlight_cb_info = hexrays_callback_info()
hexlight_cb = hexlight_cb_info.event_callback
if not idaapi.install_hexrays_callback(hexlight_cb):
# print "could not install hexrays_callback"
return idaapi.PLUGIN_SKIP
print("Hexlight plugin installed")
addon = idaapi.addon_info_t()
addon.id = "milan.bohacek.hexlight"
addon.name = "Hexlight"
addon.producer = "Milan Bohacek"
addon.url = "*****@*****.**"
addon.version = "6.95"
idaapi.register_addon(addon)
return idaapi.PLUGIN_KEEP
#print "init_hexrays_plugin failed"
return idaapi.PLUGIN_SKIP
def init(self):
# Some initialization
global hexnight_cb_info, hexnight_cb, inttype
if idaapi.init_hexrays_plugin() and idaapi.ph_get_id(
) == idaapi.PLFM_ARM and idaapi.BADADDR > 0xFFFFFFFF:
inttype = idaapi.get_int_type_by_width_and_sign(4, True)
enu = idaapi.add_enum(0, myenum, 0)
for i in regs.keys():
idaapi.add_enum_member(enu, regs[i], i)
hexnight_cb_info = hexrays_callback_info()
hexnight_cb = hexnight_cb_info.event_callback
if idaapi.install_hexrays_callback(hexnight_cb):
print "Hexnight plugin installed"
addon = idaapi.addon_info_t()
addon.id = "org.xerub.hexnight"
addon.name = "Hexnight"
addon.producer = "xerub"
addon.url = "https://twitter.com/xerub"
addon.version = "6.95"
idaapi.register_addon(addon)
return idaapi.PLUGIN_KEEP
print "Hexnight plugin failed"
return idaapi.PLUGIN_SKIP
def init(self):
self.hexrays_inited = False
self.registered_actions = []
self.registered_hx_actions = []
global ARCH
global BITS
ARCH = idaapi.ph_get_id()
info = idaapi.get_inf_structure()
if info.is_64bit():
BITS = 64
elif info.is_32bit():
BITS = 32
else:
BITS = 16
print("LazyIDA (v1.0.0.3) plugin has been loaded.")
# Register menu actions
menu_actions = (
idaapi.action_desc_t(ACTION_CONVERT[0], "Convert to string", menu_action_handler_t(ACTION_CONVERT[0]), None, None, 80),
idaapi.action_desc_t(ACTION_CONVERT[1], "Convert to hex string", menu_action_handler_t(ACTION_CONVERT[1]), None, None, 8),
idaapi.action_desc_t(ACTION_CONVERT[2], "Convert to C/C++ array (BYTE)", menu_action_handler_t(ACTION_CONVERT[2]), None, None, 38),
idaapi.action_desc_t(ACTION_CONVERT[3], "Convert to C/C++ array (WORD)", menu_action_handler_t(ACTION_CONVERT[3]), None, None, 38),
idaapi.action_desc_t(ACTION_CONVERT[4], "Convert to C/C++ array (DWORD)", menu_action_handler_t(ACTION_CONVERT[4]), None, None, 38),
idaapi.action_desc_t(ACTION_CONVERT[5], "Convert to C/C++ array (QWORD)", menu_action_handler_t(ACTION_CONVERT[5]), None, None, 38),
idaapi.action_desc_t(ACTION_CONVERT[6], "Convert to python list (BYTE)", menu_action_handler_t(ACTION_CONVERT[6]), None, None, 201),
idaapi.action_desc_t(ACTION_CONVERT[7], "Convert to python list (WORD)", menu_action_handler_t(ACTION_CONVERT[7]), None, None, 201),
idaapi.action_desc_t(ACTION_CONVERT[8], "Convert to python list (DWORD)", menu_action_handler_t(ACTION_CONVERT[8]), None, None, 201),
idaapi.action_desc_t(ACTION_CONVERT[9], "Convert to python list (QWORD)", menu_action_handler_t(ACTION_CONVERT[9]), None, None, 201),
idaapi.action_desc_t(ACTION_XORDATA, "Get xored data", menu_action_handler_t(ACTION_XORDATA), None, None, 9),
idaapi.action_desc_t(ACTION_FILLNOP, "Fill with NOPs", menu_action_handler_t(ACTION_FILLNOP), None, None, 9),
idaapi.action_desc_t(ACTION_SCANVUL, "Scan format string vulnerabilities", menu_action_handler_t(ACTION_SCANVUL), None, None, 160),
)
for action in menu_actions:
idaapi.register_action(action)
self.registered_actions.append(action.name)
# Register hotkey actions
hotkey_actions = (
idaapi.action_desc_t(ACTION_COPYEA, "Copy EA", hotkey_action_handler_t(ACTION_COPYEA), "w", "Copy current EA", 0),
idaapi.action_desc_t(ACTION_GOTOCLIP, "Goto clip EA", hotkey_action_handler_t(ACTION_GOTOCLIP), "Shift-G", "Goto clipboard EA", 0),
)
for action in hotkey_actions:
idaapi.register_action(action)
self.registered_actions.append(action.name)
# Add ui hook
self.ui_hook = UI_Hook()
self.ui_hook.hook()
# Add hexrays ui callback
if idaapi.init_hexrays_plugin():
addon = idaapi.addon_info_t()
addon.id = "tw.l4ys.lazyida"
addon.name = "LazyIDA"
addon.producer = "Lays"
addon.url = "https://github.com/L4ys/LazyIDA"
addon.version = "1.0.0.3"
idaapi.register_addon(addon)
hx_actions = (
idaapi.action_desc_t(ACTION_HX_REMOVERETTYPE, "Remove return type", hexrays_action_handler_t(ACTION_HX_REMOVERETTYPE), "v"),
idaapi.action_desc_t(ACTION_HX_COPYEA, "Copy ea", hexrays_action_handler_t(ACTION_HX_COPYEA), "w"),
idaapi.action_desc_t(ACTION_HX_COPYNAME, "Copy name", hexrays_action_handler_t(ACTION_HX_COPYNAME), "c"),
idaapi.action_desc_t(ACTION_HX_GOTOCLIP, "Goto clipboard ea", hexrays_action_handler_t(ACTION_HX_GOTOCLIP), "Shift-G"),
)
for action in hx_actions:
idaapi.register_action(action)
self.registered_hx_actions.append(action.name)
self.hx_hook = HexRays_Hook()
idaapi.install_hexrays_callback(self.hx_hook.callback)
self.hexrays_inited = True
return idaapi.PLUGIN_KEEP
global DEBUG
DEBUG = not DEBUG
def hexrays_events_callback_m(*args):
global LEV
global NAME
ev = args[0]
if ev == idaapi.hxe_maturity:
fcn = args[1]
level = args[2]
if level == idaapi.CMAT_FINAL:
for i in used_pats:
func_proc = traverse.FuncProcessor(fcn)
matcher = Matcher.Matcher(func_proc.fcn, None)
matcher.set_pattern(i[0])
matcher.chain = i[2]
matcher.replacer = i[1]
func_proc.pattern = matcher
func_proc.DEBUG = DEBUG
func_proc.traverse_function()
return 0
def hr_remove():
idaapi.remove_hexrays_callback(hexrays_events_callback_m)
if __name__ == "__main__":
print idaapi.install_hexrays_callback(hexrays_events_callback_m)
def initialize(self):
print("set hooks")
idaapi.install_hexrays_callback(self.__handle)
def init(self):
self.hexrays_inited = False
self.registered_actions = []
self.registered_hx_actions = []
global ARCH
global BITS
ARCH = idaapi.ph_get_id()
info = idaapi.get_inf_structure()
if info.is_64bit():
BITS = 64
elif info.is_32bit():
BITS = 32
else:
BITS = 16
print "LazyIDA (v1.0.0.3) plugin has been loaded."
# Register menu actions
menu_actions = (
idaapi.action_desc_t(ACTION_CONVERT[0], "Convert to string", menu_action_handler_t(ACTION_CONVERT[0]), None, None, 80),
idaapi.action_desc_t(ACTION_CONVERT[1], "Convert to hex string", menu_action_handler_t(ACTION_CONVERT[1]), None, None, 8),
idaapi.action_desc_t(ACTION_CONVERT[2], "Convert to C/C++ array (BYTE)", menu_action_handler_t(ACTION_CONVERT[2]), None, None, 38),
idaapi.action_desc_t(ACTION_CONVERT[3], "Convert to C/C++ array (WORD)", menu_action_handler_t(ACTION_CONVERT[3]), None, None, 38),
idaapi.action_desc_t(ACTION_CONVERT[4], "Convert to C/C++ array (DWORD)", menu_action_handler_t(ACTION_CONVERT[4]), None, None, 38),
idaapi.action_desc_t(ACTION_CONVERT[5], "Convert to C/C++ array (QWORD)", menu_action_handler_t(ACTION_CONVERT[5]), None, None, 38),
idaapi.action_desc_t(ACTION_CONVERT[6], "Convert to python list (BYTE)", menu_action_handler_t(ACTION_CONVERT[6]), None, None, 201),
idaapi.action_desc_t(ACTION_CONVERT[7], "Convert to python list (WORD)", menu_action_handler_t(ACTION_CONVERT[7]), None, None, 201),
idaapi.action_desc_t(ACTION_CONVERT[8], "Convert to python list (DWORD)", menu_action_handler_t(ACTION_CONVERT[8]), None, None, 201),
idaapi.action_desc_t(ACTION_CONVERT[9], "Convert to python list (QWORD)", menu_action_handler_t(ACTION_CONVERT[9]), None, None, 201),
idaapi.action_desc_t(ACTION_XORDATA, "Get xored data", menu_action_handler_t(ACTION_XORDATA), None, None, 9),
idaapi.action_desc_t(ACTION_FILLNOP, "Fill with NOPs", menu_action_handler_t(ACTION_FILLNOP), None, None, 9),
idaapi.action_desc_t(ACTION_SCANVUL, "Scan format string vulnerabilities", menu_action_handler_t(ACTION_SCANVUL), None, None, 160),
)
for action in menu_actions:
idaapi.register_action(action)
self.registered_actions.append(action.name)
# Register hotkey actions
hotkey_actions = (
idaapi.action_desc_t(ACTION_COPYEA, "Copy EA", hotkey_action_handler_t(ACTION_COPYEA), "w", "Copy current EA", 0),
)
for action in hotkey_actions:
idaapi.register_action(action)
self.registered_actions.append(action.name)
# Add ui hook
self.ui_hook = UI_Hook()
self.ui_hook.hook()
# Add hexrays ui callback
if idaapi.init_hexrays_plugin():
addon = idaapi.addon_info_t()
addon.id = "tw.l4ys.lazyida"
addon.name = "LazyIDA"
addon.producer = "Lays"
addon.url = "https://github.com/L4ys/LazyIDA"
addon.version = "1.0.0.3"
idaapi.register_addon(addon)
hx_actions = (
idaapi.action_desc_t(ACTION_HX_REMOVERETTYPE, "Remove return type", hexrays_action_handler_t(ACTION_HX_REMOVERETTYPE), "v"),
idaapi.action_desc_t(ACTION_HX_COPYEA, "Copy ea", hexrays_action_handler_t(ACTION_HX_COPYEA), "w"),
idaapi.action_desc_t(ACTION_HX_COPYNAME, "Copy name", hexrays_action_handler_t(ACTION_HX_COPYNAME), "c"),
)
for action in hx_actions:
idaapi.register_action(action)
self.registered_hx_actions.append(action.name)
self.hx_hook = HexRays_Hook()
idaapi.install_hexrays_callback(self.hx_hook.callback)
self.hexrays_inited = True
return idaapi.PLUGIN_KEEP
return True
def menu_callback(self):
self.show_xrefs(self.vu)
return 0
def event_callback(self, event, *args):
try:
if event == idaapi.hxe_keyboard:
vu, keycode, shift = args
if idaapi.lookup_key_code(keycode, shift, True) == idaapi.get_key_code("X") and shift == 0:
if self.show_xrefs(vu):
return 1
elif event == idaapi.hxe_right_click:
self.vu = args[0]
idaapi.add_custom_viewer_popup_item(self.vu.ct, "Xrefs", "X", self.menu_callback)
except:
traceback.print_exc()
return 0
if idaapi.init_hexrays_plugin():
i = hexrays_callback_info()
idaapi.install_hexrays_callback(i.event_callback)
else:
print 'invert-if: hexrays is not available.'
def main():
if not idaapi.init_hexrays_plugin():
return False
print "Hex-rays version %s has been detected" % idaapi.get_hexrays_version()
idaapi.install_hexrays_callback(event_callback)
def init(self):
self.hexrays_inited = False
self.registered_actions = []
self.registered_hx_actions = []
global arch
global bits
arch = idaapi.ph_get_id()
info = idaapi.get_inf_structure()
if info.is_64bit():
bits = 64
elif info.is_32bit():
bits = 32
else:
bits = 16
print "LazyIDA (Python Version) (v1.0.0.1) plugin has been loaded."
# Register menu actions
menu_actions = (
idaapi.action_desc_t(ACTION_CONVERT[0], "Convert to string", menu_action_handler_t(ACTION_CONVERT[0]), None, None, 80),
idaapi.action_desc_t(ACTION_CONVERT[1], "Convert to hex string", menu_action_handler_t(ACTION_CONVERT[1]), None, None, 8),
idaapi.action_desc_t(ACTION_CONVERT[2], "Convert to C/C++ array (BYTE)", menu_action_handler_t(ACTION_CONVERT[2]), None, None, 38),
idaapi.action_desc_t(ACTION_CONVERT[3], "Convert to C/C++ array (DWORD)", menu_action_handler_t(ACTION_CONVERT[3]), None, None, 38),
idaapi.action_desc_t(ACTION_CONVERT[4], "Convert to C/C++ array (QWORD)", menu_action_handler_t(ACTION_CONVERT[4]), None, None, 38),
idaapi.action_desc_t(ACTION_CONVERT[5], "Convert to python list (BYTE)", menu_action_handler_t(ACTION_CONVERT[5]), None, None, 201),
idaapi.action_desc_t(ACTION_CONVERT[6], "Convert to python list (DWORD)", menu_action_handler_t(ACTION_CONVERT[6]), None, None, 201),
idaapi.action_desc_t(ACTION_CONVERT[7], "Convert to python list (QWORD)", menu_action_handler_t(ACTION_CONVERT[7]), None, None, 201),
idaapi.action_desc_t(ACTION_XORDATA, "Get xored data", menu_action_handler_t(ACTION_XORDATA), None, None, 9),
idaapi.action_desc_t(ACTION_SCANVUL, "Scan format string vulnerabilities", menu_action_handler_t(ACTION_SCANVUL), None, None, 160),
)
for action in menu_actions:
idaapi.register_action(action)
self.registered_actions.append(action.name)
# Register hotkey actions
hotkey_actions = (
idaapi.action_desc_t(ACTION_COPYEA, "Copy EA", hotkey_action_handler_t(ACTION_COPYEA), "w", "Copy current EA", 0),
)
for action in hotkey_actions:
idaapi.register_action(action)
self.registered_actions.append(action.name)
# Add ui hook
self.ui_hook = UI_Hook()
self.ui_hook.hook()
# Add hexrays ui callback
if idaapi.init_hexrays_plugin():
hx_actions = (
idaapi.action_desc_t(ACTION_HX_REMOVERETTYPE, "Remove return type", hexrays_action_handler_t(ACTION_HX_REMOVERETTYPE), "v"),
idaapi.action_desc_t(ACTION_HX_COPYEA , "Copy ea", hexrays_action_handler_t(ACTION_HX_COPYEA), "w"),
idaapi.action_desc_t(ACTION_HX_COPYNAME, "Copy name", hexrays_action_handler_t(ACTION_HX_COPYNAME), "c"),
)
for action in hx_actions:
idaapi.register_action(action)
self.registered_hx_actions.append(action.name)
self.hx_hook = HexRays_Hook()
idaapi.install_hexrays_callback(self.hx_hook.callback)
self.hexrays_inited = True
return idaapi.PLUGIN_KEEP
print " %x: insn %s" % (ins.ea, ins.opname)
return
class hexrays_callback_info(object):
def __init__(self):
return
def event_callback(self, event, *args):
try:
if event == idaapi.hxe_maturity:
cfunc, maturity = args
if maturity == idaapi.CMAT_BUILT:
cbv = cblock_visitor_t()
cbv.apply_to(cfunc.body, None)
except:
traceback.print_exc()
return 0
if idaapi.init_hexrays_plugin():
i = hexrays_callback_info()
idaapi.install_hexrays_callback(i.event_callback)
else:
print 'cblock visitor: hexrays is not available.'
def init(self):
self.hexrays_inited = False
self.registered_actions = []
self.registered_hx_actions = []
global arch
global bits
global is_cgc
arch = idaapi.ph_get_id()
info = idaapi.get_inf_structure()
if info.is_64bit():
bits = 64
elif info.is_32bit():
bits = 32
else:
bits = 16
is_cgc = "CGC" in idaapi.get_file_type_name()
print "LazyIDA (Python Version) (v1.0.0.1) plugin has been loaded."
# Register menu actions
menu_actions = (
idaapi.action_desc_t(ACTION_CONVERT[0], "Convert to string", menu_action_handler_t(ACTION_CONVERT[0]), None, None, 80),
idaapi.action_desc_t(ACTION_CONVERT[1], "Convert to hex string", menu_action_handler_t(ACTION_CONVERT[1]), None, None, 8),
idaapi.action_desc_t(ACTION_CONVERT[2], "Convert to C/C++ array (BYTE)", menu_action_handler_t(ACTION_CONVERT[2]), None, None, 38),
idaapi.action_desc_t(ACTION_CONVERT[3], "Convert to C/C++ array (WORD)", menu_action_handler_t(ACTION_CONVERT[3]), None, None, 38),
idaapi.action_desc_t(ACTION_CONVERT[4], "Convert to C/C++ array (DWORD)", menu_action_handler_t(ACTION_CONVERT[4]), None, None, 38),
idaapi.action_desc_t(ACTION_CONVERT[5], "Convert to C/C++ array (QWORD)", menu_action_handler_t(ACTION_CONVERT[5]), None, None, 38),
idaapi.action_desc_t(ACTION_CONVERT[6], "Convert to python list (BYTE)", menu_action_handler_t(ACTION_CONVERT[6]), None, None, 201),
idaapi.action_desc_t(ACTION_CONVERT[7], "Convert to python list (WORD)", menu_action_handler_t(ACTION_CONVERT[7]), None, None, 201),
idaapi.action_desc_t(ACTION_CONVERT[8], "Convert to python list (DWORD)", menu_action_handler_t(ACTION_CONVERT[8]), None, None, 201),
idaapi.action_desc_t(ACTION_CONVERT[9], "Convert to python list (QWORD)", menu_action_handler_t(ACTION_CONVERT[9]), None, None, 201),
idaapi.action_desc_t(ACTION_XORDATA, "Get xored data", menu_action_handler_t(ACTION_XORDATA), None, None, 9),
idaapi.action_desc_t(ACTION_FILLNOP, "Fill with NOPs", menu_action_handler_t(ACTION_FILLNOP), None, None, 9),
idaapi.action_desc_t(ACTION_SCANVUL, "Scan format string vulnerabilities", menu_action_handler_t(ACTION_SCANVUL), None, None, 160),
)
for action in menu_actions:
idaapi.register_action(action)
self.registered_actions.append(action.name)
# Register hotkey actions
hotkey_actions = (
idaapi.action_desc_t(ACTION_COPYEA, "Copy EA", hotkey_action_handler_t(ACTION_COPYEA), "w", "Copy current EA", 0),
)
for action in hotkey_actions:
idaapi.register_action(action)
self.registered_actions.append(action.name)
# Add ui hook
self.ui_hook = UI_Hook()
self.ui_hook.hook()
# Add idb hook
self.idb_hook = IDB_Hook()
self.idb_hook.hook()
# Add idp hook
self.idp_hook = IDP_Hook()
self.idp_hook.hook()
# Add hexrays ui callback
if idaapi.init_hexrays_plugin():
hx_actions = (
idaapi.action_desc_t(ACTION_HX_REMOVERETTYPE, "Remove return type", hexrays_action_handler_t(ACTION_HX_REMOVERETTYPE), "v"),
idaapi.action_desc_t(ACTION_HX_COPYEA , "Copy ea", hexrays_action_handler_t(ACTION_HX_COPYEA), "w"),
idaapi.action_desc_t(ACTION_HX_COPYNAME, "Copy name", hexrays_action_handler_t(ACTION_HX_COPYNAME), "c"),
)
for action in hx_actions:
idaapi.register_action(action)
self.registered_hx_actions.append(action.name)
idaapi.install_hexrays_callback(hexrays_callback)
self.hexrays_inited = True
# Auto apply libcgc signature
if is_cgc and os.path.exists(idaapi.get_sig_filename("libcgc.sig")):
if "libcgc.sig" not in [idaapi.get_idasgn_desc(i)[0] for i in range(idaapi.get_idasgn_qty())]:
idaapi.plan_to_apply_idasgn("libcgc.sig")
return idaapi.PLUGIN_KEEP
