本文整理匯總了Python中idc.GetInputFile方法的典型用法代碼示例。如果您正苦於以下問題:Python idc.GetInputFile方法的具體用法?Python idc.GetInputFile怎麽用?Python idc.GetInputFile使用的例子?那麽, 這裏精選的方法代碼示例或許可以為您提供幫助。您也可以進一步了解該方法所在類idc的用法示例。
在下文中一共展示了idc.GetInputFile方法的10個代碼示例,這些例子默認根據受歡迎程度排序。您可以為喜歡或者感覺有用的代碼點讚,您的評價將有助於係統推薦出更棒的Python代碼示例。
示例1: save_instrumented
# 需要導入模塊: import idc [as 別名]
# 或者: from idc import GetInputFile [as 別名]
def save_instrumented(list_of_addr, is_silent):
dll_name = idc.GetInputFile()
dll_name = dll_name[:dll_name.find(".")]
dll_name = dll_name + "!"
print dll_name
if is_silent == SILENT:
current_time = strftime("%Y-%m-%d_%H-%M-%S")
analyzed_file = idc.GetInputFile()
analyzed_file = analyzed_file.replace(".","_")
file_name = analyzed_file + "_" + current_time + ".txt"
else:
file_name = AskFile(1, "dllcode.in", "Please specify a file to save results.")
if file_name == -1:
return 0
file = open(file_name, 'w')
for sublist in list_of_addr:
for addr in sublist:
#print addr
file.write(dll_name + addr + "\n")
file.close() 示例2: main
# 需要導入模塊: import idc [as 別名]
# 或者: from idc import GetInputFile [as 別名]
def main():
print "Start metrics calculation"
idc.Wait() #wait while ida finish analysis
if os.getenv('IDAPYTHON') != 'auto':
ui_setup = UI(init_analysis)
print "done"
return 0
else: #hidden mode
metrics_mask = dict()
# calculate all metrics
for i in metrics_list:
metrics_mask[i] = 1
metrics_total = Metrics()
metrics_total.start_analysis(metrics_mask)
current_time = strftime("%Y-%m-%d_%H-%M-%S")
analyzed_file = idc.GetInputFile()
analyzed_file = analyzed_file.replace(".","_")
name = os.getcwd()
name = name + "/" + analyzed_file + "_" + current_time + ".txt"
save_results(metrics_total, name)
if os.getenv('IDAPYTHON') == 'auto':
Exit(0)
return 1 示例3: __init__
# 需要導入模塊: import idc [as 別名]
# 或者: from idc import GetInputFile [as 別名]
def __init__(self):
super(Plugin, self).__init__()
self.tools = hrdev_plugin.include.helper.Tools(self)
self.config_main = ConfigParser.ConfigParser()
self.config_theme = ConfigParser.ConfigParser()
self._bin_md5 = idc.GetInputMD5()
self._bin_name = re.sub(r'\.[^.]*$', '', idc.GetInputFile())
self.imports = self._get_imported_names()
self.tmp_items = []
real_dir = os.path.realpath(__file__).split('\\')
real_dir.pop()
real_dir = os.path.sep.join(real_dir)
self._read_config(real_dir)
self.banned_functions = \
self.config_main.get('etc', 'banned_functions').split(',')
self.gui = None
self.parser = None 示例4: activate
# 需要導入模塊: import idc [as 別名]
# 或者: from idc import GetInputFile [as 別名]
def activate(self, ctx):
if ctypes.windll.shell32.IsUserAnAdmin() == 0:
print "Admin privileges required"
return
name = idc.GetInputFile().split('.')[0]
driver = driverlib.Driver(idc.GetInputFilePath(),name)
driver.stop()
driver.unload() 示例5: get_unicode_device_names
# 需要導入模塊: import idc [as 別名]
# 或者: from idc import GetInputFile [as 別名]
def get_unicode_device_names():
"""Returns all Unicode strings within the binary currently being analysed in IDA which might be device names"""
path = idc.GetInputFile()
min_length = 4
possible_names = set()
with open(path, "rb") as f:
b = mmap.mmap(f.fileno(), 0, access=mmap.ACCESS_READ)
for s in extract_unicode_strings(b, n=min_length):
s_str = str(s.s)
if s_str.startswith('\\Device\\') or s_str.startswith('\\DosDevices\\'):
possible_names.add(str(s.s))
return possible_names 示例6: __init__
# 需要導入模塊: import idc [as 別名]
# 或者: from idc import GetInputFile [as 別名]
def __init__(self, **kwargs):
super(AddFileDialog, self).__init__(title="Add File", **kwargs)
name = idc.GetInputFile()
md5hash = idc.GetInputMD5()
layout = QtWidgets.QGridLayout()
layout.addWidget(QtWidgets.QLabel("Project:"), 0, 0)
layout.addWidget(QtWidgets.QLabel("File name:"), 1, 0)
layout.addWidget(QtWidgets.QLabel("Description:"), 2, 0)
layout.addWidget(QtWidgets.QLabel("MD5 hash:"), 3, 0)
self.project_cbb = widgets.QItemSelect('projects', 'name', 'id',
'description')
layout.addWidget(self.project_cbb, 0, 1)
self.name_txt = QtWidgets.QLineEdit()
self.name_txt.setText(name)
layout.addWidget(self.name_txt, 1, 1)
self.description_txt = QtWidgets.QTextEdit()
layout.addWidget(self.description_txt, 2, 1)
layout.addWidget(QtWidgets.QLabel(md5hash), 3, 1)
self.base_layout.addLayout(layout)
self.shareidbCkb = QtWidgets.QCheckBox("Share IDB (let others without "
"the idb to participate)")
self.base_layout.addWidget(self.shareidbCkb)
self.bottom_layout(ok_text="&Add") 示例7: init_analysis
# 需要導入模塊: import idc [as 別名]
# 或者: from idc import GetInputFile [as 別名]
def init_analysis (metrics_used):
metrics_total = Metrics()
metrics_total.start_analysis(metrics_used)
current_time = strftime("%Y-%m-%d_%H-%M-%S")
analyzed_file = idc.GetInputFile()
analyzed_file = analyzed_file.replace(".","_")
mask = analyzed_file + "_" + current_time + ".txt"
name = AskFile(1, mask, "Where to save metrics ?")
save_results(metrics_total, name)
return 0 示例8: get_unicode_device_names
# 需要導入模塊: import idc [as 別名]
# 或者: from idc import GetInputFile [as 別名]
def get_unicode_device_names():
path = idc.GetInputFile()
min_length = 4
possible_names = set()
with open(path, "rb") as f:
b = mmap.mmap(f.fileno(), 0, access=mmap.ACCESS_READ)
for s in extract_unicode_strings(b, n=min_length):
if str(s.s).startswith('\\Device\\'):
possible_names.add(str(s.s))
return possible_names 示例9: backup_database
# 需要導入模塊: import idc [as 別名]
# 或者: from idc import GetInputFile [as 別名]
def backup_database():
""" Backup the database to a file similar to IDA's snapshot function. """
time_string = strftime('%Y%m%d%H%M%S')
file = idc.GetInputFile()
if not file:
raise NoInputFileException('No input file provided')
input_file = rsplit(file, '.', 1)[0]
backup_file = '%s_%s.idb' % (input_file, time_string)
g_logger.info('Backing up database to file ' + backup_file)
idc.SaveBase(backup_file, idaapi.DBFL_BAK) 示例10: search
# 需要導入模塊: import idc [as 別名]
# 或者: from idc import GetInputFile [as 別名]
def search():
"""
Attempts to find potential device names in the currently opened binary, it starts by searching for Unicode device names,
if this fails then it utilises FLOSS to search for stack based and obfuscated strings.
"""
if not find_unicode_device_name():
print "Unicode device name not found, attempting to find obfuscated and stack based strings."
try:
import floss
import floss.identification_manager
import floss.main
import floss.stackstrings
import viv_utils
except ImportError:
print "Please install FLOSS to continue, see: https://github.com/fireeye/flare-floss/"
return
logging.basicConfig() #To avoid logger handler not found errors, from https://github.com/fireeye/flare-floss/blob/66f67a49a38ae028a5e86f1de743c384d5271901/scripts/idaplugin.py#L154
logging.getLogger('vtrace.platforms.win32').setLevel(logging.ERROR)
sample_file_path = idc.GetInputFile()
try:
vw = viv_utils.getWorkspace(sample_file_path, should_save=False)
except Exception, e:
print("Vivisect failed to load the input file: {0}".format(e.message))
return
functions = set(vw.getFunctions())
plugins = floss.main.get_all_plugins()
device_names = set()
stack_strings = floss.stackstrings.extract_stackstrings(vw, functions, 4, no_filter=True)
for i in stack_strings:
device_names.add(i)
dec_func_candidates = floss.identification_manager.identify_decoding_functions(vw, plugins, functions)
decoded_strings = floss.main.decode_strings(vw, dec_func_candidates, 4, no_filter=True)
if len(decoded_strings) > 0:
for i in decoded_strings:
device_names.add(str(i.s))
print "Potential device names from obfuscated or stack strings:"
for i in device_names:
print i
else:
print "No obfuscated or stack strings found :("