Python源码示例:idaapi.BWN_DISASM
示例1
def finish_populating_tform_popup(self, form, popup):
tft = idaapi.get_tform_type(form)
if tft != idaapi.BWN_DISASM:
return
pos = idc.ScreenEA()
register_dynamic_action(form, popup, 'Decode All IOCTLs in Function', DecodeAllHandler())
register_dynamic_action(form, popup, 'Decode IOCTLs using Angr', DecodeAngrHandler())
# If the second argument to the current selected instruction is an immediately
# then give the option to decode it.
if idc.GetOpType(pos, 1) == 5:
register_dynamic_action(form, popup, 'Decode IOCTL', DecodeHandler())
if pos in ioctl_tracker.ioctl_locs:
register_dynamic_action(form, popup, 'Invalid IOCTL', InvalidHandler())
if len(ioctl_tracker.ioctl_locs) > 0:
register_dynamic_action(form, popup, 'Show All IOCTLs', ShowAllHandler())
示例2
def update(cls, ctx):
if ctx.form_type == idaapi.BWN_DISASM:
return ida_kernwin.AST_ENABLE_FOR_WIDGET
else:
return ida_kernwin.AST_DISABLE_FOR_WIDGET
示例3
def update(cls, ctx):
if ctx.form_type == idaapi.BWN_DISASM:
return ida_kernwin.AST_ENABLE_FOR_WIDGET
else:
return ida_kernwin.AST_DISABLE_FOR_WIDGET
示例4
def finish_populating_widget_popup(form, popup):
if idaapi.get_widget_type(form) == idaapi.BWN_DISASM:
idaapi.attach_action_to_popup(
form,
popup,
VTGrepBytes.get_name(),
'VirusTotal/'
)
idaapi.attach_action_to_popup(
form,
popup,
VTGrepWildcards.get_name(),
'VirusTotal/',
)
idaapi.attach_action_to_popup(
form,
popup,
VTGrepWildCardsStrict.get_name(),
'VirusTotal/',
)
idaapi.attach_action_to_popup(
form,
popup,
VTGrepWildCardsFunction.get_name(),
'VirusTotal/',
)
elif idaapi.get_widget_type(form) == idaapi.BWN_STRINGS:
idaapi.attach_action_to_popup(
form,
popup,
VTGrepStrings.get_name(),
'VirusTotal/')
示例5
def get_custom_viewer_hint(self, view, place):
try:
tform = idaapi.get_current_tform()
if idaapi.get_tform_type(tform) != idaapi.BWN_DISASM:
return None
curline = idaapi.get_custom_viewer_curline(view, True)
# sometimes get_custom_viewer_place() returns [x, y] and sometimes [place_t, x, y].
# we want the place_t.
viewer_place = idaapi.get_custom_viewer_place(view, True)
if len(viewer_place) != 3:
return None
_, x, y = viewer_place
ea = place.toea()
# "color" is a bit of misnomer: its the type of the symbol currently hinted
color = get_color_at_char(curline, x)
if color != idaapi.COLOR_ADDR:
return None
# grab the FAR references to code (not necessarilty a branch/call/jump by itself)
far_code_references = [xref.to for xref in idautils.XrefsFrom(ea, ida_xref.XREF_FAR)
if idc.isCode(idc.GetFlags(xref.to))]
if len(far_code_references) != 1:
return None
fva = far_code_references[0]
# ensure its actually a function
if not idaapi.get_func(fva):
return None
# this magic constant is the number of "important lines" to display by default.
# the remaining lines get shown if you scroll down while the hint is displayed, revealing more lines.
return render_function_hint(fva), DEFAULT_IMPORTANT_LINES_NUM
except Exception as e:
logger.warning('unexpected exception: %s. Get in touch with @williballenthin.', e, exc_info=True)
return None
示例6
def idaview_hooks(idaview_handler):
class Hooks(idaapi.UI_Hooks):
def finish_populating_widget_popup(self, form, popup):
if idaapi.get_widget_type(form) == idaapi.BWN_DISASM:
idaapi.attach_action_to_popup(form, popup, idaview_handler.get_name(), "")
return Hooks
示例7
def finish_populating_widget_popup(self, form, popup):
# Or here, after the popup is done being populated by its owner.
if idaapi.get_widget_type(form) == idaapi.BWN_DISASM:
idaapi.attach_action_to_popup(form, popup, ShowXrefsGraphFrom.get_name(), '')
idaapi.attach_action_to_popup(form, popup, ShowXrefsGraphTo.get_name(), '')
示例8
def updating_actions(self, ctx):
if ctx.form_type == idaapi.BWN_DISASM:
with suppress(sark.exceptions.SarkNoFunction):
self.lines.update(highlight_calls_in_function(ctx.cur_ea))
return super(UiHooks, self).updating_actions(ctx)
示例9
def finish_populating_widget_popup(self, form, popup):
# Or here, after the popup is done being populated by its owner.
if idaapi.get_widget_type(form) == idaapi.BWN_DISASM:
idaapi.attach_action_to_popup(form, popup, MarkReachableNodesHandler.get_name(), "Mark/")
idaapi.attach_action_to_popup(form, popup, MarkUnReachableNodesHandler.get_name(), "Mark/")
idaapi.attach_action_to_popup(form, popup, MarkReachingNodesHandler.get_name(), "Mark/")
idaapi.attach_action_to_popup(form, popup, MarkNotReachingNodesHandler.get_name(), "Mark/")
idaapi.attach_action_to_popup(form, popup, MarkExits.get_name(), "Mark/")
idaapi.attach_action_to_popup(form, popup, MarkClearHandler.get_name(), "Mark/")
示例10
def update(self, ctx):
if ctx.form_type == idaapi.BWN_DISASM:
return idaapi.AST_ENABLE_FOR_WIDGET
return idaapi.AST_DISABLE_FOR_WIDGET
示例11
def update(self, ctx):
if ctx.form_type in (idaapi.BWN_DISASM, idaapi.BWN_DUMP):
return idaapi.AST_ENABLE_FOR_WIDGET
else:
return idaapi.AST_DISABLE_FOR_WIDGET
示例12
def finish_populating_widget_popup(self, form, popup):
form_type = idaapi.get_widget_type(form)
if form_type == idaapi.BWN_DISASM or form_type == idaapi.BWN_DUMP:
t0, t1, view = idaapi.twinpos_t(), idaapi.twinpos_t(), idaapi.get_current_viewer()
if idaapi.read_selection(view, t0, t1) or idc.get_item_size(idc.get_screen_ea()) > 1:
idaapi.attach_action_to_popup(form, popup, ACTION_XORDATA, None)
idaapi.attach_action_to_popup(form, popup, ACTION_FILLNOP, None)
for action in ACTION_CONVERT:
idaapi.attach_action_to_popup(form, popup, action, "Convert/")
if form_type == idaapi.BWN_DISASM and (ARCH, BITS) in [(idaapi.PLFM_386, 32),
(idaapi.PLFM_386, 64),
(idaapi.PLFM_ARM, 32),]:
idaapi.attach_action_to_popup(form, popup, ACTION_SCANVUL, None)
示例13
def finish_populating_tform_popup(self, form, popup):
#formtype = idaapi.get_tform_type(form)
#if formtype == idaapi.BWN_DISASM or idaapi.BWN_DUMP:
for action, position, condition in self.popups:
if condition(form):
idaapi.attach_action_to_popup(form, popup, action, position)
示例14
def update(self, ctx):
try:
if ctx.form_type == idaapi.BWN_DISASM:
return idaapi.AST_ENABLE_FOR_FORM
else:
return idaapi.AST_DISABLE_FOR_FORM
except:
# Add exception for main menu on >= IDA 7.0
return idaapi.AST_ENABLE_ALWAYS
# context menu for Fix idb
示例15
def update(self, ctx):
if ctx.form_type == idaapi.BWN_DISASM:
return idaapi.AST_ENABLE_FOR_WIDGET
return idaapi.AST_DISABLE_FOR_WIDGET
示例16
def _create_hooks(self, install_idabuddy):
class InstallerUiHooks(idaapi.UI_Hooks):
def updating_actions(self, ctx):
if ctx.form_type == idaapi.BWN_DISASM:
ida_widget = form_to_widget(ctx.form)
idaview = ida_widget.children()[0]
install_idabuddy(idaview)
return super(InstallerUiHooks, self).updating_actions(ctx)
return InstallerUiHooks()
示例17
def installMenuIda7():
class ApplyCalleeHandler(idaapi.action_handler_t):
def activate(self, ctx):
doApplyCallee()
return 1
def update(self, ctx):
return idaapi.AST_ENABLE_FOR_WIDGET if ctx.widget_type == idaapi.BWN_DISASM else idaapi.AST_DISABLE_FOR_WIDGET
ret = idaapi.register_action(idaapi.action_desc_t(
ACTION_NAME, # Name. Acts as an ID. Must be unique.
PLUGIN_NAME, # Label. That's what users see.
ApplyCalleeHandler(), # Handler. Called when activated, and for updating
PREFERRED_SHORTCUT, # Shortcut (optional)
PLUGIN_COMMENT # Tooltip (optional)
))
if not ret:
print('Failed to register action. Bailing out')
return
# Insert the action in the menu
if idaapi.attach_action_to_menu(MENU_PATH, ACTION_NAME, idaapi.SETMENU_APP):
print("Attached to menu.")
else:
print("Failed attaching to menu.")
setattr(sys.modules['idaapi'], '_apply_callee_type_plugin_installFlag', True)
示例18
def view_loc_changed(self, widget, curloc, prevloc):
"""
view_loc_changed is called each time the user clicks
somwhere. This is used to synchronize the IDA DISASM
view with the IDA DECOM view. The synchronization is
active only when the decompile view has been created
and the synch option has been selected in the pop-up
menu.
"""
# Check if the selected address has changed
# if curloc.plce.toea() != prevloc.plce.toea():
# return
# Hooking the IDA DISASM view only
if idaapi.get_widget_type(widget) != idaapi.BWN_DISASM:
return
# If the DECOMP view has already been created.
if DECOMP_VIEW:
# Get the new address
ca = curloc.plce.toea()
ea = gl.convert_address(ca)
# This is a valid function address
if ea:
# The synch is active
if GHIDA_CONF.disasm_tracker:
# The address in DECOMP view is different
if ea != DECOMP_VIEW.ea:
# Update DECOMP view
DECOMP_VIEW.switch_to_address(ea)
# Update the selection
return gl.highlight_symbol_in_DECOMP()
# This is not a valid function address
if not ea:
# If the synch is active
if GHIDA_CONF.disasm_tracker:
DECOMP_VIEW.clear(msg="[!] Function not found.",
do_show=False)
return
# ------------------------------------------------------------
# GOTO utils
# ------------------------------------------------------------
示例19
def finish_populating_widget_popup(self, form, popup):
try:
b = idaapi.get_widget_type(form) == idaapi.BWN_DISASM
except:
b = idaapi.get_tform_type(form) == idaapi.BWN_DISASM
if b:
# Add separator
idaapi.attach_action_to_popup(form, popup, None, None)
# Add actions
try:
currentAddress = idc.get_screen_ea()
except:
currentAddress = idc.ScreenEA()
#if currentAddress in [node.node_id for node in self.cc.PatternGenerator.targetNodes]:
if currentAddress in self.cc.PatternGenerator.coloredNodes:
idaapi.attach_action_to_popup(form, popup, "grap:pg:match_default", None)
idaapi.attach_action_to_popup(form, popup, "grap:pg:match_full", None)
idaapi.update_action_label("grap:pg:match_full", self.cc.PatternGenerator.preview_match(currentAddress, "[grap] Full match", "match_full"))
idaapi.attach_action_to_popup(form, popup, "grap:pg:match_opcode_arg1", None)
idaapi.update_action_label("grap:pg:match_opcode_arg1", self.cc.PatternGenerator.preview_match(currentAddress, "[grap] Opcode+arg1", "match_opcode_arg1"))
idaapi.attach_action_to_popup(form, popup, "grap:pg:match_opcode_arg2", None)
idaapi.update_action_label("grap:pg:match_opcode_arg2", self.cc.PatternGenerator.preview_match(currentAddress, "[grap] Opcode+arg2", "match_opcode_arg2"))
idaapi.attach_action_to_popup(form, popup, "grap:pg:match_opcode_arg3", None)
idaapi.update_action_label("grap:pg:match_opcode_arg3", self.cc.PatternGenerator.preview_match(currentAddress, "[grap] Opcode+arg3", "match_opcode_arg3"))
idaapi.attach_action_to_popup(form, popup, "grap:pg:match_opcode", None)
idaapi.update_action_label("grap:pg:match_opcode", self.cc.PatternGenerator.preview_match(currentAddress, "[grap] Opcode", "match_opcode"))
idaapi.attach_action_to_popup(form, popup, "grap:pg:match_wildcard", None)
idaapi.attach_action_to_popup(form, popup, "grap:pg:remove_target", None)
for type in ["match_default", "match_full", "match_opcode_arg1", "match_opcode_arg2", "match_opcode_arg3", "match_opcode", "match_wildcard"]:
idaapi.update_action_icon("grap:pg:"+type, -1)
if currentAddress not in self.cc.PatternGenerator.targetNodeType:
type = "match_default"
else:
type = self.cc.PatternGenerator.targetNodeType[currentAddress]
idaapi.update_action_icon("grap:pg:"+type, self.selected_icon_number)
elif self.cc.PatternGenerator.rootNode is None or currentAddress != self.cc.PatternGenerator.rootNode.node_id:
idaapi.attach_action_to_popup(form, popup, "grap:pg:set_root", None)
idaapi.attach_action_to_popup(form, popup, "grap:pg:add_target", None)
示例20
def get_cursor_func_ref():
"""
Get the function reference under the user cursor.
Returns BADADDR or a valid function address.
"""
current_widget = idaapi.get_current_widget()
form_type = idaapi.get_widget_type(current_widget)
vu = idaapi.get_widget_vdui(current_widget)
#
# hexrays view is active
#
if vu:
cursor_addr = vu.item.get_ea()
#
# disassembly view is active
#
elif form_type == idaapi.BWN_DISASM:
cursor_addr = idaapi.get_screen_ea()
opnum = idaapi.get_opnum()
if opnum != -1:
#
# if the cursor is over an operand value that has a function ref,
# use that as a valid rename target
#
op_addr = idc.get_operand_value(cursor_addr, opnum)
op_func = idaapi.get_func(op_addr)
if op_func and op_func.start_ea == op_addr:
return op_addr
# unsupported/unknown view is active
else:
return idaapi.BADADDR
#
# if the cursor is over a function definition or other reference, use that
# as a valid rename target
#
cursor_func = idaapi.get_func(cursor_addr)
if cursor_func and cursor_func.start_ea == cursor_addr:
return cursor_addr
# fail
return idaapi.BADADDR
