Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- import sys, re, struct
- import idaapi, idc
- def parseFile(filename):
- pattern = "eax=([0-9a-z]{8}) ebx=([0-9a-z]{8}) ecx=([0-9a-z]{8}) edx=([0-9a-z]{8}) esi=([0-9a-z]{8}) edi=([0-9a-z]{8})[^\n]*\neip=([0-9a-z]{8}) esp=([0-9a-z]{8}) ebp=([0-9a-z]{8})[^\n]*\n[^\n]*\n[^\n]*\n(.*)"
- pattern = re.compile(pattern)
- text = open(filename).read()
- matches = re.findall(pattern, text)
- ret = []
- for match in matches:
- eax, ebx, ecx, edx, esi, edi, eip, esp, ebp, last_line = match
- ret.append( {'eax':eax, 'ebx':ebx, 'ecx':ecx, 'edx':edx, 'esi':esi, 'edi':edi, 'esp':esp, 'ebp':ebp, 'last_line':last_line} )
- return ret
- def fillInGraph(matches):
- regs_pattern = '(eax|ebx|ecx|edx|esi|edi|esp|ebp)'
- regs_pattern = re.compile(regs_pattern)
- for match in matches:
- comment = []
- regs = re.findall(regs_pattern, match['last_line'])
- for reg in regs:
- comment.append( "%s=%s;" % (reg, match[reg]))
- last_line = match['last_line'].split()
- addr = int(last_line[0], 16)
- if len(last_line) > 4:
- if comment:
- comment.append('*'+last_line[-1].split(':')[-1])
- else:
- comment.append(last_line[-1].split(':')[-1])
- idc.SetColor(addr, CIC_ITEM, 0x7f0000) # blue
- if comment:
- idc.MakeComm(addr, '\n'.join(comment))
- class myplugin_t(idaapi.plugin_t):
- flags = idaapi.PLUGIN_UNL
- comment = "This is a comment"
- help = "This is help"
- wanted_name = "My Python plugin"
- wanted_hotkey = "Alt-F7"
- def init(self):
- idaapi.msg("плагин загрузился")
- return idaapi.PLUGIN_OK
- def run(self, arg):
- filename = idaapi.askfile_c(False, "*.*", "Pin log file");
- matches = parseFile(filename)
- fillInGraph(matches)
- def term(self):
- idaapi.msg("term() called!\n")
- def PLUGIN_ENTRY():
- try:
- return myplugin_t()
- except:
- print("Unexpected error:", sys.exc_info()[0])
- raise
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement
