我们从Python开源项目中,提取了以下14个代码示例,用于说明如何使用idc.SetColor()。
def color_head(ea): flags = idc.GetFlags(ea) if not idc.isCode(flags): return mnem = idc.GetMnem(ea) if mnem == 'call': logger.debug('call: 0x%x', ea) idc.SetColor(ea, idc.CIC_ITEM, CALL_COLOR) elif mnem == 'xor': if idc.GetOpnd(ea, 0) != idc.GetOpnd(ea, 1): logger.debug('non-zero xor: 0x%x', ea) idc.SetColor(ea, idc.CIC_ITEM, ENCRYPT_COLOR) elif mnem in ('sdit', 'sgdt', 'sldt', 'smsw', 'str', 'in', 'cpuid'): logger.debug('anti-vm: 0x%x', ea) idc.SetColor(ea, idc.CIC_ITEM, ANTIANALYSIS_COLOR) elif mnem == 'in': if idc.GetOpnd(ea, 0) in ("3", "2D"): logger.debug('anti-debug: 0x%x', ea) idc.SetColor(ea, idc.CIC_ITEM, ANTIANALYSIS_COLOR) elif mnem in ('rdtsc', 'icebp'): logger.debug('anti-debug: 0x%x', ea) idc.SetColor(ea, idc.CIC_ITEM, ANTIANALYSIS_COLOR)
def wrap(f): def wrapper(*a, **kw): try: rv = [] def work(): rv.append(f(*a,**kw)) with mutex: flags = idaapi.MFF_WRITE if f == idc.SetColor: flags |= idaapi.MFF_NOWAIT rv.append(None) idaapi.execute_sync(work, flags) print(f, a, kw) print(f(*a, **kw)) print(rv) if len(rv) > 0: return rv[0] return '' except: import traceback traceback.print_exc() raise return wrapper
def heatmap_trace(self): try: index = self.traces_tab.currentIndex() trace = self.core.traces[self.id_map[index]] if self.heatmaped: self.heatmap_button.setText("Heatmap") color = lambda x: 0xffffff else: self.heatmap_button.setText("Heatmap undo") self.heatmap_button.setFlat(True) hit_map = trace.address_hit_count color_map = self.compute_step_map(set(hit_map.values())) print color_map color = lambda x: color_map[hit_map[x]] for inst in trace.instrs.values(): if idc.isCode(idc.GetFlags(inst.address)): c = color(inst.address) idc.SetColor(inst.address, idc.CIC_ITEM, c) if not self.heatmaped: self.heatmap_button.setFlat(False) self.heatmaped = True else: self.heatmaped = False except KeyError: print "No trace found"
def set_color(addr, color): idc.SetColor(addr, idc.CIC_ITEM, color)
def MySetColor(ea, rgb_color): """ Set RGB color of one instruction or data at ea. """ # SetColor does not return success or failure idc.SetColor(ea, idc.CIC_ITEM, rgb_to_bgr_color(rgb_color))
def highlight_dependency(self, enabled): if self.results.has_formula(): color = 0xffffff if enabled else 0x98FF98 for addr in self.formula.get_addresses(): idc.SetColor(addr, idc.CIC_ITEM, color) else: print "woot ?" self.actions[self.HIGHLIGHT_CODE] = (self.highlight_dependency, not enabled) self.result_widget.action_selector_changed(self.HIGHLIGHT_CODE)
def highlight_dead_code(self, enabled): curr_fun = idaapi.get_func(idc.here()).startEA cfg = self.functions_cfg[curr_fun] # for cfg in self.functions_cfg.values(): for bb in cfg.values(): color = {Status.DEAD: 0x5754ff, Status.ALIVE: 0x98FF98, Status.UNKNOWN: 0xaa0071}[bb.status] color = 0xFFFFFF if enabled else color for i in bb: idc.SetColor(i, idc.CIC_ITEM, color) self.actions[HIGHLIGHT_DEAD_CODE] = (self.highlight_dead_code, not enabled) self.result_widget.action_selector_changed(HIGHLIGHT_DEAD_CODE)
def highlight_spurious(self, enabled): print "Highlight spurious clicked !" curr_fun = idaapi.get_func(idc.here()).startEA cfg = self.functions_cfg[curr_fun] color = 0xFFFFFF if enabled else 0x507cff for bb in [x for x in cfg.values() if x.is_alive()]: # Iterate only alive basic blocks for i, st in bb.instrs_status.items(): if st == Status.DEAD: # Instructions dead in alive basic blocks are spurious idc.SetColor(i, idc.CIC_ITEM, color) self.actions[HIGHLIGHT_SPURIOUS_CALCULUS] = (self.highlight_spurious, not enabled) self.result_widget.action_selector_changed(HIGHLIGHT_SPURIOUS_CALCULUS)
def highlight_dead(self, enabled): opaque_map = {k: self.make_po_pair(k, v.alive_branch) for k, v in self.results.items() if v.status == po_analysis_results.OPAQUE} for addr, (good, dead) in opaque_map.items(): if not enabled: # Mark instructions print "propagate dead branch:%x" % addr self.propagate_dead_code(dead, opaque_map) else: for addr2 in self.marked_addresses.keys(): idc.SetColor(addr2, idc.CIC_ITEM, 0xffffff) self.marked_addresses.clear() self.actions[self.HIGHLIGHT_DEAD_BRANCHES] = (self.highlight_dead, not enabled) self.result_widget.action_selector_changed(self.HIGHLIGHT_DEAD_BRANCHES)
def propagate_dead_code(self, ea, op_map): prevs = [x for x in idautils.CodeRefsTo(ea, True) if x not in self.marked_addresses and not self.dead_br_of_op(ea, x, op_map)] if prevs: # IF there is no legit predecessors idc.SetColor(ea, idc.CIC_ITEM, 0x0000ff) self.marked_addresses[ea] = None succs = [x for x in idautils.CodeRefsFrom(ea, True)] for succ in succs: self.propagate_dead_code(succ, op_map) else: return
def callFromConfig(self, dbPath): print sqlite3 for ea in self._dbDict.keys(): self._RmComm(ea) # idc.SetColor(ea,self.CIC_ID,self.IDA_LF_COLOR_ORIGIN) global _g_IsFirstRun if (_g_IsFirstRun): _g_IsFirstRun = False self.LoadPersistData() print 'load color store finished' self.printUsage() self._declareMemberVars() self._ConstructDB(dbPath) self.DefaultView()
def _delComms(self, startAddr, endAddr): ####### global g_ColorSnapshot for ea in range(startAddr, endAddr+1): if ea in self._dbDict.keys(): self._RmComm(ea) if ea in g_ColorSnapshot.data: idc.SetColor(ea,self.CIC_ID, g_ColorSnapshot.data[ea]) self.colorsnapshot[ea] = g_ColorSnapshot.data[ea] else: idc.SetColor(ea,self.CIC_ID,self.IDA_LF_COLOR_ORIGIN) self.colorsnapshot[ea] = self.IDA_LF_COLOR_ORIGIN return
def LookUP(self, startEA, ea,id,color): global g_ColorSnapshot DEBUG_PRINT('LookUP') next_ea = ea next_id = id if True == self._dbDict[next_ea]._shown: (next_ea, next_id) = self.Get_previous_ea_id(next_ea, next_id,1) if next_ea == 0: # print "ERROR in LookUP" return 0 if 1 == color: COLOR_TAG = self.IDA_LF_COLOR_LOOP1 else: if 2 == color: COLOR_TAG = self.IDA_LF_COLOR_LOOP2 else: if 3 == color: COLOR_TAG = self.IDA_LF_COLOR_LOOP3 else: COLOR_TAG = self.IDA_LF_COLOR_TAG DEBUG_PRINT( 'color_tag 0x%x'%COLOR_TAG) while True: DEBUG_PRINT(( 'LookUP While True 0x%x %d' %(next_ea, next_id))) if True == self._dbDict[next_ea]._shown: DEBUG_PRINT( 'TruE 0x%x'%next_ea) DEBUG_PRINT( 'LookUp finished, tag the pre instructions blue') DEBUG_PRINT( 'min ea 0x%x'%(self.min_ea)) return 1 else: DEBUG_PRINT( 'paint color') self._ApdComm(next_ea, next_id) if next_ea in g_ColorSnapshot.data.keys(): DEBUG_PRINT( 'append color 0x%x'%next_ea) # g_ColorSnapshot.data[next_ea] = idapython.GetLineColor(next_ea) # g_ColorSnapshot.Save() idc.SetColor(next_ea,self.CIC_ID,g_ColorSnapshot.data[next_ea]) self.colorsnapshot[next_ea] = g_ColorSnapshot.data[next_ea] else: idc.SetColor(next_ea,self.CIC_ID,COLOR_TAG) self.colorsnapshot[next_ea]=COLOR_TAG if next_ea == startEA: DEBUG_PRINT( 'lookup reaches startEA 0x%x'%(startEA)) return 1 (next_ea, next_id) = self.Get_previous_ea_id(next_ea, next_id,1) if next_ea == 0: # print "ERROR in LookUP" return 0 next_idx = self._dbDict[next_ea]._idx_list[next_id][0] if(next_ea>self.max_ea): self.max_ea = next_ea if(next_ea<self.min_ea): self.min_ea = next_ea if next_idx > self.max_idx: self.max_idx = next_idx if next_idx < self.min_idx: self.min_idx = next_idx return 1
def LookDOWN(self, endEA, ea, id, color): DEBUG_PRINT( 'Lookdown') global g_ColorSnapshot next_ea = ea next_id = id if True == self._dbDict[next_ea]._shown: (next_ea, next_id) = self.Get_next_ea_id(next_ea, next_id,1) # print 'next _ea 0x%x'%next_ea if next_ea == 0: DEBUG_PRINT( "ERROR in LookDOWN, cannot find next index") #another possibility return 0 if 1 == color: COLOR_TAG = self.IDA_LF_COLOR_LOOP1 else: if 2 == color: COLOR_TAG = self.IDA_LF_COLOR_LOOP2 else: if 3 == color: COLOR_TAG = self.IDA_LF_COLOR_LOOP3 else: COLOR_TAG = self.IDA_LF_COLOR_TAG DEBUG_PRINT( 'color_tag 0x%x'%COLOR_TAG) while True: if True == self._dbDict[next_ea]._shown: DEBUG_PRINT('TruE 0x%x'%next_ea) DEBUG_PRINT( 'lookdown finished, tag the after instructions pink') DEBUG_PRINT( 'down max ea 0x%x'%(self.max_ea)) return 1 else: self._ApdComm(next_ea, next_id) if next_ea in g_ColorSnapshot.data.keys(): DEBUG_PRINT( 'append color 0x%x'%next_ea) # g_ColorSnapshot.data[next_ea] = idapython.GetLineColor(next_ea) # g_ColorSnapshot.Save() idc.SetColor(next_ea,self.CIC_ID,g_ColorSnapshot.data[next_ea]) self.colorsnapshot[next_ea] = g_ColorSnapshot.data[next_ea] else: idc.SetColor(next_ea,self.CIC_ID,COLOR_TAG) self.colorsnapshot[next_ea]=COLOR_TAG if next_ea == endEA: DEBUG_PRINT( 'end address ') return 1 # print 'next_ea: 0x%8X next_id %d'%(next_ea, next_id) (next_ea, next_id) = self.Get_next_ea_id(next_ea, next_id,1) if next_ea == 0: DEBUG_PRINT( 'end of function (may be a callout)') DEBUG_PRINT( 'max ea 0x%x'%self.max_ea) return 0 next_idx = self._dbDict[next_ea]._idx_list[next_id][0] if(next_ea>self.max_ea): self.max_ea = next_ea if(next_ea<self.min_ea): self.min_ea = next_ea if next_idx > self.max_idx: self.max_idx = next_idx if next_idx < self.min_idx: self.min_idx = next_idx return 1
