Skip to content

Instantly share code, notes, and snippets.

Avatar

Hugo Porcher icecr4ck

41 followers · 7 following
View GitHub Profile
@icecr4ck
icecr4ck / idapython_ctree.md
Last active Jan 16, 2022
Notes on CTREE usage with IDAPython
View idapython_ctree.md

IDAPython CTREE

Important links

Description

The CTREE is built from the optimized microcode (maturity at CMAT_FINAL), it represents an AST-like tree with C statements and expressions. It can be printed as C code.

@icecr4ck
icecr4ck / decrypt_from_args_mc.py
Created Oct 9, 2019
Example of IDA Microcode script to parse the arguments of a call to a decryption function
View decrypt_from_args_mc.py
import idautils
import ida_range
import ida_hexrays as hr
class decryptor(hr.mop_visitor_t):
def visit_mop(self, op, type, is_target):
if op.t != hr.mop_f:
return 0
@icecr4ck
icecr4ck / plugin_ida.py
Last active Aug 9, 2021
IDAPython plugin template.
View plugin_ida.py
import idaapi
class ExamplePlugin(idaapi.plugin_t):
flags = idaapi.PLUGIN_DRAW
comment = "This plugin does nothing useful"
help = "No help is needed"
wanted_name = "Example"
wanted_hotkey = "Alt-F11"
def init(self):
@icecr4ck
icecr4ck / idapython_cheatsheet.md
Last active Jul 2, 2022
Cheatsheet for IDAPython
View idapython_cheatsheet.md
@icecr4ck
icecr4ck / bn_miasm_jitter.py
Created Jun 26, 2019
Using Miasm Jitter in Binary Ninja.
View bn_miasm_jitter.py
from binaryninja import *
from miasm.jitter.csts import PAGE_READ, PAGE_WRITE
from miasm.analysis.machine import Machine
def stop_sentinelle(jitter):
jitter.run = False
jitter.pc = 0
return True
def emulate(bv, addr):
@icecr4ck
icecr4ck / ida_mc_notes.md
Last active Jun 1, 2022
Some notes about the IDA Microcode (intermediate language).
View ida_mc_notes.md
@icecr4ck
icecr4ck / binja_ui_template.py
Created Jun 12, 2019
Template for writing Binary Ninja UI plugins.
View binja_ui_template.py
import sys
from PySide2.QtWidgets import (QApplication, QDialog, QPushButton, QLabel, QHBoxLayout)
from PySide2.QtCore import Qt
from binaryninjaui import (UIAction, UIActionHandler, Menu)
class GreatUI(QDialog):
def __init__(self, parent=None):
super(GreatUI, self).__init__(parent)
self.setWindowModality(Qt.NonModal)
@icecr4ck
icecr4ck / disass_multiple.py
Created Jun 10, 2019
Disassemble at multiple offsets with Miasm
View disass_multiple.py
from miasm.analysis.binary import Container
from miasm.analysis.machine import Machine
from miasm.core.asmblock import AsmCFG
cont = Container.from_string("\xff\xe0\x89\xc0\x89\xd8\xeb\x05\x89\xc8\xeb\x01\x90\xc3")
bs = cont.bin_stream
machine = Machine("x86_32")
mn, dis_engine = machine.mn, machine.dis_engine
@icecr4ck
icecr4ck / get_ircfg.py
Created Jun 2, 2019
Basic script to extract intermediate representation CFG with Miasm (and apply simplifications)
View get_ircfg.py
import sys
from miasm.analysis.machine import Machine
from miasm.analysis.binary import Container
from miasm.analysis.simplifier import IRCFGSimplifierSSA, IRCFGSimplifierCommon
cont = Container.from_stream(open(sys.argv[1], 'rb'))
machine = Machine('x86_64')
mdis = machine.dis_engine(cont.bin_stream, loc_db=cont.loc_db)
@icecr4ck
icecr4ck / get_asmcfg.py
Last active Aug 9, 2021
Basic script to extract assembly CFG with Miasm
View get_asmcfg.py
import sys
from miasm.analysis.machine import Machine
from miasm.analysis.binary import Container
#def cb_example(cur_bloc, loc_db, offsets_to_dis, *args, **kwargs):
#if len(cur_bloc.lines) < 1:
#return
cont = Container.from_stream(open(sys.argv[1], 'rb'))