Python idc.CIC_ITEM Examples
The following are 22
code examples of idc.CIC_ITEM().
You can vote up the ones you like or vote down the ones you don't like,
and go to the original project or source file by following the links above each example.
You may also want to check out all available functions/classes of the module
idc
, or try the search function
.
.
Example #1
| Source File: casc_plugin.py From CASC with GNU General Public License v2.0 | 9 votes |
|
def signature_selected(self, item):
self.subsignatures_list.clear()
for ea, color in self.previous_colors:
idc.SetColor(ea, idc.CIC_ITEM, color)
self.previous_colors = []
self.match_label.setText("")
if item.parsed_signature is None:
pass
else:
if isinstance(item.parsed_signature, LdbSignature):
for i, subsig in enumerate(item.parsed_signature.subsignatures):
item2 = QtWidgets.QListWidgetItem("% 2d %s:%s" % (i, str(subsig.offset), subsig.clamav_signature))
item2.subsignature_name = "$subsig_%02x" % i
self.subsignatures_list.addItem(item2)
elif isinstance(item.parsed_signature, NdbSignature):
self.match_label.setText("No match")
print_console("Signature selected: %s" % item.text())
self.yara_scanner.scan(item.yara_rule)
Example #2
| Source File: TraceWidget.py From idasec with GNU Lesser General Public License v2.1 | 6 votes |
|
def heatmap_trace(self):
try:
index = self.traces_tab.currentIndex()
trace = self.core.traces[self.id_map[index]]
if self.heatmaped:
self.heatmap_button.setText("Heatmap")
color = lambda x: 0xffffff
else:
self.heatmap_button.setText("Heatmap undo")
self.heatmap_button.setFlat(True)
hit_map = trace.address_hit_count
color_map = self.compute_step_map(set(hit_map.values()))
print color_map
color = lambda x: color_map[hit_map[x]]
for inst in trace.instrs.values():
if idc.isCode(idc.GetFlags(inst.address)):
c = color(inst.address)
idc.SetColor(inst.address, idc.CIC_ITEM, c)
if not self.heatmaped:
self.heatmap_button.setFlat(False)
self.heatmaped = True
else:
self.heatmaped = False
except KeyError:
print "No trace found"
Example #3
| Source File: TraceWidget.py From idasec with GNU Lesser General Public License v2.1 | 6 votes |
|
def colorize_trace(self):
try:
index = self.traces_tab.currentIndex()
trace = self.core.traces[self.id_map[index]]
if self.colorized:
self.colorize_button.setText("Colorize trace")
color = 0xffffff
else:
self.colorize_button.setText("Uncolorize trace")
self.colorize_button.setFlat(True)
color = 0x98FF98
for inst in trace.instrs.values():
if idc.isCode(idc.GetFlags(inst.address)):
idc.SetColor(inst.address, idc.CIC_ITEM, color)
if not self.colorized:
self.colorize_button.setFlat(False)
self.colorized = True
else:
self.colorized = False
except KeyError:
print "No trace found"
Example #4
| Source File: casc_plugin.py From CASC with GNU General Public License v2.0 | 6 votes |
|
def subsignature_selected(self, item):
try:
match = self.matches[item.subsignature_name]
self.match_label.setText("Match: EA: 0x%08x Length: % 4d Bytes: %s" % \
(match["ea"], len(match["data"]), " ".join("%02x" % ord(x) for x in match["data"])))
idc.Jump(match["ea"])
for ea, color in self.previous_colors:
idc.SetColor(ea, idc.CIC_ITEM, color)
self.previous_colors = []
for ea in idautils.Heads(match["ea"], match["ea"] + len(match["data"])):
self.previous_colors.append((ea, idc.GetColor(ea, idc.CIC_ITEM)))
idc.SetColor(ea, idc.CIC_ITEM, SIGALYZER_COLOR_HIGHLIGHTED)
except KeyError:
self.match_label.setText("No match")
for ea, color in self.previous_colors:
idc.SetColor(ea, idc.CIC_ITEM, color)
self.previous_colors = []
except IndexError:
log.exception("While selecting subsignature")
Example #5
| Source File: color.py From idawilli with Apache License 2.0 | 6 votes |
|
def color_head(ea):
flags = ida_bytes.get_flags(ea)
if not ida_bytes.is_code(flags):
return
mnem = ida_ua.print_insn_mnem(ea)
if mnem == 'call':
logger.debug('call: 0x%x', ea)
idc.set_color(ea, idc.CIC_ITEM, CALL_COLOR)
elif mnem == 'xor':
if idc.get_operand_value(ea, 0) != idc.get_operand_value(ea, 1):
logger.debug('non-zero xor: 0x%x', ea)
idc.set_color(ea, idc.CIC_ITEM, ENCRYPT_COLOR)
elif mnem in ('sdit', 'sgdt', 'sldt', 'smsw', 'str', 'in', 'cpuid'):
logger.debug('anti-vm: 0x%x', ea)
idc.set_color(ea, idc.CIC_ITEM, ANTIANALYSIS_COLOR)
elif mnem == 'in':
if idc.get_operand_value(ea, 0) in ("3", "2D"):
logger.debug('anti-debug: 0x%x', ea)
idc.set_color(ea, idc.CIC_ITEM, ANTIANALYSIS_COLOR)
elif mnem in ('rdtsc', 'icebp'):
logger.debug('anti-debug: 0x%x', ea)
idc.set_color(ea, idc.CIC_ITEM, ANTIANALYSIS_COLOR)
Example #6
| Source File: casc_plugin.py From CASC with GNU General Public License v2.0 | 5 votes |
|
def saved(self):
for ea, color in self.previous_colors:
idc.SetColor(ea, idc.CIC_ITEM, SIGALYZER_COLOR_HIGHLIGHTED)
# Main Plug-in Form Class
#-------------------------------------------------------------------------------
Example #7
| Source File: casc_plugin.py From CASC with GNU General Public License v2.0 | 5 votes |
|
def saving(self):
for ea, color in self.previous_colors:
idc.SetColor(ea, idc.CIC_ITEM, color)
Example #8
| Source File: casc_plugin.py From CASC with GNU General Public License v2.0 | 5 votes |
|
def yara_match(self, strings):
if isinstance(self.signatures_list.currentItem().parsed_signature, LdbSignature):
self.matches = dict((x["identifier"], x) for x in strings)
else:
self.matches = {}
self.match_label.setText("Match: EA: 0x%08x Length: % 4d Bytes: %s" % \
(strings[0]["ea"], len(strings[0]["data"]), " ".join("%02x" % ord(x) for x in strings[0]["data"])))
idc.Jump(strings[0]["ea"])
for ea in idautils.Heads(strings[0]["ea"], strings[0]["ea"] + len(strings[0]["data"])):
self.previous_colors.append((ea, idc.GetColor(ea, idc.CIC_ITEM)))
idc.SetColor(ea, idc.CIC_ITEM, SIGALYZER_COLOR_HIGHLIGHTED)
Example #9
| Source File: ida.py From bap-ida-python with MIT License | 5 votes |
|
def set_color(addr, color):
idc.SetColor(addr, idc.CIC_ITEM, color)
Example #10
| Source File: calls.py From idataco with GNU General Public License v3.0 | 5 votes |
|
def removeMarkup(self, ea, force=False):
if ea in self._marked_up or force:
log.debug("Removing color")
idc.SetColor(ea, idc.CIC_FUNC, 0xffffff)
idc.SetColor(ea, idc.CIC_ITEM, 0xffffff)
idc.MakeComm(ea, "")
log.debug("Removing posterior lines")
i = 0
while idc.LineB(ea, i):
idc.DelExtLnB(ea, i)
i += 1
Example #11
| Source File: calls.py From idataco with GNU General Public License v3.0 | 5 votes |
|
def markupEa(self, markup_ea, colorFunc=True):
if markup_ea and markup_ea != idc.BADADDR:
func_color = self._func_color_picker.currentColor()
ea_color = self._color_picker.currentColor()
log.debug("Coloring instructions for 0x{:08x}".format(markup_ea))
idc.SetColor(markup_ea, idc.CIC_FUNC,
int("0x{:02x}{:02x}{:02x}".format(*func_color.getRgb()[:3][::-1]), 16))
if colorFunc:
idc.SetColor(markup_ea, idc.CIC_ITEM,
int("0x{:02x}{:02x}{:02x}".format(*ea_color.getRgb()[:3][::-1]), 16))
Example #12
| Source File: depgraph.py From miasm with GNU General Public License v2.0 | 5 votes |
|
def treat_element():
"Display an element"
global graphs, comments, sol_nb, settings, addr, ir_arch, ircfg
try:
graph = next(graphs)
except StopIteration:
comments = {}
print("Done: %d solutions" % (sol_nb))
return
sol_nb += 1
print("Get graph number %02d" % sol_nb)
filename = os.path.join(tempfile.gettempdir(), "solution_0x%08x_%02d.dot" % (addr, sol_nb))
print("Dump the graph to %s" % filename)
open(filename, "w").write(graph.graph.dot())
for node in graph.relevant_nodes:
try:
offset = ircfg.blocks[node.loc_key][node.line_nb].instr.offset
except IndexError:
print("Unable to highlight %s" % node)
continue
comments[offset] = comments.get(offset, []) + [node.element]
idc.set_color(offset, idc.CIC_ITEM, settings.color)
if graph.has_loop:
print('Graph has dependency loop: symbolic execution is inexact')
else:
print("Possible value: %s" % next(iter(viewvalues(graph.emul(ir_arch)))))
for offset, elements in viewitems(comments):
idc.set_cmt(offset, ", ".join(map(str, elements)), 0)
Example #13
| Source File: depgraph.py From miasm with GNU General Public License v2.0 | 5 votes |
|
def clean_lines():
"Remove previous comments"
global comments
for offset in comments:
idc.set_color(offset, idc.CIC_ITEM, 0xffffff)
idc.set_cmt(offset, "", 0)
comments = {}
Example #14
| Source File: line.py From Sark with MIT License | 5 votes |
|
def color(self, color):
"""Line Color in IDA View.
Set color to `None` to clear the color.
"""
if color is None:
color = 0xFFFFFFFF
idc.set_color(self.ea, idc.CIC_ITEM, color)
Example #15
| Source File: line.py From Sark with MIT License | 5 votes |
|
def color(self):
"""Line color in IDA View"""
color = idc.get_color(self.ea, idc.CIC_ITEM)
if color == 0xFFFFFFFF:
return None
return color
Example #16
| Source File: CryptoIdentifier.py From grap with MIT License | 5 votes |
|
def highlight_matches(self):
"""Highlight all the matches."""
for insts in self._matches_colors.values():
for ea, color in insts.items():
try:
set_color(ea, CIC_ITEM, ColorCore.rgb_to_bgr(color['new']))
except:
SetColor(ea, CIC_ITEM, ColorCore.rgb_to_bgr(color['new']))
Example #17
| Source File: CryptoIdentifier.py From grap with MIT License | 5 votes |
|
def add_match(self, match):
"""Associate a color to a match id.
Arguments:
match (Match): Match to add.
"""
match_id = match.get_match_id()
pattern_id = match.get_pattern_id()
insts = match.get_match()
for getid, node_list in insts.items():
if not node_list.empty():
# Add all match instructions.
for node in node_list:
if match_id not in self._matches_colors:
self._matches_colors[match_id] = {}
try:
c = get_color(node.info.address, CIC_ITEM)
except:
c = GetColor(node.info.address, CIC_ITEM)
self._matches_colors[match_id][node.info.address] = {
"new": self._patterns_colors[pattern_id],
"old": c
}
Example #18
| Source File: PatternGenerator.py From grap with MIT License | 5 votes |
|
def colorNode(self, node, color):
try:
set_color(node, CIC_ITEM, ColorCore.rgb_to_bgr(color))
except:
SetColor(node, CIC_ITEM, ColorCore.rgb_to_bgr(color))
Example #19
| Source File: generic_analysis.py From idasec with GNU Lesser General Public License v2.1 | 5 votes |
|
def highlight_dependency(self, enabled):
if self.results.has_formula():
color = 0xffffff if enabled else 0x98FF98
for addr in self.formula.get_addresses():
idc.SetColor(addr, idc.CIC_ITEM, color)
else:
print "woot ?"
self.actions[self.HIGHLIGHT_CODE] = (self.highlight_dependency, not enabled)
self.result_widget.action_selector_changed(self.HIGHLIGHT_CODE)
Example #20
| Source File: opaque_analysis.py From idasec with GNU Lesser General Public License v2.1 | 5 votes |
|
def highlight_dead(self, enabled):
opaque_map = {k: self.make_po_pair(k, v.alive_branch) for k, v in self.results.items()
if v.status == po_analysis_results.OPAQUE}
for addr, (good, dead) in opaque_map.items():
if not enabled: # Mark instructions
print "propagate dead branch:%x" % addr
self.propagate_dead_code(dead, opaque_map)
else:
for addr2 in self.marked_addresses.keys():
idc.SetColor(addr2, idc.CIC_ITEM, 0xffffff)
self.marked_addresses.clear()
self.actions[self.HIGHLIGHT_DEAD_BRANCHES] = (self.highlight_dead, not enabled)
self.result_widget.action_selector_changed(self.HIGHLIGHT_DEAD_BRANCHES)
Example #21
| Source File: static_opaque_analysis.py From idasec with GNU Lesser General Public License v2.1 | 5 votes |
|
def highlight_spurious(self, enabled):
print "Highlight spurious clicked !"
curr_fun = idaapi.get_func(idc.here()).startEA
cfg = self.functions_cfg[curr_fun]
color = 0xFFFFFF if enabled else 0x507cff
for bb in [x for x in cfg.values() if x.is_alive()]: # Iterate only alive basic blocks
for i, st in bb.instrs_status.items():
if st == Status.DEAD: # Instructions dead in alive basic blocks are spurious
idc.SetColor(i, idc.CIC_ITEM, color)
self.actions[HIGHLIGHT_SPURIOUS_CALCULUS] = (self.highlight_spurious, not enabled)
self.result_widget.action_selector_changed(HIGHLIGHT_SPURIOUS_CALCULUS)
Example #22
| Source File: static_opaque_analysis.py From idasec with GNU Lesser General Public License v2.1 | 5 votes |
|
def highlight_dead_code(self, enabled):
curr_fun = idaapi.get_func(idc.here()).startEA
cfg = self.functions_cfg[curr_fun]
# for cfg in self.functions_cfg.values():
for bb in cfg.values():
color = {Status.DEAD: 0x5754ff, Status.ALIVE: 0x98FF98, Status.UNKNOWN: 0xaa0071}[bb.status]
color = 0xFFFFFF if enabled else color
for i in bb:
idc.SetColor(i, idc.CIC_ITEM, color)
self.actions[HIGHLIGHT_DEAD_CODE] = (self.highlight_dead_code, not enabled)
self.result_widget.action_selector_changed(HIGHLIGHT_DEAD_CODE)
