def save_results(lists_of_instr, list_of_func_names):
one_file = "userdlls_instr_to_instrument.txt"
analyzed_file = idc.GetInputFile()
analyzed_file = analyzed_file.replace(".","_")
current_time = strftime("%Y-%m-%d_%H-%M-%S")
file_name = WINHE_RESULTS_DIR + "\\" + one_file
file_log = WINHE_RESULTS_DIR + "\\" + analyzed_file + "_" + current_time + ".txt"
file = open(file_name, 'a')
log = open(file_log, 'w')
analyzed_file = analyzed_file.lower()
list_of_instr = get_unique(lists_of_instr)
list_of_func_names = get_unique_names(list_of_func_names)
for instr in list_of_instr:
file.write(idaapi.get_input_file_path().lower() + "!" + str(instr) + "\n")
log.write(str(len(list_of_func_names)) + "\n")
for name in list_of_func_names:
log.write(name + "\n")
print name
file.close()
log.close()
python类GetInputFile()的实例源码
def save_results(lists_of_instr, list_of_func_names):
''' The function saves results in a file
@list_of_instr - a list of instructions to save_results
@list_of_func_name - a list of functions names to save
'''
one_file = "sysdlls_instr_to_instrument.txt"
analyzed_file = idc.GetInputFile()
analyzed_file = analyzed_file.replace(".","_")
current_time = strftime("%Y-%m-%d_%H-%M-%S")
file_name = WINHE_RESULTS_DIR + "\\" + one_file
file_log = WINHE_RESULTS_DIR + "\\" + analyzed_file + "_" + current_time + ".txt"
file = open(file_name, 'a')
log = open(file_log, 'w')
analyzed_file = analyzed_file.lower()
list_of_instr = get_unique(lists_of_instr)
for instr in list_of_instr:
file.write(idaapi.get_input_file_path().lower() + "!" + str(instr) + "\n")
log.write(str(len(list_of_func_names)) + "\n")
for name in list_of_func_names:
log.write(name + "\n")
file.close()
log.close()
def send_sample(self, filedata):
"""
Ugly wrapper for uploading a file in multipart/form-data
"""
endpoint = "/api/1.0/samples/"
headers = {"Accept-encoding": "gzip, deflate",
"X-API-Key": self.api_key}
method = "POST"
boundary = "70f6e331562f4b8f98e5f9590e0ffb8e"
headers["Content-type"] = "multipart/form-data; boundary=" + boundary
body = "--" + boundary
body += "\r\n"
body += "Content-Disposition: form-data; name=\"filename\"\r\n"
body += "\r\n"
body += idc.GetInputFile()
body += "\r\n\r\n"
body += "--" + boundary + "\r\n"
body += "Content-Disposition: form-data;"
body += "name=\"file\"; filename=\"file\"\r\n"
body += "\r\n"
body += filedata.read()
body += "\r\n--"
body += boundary
body += "--\r\n"
self.h_conn.request(method, endpoint, body, headers)
res = self.h_conn.getresponse()
data = res.read()
try:
result = json.loads(data)
except BaseException:
g_logger.exception("Cannot load json data from server")
result = None
return result
def init_sample_id(self):
"""
test if the remote sample exists,
if not, we upload it
"""
if self.sample_id is None:
self.sample_id = self.get_sample_id()
if not self.sample_id:
g_logger.warning("Sample not found on server, uploading it")
self.send_sample(open(idc.GetInputFile(), 'rb'))
self.sample_id = self.get_sample_id()
g_logger.info("Sample ID: %d", self.sample_id)
def get_image():
name = idc.GetInputFile()
base = idaapi.get_imagebase()
return base, name
def prepare_output(path):
idb_name = os.path.basename('%s.idmp' % idc.GetInputFile())
path = os.path.abspath(path)
return os.path.join(path, idb_name)
def activate(self, ctx):
if ctypes.windll.shell32.IsUserAnAdmin() == 0:
print "Admin privileges required"
return
name = idc.GetInputFile().split('.')[0]
driver = driverlib.Driver(idc.GetInputFilePath(),name)
stopped = driver.stop()
unloaded = driver.unload()
def activate(self, ctx):
if ctypes.windll.shell32.IsUserAnAdmin() == 0:
print "Admin privileges required"
return
name = idc.GetInputFile().split('.')[0]
driver = driverlib.Driver(idc.GetInputFilePath(),name)
loaded = driver.load()
started = driver.start()
def activate(self, ctx):
ind = ctx.chooser_selection.at(0)
ioctl = self.items[ind - 1]
name = idc.GetInputFile().split('.')[0]
driver = driverlib.Driver(idc.GetInputFilePath(),name)
DisplayIOCTLSForm(ioctl, driver)
def get_define(ioctl_code):
"""Decodes an ioctl code and returns a C define for it using the CTL_CODE macro"""
function = get_function(ioctl_code)
device_name, device_code = get_device(ioctl_code)
method_name, method_code = get_method(ioctl_code)
access_name, access_code = get_access(ioctl_code)
name = "%s_0x%08X" % (idc.GetInputFile().split('.')[0], ioctl_code)
return "#define %s CTL_CODE(0x%X, 0x%X, %s, %s)" % (name, device_code, function, method_name, access_name)
def get_unicode_device_names():
"""Returns all unicode strings within the binary currently being analysed in IDA which might be device names"""
path = idc.GetInputFile()
min_length = 4
possible_names = set()
with open(path, "rb") as f:
b = mmap.mmap(f.fileno(), 0, access=mmap.ACCESS_READ)
for s in extract_unicode_strings(b, n=min_length):
s_str = str(s.s)
if s_str.startswith('\\Device\\') or s_str.startswith('\\DosDevices\\'):
possible_names.add(str(s.s))
return possible_names
def SanityChecks():
seg = FirstSeg()
if SegName(seg) != GetInputFile().replace(' ', '_'):
dlg = AskYN(0, "Name of the first segment for main module ('" + SegName(seg) + "') doesn't\nmatch main module's name ('" + GetInputFile() + "').\n\n" +
"In order for the FridaLink to function correctly (i.e. resolve\nsymbols and load additional modules) this segment name\nshould be updated.\n\n" +
"Update first segment name to '" + GetInputFile() + "'?")
if dlg == 1:
set_segm_name(getseg(seg), GetInputFile())
Wait()
fl_log("FridaLink: set first sector name for main binary to '" + GetInputFile() + "'\n")
def __init__(self):
'''
one table is for one function and its xref_to functions
the table's name is the source function's name
how to store function features within the table still need consideration
'''
self.script_folder = ''
self.project_name = ''
print '---------------------', idc.ARGV[1]
arg = idc.ARGV[1]
self.script_folder = arg[arg.find('(')+2: arg.find(',')-1]
self.project_name = arg[arg.find(',')+2: arg.find(')')-1]
print '++++++++++project_name', self.project_name
print '++++++++++script_folder',self.script_folder
self.moduleName = idc.GetInputFile().replace('.','_') #name of current idb
if os.path.exists(self.moduleName):
#may need user's input to decide whether rewrite it or append it? this check shld be set as input in args
print 'the db already exist'
clear = ConfirmDialog("Delete the current DB and create a new one?")
clear.Compile()
ok = clear.Execute()
if ok:
os.remove(self.moduleName)
else:
return
print '[Get_FunctionFeatures]moduleName: %s'%self.moduleName
self.func_name_ea = {name:ea for ea, name in idautils.Names()} # all names within idb
self.ftable = collections.defaultdict(dict) # a dictionary stores the features of one function, will be refreshed for every function
self.exports = [] # all export functions
self.memop = {} #instructions with memory operation
self.syscalls = set()
self.priorMatrix = [('returnpoints', '_feature_returnpoints'), ('loopcount', '_feature_loopcount')]
#(ea, writemem, writetoglobal, cmpmem, loopcalc)
self.LoadExports()
print 'table name: ' + self.moduleName
