def load_kmdf_types_into_idb(): header_path = idautils.GetIdbDir() # change relative path to use more easily idaapi.idc_parse_types("".join([header_path, "../Tools/kmdf_re/code/WDFStructsV2.h"]), idc.PT_FILE) for idx in range(1, idc.GetMaxLocalType()): print(idx, idc.GetLocalTypeName(idx)) idc.Til2Idb(idx, idc.GetLocalTypeName(idx))
def export_tags(tags): out_dir = idautils.GetIdbDir() + idaapi.get_root_filename( ) + "_TagSource" + ".json" with open(out_dir, 'wb') as f: json.dump(tags, f) print("[TagSource] Tags created : " + str(len(tags))) print("[TagSource] Tags exported : " + out_dir)
def find_input_file(): """ Description: Check whether or not IDA knows where the original file used to create the IDB is. If IDA doesn't know, check the IDA's directory for the file. Output: Returns True if the input file was located, False if it was not. """ global INPUT_FILE_PATH ida_path = INPUT_FILE_PATH if not os.path.exists(ida_path): # If IDA does not know, check if the (correct) file is sitting next to the IDB. local_path = os.path.join(idautils.GetIdbDir(), idc.get_root_filename()) if (os.path.exists(local_path) and hashlib.md5( open(local_path, "rb").read()).hexdigest().upper() == idc.retrieve_input_file_md5()): INPUT_FILE_PATH = local_path logger.debug("Guessed the input file path: " + INPUT_FILE_PATH) logger.debug("IDA thought it was: " + ida_path) return True else: return False else: return True
def load_kmdf_types_into_idb(): header_path = idautils.GetIdbDir() idaapi.idc_parse_types("".join([header_path, "WDFStructs.h"]), idc.PT_FILE) for idx in range(1, idc.get_ordinal_qty()): #Fails to add some of the types print((idx, idc.get_numbered_type_name(idx))) idc.import_type(idx, idc.get_numbered_type_name(idx))
def main(): root_dir = idautils.GetIdbDir() local_module_name_list = get_local_module_name_list(root_dir) local_import_module_info_list = get_specify_import_modules_info(local_module_name_list) import_module_funcs = dict() for module_info in local_import_module_info_list: funcs = get_import_funcs(module_info["index"]) import_module_funcs[module_info["name"]] = funcs dump_dict_to_file(os.path.join(root_dir, 'imports.json'), import_module_funcs)
def initModules(): global g_h2langDll global g_user32Dll global g_BaseAddress global g_TagGroupListAddress # Get the idb folder which will contains the h2alang.dll file. modulePath = idautils.GetIdbDir() + "h2alang.dll" # Check if the h2alang.dll module exists. if os.path.isfile(modulePath) is False: # The file does not exist, display a message to the user. idaapi.warning("Could not find \"%s\"!" % modulePath) return False try: # Load the h2alang.dll module. g_h2langDll = ctypes.cdll.LoadLibrary(modulePath) # Try to load the user32.dll module. g_user32Dll = ctypes.OleDLL("user32.dll") except Exception: # Failed to load the h2alang.dll file. idaapi.warning("Failed to load \"%s\"!" % modulePath) return False # Check the input file name to determine which hek tool we have loaded. moduleName = idc.GetInputFile() if moduleName == "H2Guerilla.exe": # Load values for h2 guerilla executable. g_BaseAddress = 0x400000 g_TagGroupListAddress = 0x00901B90 elif moduleName == "H2Sapien.exe": # Load values for h2 sapien executable. idaapi.warning("H2Sapien currently not supported!") return False elif moduleName == "H2Tool.exe": # Load values for h2 tool executable. idaapi.warning("H2Tool currently not supported!") return False else: # Unknown module. idaapi.warning("Unknown HEK module loaded!") return False # Initialized successfully. return True
def wait_ready(): global already_loaded if menu is None: if os.path.dirname(idautils.GetIdbDir()) == os.getcwd(): create_menu() # Couldn't find a better way: IDA Hooks do not provide any event to # know when this happens. To be improved. prev_status = idc.SetStatus(IDA_STATUS_READY) idc.SetStatus(prev_status) if prev_status == IDA_STATUS_READY and (menu is not None): if not already_loaded: already_loaded = True menu.insert_hooks() return 0 return 1000
def find_input_file(): ''' Description: Check whether or not IDA knows where the original file used to create the IDB is. If IDA doesn't know, check the IDA's directory for the file. Output: Returns True if the input file was located, False if it was not. ''' global INPUT_FILE_PATH ida_path = INPUT_FILE_PATH if not os.path.exists(ida_path): # If IDA does not know, check if the (correct) file is sitting next to the IDB. local_path = os.path.join(idautils.GetIdbDir(), idc.GetInputFile()) if os.path.exists(local_path) and \ hashlib.md5(open(local_path, 'rb').read()).hexdigest().upper() == idc.GetInputMD5(): INPUT_FILE_PATH = local_path append_debug('Guessed the input file path: ' + INPUT_FILE_PATH) append_debug('IDA thought it was: ' + ida_path) return True else: return False else: return True
def _init(self): """ Initialize plugin members. """ # plugin color palette self.palette = LighthousePalette() # the coverage engine self.director = CoverageDirector(self.palette) # the coverage painter self.painter = CoveragePainter(self.director, self.palette) # the coverage overview widget self._ui_coverage_overview = None # menu entry icons self._icon_id_file = idaapi.BADADDR self._icon_id_batch = idaapi.BADADDR self._icon_id_overview = idaapi.BADADDR # the directory to start the coverage file dialog in self._last_directory = idautils.GetIdbDir()
def hunt(symbols, dbname, merge=True, replace=False, bin_name="lina"): if bin_name == "lina": base_name = "lina_imagebase" addr_name = "addresses" elif bin_name == "lina_monitor": base_name = "lm_imagebase" addr_name = "lm_addresses" elif bin_name == "libc.so": base_name = "libc_imagebase" addr_name = "libc_addresses" else: logmsg("ERROR: bad elf name in hunt()") return None # parse version/fw from directory name idbdir = idautils.GetIdbDir() version = helper.build_version(idbdir) if not version: logmsg("Can't parse version in %s" % idbdir) sys.exit() fw = helper.build_bin_name(idbdir) if not fw: logmsg("Can't parse fw in %s" % idbdir) sys.exit() new_target = {} new_target["fw"] = fw new_target["arch"] = ida_helper.ARCHITECTURE # by default we don't know the imagebase so we will save # absolute addresses in new_target[addr_name] new_target[base_name] = 0 # XXX - add fw md5 to db? prevtime = time.time() lock = filelock.FileLock("asadb.json") with lock.acquire(): newtime = time.time() logmsg("Acquired lock after %d seconds" % int(newtime - prevtime)) # load old targets targets = [] if os.path.isfile(dbname): targets = helper.load_targets(dbname) else: logmsg("Creating new db: %s" % dbname) #logmsg("Existing targets:") #logmsg(targets) # Building new entry new_target["version"] = version addresses = {} for s, func in symbols.items(): if not s: continue name = s if name.startswith("instruction_"): name = s[len("instruction_"):] # addr can actually be an address but also an offset we need # (e.g. tls->default_channel)... logmsg("Looking up %s" % s) addr = func(s) # we check both as we never want to add a -1 symbol and sometimes # the architecture detected is wrong and we ended up saving -1 :| if addr == 0xffffffffffffffff or addr == 0xffffffff or addr == None: logmsg("[x] Impossible to get '%s' symbol" % name) continue #logmsg("%s = 0x%x (%s)" % (name, addr, type(addr))) addresses[name] = addr #logmsg(addresses) new_target[addr_name] = addresses if helper.is_new(targets, new_target): logmsg("New target: %s (%s)" % (version, fw)) logmsg(addresses) targets.append(new_target) elif merge == True: logmsg("Merging target: %s (%s)" % (version, fw)) i = helper.merge_target(new_target, targets, bin_name=bin_name) if i != None: print(json.dumps(targets[i], indent=2)) # print(targets[i]) else: logmsg( "Skipping target: %s (%s) as helper.merge_target() failed" % (version, fw)) elif replace == True: logmsg("Replacing target: %s (%s)" % (version, fw)) helper.replace_target(new_target, targets) logmsg(new_target) else: logmsg("Skipping target: %s (%s)" % (version, fw)) # sort targets by version. Drawback: index changes each time we add # a new firmware but it should not anymore once we have them all targets = sorted(targets, key=lambda k: map(int, k["version"].split("."))) logmsg("Writing to %s" % dbname) open(dbname, "wb").write(json.dumps(targets, indent=4))
def test(): json_file = os.path.join(idautils.GetIdbDir().replace( 'modules', 'log'), 'examples', 'ida_log_all_tpt480s.json') g = run(json_file) if g and DEBUG: print('[{}] graph created and displayed'.format(NAME))
docstr_needed[entry] = s break # out of docstr iteration # update any results for called_in, lua_list in result.iteritems(): for obj in lua_list: obj.docstr = docstr_needed[obj.name] # remove the defaultness to allow ez serialization return dict(result) LOG.info("Noita IDAPython init") idaapi.auto_wait() LOG.info("analysis finished") idb_path = idautils.GetIdbDir() + "noita_auto.idb" LOG.info("saving IDB to {}".format(idb_path)) #idaapi.save_database(idb_path) all_strings = idautils.Strings() # do something useful? lua_natives = get_all_registered_lua_natives() # person who started IDA defined where the log file is, so they can parse this out of it. # import ast; natives_fromlogs = ast.literal_eval(x.split("|lol|")[1]) # ...py3, need to re.sub(r"(\d+)L,", "\\1,", x) natives_fordisk = [] for caller, natives in lua_natives.iteritems(): natives_fordisk.extend([o.to_dict() for o in natives])
def init(self): self._last_directory = idautils.GetIdbDir() ui.init_menu(MenuHandler(self)) self._welcome() return idaapi.PLUGIN_KEEP
def get_dump_file(): return os.path.join(idautils.GetIdbDir(), 'dump.json')
def get_database_directory(self): return idautils.GetIdbDir()
def __init__(self): super(tagstring_t, self).__init__() self.tags = [] self.path = idautils.GetIdbDir() + "tags\\" self.base = idaapi.get_imagebase()
addr_mask = 0xffff default_name = ["sub_", "dword_", "qword_", "word_", "off_"] restore_name = "off_%04X" def in_default(name): res = False for defname in default_name: if name[:len(defname)] == defname: res = True break return res filename = idc.AskStr("", "Input file name") dirname = idautils.GetIdbDir() if os.path.exists(filename): filepath = filename elif os.path.exists(dirname + filename): filepath = dirname + filename else: print("File Not Exist") exit() items = [] with open(filename) as f: raw = f.read() lines = raw.split("\n") for i in lines: addr_raw = re_getaddr.search(i)
def getIdbDir(self): return idautils.GetIdbDir()
def load_kmdf_types_into_idb(): header_path = idautils.GetIdbDir() idaapi.idc_parse_types("".join([header_path, "WDFStructs.h"]), idc.PT_FILE) for idx in range(1, idc.GetMaxLocalType()): print(idx, idc.GetLocalTypeName(idx)) idc.Til2Idb(idx, idc.GetLocalTypeName(idx))