IDAPython 显示用户窗体

最新推荐文章于 2024-01-02 10:19:06 发布
最新推荐文章于 2024-01-02 10:19:06 发布
阅读量805 收藏 1
点赞数 1
分类专栏: 学习

参考:http://www.hexblog.com/?p=119

https://github.com/EiNSTeiN-/idapython/tree/master/examples

Using custom viewers from IDAPython

The simplest custom viewer which does not handle any events (like key presses, mouse or cursor position movements, displaying hints, etc) can be created like this:

v = idaapi.simplecustviewer_t()
if v.Create("Simple custom viewer"):
    for i in xrange(1, 11): 
        v.AddLine("Line %d" % i)
    v.Show()
else:
    print "Failed to create viewer"

处理用户事件的窗体

class mycv_t(simplecustviewer_t):
    def Create(self, sn=None):
        # Form the title
        title = "Simple custom view test"
        if sn:
            title += " %d" % sn

        # Create the customview
        if not simplecustviewer_t.Create(self, title):
            return False

        self.menu_hello = self.AddPopupMenu("Hello")
        self.menu_world = self.AddPopupMenu("World")

        for i in xrange(0, 100):
            self.AddLine("Line %d" % i)

        return True

    def OnKeydown(self, vkey, shift):
        # ESCAPE?
        if vkey == 27:
            self.Close()
        # Goto?
        elif vkey == ord('G'):
            n = self.GetLineNo()
            if n is not None:
                v = idc.AskLong(self.GetLineNo(), "Where to go?")
                if v:
                    self.Jump(v, 0, 5)
        elif vkey == ord('R'):
            print "refreshing...."

            self.Refresh()
        else:
            return False
        return True

    def OnPopupMenu(self, menu_id):
        if menu_id == self.menu_hello:
            print "Hello"
        elif menu_id == self.menu_world:
            print "World"
        else:
            # Unhandled
            return False
        return True

调用 

view = mycv_t()
if view.Create(1):
    view.Show()

建立用户菜单(对 idaapi.IDA_SDK_VERSION==700 运行不了!

参见:https://www.programcreek.com/python/example/83980/idaapi.add_menu_item

Example 1

def init(self):
        global initialized

        if initialized == False:
            initialized = True
            # menu = idaapi.add_menu_item("Edit/x64dbgida/", "About", "", 0,
                                        # self.about, None)
            # if menu is not None:			
            idaapi.attach_action_to_menu("Edit/x64dbgida/", 'my:exportdb', idaapi.SETMENU_APP)
            idaapi.attach_action_to_menu("Edit/x64dbgida/", 'my:importdb', idaapi.SETMENU_APP)
                # idaapi.add_menu_item("Edit/x64dbgida/",
                                     # "Import (uncompressed) database", "", 0,
                                     # self.importdb, None)
            # elif idaapi.IDA_SDK_VERSION < 680:
                # idaapi.add_menu_item("File/Produce file/",
                                     # "Export x64dbg database", "", 0,
                                     # self.exportdb, None)
                # idaapi.add_menu_item("File/Load file/",
                                     # "Import x64dbg database", "", 0,
                                     # self.importdb, None)

        return idaapi.PLUGIN_OK

Example 2

def init(self):
        NO_HOTKEY = ""
        SETMENU_INS = 0
        NO_ARGS = tuple()

        logger.debug("[+] %s.init()" % self.__class__.__name__)
        self.menuitems = []

        logger.debug("[+] setting up menus")
        menu = idaapi.add_menu_item(self.wanted_menu[0],
                                    self.wanted_menu[1],
                                    NO_HOTKEY,
                                    SETMENU_INS,
                                    self.menu_config,
                                    NO_ARGS)
        self.menuitems.append(menu)

        return idaapi.PLUGIN_KEEP

 Example 3

def add(cls, path, name, fn, hotkey='', flags=0, args=()):
                if (path,name) in cls.state:
                    cls.rm(path, name)
                ctx = idaapi.add_menu_item(path, name, hotkey, flags, fn, args)
                cls.state[path,name] = ctx

Example 4

def register_menu(self):
    global g_bindiff
    g_bindiff = self

    idaapi.add_menu_item("Edit/Plugins/", "Diaphora - Show results", "F3", 0, show_choosers, ())
    idaapi.add_menu_item("Edit/Plugins/", "Diaphora - Save results", None, 0, save_results, ())
    idaapi.add_menu_item("Edit/Plugins/", "Diaphora - Load results", None, 0, load_results, ())
    Warning("""AUTOHIDE REGISTRY\nIf you close one tab you can always re-open it by pressing F3
or selecting Edit -> Plugins -> Diaphora - Show results""")

Example 5

def RegisterMenuActions(handler):
	global g_MenuList
	g_MenuList.append(add_menu_item("Edit/Plugin/Frida Link/", "Unload Plugin",           "SHIFT+CTRL+U", 0, handler.unloadPlugin, ()))
	g_MenuList.append(add_menu_item("Edit/Plugin/Frida Link/", "Stop Server",             None,           0, handler.stopServer, ()))
	g_MenuList.append(add_menu_item("Edit/Plugin/Frida Link/", "Start Server",            None,           0, handler.startServer, ()))
	add_menu_item(					"Edit/Plugin/Frida Link/", "-",                       None,           0, handler.doNothing, ())
	g_MenuList.append(add_menu_item("Edit/Plugin/Frida Link/", "Debug Log Toggle",        None,           0, handler.logToggle, ()))
	g_MenuList.append(add_menu_item("Edit/Plugin/Frida Link/", "Symbol Overwrite Toggle", None,           0, handler.overwriteSymbolToggle, ()))
	g_MenuList.append(add_menu_item("Edit/Plugin/Frida Link/", "Show Settings",           None,           0, handler.showSettings, ()))
	add_menu_item(					"Edit/Plugin/Frida Link/", "-",                       None,           0, handler.doNothing, ())
	g_MenuList.append(add_menu_item("Edit/Plugin/Frida Link/", "Close DB",                None,           0, handler.showCloseDB, ()))
	g_MenuList.append(add_menu_item("Edit/Plugin/Frida Link/", "Execute DB Query",        None,           0, handler.showExecQuery, ()))
	g_MenuList.append(add_menu_item("Edit/Plugin/Frida Link/", "Open DB",                 None,           0, handler.showOpenDB, ()))
	g_MenuList.append(add_menu_item("Edit/Plugin/Frida Link/", "Create DB",               None,           0, handler.showCreateDB, ()))
	add_menu_item(					"Edit/Plugin/Frida Link/", "-",                       None,           0, handler.doNothing, ())
	g_MenuList.append(add_menu_item("Edit/Plugin/Frida Link/", "Step Over Breakpoint",    "SHIFT+CTRL+O", 0, handler.handleDebugStepOver, ()))
	g_MenuList.append(add_menu_item("Edit/Plugin/Frida Link/", "Step Into Breakpoint",    "SHIFT+CTRL+I", 0, handler.handleDebugStepInto, ()))
	g_MenuList.append(add_menu_item("Edit/Plugin/Frida Link/", "Release Breakpoint",      "SHIFT+CTRL+R", 0, handler.handleDebugContinue, ()))
	add_menu_item(					"Edit/Plugin/Frida Link/", "-",                       None,           0, handler.doNothing, ())
	g_MenuList.append(add_menu_item("Edit/Plugin/Frida Link/", "Show Target Log",         None,           0, handler.showTargetLog, ()))
	g_MenuList.append(add_menu_item("Edit/Plugin/Frida Link/", "Show FRAPL Log",          "SHIFT+CTRL+L", 0, handler.showFraplLog, ()))
	g_MenuList.append(add_menu_item("Edit/Plugin/Frida Link/", "Show Address Converter",  "SHIFT+CTRL+A", 0, handler.showAddressConverter, ()))
	g_MenuList.append(add_menu_item("Edit/Plugin/Frida Link/", "Show Module List",        None,           0, handler.showModuleList, ()))
	g_MenuList.append(add_menu_item("Edit/Plugin/Frida Link/", "Show Memory Manager",     "SHIFT+CTRL+M", 0, handler.showMemoryManager, ()))
	g_MenuList.append(add_menu_item("Edit/Plugin/Frida Link/", "Show Arbitrary Hooks",    None,           0, handler.showArbitraryHooks, ()))
	g_MenuList.append(add_menu_item("Edit/Plugin/Frida Link/", "Show Replaced Funcs",     None,           0, handler.showReplacedFuncs, ()))
	g_MenuList.append(add_menu_item("Edit/Plugin/Frida Link/", "Show Import Hooks",       "SHIFT+CTRL+S", 0, handler.showImportHooks, ()))
	g_MenuList.append(add_menu_item("Edit/Plugin/Frida Link/", "Show IDB Hooks",          None,           0, handler.showDatabaseHooks, ()))
	add_menu_item(					"Edit/Plugin/Frida Link/", "-",                       None,           0, handler.doNothing, ())
	g_MenuList.append(add_menu_item("Edit/Plugin/Frida Link/", "Execute Frida Script",    "SHIFT+CTRL+E", 0, handler.showExecScriptDlg, ()))
	g_MenuList.append(add_menu_item("Edit/Plugin/Frida Link/", "Fetch Target Modules",    None,           0, handler.requestModules, ()))
	g_MenuList.append(add_menu_item("Edit/Plugin/Frida Link/", "Load Module",             None,           0, handler.loadModule, ()))
	add_menu_item(					"Edit/Plugin/Frida Link/", "-",                       None,           0, handler.doNothing, ())
	g_MenuList.append(add_menu_item("Edit/Plugin/Frida Link/", "Save Project",            None,           0, handler.saveProject, ()))
	g_MenuList.append(add_menu_item("Edit/Plugin/Frida Link/", "Load Project",            None,           0, handler.loadProject, ()))

建立用户菜单(对应  idaapi.IDA_SDK_VERSION==700 !

    def init(self):
        global initialized

        if initialized == False:
            initialized = True
            if idaapi.IDA_SDK_VERSION <= 695 and idaapi.IDA_SDK_VERSION >= 680:
                menu = idaapi.add_menu_item("Edit/x64dbgida/", "About", "", 0,
                                        self.about, None)
                idaapi.add_menu_item("Edit/x64dbgida/", "Export database", "",
                                     0, self.exportdb, None)
                idaapi.add_menu_item("Edit/x64dbgida/",
                                     "Import (uncompressed) database", "", 0,
                                     self.importdb, None)
            elif idaapi.IDA_SDK_VERSION < 680:
                idaapi.add_menu_item("File/Produce file/",
                                     "Export x64dbg database", "", 0,
                                     self.exportdb, None)
                idaapi.add_menu_item("File/Load file/",
                                     "Import x64dbg database", "", 0,
                                     self.importdb, None)

            if idaapi.IDA_SDK_VERSION >= 700:
                #populating action menus
                action_desc = idaapi.action_desc_t(
                    'my:aboutaction',  # The action name. This acts like an ID and must be unique
                    'About!',  # The action text.
                    AboutHandler(),  # The action handler.
                    '',  # Optional: the action shortcut
                    'About X64dbg ida',  # Optional: the action tooltip (available in menus/toolbar)
                    )  # Optional: the action icon (shows when in menus/toolbars) use numbers 1-255

                # Register the action
                idaapi.register_action(action_desc)
                idaapi.attach_action_to_menu(
                    'Edit/x64dbgida/',
                    'my:aboutaction',
                    idaapi.SETMENU_APP)

                action_desc = idaapi.action_desc_t(
                    'my:eksportaction',
                    'Export x64dbg database',
                    EksportHandler(),
                    '',
                    'Export x64dbg database',
                    )

                # Register the action
                idaapi.register_action(action_desc)
                idaapi.attach_action_to_menu(
                    'Edit/x64dbgida/',
                    'my:eksportaction',
                    idaapi.SETMENU_APP)

                action_desc = idaapi.action_desc_t(
                    'my:importaction',
                    'Import (uncompressed) database',
                    ImportHandler(),
                    '',
                    'Import (uncompressed) database',
                    )

                # Register the action
                idaapi.register_action(action_desc)
                idaapi.attach_action_to_menu(
                    'Edit/x64dbgida/',
                    'my:importaction',
                    idaapi.SETMENU_APP)

            else:
                pass

        return idaapi.PLUGIN_KEEP

 

kmsmg
关注
  • 1
    点赞
  • 1
    收藏
    觉得还不错? 一键收藏
  • 3
    评论
专栏目录
解决安装PythonIDA中找不到Python模块的问题
dvlinker的技术专栏
06-11 322
解决安装PythonIDA中找不到Python模块的问题
2021-10-08 网安实验-Reverse-IDA基础教程一
热门推荐
时光隧道
10-08 4万+
IDAPython直接在IDA里调用的话有两种办法: 第一种是在IDA上方的菜单File->script command 上图中右边用于输入脚本代码,下方是切换IDAIDAPython,我们需要切换为IDAPython,如下所示 然后输入打印hello的代码,点击run此时在IDA界面最下方就可以看到打印的消息了 当然这个窗口我们使可以所以移动、放大缩小的 为了后面分析方便,我们都排布成这个格式 第二种运行IDAPython的办法就是直接在输出窗口处输入,如下所示 输入后敲击回车即可运行
IDAPython基础教程一
Yale的博客
01-16 1万+
给出的文件名为rabbithole 首先使用file命令查看一下 可以看到是64位的可执行文件 接下来我们切换到win,使用IDApro载入,以此文件为样例,学习IDAPython的用法。 首先介绍下IDAPython的背景。 IDAPython创建于2004年。这是GergelyErdelyi和Ero Carrera的共同努力。他们的目标是结合强大的python与自动化分析的IDA的类C脚本...
IDA入门【二】IDA数据显示窗口
最新发布
小旺的博客
01-02 1996
这个选项使Strings窗口显示IDA自动创建或用户手动创建的已命名字符串数据项。在选中这个选项的同时禁用所有其他选项,IDA将不会自动扫描其他类型的字符串。
IDAPython函数入门
SXXYNHHXX的博客
12-30 519
当前地址获取使用:idc.here()函数,或者 idc.screen_ea()函数。1.1 IDA有三个比较重要的库:IDC,idautils,idaapi.当前选择地址的开始:idc.read_selection_start()当前选择地址的结束:idc.read_selection_end()最小地址可以使用:ida_ida.inf_get_min_ea()最大地址可以使用:ida_ida.inf_get_max_ea()如果判断地址是否存在,可以使用:idaapi.BADADDR。
ida python 插件编写
JackBoy的博客
11-02 1346
一.第一步 这个是抄的 天下代码一般抄,自己从零开始写并不会 源代码是这样(pyhexraysdeob.py),一个反混淆插件 import os import ida_idaapi import ida_loader import ida_kernwin import ida_hexrays my_dirname, _ = os.path.split(__file__) setattr(ida_hexrays, "MMAT_DEOB_MAP", getattr(ida_hexrays,
【经验】IDApython 脚本怎么使用反汇编的变量,以及获取反汇编地址上的值,附 IDA的output窗口被不小心关掉了的打开方式
qq_46106285的博客
10-04 2215
记录两个小问题:①变量:用光标或地址定位。特容易忘,但挺实用。②output窗口打开。
IDAPython 初学者指南
05-27
IDAPython 初学者指南 IDAPython 初学者指南 IDAPython 初学者指南
IDAPython手册中文翻译
01-03
IDAPython手册中文翻译涉及的内容涵盖了IDAPython从基础到高级应用的多个方面,其中包括IDAPython的起源背景、基本概念、常用模块、代码实例以及逆向工程的实践经验。该手册对于初学者来说是一个良好的学习资源,...
ida_python_scripts:ida python脚本
04-29
ida_python_scripts[IDA_comment][ida_function_rename]
idapython_docs.zip
04-23
idapython帮助文档,html格式
introduction to IDAPython.zip
12-29
IDAPython is an extension for IDA.welcome to download it and read.
如何写python脚本抓取数据并计算_如何用idapython脚本获取字符串窗口的数据并写入文件...
weixin_40000999的博客
12-09 411
问题:当ida的strings窗口中字符串数量过多时,想直接用右键菜单的copy功能把所有字符串拷贝到文本文件中时,ida会一直处于忙状态,无法正常工作。此时可用idapython脚本获取字符串窗口的数据并写入文件,脚本内容如下def GainStrWindow():op = strwinsetup_t()op.strtypes=ASCSTR_Cop.minlen = 4set_strlist_o...
IDA免安装版没有python执行功能
、抓不住的沙、、
04-14 7252
如果没有安装python环境,则直接安装一个python,重启IDA即可。 如果安装有多个python环境,比如Anaconda之类的,那么运行一下IDA目录下的idapyswitch.exe,并按操作选择设置一个指定的环境即可。
experiment : add menu item to IDA on idapython
谢绝留言与私信
06-28 1638
# idapython 's demo import idaapi def fnCallBack_MenuProcess(*args): print ">> fnCallBack_MenuProcess" print "Current Function Name = [%s]" % (GetFunctionName(ScreenEA())) prin
IDA7.0 SDK 创建菜单分隔线
Steven_programe_life的专栏
04-24 579
IDA7.0的菜单里添加一些菜单后,添加分隔不知怎么搞,研究半天终于搞明白了,这里记录一下,防止忘记。代码如下:static const action_desc_t atSeparater = ACTION_DESC_LITERAL(NULL, NULL, NULL, NULL, NULL, -1);register_action(atSeparater);attach_action_to_me...
[IDA Plugin] IDA插件收集
志伟入归未有时(兴业和家)
08-31 8633
英语好的,看这里:https://github.com/onethawt/idaplugins-list随着时间的推移,我将组织插件。如果您有任何其他优秀的插件,请提交PR。我想用相应的IDA版本标记每个插件,但是我需要很长时间才能测试。如果你能帮到那里,请做。如果一个插件只是一个没有描述或文档的源代码,我不会添加它。去做 添加更多插件 分类插件 插件 3DSX Loader:用于3DSX文...
IDAIDA-Python 学习笔记
skysys的研究小屋
12-26 1993
ida-python 中文教程
idapython常用api记录7.0
LoopherBear的博客
02-13 3733
2019-02-13 idapython常用api记录 以下代码片段可以在ida的output窗口中测试用,需要引入相关的模块即可。 import idaapi import idc import idautils 后续需要使用的程序代码指令 0017C24 CODE32 LOAD:00017C24 LOAD:00017C24 ; ==============...
使用IDAPython加速二进制分析
IDA7版本中,IDAPython已经被集成,使得用户能够利用Python的灵活性进行复杂任务。 **Walking the functions 7** 遍历函数是IDAPython的基本操作之一。可以使用`idc`模块中的`FirstFunc()`和`NextFunc()`函数来...
评论 3
添加红包

请填写红包祝福语或标题

红包个数最小为10个

红包金额最低5元

当前余额3.43前往充值 >
需支付:10.00
成就一亿技术人!
领取后你会自动成为博主和红包主的粉丝 规则
hope_wisdom
发出的红包
实付
使用余额支付
点击重新获取
扫码支付
钱包余额 0

抵扣说明:

1.余额是钱包充值的虚拟货币,按照1:1的比例进行支付金额的抵扣。
2.余额无法直接购买下载,可以购买VIP、付费专栏及课程。

余额充值