MayerDaniel/guidconvert.py

## guidconvert.py
import idaapi
import idautils
import idc
import struct

CONTEXT_MENU_PATH = 'GUIDConvert/'
ITEM_NAME = 'Convert GUID Bytes'

class GuidConverterActionHandler(idaapi.action_handler_t):
    def activate(self, ctx):
        # get screen ea only returns the beginning of the struct, so add 4
        # In reality this would have to be less naive
        address = idaapi.get_screen_ea() + 4
        guid_str = bytes_to_guid(address)
        if guid_str:
            print("GUID at address {:X}: {}".format(address, guid_str))
        else:
            print("Failed to convert GUID bytes at address {:X} to string.".format(address))
        return 1

    def update(self, ctx):
        return idaapi.AST_ENABLE_ALWAYS

def bytes_to_guid(offset):
    # Read 16 bytes from the specified offset
    guid_bytes = idc.get_bytes(offset, 16)
    if guid_bytes is None:
        print("Failed to read bytes at offset {:X}".format(offset))
        return None

    # convert the bytes into the human readable format
    # Take note of which ints are little endian!
    first = struct.unpack("<I", guid_bytes[:4])[0]
    second = struct.unpack("<H", guid_bytes[4:6])[0]
    third = struct.unpack("<H", guid_bytes[6:8])[0]
    fourth = struct.unpack(">H", guid_bytes[8:10])[0]
    fifth = ''.join('{:02x}'.format(x) for x in guid_bytes[10:])
    guid_string = f'{first:08x}-{second:04x}-{third:04x}-{fourth:04x}-{fifth}'
    #print(guid_string)
    return guid_string

class ContextHooks(idaapi.UI_Hooks):
    def finish_populating_widget_popup(self, form, popup):
        tft = idaapi.get_widget_type(form)
        if tft == idaapi.BWN_DISASM:
            action_convert_guid = idaapi.action_desc_t(
                None, ITEM_NAME, GuidConverterActionHandler()
            )
            idaapi.attach_dynamic_action_to_popup(
                form,
                popup,
                action_convert_guid,
                CONTEXT_MENU_PATH,
                idaapi.SETMENU_INS,
            )
        elif tft == idaapi.BWN_PSEUDOCODE:
            pass

hooks = ContextHooks()
hooks.hook()
	import idaapi
	import idautils
	import idc
	import struct

	CONTEXT_MENU_PATH = 'GUIDConvert/'
	ITEM_NAME = 'Convert GUID Bytes'

	class GuidConverterActionHandler(idaapi.action_handler_t):
	def activate(self, ctx):
	# get screen ea only returns the beginning of the struct, so add 4
	# In reality this would have to be less naive
	address = idaapi.get_screen_ea() + 4
	guid_str = bytes_to_guid(address)
	if guid_str:
	print("GUID at address {:X}: {}".format(address, guid_str))
	else:
	print("Failed to convert GUID bytes at address {:X} to string.".format(address))
	return 1

	def update(self, ctx):
	return idaapi.AST_ENABLE_ALWAYS

	def bytes_to_guid(offset):
	# Read 16 bytes from the specified offset
	guid_bytes = idc.get_bytes(offset, 16)
	if guid_bytes is None:
	print("Failed to read bytes at offset {:X}".format(offset))
	return None

	# convert the bytes into the human readable format
	# Take note of which ints are little endian!
	first = struct.unpack("<I", guid_bytes[:4])[0]
	second = struct.unpack("<H", guid_bytes[4:6])[0]
	third = struct.unpack("<H", guid_bytes[6:8])[0]
	fourth = struct.unpack(">H", guid_bytes[8:10])[0]
	fifth = ''.join('{:02x}'.format(x) for x in guid_bytes[10:])
	guid_string = f'{first:08x}-{second:04x}-{third:04x}-{fourth:04x}-{fifth}'
	#print(guid_string)
	return guid_string

	class ContextHooks(idaapi.UI_Hooks):
	def finish_populating_widget_popup(self, form, popup):
	tft = idaapi.get_widget_type(form)
	if tft == idaapi.BWN_DISASM:
	action_convert_guid = idaapi.action_desc_t(
	None, ITEM_NAME, GuidConverterActionHandler()
	)
	idaapi.attach_dynamic_action_to_popup(
	form,
	popup,
	action_convert_guid,
	CONTEXT_MENU_PATH,
	idaapi.SETMENU_INS,
	)
	elif tft == idaapi.BWN_PSEUDOCODE:
	pass

	hooks = ContextHooks()
	hooks.hook()