Python源码示例:idaapi.warning()
示例1
def ghida_finalize(use_ghidra_server, ghidra_server_url):
"""
Remove temporary files and
checkout from Ghidraaas server.
"""
try:
remove_temporary_files()
if use_ghidra_server:
ghidraaas_checkout(ghidra_server_url)
except Exception:
print("GhIDA:: [!] Finalization error")
idaapi.warning("GhIDA finalization error")
# ------------------------------------------------------------
# GHIDRA LOCAL
# ------------------------------------------------------------
示例2
def prepare_debug_ui(self):
if idaapi.is_debugger_on():
idaapi.warning("[%s] the debugger is currently running" % PLUGNAME)
return
wd = WaitDialog()
idaapi.msg("[%s] waiting...\n" % (PLUGNAME))
wd.thread.start()
wd.exec_()
target_pid = wd.get_target_pid()
if target_pid != -1:
ida_dbg.attach_process(target_pid,-1)
ida_dbg.wait_for_next_event(ida_dbg.WFNE_SUSP, -1)
ida_dbg.continue_process()
else:
idaapi.msg("[%s] exit waiting\n" % (PLUGNAME))
示例3
def btn_villoc_on_click(self):
if self.tbl_traced_chunks.rowCount() == 0:
idaapi.warning("Empty table")
return
try:
villoc.Block.header = config.ptr_size*2
villoc.Block.round = self.parent.heap.malloc_alignment
villoc.Block.minsz = self.parent.heap.min_chunk_size
result = self.dump_table_for_villoc()
html = villoc.build_html(result)
h, filename = tempfile.mkstemp(suffix='.html')
with open(filename, 'wb') as f:
f.write(html.encode("utf-8"))
url = QtCore.QUrl.fromLocalFile(filename)
QtGui.QDesktopServices.openUrl(url)
except Exception as e:
idaapi.warning(traceback.format_exc())
示例4
def next_on_click(self):
chunk_addr = self.get_chunk_address()
if chunk_addr is None:
idaapi.warning("Invalid address / expression")
return
try:
chunk = self.heap.get_chunk(chunk_addr)
chunk_size = chunk.norm_size
next_addr = chunk_addr+chunk_size
if idaapi.is_loaded(next_addr):
self.show_chunk("%#x" % next_addr)
else:
idaapi.warning("%#x: next chunk (%#x) is not loaded" % \
(chunk_addr, next_addr))
except Exception as e:
idaapi.warning("ERROR: " + str(e))
示例5
def update_config(self):
try:
config.start_tracing_at_startup = self.opt1.isChecked()
config.stop_during_tracing = self.opt2.isChecked()
config.detect_double_frees_and_overlaps = self.opt3.isChecked()
config.filter_library_calls = self.opt4.isChecked()
config.hexdump_limit = int(self.t_hexdump_limit.text())
config.libc_offsets = self.get_offsets()
config.save()
idaapi.info("Config updated")
self.parent.init_heap()
self.parent.reload_gui_info()
except Exception as e:
idaapi.warning("ERROR: " + str(e))
示例6
def modify_value(self):
reg = self.get_selected_reg()
if not reg:
return
reg_val = idc.get_reg_value(reg)
b = idaapi.ask_str("0x%X" % reg_val, 0, "Modify register value")
if b is not None:
try:
value = int(idaapi.str2ea(b))
idc.set_reg_value(value, reg)
self.reload_info()
if reg == dbg.registers.flags:
self.reload_flags_view()
except:
idaapi.warning("Invalid expression")
示例7
def switch_value(self):
lineno = self.GetLineNo()
if lineno > len(dbg.registers.flags):
return
line = self.GetLine(lineno)
line = idaapi.tag_remove(line[0])
flag = line[:4].strip()
new_val = not self.flag_vals[flag]
rc = idc.set_reg_value(int(new_val), flag)
if not rc:
idaapi.warning("Unable to update the register value")
return
self.parent.reload_view()
示例8
def reload_gui_info(self, from_arena_cb=False):
if self.heap is None:
return
try:
if not misc.is_process_suspended():
answer = idaapi.ask_yn(
idaapi.ASKBTN_YES,
"HIDECANCEL\nThe process must be suspended to reload the info.\n\
Do you want to suspend it?")
if answer == idaapi.ASKBTN_NO:
return
if not idaapi.suspend_process():
warning("Unable to suspend the process")
return
idaapi.refresh_debugger_memory()
if not self.heap.get_heap_base():
self.show_warning("Heap not initialized")
return
if not config.libc_base:
self.show_warning("Unable to resolve glibc base address.")
return
self.hide_warning()
self.arenas_widget.setVisible(True)
if not from_arena_cb:
self.populate_arenas()
self.arena_widget.populate_table()
self.tcache_widget.populate_table()
self.bins_widget.populate_tables()
except Exception as e:
self.show_warning(str(e))
idaapi.warning(traceback.format_exc())
示例9
def init_heap(self):
try:
self.config_widget.load_config()
self.heap = Heap()
self.btn_reload.setEnabled(True)
self.tabs.setTabEnabled(3, self.heap.tcache_enabled)
except Exception as e:
self.show_warning("Please, fix the config file")
idaapi.warning(traceback.format_exc())
示例10
def btn_dump_trace_on_click(self):
if self.tbl_traced_chunks.rowCount() == 0:
idaapi.warning("Empty table")
return
filename = AskFile(1, "*.csv", "Select the file to store tracing results")
if not filename:
return
try:
result = self.tbl_traced_chunks.dump_table_as_csv()
with open(filename, 'wb') as f:
f.write(result)
except Exception as e:
idaapi.warning(traceback.format_exc())
示例11
def jump_on_click(self):
chunk_addr = self.get_chunk_address()
if chunk_addr is None:
idaapi.warning("Invalid address / expression")
return
idc.jumpto(chunk_addr)
示例12
def prev_on_click(self):
chunk_addr = self.get_chunk_address()
if chunk_addr is None:
idaapi.warning("Invalid address / expression")
return
try:
chunk = self.heap.get_chunk(chunk_addr)
if chunk.prev_inuse == 0:
prev_addr = chunk_addr-chunk.prev_size
self.show_chunk("%#x" % prev_addr)
else:
idaapi.warning("%#x: prev_chunk in use" % chunk_addr)
except Exception as e:
idaapi.warning("ERROR: " + str(e))
示例13
def edit_chunk_on_click(self):
chunk_addr = self.get_chunk_address()
if chunk_addr is None:
idaapi.warning("Invalid address / expression")
return
w = ChunkEditor(chunk_addr, self)
if w.exec_() == 1:
self.view_chunk_info()
# -----------------------------------------------------------------------
示例14
def show_struct_on_click(self):
try:
address = int(self.t_struct_addr.text(), 16)
self.show_struct(address, "_IO_FILE")
except:
idaapi.warning("ERROR: Invalid address")
示例15
def run(self, arg=0):
try:
if "ELF" not in idaapi.get_file_type_name():
raise Exception("Executable must be ELF fomat")
if not idaapi.is_debugger_on() or not is_process_suspended():
raise Exception("The debugger must be active and suspended before using this plugin")
f = plugin_gui.HeapPluginForm()
f.Show()
except Exception as e:
idaapi.warning("[%s] %s" % (PLUGNAME, str(e)))
示例16
def recursive_prefix(addr):
"""
Recursively prefix a function tree with a user defined string.
"""
func_addr = idaapi.get_name_ea(idaapi.BADADDR, idaapi.get_func_name(addr))
if func_addr == idaapi.BADADDR:
idaapi.msg("Prefix: 0x%08X does not belong to a defined function\n" % addr)
return
# prompt the user for a prefix to apply to the selected functions
tag = idaapi.ask_str(PREFIX_DEFAULT, 0, "Function Tag")
# the user closed the window... ignore
if tag == None:
return
# the user put a blank string and hit 'okay'... notify & ignore
elif tag == '':
idaapi.warning("[ERROR] Tag cannot be empty [ERROR]")
return
# recursively collect all the functions called by this function
nodes_xref_down = graph_down(func_addr, path=set([]))
# graph_down returns the int address needs to be converted
tmp = []
tmp1 = ''
for func_addr in nodes_xref_down:
tmp1 = idaapi.get_func_name(func_addr)
if tmp1:
tmp.append(tmp1)
nodes_xref_down = tmp
# prefix the tree of functions
for rename in nodes_xref_down:
func_addr = idaapi.get_name_ea(idaapi.BADADDR, rename)
if tag not in rename:
idaapi.set_name(func_addr,'%s%s%s' % (str(tag), PREFIX_SEPARATOR, rename), idaapi.SN_NOWARN)
# refresh the IDA views
refresh_views()
示例17
def bulk_prefix():
"""
Prefix the Functions window selection with a user defined string.
"""
# prompt the user for a prefix to apply to the selected functions
tag = idaapi.ask_str(PREFIX_DEFAULT, 0, "Function Tag")
# the user closed the window... ignore
if tag == None:
return
# the user put a blank string and hit 'okay'... notify & ignore
elif tag == '':
idaapi.warning("[ERROR] Tag cannot be empty [ERROR]")
return
#
# loop through all the functions selected in the 'Functions window' and
# apply the user defined prefix tag to each one.
#
for func_name in get_selected_funcs():
# ignore functions that already have the specified prefix applied
if func_name.startswith(tag):
continue
# apply the user defined prefix to the function (rename it)
new_name = '%s%s%s' % (str(tag), PREFIX_SEPARATOR, func_name)
func_addr = idaapi.get_name_ea(idaapi.BADADDR, func_name)
idaapi.set_name(func_addr, new_name, idaapi.SN_NOWARN)
# refresh the IDA views
refresh_views()
示例18
def get_selected_funcs():
"""
Return the list of function names selected in the Functions window.
"""
import sip
twidget = idaapi.find_widget("Functions window")
widget = sip.wrapinstance(int(twidget), QtWidgets.QWidget)
# TODO: test this
if not widget:
idaapi.warning("Unable to find 'Functions window'")
return
#
# locate the table widget within the Functions window that actually holds
# all the visible function metadata
#
table = widget.findChild(QtWidgets.QTableView)
#
# scrape the selected function names from the Functions window table
#
selected_funcs = [str(s.data()) for s in table.selectionModel().selectedRows()]
#
# re-map the scraped names as they appear in the function table, to their true
# names as they are saved in the IDB. See the match_funcs(...) function
# comment for more details
#
return match_funcs(selected_funcs)
示例19
def run(self, arg):
"""
This is called by IDA when this file is loaded as a script.
"""
idaapi.warning("Lighthouse cannot be run as a script in IDA.")
示例20
def warning(self, text):
super(IDACoreAPI, self).warning(text)
示例21
def show_dockable(self, dockable_name):
try:
make_dockable = self._dockable_factory[dockable_name]
except KeyError:
return False
parent, dctx = None, None # not used for IDA's integration
widget = make_dockable(dockable_name, parent, dctx)
# get the original twidget, so we can use it with the IDA API's
#twidget = idaapi.TWidget__from_ptrval__(widget) NOTE: IDA 7.2+ only...
twidget = self._dockable_widgets.pop(dockable_name)
if not twidget:
self.warning("Could not open dockable window, because its reference is gone?!?")
return
# show the dockable widget
flags = idaapi.PluginForm.WOPN_TAB | idaapi.PluginForm.WOPN_RESTORE | idaapi.PluginForm.WOPN_PERSIST
idaapi.display_widget(twidget, flags)
widget.visible = True
# attempt to 'dock' the widget in a reasonable location
for target in ["IDA View-A", "Pseudocode-A"]:
dwidget = idaapi.find_widget(target)
if dwidget:
idaapi.set_dock_pos(dockable_name, 'IDA View-A', idaapi.DP_RIGHT)
break
示例22
def _add_signature(self, sig):
signature = parse_signature(sig)
if signature is None:
idaapi.warning("Error parsing signature")
return False
signature.target_type = 0 #Don't check for PE header
item = QtWidgets.QListWidgetItem(sig)
item.parsed_signature = signature
item.yara_rule = self.yara_scanner.compile(self.yara_scanner.convert(signature))
if isinstance(signature, LdbSignature):
pass
self.signatures_list.addItem(item)
return True
示例23
def jump_in_disassembly(self):
ea = self.get_current_expr_ea()
if not ea or not idaapi.is_loaded(ea):
idaapi.warning("Unable to resolve current expression\n")
return
widget = self.find_disass_view()
if not widget:
idaapi.warning("Unable to find disassembly view")
return
self.jumpto_in_view(widget, ea)
示例24
def jump_in_new_window(self):
ea = self.get_current_expr_ea()
if not ea or not idaapi.is_loaded(ea):
return
window_name = "D-0x%x" % ea
widget = idaapi.open_disasm_window(window_name)
if widget:
self.jumpto_in_view(widget, ea)
else:
idaapi.warning("Unable to create the new window")
示例25
def jump_in_hex(self):
ea = self.get_current_expr_ea()
if not ea or not idaapi.is_loaded(ea):
idaapi.warning("Unable to resolve current expression\n")
widget = self.find_hex_view()
if not widget:
idaapi.warning("Unable to find hex view")
return
self.jumpto_in_view(widget, ea)
示例26
def jump_to(self):
current = self.base_expr if self.base_expr is not None else ""
b = idaapi.ask_str(current, 0, "Sync with")
if b and len(b) > 0:
try:
self.base_expr = b
self.reload_info()
except:
idaapi.warning("Invalid expression")
else:
self.base_addr = None
示例27
def set_stack_entries(self):
value = idaapi.ask_long(config.n_stack_entries, "Set the number of stack entries to show")
if value is not None:
if value <= 0:
idaapi.warning("Negative values are not allowed")
return False
config.n_stack_entries = value
self.reload_info()
return True
return False
示例28
def reload_info(self):
if not dbg.is_process_suspended():
return False
base_addr = None
if self.base_expr is None:
base_addr = idc.get_reg_value(dbg.registers.stack)
else:
base_addr = idaapi.str2ea(self.base_expr)
if base_addr == idc.BADADDR:
idaapi.warning("Invalid base expr: %s" % self.base_expr)
return False
if not idaapi.is_loaded(base_addr):
idaapi.warning("Memory address is not loaded: $#x" % base_addr)
return False
self.ClearLines()
dbg.set_thread_info()
try:
segm_end = idc.get_segm_end(base_addr)
n_entries = config.n_stack_entries or ((segm_end-base_addr) // dbg.ptr_size)
for i in range(n_entries):
offset = i * dbg.ptr_size
ptr = base_addr + offset
if not idaapi.is_loaded(ptr):
break
value = dbg.get_ptr(ptr)
self.add_line("%02d:%04X %s" % (i, offset, self.parse_value(ptr)))
except Exception as e:
idaapi.warning(str(e))
return False
return True
示例29
def set_deref_levels(self):
value = idaapi.ask_long(config.max_deref_levels, "Set current dereferencing levels to show")
if value is not None:
if value < 0:
idaapi.warning("Negative values are not allowed")
return False
if value > config.deref_limit:
idaapi.warning("Value should not exceed the dereferencing limit: %d" % config.deref_limit)
return False
config.max_deref_levels = value
self.reload_info()
return True
return False
示例30
def add_comment(self):
"""
Add a commment to the selected line
"""
print("GhIDA:: [DEBUG] add_comment called")
colored_line = self.GetCurrentLine(notags=1)
if not colored_line:
idaapi.warning("Select a line")
return False
# Use pygments to parse the line to check if there are comments
line = idaapi.tag_remove(colored_line)
lexer = CLexer()
tokens = list(lexer.get_tokens(line))
text = ""
text_comment = ""
for t in tokens:
ttype = t[0]
ttext = str(t[1])
if ttype == Token.Comment.Single:
text_comment = ttext.replace('//', '').strip()
else:
text += ttext
# Get the new comment
comment = gl.display_comment_form(text_comment)
if not comment or len(comment) == 0:
return False
comment = comment.replace("//", "").replace("\n", " ")
comment = comment.strip()
# Create the new text
full_comment = "\t// %s" % comment
text = text.rstrip()
new_text = text + full_comment
text_colored = self.color_line(new_text)
num_line = self.GetLineNo()
self.EditLine(num_line, text_colored)
self.RefreshCurrent()
# Add comment to cache
COMMENTS_CACHE.add_comment_to_cache(self.__ea, num_line, full_comment)
print("GhIDA:: [DEBUG] Added comment to #line: %d (%s)" %
(num_line, new_text))
return
