def exit(tests):
idbname = re.sub(r'\.i(db|64)$', '_' + tests + '.i\\1', idc.GetIdbPath())
if tests == 'yatest':
YaCo.yaco.commit_cache()
# save intermediate bases
if debug:
idc.SaveBase(idbname)
def __init__(self, settings_filename):
"""
Prepare for execution
"""
SkelUtils.header()
g_logger.info("[+] Init Skelenox")
# Load settings
self.skel_settings = SkelConfig(settings_filename)
self.skel_conn = SkelConnection(self.skel_settings)
# If having 3 idbs in your current path bother you, change this
self.crit_backup_file = idc.GetIdbPath()[:-4] + "_backup_preskel_.idb"
self.backup_file = idc.GetIdbPath()[:-4] + "_backup_.idb"
atexit.register(self.end_skelenox)
g_logger.info(
"Backuping IDB before any intervention (_backup_preskel_)")
idc.SaveBase(self.crit_backup_file, idaapi.DBFL_TEMP)
g_logger.info("Creating regular backup file IDB (_backup_)")
idc.SaveBase(self.backup_file, idaapi.DBFL_TEMP)
self.last_saved = time.time()
if self.skel_hooks is not None:
self.skel_hooks.cleanup_hooks()
if not self.skel_conn.get_online():
g_logger.error("Cannot get online =(")
# Synchronize the sample
self.skel_sync_agent = SkelSyncAgent()
self.skel_sync_agent.setup_config(settings_filename)
# setup hooks
self.skel_hooks = SkelHooks(self.skel_conn)
# setup UI
self.skel_ui = SkelUI(settings_filename)
# setup skelenox terminator
self.setup_terminator()
g_logger.info("Skelenox init finished")
def backup_database():
""" Backup the database to a file similar to IDA's snapshot function. """
time_string = strftime('%Y%m%d%H%M%S')
file = idc.GetInputFile()
if not file:
raise NoInputFileException('No input file provided')
input_file = rsplit(file, '.', 1)[0]
backup_file = '%s_%s.idb' % (input_file, time_string)
g_logger.info('Backing up database to file ' + backup_file)
idc.SaveBase(backup_file, idaapi.DBFL_BAK)
def save_and_commit(self):
try:
idc.SaveBase("")
self.commit_cache()
except Exception, e:
ex = traceback.format_exc()
logger.error("An error occurred during YaCo commit")
logger.error("%s", ex)
traceback.print_exc()
Warning(
"An error occured during YaCo commit : please relaunch IDA")
raise e
def run(self, *args, **kwargs):
try:
print("YaCo: waiting for auto analysis to finish\n")
idc.Wait()
print("YaCo: saving base in current state\n")
idc.SaveBase("")
import_yaco_paths()
import YaCo
if not YaCo.start():
idc.Warning("YaCo: already started")
except Exception, e:
print("YaCo: error during run")
print(traceback.format_exc())
logger = logging.getLogger("YaCo")
if logger is not None:
try:
logger.error("YaCo: error during run")
logger.error(traceback.format_exc())
except:
pass
raise e
def copy_idb_to_local_file(suffix=None, subdir=None, use_hardlink=False):
local_file_name = get_local_idb_name(idc.GetIdbPath(), suffix)
if subdir is not None:
(head, tail) = os.path.split(local_file_name)
local_file_name = os.path.join(head, subdir, tail)
(head, tail) = os.path.split(local_file_name)
if os.path.exists(head) is False:
os.mkdir(head)
if use_hardlink:
(idb_dir, idb_name) = os.path.split(idc.GetIdbPath())
original_idb_name = os.path.splitext(idb_name)[0]
new_idb_name = os.path.splitext(local_file_name)[0]
(head, tail) = os.path.split(local_file_name)
logger.info("looking for copy-possible files in %s" % head)
for f in os.listdir(head):
(list_file_name, list_file_ext) = os.path.splitext(f)
logger.info(
"checking if %s:%s is to be copied to %s as source name" %
(list_file_name, list_file_ext, original_idb_name))
if (list_file_name == original_idb_name
and (list_file_ext in set([".nam", ".til"]) or
(list_file_ext.startswith(".id")
and list_file_ext[-1:].isdigit()))):
new_name = os.path.join(idb_dir, new_idb_name + list_file_ext)
f = os.path.join(idb_dir, f)
logger.info("Linking %s to %s" % (f, new_name))
try:
os.remove(new_name)
except:
pass
os.system("/bin/cp --reflink=auto %s %s" % (f, new_name))
else:
idc.SaveBase(local_file_name)
remove_ida_temporary_files(local_file_name)
return local_file_name
#!/usr/bin/python
from __future__ import print_function
from SimpleXMLRPCServer import SimpleXMLRPCServer, SimpleXMLRPCRequestHandler
import threading
import idautils
import idc
import idaapi
# Save the database so nothing gets lost.
if idaapi.IDA_SDK_VERSION >= 700:
idaapi.save_database(idc.GetIdbPath())
else:
idc.SaveBase(idc.GetIdbPath())
HOST, PORT = "0.0.0.0", 1337
DEBUG = True
# class Gef:
# """
# Top level class where exposed methods are declared.
# """
# def __init__(self, server, *args, **kwargs):
# self.server = server
# self._version = ("IDA Pro", str(idaapi.IDA_SDK_VERSION))
# return
# def _dispatch(self, method, params):
# """
def DumpDatabase(idb_name):
fn_print("Saving database to %s" % idb_name)
idc.SaveBase(idb_name)
def store_idb(self):
if self.have_idb:
idc.SaveBase(idc.GetIdbPath())
self.cc.store_idb()
def yainit_start(self):
idc.SaveBase('')
import YaCo
YaCo.start_tests()
def copy_idb_to_original_file(suffix=None):
orig_file_name = get_original_idb_name(idc.GetIdbPath(), suffix)
idc.SaveBase(orig_file_name)
remove_ida_temporary_files(orig_file_name)
return orig_file_name
def yainit_start(self):
idc.SaveBase('')
import YaCo
import ImportExport.YaToolRepoManager
ImportExport.YaToolRepoManager.IDA_IS_INTERACTIVE = False
YaCo.start()
def run(self, *args, **kwargs):
print("yaco: waiting for auto analysis...\n")
idc.Wait()
print("yaco: saving current base...\n")
idc.SaveBase("")
start()
def yainit_start(self):
idc.SaveBase('')
import YaCo
YaCo.IDA_IS_INTERACTIVE = False
YaCo.start()
import idc
import idaapi
import sys
idc.Wait()
if len(idc.ARGV) == 2:
tmp_dir = idc.ARGV[1]
for tmp_file in sorted(os.listdir(tmp_dir)):
if tmp_file.endswith('.dmp'):
with open("{}/{}".format(tmp_dir, tmp_file)) as f:
data = f.read()
start_addr = int(tmp_file.split('.')[0], 16)
stop_addr = (start_addr + len(data)) | 0xfff
idc.SegCreate(start_addr, stop_addr, 0, 1, 0, idaapi.scPub)
idc.SetSegmentType(start_addr, idc.SEG_CODE)
idaapi.put_many_bytes(start_addr, data)
# reanalyze after adding all the new sections
idc.AnalyzeArea(0, idc.BADADDR)
# compresses the DB
idc.SaveBase('{}.idb'.format(idc.GetInputFile()), flags=idaapi.DBFL_COMP)
idc.Exit(0)
def yainit_start(self):
idc.SaveBase('')
import YaCo
import repository
repository.IDA_IS_INTERACTIVE = False
YaCo.start()
from __future__ import print_function
import idaapi
import idautils
import idc
import functools
import datetime
import threading
import xmlrpclib
from SimpleXMLRPCServer import SimpleXMLRPCServer
import idaapi
import idautils
import idc
# Save the database so nothing gets lost.
idc.SaveBase(idc.GetIdbPath() + '.' + datetime.datetime.now().isoformat())
xmlrpclib.Marshaller.dispatch[type(
0L)] = lambda _, v, w: w("<value><i8>%d</i8></value>" % v)
xmlrpclib.Marshaller.dispatch[type(
0)] = lambda _, v, w: w("<value><i8>%d</i8></value>" % v)
port = 8888
orig_LineA = idc.LineA
def LineA(*a, **kw):
v = orig_LineA(*a, **kw)
if v and v.startswith('\x01\x04; '):
v = v[4:]
return v
import idautils
import idc
# Wait for any processing to get done
idaapi.autoWait()
# On Windows with NTFS filesystem a filepath with ':'
# is treated as NTFS ADS (Alternative Data Stream)
# and so saving file with such name fails
dt = datetime.datetime.now().isoformat().replace(':', '-')
# Save the database so nothing gets lost.
if idaapi.IDA_SDK_VERSION >= 700:
idaapi.save_database(idc.GetIdbPath() + '.' + dt)
else:
idc.SaveBase(idc.GetIdbPath() + '.' + dt)
DEBUG_MARSHALLING = False
def create_marshaller(use_format=None, just_to_str=False):
assert use_format or just_to_str, 'Either pass format to use or make it converting the value to str.'
def wrapper(_marshaller, value, appender):
if use_format:
marshalled = use_format % value
elif just_to_str:
marshalled = '<value><string>%s</string></value>' % escape(
str(value))
if DEBUG_MARSHALLING:
def exit(tests):
idbname = re.sub(r'\.i(db|64)$', '_' + tests + '.i\\1', idc.GetIdbPath())
if debug or tests == 'yatest':
idc.SaveBase(idbname)
