def finish_populating_tform_popup(self, form, popup):
tft = idaapi.get_tform_type(form)
if tft != idaapi.BWN_DISASM:
return
if not device_type.is_driver():
return
pos = idc.ScreenEA()
# If the second argument to the current selected instruction is an immediately
# then give the option to decode it.
if idc.GetOpType(pos, 1) == 5:
register_dynamic_action(form, popup, 'Decode IOCTL', DecodeHandler())
if pos in ioctl_tracker.ioctl_locs:
register_dynamic_action(form, popup, 'Invalid IOCTL', InvalidHandler())
register_dynamic_action(form, popup, 'Decode All IOCTLs in Function', DecodeAllHandler())
if len(ioctl_tracker.ioctl_locs) > 0:
register_dynamic_action(form, popup, 'Show All IOCTLs', ShowAllHandler())
def init(self):
print("Initializing")
if device_type.is_driver():
print("Driver type: {}".format(device_type.driver_type()))
global ioctl_tracker
ioctl_tracker = IOCTLTracker()
global hooks
hooks = WinDriverHooks()
hooks.hook()
device_name = UiAction(
id="ioctl:find_device_name",
name="Find Device Name",
tooltip="Attempts to find the device name.",
menuPath="Edit/IOCTL/",
callback=device_finder.search,
shortcut="Ctrl+Alt+A"
)
device_name.registerAction()
find_dispatch = UiAction(
id="ioctl:find_dispatch",
name="Find Dispatch",
tooltip="Attempts to find the dispatch function.",
menuPath="Edit/IOCTL/",
callback=find_dispatch_function,
shortcut="Ctrl+Alt+S"
)
find_dispatch.registerAction()
decode_ioctl = UiAction(
id="ioctl:decode",
name="Decode IOCTL",
tooltip="Decodes the currently selected constant into its IOCTL details.",
menuPath="",
shortcut="Ctrl+Alt+D",
callback=get_position_and_translate
)
decode_ioctl.registerAction()
pool_tags = UiAction(
id="ioctl:pools_tags",
name="Dump Pool Tags",
tooltip="Attempts to find all pool tags used by the driver and display them a format which be included in pooltags.txt for debugging.",
menuPath="Edit/IOCTL/",
shortcut="Ctrl+Alt+Z",
callback=get_pool_tags
)
pool_tags.registerAction()
return idaapi.PLUGIN_OK