本文整理汇总了Python中idc.GetInputFile方法的典型用法代码示例。如果您正苦于以下问题:Python idc.GetInputFile方法的具体用法?Python idc.GetInputFile怎么用?Python idc.GetInputFile使用的例子?那么, 这里精选的方法代码示例或许可以为您提供帮助。您也可以进一步了解该方法所在类idc
的用法示例。
在下文中一共展示了idc.GetInputFile方法的10个代码示例,这些例子默认根据受欢迎程度排序。您可以为喜欢或者感觉有用的代码点赞,您的评价将有助于系统推荐出更棒的Python代码示例。
示例1: save_instrumented
# 需要导入模块: import idc [as 别名]
# 或者: from idc import GetInputFile [as 别名]
def save_instrumented(list_of_addr, is_silent):
dll_name = idc.GetInputFile()
dll_name = dll_name[:dll_name.find(".")]
dll_name = dll_name + "!"
print dll_name
if is_silent == SILENT:
current_time = strftime("%Y-%m-%d_%H-%M-%S")
analyzed_file = idc.GetInputFile()
analyzed_file = analyzed_file.replace(".","_")
file_name = analyzed_file + "_" + current_time + ".txt"
else:
file_name = AskFile(1, "dllcode.in", "Please specify a file to save results.")
if file_name == -1:
return 0
file = open(file_name, 'w')
for sublist in list_of_addr:
for addr in sublist:
#print addr
file.write(dll_name + addr + "\n")
file.close()
示例2: main
# 需要导入模块: import idc [as 别名]
# 或者: from idc import GetInputFile [as 别名]
def main():
print "Start metrics calculation"
idc.Wait() #wait while ida finish analysis
if os.getenv('IDAPYTHON') != 'auto':
ui_setup = UI(init_analysis)
print "done"
return 0
else: #hidden mode
metrics_mask = dict()
# calculate all metrics
for i in metrics_list:
metrics_mask[i] = 1
metrics_total = Metrics()
metrics_total.start_analysis(metrics_mask)
current_time = strftime("%Y-%m-%d_%H-%M-%S")
analyzed_file = idc.GetInputFile()
analyzed_file = analyzed_file.replace(".","_")
name = os.getcwd()
name = name + "/" + analyzed_file + "_" + current_time + ".txt"
save_results(metrics_total, name)
if os.getenv('IDAPYTHON') == 'auto':
Exit(0)
return 1
示例3: __init__
# 需要导入模块: import idc [as 别名]
# 或者: from idc import GetInputFile [as 别名]
def __init__(self):
super(Plugin, self).__init__()
self.tools = hrdev_plugin.include.helper.Tools(self)
self.config_main = ConfigParser.ConfigParser()
self.config_theme = ConfigParser.ConfigParser()
self._bin_md5 = idc.GetInputMD5()
self._bin_name = re.sub(r'\.[^.]*$', '', idc.GetInputFile())
self.imports = self._get_imported_names()
self.tmp_items = []
real_dir = os.path.realpath(__file__).split('\\')
real_dir.pop()
real_dir = os.path.sep.join(real_dir)
self._read_config(real_dir)
self.banned_functions = \
self.config_main.get('etc', 'banned_functions').split(',')
self.gui = None
self.parser = None
示例4: activate
# 需要导入模块: import idc [as 别名]
# 或者: from idc import GetInputFile [as 别名]
def activate(self, ctx):
if ctypes.windll.shell32.IsUserAnAdmin() == 0:
print "Admin privileges required"
return
name = idc.GetInputFile().split('.')[0]
driver = driverlib.Driver(idc.GetInputFilePath(),name)
driver.stop()
driver.unload()
示例5: get_unicode_device_names
# 需要导入模块: import idc [as 别名]
# 或者: from idc import GetInputFile [as 别名]
def get_unicode_device_names():
"""Returns all Unicode strings within the binary currently being analysed in IDA which might be device names"""
path = idc.GetInputFile()
min_length = 4
possible_names = set()
with open(path, "rb") as f:
b = mmap.mmap(f.fileno(), 0, access=mmap.ACCESS_READ)
for s in extract_unicode_strings(b, n=min_length):
s_str = str(s.s)
if s_str.startswith('\\Device\\') or s_str.startswith('\\DosDevices\\'):
possible_names.add(str(s.s))
return possible_names
示例6: __init__
# 需要导入模块: import idc [as 别名]
# 或者: from idc import GetInputFile [as 别名]
def __init__(self, **kwargs):
super(AddFileDialog, self).__init__(title="Add File", **kwargs)
name = idc.GetInputFile()
md5hash = idc.GetInputMD5()
layout = QtWidgets.QGridLayout()
layout.addWidget(QtWidgets.QLabel("Project:"), 0, 0)
layout.addWidget(QtWidgets.QLabel("File name:"), 1, 0)
layout.addWidget(QtWidgets.QLabel("Description:"), 2, 0)
layout.addWidget(QtWidgets.QLabel("MD5 hash:"), 3, 0)
self.project_cbb = widgets.QItemSelect('projects', 'name', 'id',
'description')
layout.addWidget(self.project_cbb, 0, 1)
self.name_txt = QtWidgets.QLineEdit()
self.name_txt.setText(name)
layout.addWidget(self.name_txt, 1, 1)
self.description_txt = QtWidgets.QTextEdit()
layout.addWidget(self.description_txt, 2, 1)
layout.addWidget(QtWidgets.QLabel(md5hash), 3, 1)
self.base_layout.addLayout(layout)
self.shareidbCkb = QtWidgets.QCheckBox("Share IDB (let others without "
"the idb to participate)")
self.base_layout.addWidget(self.shareidbCkb)
self.bottom_layout(ok_text="&Add")
示例7: init_analysis
# 需要导入模块: import idc [as 别名]
# 或者: from idc import GetInputFile [as 别名]
def init_analysis (metrics_used):
metrics_total = Metrics()
metrics_total.start_analysis(metrics_used)
current_time = strftime("%Y-%m-%d_%H-%M-%S")
analyzed_file = idc.GetInputFile()
analyzed_file = analyzed_file.replace(".","_")
mask = analyzed_file + "_" + current_time + ".txt"
name = AskFile(1, mask, "Where to save metrics ?")
save_results(metrics_total, name)
return 0
示例8: get_unicode_device_names
# 需要导入模块: import idc [as 别名]
# 或者: from idc import GetInputFile [as 别名]
def get_unicode_device_names():
path = idc.GetInputFile()
min_length = 4
possible_names = set()
with open(path, "rb") as f:
b = mmap.mmap(f.fileno(), 0, access=mmap.ACCESS_READ)
for s in extract_unicode_strings(b, n=min_length):
if str(s.s).startswith('\\Device\\'):
possible_names.add(str(s.s))
return possible_names
示例9: backup_database
# 需要导入模块: import idc [as 别名]
# 或者: from idc import GetInputFile [as 别名]
def backup_database():
""" Backup the database to a file similar to IDA's snapshot function. """
time_string = strftime('%Y%m%d%H%M%S')
file = idc.GetInputFile()
if not file:
raise NoInputFileException('No input file provided')
input_file = rsplit(file, '.', 1)[0]
backup_file = '%s_%s.idb' % (input_file, time_string)
g_logger.info('Backing up database to file ' + backup_file)
idc.SaveBase(backup_file, idaapi.DBFL_BAK)
示例10: search
# 需要导入模块: import idc [as 别名]
# 或者: from idc import GetInputFile [as 别名]
def search():
"""
Attempts to find potential device names in the currently opened binary, it starts by searching for Unicode device names,
if this fails then it utilises FLOSS to search for stack based and obfuscated strings.
"""
if not find_unicode_device_name():
print "Unicode device name not found, attempting to find obfuscated and stack based strings."
try:
import floss
import floss.identification_manager
import floss.main
import floss.stackstrings
import viv_utils
except ImportError:
print "Please install FLOSS to continue, see: https://github.com/fireeye/flare-floss/"
return
logging.basicConfig() #To avoid logger handler not found errors, from https://github.com/fireeye/flare-floss/blob/66f67a49a38ae028a5e86f1de743c384d5271901/scripts/idaplugin.py#L154
logging.getLogger('vtrace.platforms.win32').setLevel(logging.ERROR)
sample_file_path = idc.GetInputFile()
try:
vw = viv_utils.getWorkspace(sample_file_path, should_save=False)
except Exception, e:
print("Vivisect failed to load the input file: {0}".format(e.message))
return
functions = set(vw.getFunctions())
plugins = floss.main.get_all_plugins()
device_names = set()
stack_strings = floss.stackstrings.extract_stackstrings(vw, functions, 4, no_filter=True)
for i in stack_strings:
device_names.add(i)
dec_func_candidates = floss.identification_manager.identify_decoding_functions(vw, plugins, functions)
decoded_strings = floss.main.decode_strings(vw, dec_func_candidates, 4, no_filter=True)
if len(decoded_strings) > 0:
for i in decoded_strings:
device_names.add(str(i.s))
print "Potential device names from obfuscated or stack strings:"
for i in device_names:
print i
else:
print "No obfuscated or stack strings found :("