def get_dangerous_functions(self): """ Gets a list of functions calling dangerous ones @returns: a *set* of func_addr's """ # TODO: use a centralized list for the dangerous functions? # TODO: this whole process must be O(mfg). bad_funcs = set([]) dangerous_funcs = ["wcsncpy", "strcpy", "_strcpy", "_strcpy_0", "strncpy", "_strncpy", "_strncpy_0", "memmove", "memcpy", "_memcpy", "_memcpy_0"] # Loop from start to end within the current segment for func_name in dangerous_funcs: func_addr = LocByName(func_name) if func_addr == BADADDR: continue # find all code references to the function for ref in CodeRefsTo(func_addr, True): func_addr = misc.function_boundaries(ref)[0] bad_funcs.add(func_addr) return bad_funcs
def _showAllFunctions(self): """ Populates the functions list. From this it is possible to select endpoints to create a ConnectGraph for example """ self._console_output("Displaying all known functions...") current_ea, _ = misc.function_boundaries() func_list = self.ba.get_all_functions() if not func_list: return self.table.setColumnCount(2) self.table.setHorizontalHeaderLabels(("Address", "Name")) self.table_label.setText("Functions in current binary") self.table.clearContents() self.table.setRowCount(0) # Current table index c_idx = 0 for idx, (f_ea, f_name) in enumerate(func_list): self.table.insertRow(idx) addr_item = QTableWidgetItem("%08x" % f_ea) addr_item.setFlags(addr_item.flags() ^ QtCore.Qt.ItemIsEditable) name_item = QTableWidgetItem("%s" % f_name) if f_ea == current_ea: current_ea_item = addr_item c_idx = idx self.table.setItem(idx, 0, addr_item) self.table.setItem(idx, 1, name_item) # Conveniently scroll to the current EA self.table.scrollToItem( #current_ea_item, self.table.item(c_idx, 0), QtGui.QAbstractItemView.PositionAtTop )
def _showAllFunctions(self): """ Populates the functions list. From this it is possible to select endpoints to create a ConnectGraph for example """ self._console_output("Displaying all known functions...") current_ea, _ = misc.function_boundaries() func_list = self.ba.get_all_functions() if not func_list: return self.table.setColumnCount(2) self.table.setHorizontalHeaderLabels(("Address", "Name")) self.table_label.setText("Functions in current binary") self.table.clearContents() self.table.setRowCount(0) # Current table index c_idx = 0 for idx, (f_ea, f_name) in enumerate(func_list): self.table.insertRow(idx) addr_item = QTableWidgetItem("%08x" % f_ea) addr_item.setFlags(addr_item.flags() ^ QtCore.Qt.ItemIsEditable) name_item = QTableWidgetItem("%s" % f_name) if f_ea == current_ea: # current_ea_item = addr_item c_idx = idx self.table.setItem(idx, 0, addr_item) self.table.setItem(idx, 1, name_item) # Conveniently scroll to the current EA self.table.scrollToItem( # current_ea_item, self.table.item(c_idx, 0), QtGui.QAbstractItemView.PositionAtTop )
def export_current_function(self): """ Exports the current function code, ascii hex encoded This is useful to import into tools like miasm and alike """ # TODO: Reading one byte at a time must be EXTREMELY INEFFICIENT!!! o.O begin, end = misc.function_boundaries() try: filename = AskFile(1, "function_bytes.txt", "File to save the code?") code_s = ''.join(["%02x" % get_byte(x) for x in xrange(begin, end)]) with open(filename, 'w') as f: f.write(code_s) return True except: return False
def export_current_function(self): """ Exports the current function code, ascii hex encoded This is useful to import into tools like miasm and alike """ # TODO: Reading one byte at a time must be EXTREMELY INEFFICIENT!!! o.O begin, end = misc.function_boundaries() try: filename = AskFile(1, "function_bytes.txt", "File to save the code?") code_s = ''.join( ["%02x" % get_byte(x) for x in xrange(begin, end)]) with open(filename, 'w') as f: f.write(code_s) return True except: return False
def input_to_function(self, ea = None): """ Gets all functions calling IO (net & file) whose downgraph is connected to the specified function If none is specified, then use current function @returns: a list of f_ea's (io callers) """ connected_input_list = [] if not ea: # Called without arguments # Use current function ea = misc.function_boundaries()[0] io_list = self.locate_file_io().keys() + self.locate_net_io().keys() for caller_ea in io_list: cg = self.get_connect_graph(caller_ea, ea) if cg: connected_input_list.append(caller_ea) return connected_input_list