Python idc.GetInputFile() Examples

The following are 12 code examples of idc.GetInputFile(). You can vote up the ones you like or vote down the ones you don't like, and go to the original project or source file by following the links above each example. You may also want to check out all available functions/classes of the module idc , or try the search function .
Example #1
Source File: lib_parser.py    From IDAmetrics with BSD 2-Clause "Simplified" License 6 votes vote down vote up 
def save_instrumented(list_of_addr, is_silent):
    dll_name = idc.GetInputFile()
    dll_name = dll_name[:dll_name.find(".")]
    dll_name = dll_name + "!"
    print dll_name
    if is_silent == SILENT:
        current_time = strftime("%Y-%m-%d_%H-%M-%S")
        analyzed_file = idc.GetInputFile()
        analyzed_file = analyzed_file.replace(".","_")
        file_name = analyzed_file + "_" + current_time + ".txt"
    else:
        file_name = AskFile(1, "dllcode.in", "Please specify a file to save results.")
        if file_name == -1:
            return 0
    
    file = open(file_name, 'w')
    for sublist in list_of_addr:
        for addr in sublist:
            #print addr
            file.write(dll_name + addr + "\n")
    file.close()
Example #2
Source File: IDAMetrics_static.py    From IDAmetrics with BSD 2-Clause "Simplified" License 6 votes vote down vote up 
def main():
    print "Start metrics calculation" 
    idc.Wait() #wait while ida finish analysis
    if os.getenv('IDAPYTHON') != 'auto':
        ui_setup = UI(init_analysis)
        print "done"
        return 0
    else: #hidden mode
        metrics_mask = dict()
        # calculate all metrics
        for i in metrics_list:
            metrics_mask[i] = 1

        metrics_total = Metrics()
        metrics_total.start_analysis(metrics_mask)
        current_time = strftime("%Y-%m-%d_%H-%M-%S")
        analyzed_file = idc.GetInputFile()
        analyzed_file = analyzed_file.replace(".","_")
        name = os.getcwd()
        name = name + "/" + analyzed_file + "_" + current_time + ".txt"
        save_results(metrics_total, name)
    
    if os.getenv('IDAPYTHON') == 'auto':
        Exit(0)
    return 1
Example #3
Source File: __init__.py    From hrdev with MIT License 6 votes vote down vote up 
def __init__(self):
        super(Plugin, self).__init__()

        self.tools = hrdev_plugin.include.helper.Tools(self)
        self.config_main = ConfigParser.ConfigParser()
        self.config_theme = ConfigParser.ConfigParser()

        self._bin_md5 = idc.GetInputMD5()
        self._bin_name = re.sub(r'\.[^.]*$', '', idc.GetInputFile())

        self.imports = self._get_imported_names()
        self.tmp_items = []
        real_dir = os.path.realpath(__file__).split('\\')
        real_dir.pop()
        real_dir = os.path.sep.join(real_dir)

        self._read_config(real_dir)
        self.banned_functions = \
            self.config_main.get('etc', 'banned_functions').split(',')
        self.gui = None
        self.parser = None
Example #4
Source File: create_tab_table.py    From win_driver_plugin with BSD 3-Clause "New" or "Revised" License 5 votes vote down vote up 
def activate(self, ctx):
        if ctypes.windll.shell32.IsUserAnAdmin() == 0:
            print "Admin privileges required"
            return
        name = idc.GetInputFile().split('.')[0]
        driver = driverlib.Driver(idc.GetInputFilePath(),name)
        driver.stop()
        driver.unload()
Example #5
Source File: create_tab_table.py    From win_driver_plugin with BSD 3-Clause "New" or "Revised" License 5 votes vote down vote up 
def activate(self, ctx):
        if ctypes.windll.shell32.IsUserAnAdmin() == 0:
            print "Admin privileges required"
            return
        name = idc.GetInputFile().split('.')[0]
        driver = driverlib.Driver(idc.GetInputFilePath(),name)
        driver.load()
        driver.start()
Example #6
Source File: create_tab_table.py    From win_driver_plugin with BSD 3-Clause "New" or "Revised" License 5 votes vote down vote up 
def activate(self, ctx):
        ind = ctx.chooser_selection.at(0)
        ioctl = self.items[ind - 1]
        name = idc.GetInputFile().split('.')[0]
        driver = driverlib.Driver(idc.GetInputFilePath(),name)
        DisplayIOCTLSForm(ioctl, driver)
Example #7
Source File: device_finder.py    From win_driver_plugin with BSD 3-Clause "New" or "Revised" License 5 votes vote down vote up 
def get_unicode_device_names():
    """Returns all Unicode strings within the binary currently being analysed in IDA which might be device names"""

    path = idc.GetInputFile()
    min_length = 4
    possible_names = set()
    with open(path, "rb") as f:
        b = mmap.mmap(f.fileno(), 0, access=mmap.ACCESS_READ)

        for s in extract_unicode_strings(b, n=min_length):
            s_str = str(s.s)
            if s_str.startswith('\\Device\\') or s_str.startswith('\\DosDevices\\'):
                possible_names.add(str(s.s))
    return possible_names
Example #8
Source File: project.py    From rematch with GNU General Public License v3.0 5 votes vote down vote up 
def __init__(self, **kwargs):
    super(AddFileDialog, self).__init__(title="Add File", **kwargs)

    name = idc.GetInputFile()
    md5hash = idc.GetInputMD5()

    layout = QtWidgets.QGridLayout()

    layout.addWidget(QtWidgets.QLabel("Project:"), 0, 0)
    layout.addWidget(QtWidgets.QLabel("File name:"), 1, 0)
    layout.addWidget(QtWidgets.QLabel("Description:"), 2, 0)
    layout.addWidget(QtWidgets.QLabel("MD5 hash:"), 3, 0)

    self.project_cbb = widgets.QItemSelect('projects', 'name', 'id',
                                           'description')
    layout.addWidget(self.project_cbb, 0, 1)

    self.name_txt = QtWidgets.QLineEdit()
    self.name_txt.setText(name)
    layout.addWidget(self.name_txt, 1, 1)

    self.description_txt = QtWidgets.QTextEdit()
    layout.addWidget(self.description_txt, 2, 1)

    layout.addWidget(QtWidgets.QLabel(md5hash), 3, 1)
    self.base_layout.addLayout(layout)

    self.shareidbCkb = QtWidgets.QCheckBox("Share IDB (let others without "
                                           "the idb to participate)")
    self.base_layout.addWidget(self.shareidbCkb)

    self.bottom_layout(ok_text="&Add")
Example #9
Source File: IDAMetrics_static.py    From IDAmetrics with BSD 2-Clause "Simplified" License 5 votes vote down vote up 
def init_analysis (metrics_used):
    metrics_total = Metrics()
    metrics_total.start_analysis(metrics_used)
    
    current_time = strftime("%Y-%m-%d_%H-%M-%S")
    analyzed_file = idc.GetInputFile()
    analyzed_file = analyzed_file.replace(".","_")
    mask = analyzed_file + "_" + current_time + ".txt"
    name = AskFile(1, mask, "Where to save metrics ?")
    
    save_results(metrics_total, name)       
    return 0
Example #10
Source File: find_device_name.py    From ida-scripts with The Unlicense 5 votes vote down vote up 
def get_unicode_device_names():
    path = idc.GetInputFile()
    min_length = 4
    possible_names = set()
    with open(path, "rb") as f:
        b = mmap.mmap(f.fileno(), 0, access=mmap.ACCESS_READ)

        for s in extract_unicode_strings(b, n=min_length):
            if str(s.s).startswith('\\Device\\'):
                possible_names.add(str(s.s))
    return possible_names
Example #11
Source File: __init__.py    From flare-ida with Apache License 2.0 5 votes vote down vote up 
def backup_database():
    """ Backup the database to a file similar to IDA's snapshot function. """
    time_string = strftime('%Y%m%d%H%M%S')
    file = idc.GetInputFile()
    if not file:
        raise NoInputFileException('No input file provided')
    input_file = rsplit(file, '.', 1)[0]
    backup_file = '%s_%s.idb' % (input_file, time_string)
    g_logger.info('Backing up database to file ' + backup_file)
    idc.SaveBase(backup_file, idaapi.DBFL_BAK)
Example #12
Source File: device_finder.py    From win_driver_plugin with BSD 3-Clause "New" or "Revised" License 4 votes vote down vote up 
def search():
    """
    Attempts to find potential device names in the currently opened binary, it starts by searching for Unicode device names,
    if this fails then it utilises FLOSS to search for stack based and obfuscated strings.
    """

    if not find_unicode_device_name():
        print "Unicode device name not found, attempting to find obfuscated and stack based strings."
        try:
            import floss
            import floss.identification_manager
            import floss.main
            import floss.stackstrings
            import viv_utils
        except ImportError:
            print "Please install FLOSS to continue, see: https://github.com/fireeye/flare-floss/"
            return
        logging.basicConfig() #To avoid logger handler not found errors, from https://github.com/fireeye/flare-floss/blob/66f67a49a38ae028a5e86f1de743c384d5271901/scripts/idaplugin.py#L154
        logging.getLogger('vtrace.platforms.win32').setLevel(logging.ERROR)
        sample_file_path = idc.GetInputFile()

        try:
            vw = viv_utils.getWorkspace(sample_file_path, should_save=False)
        except Exception, e:
            print("Vivisect failed to load the input file: {0}".format(e.message))
            return

        functions = set(vw.getFunctions())
        plugins = floss.main.get_all_plugins()
        device_names = set()

        stack_strings = floss.stackstrings.extract_stackstrings(vw, functions, 4, no_filter=True)
        for i in stack_strings:
            device_names.add(i)
        dec_func_candidates = floss.identification_manager.identify_decoding_functions(vw, plugins, functions)
        decoded_strings = floss.main.decode_strings(vw, dec_func_candidates, 4, no_filter=True)
        if len(decoded_strings) > 0:
            for i in decoded_strings:
                device_names.add(str(i.s))
            print "Potential device names from obfuscated or stack strings:"
            for i in device_names:
                print i
        else:
            print "No obfuscated or stack strings found :("