//******************************************************************************* // // 函 数 名 : SetCallBreakPoint // 功能描述 : 在地址范围内下断点 // 参数列表 : pRunData -- RunData指针 // uFunctionStart -- 函数起始地址 // uFunctionEnd -- 函数结束地址 // 说 明 : 并没有对函数的正确性做检查 // 返回结果 : 成功返回TRUE,失败返回FALSE // //****************************************************************************** BOOL SetCallBreakPoint(PRunData pRunData, ulong uFunctionStart, ulong uFunctionEnd) { char szSrcDec[1024] = {0}; char szLine[1024] = {0}; char szName[TEXTLEN] = {0} ; t_disasm disasm = {0}; ulong uIndex = uFunctionStart ; ulong uSize = 0 ; ulong uInstructSize = 0 ; InitTreeHead(pRunData) ; // 保留函数起始地址 pRunData->pCurrentNode->dwFuncStart = uFunctionStart ; // 保留函数结束地址 pRunData->pCurrentNode->dwFuncEnd = uFunctionEnd ; for (; uIndex < uFunctionEnd; uIndex += uInstructSize) { uSize = Readcommand(uIndex, szLine) ; // 再判断是不是call // 反汇编二进制指令 uInstructSize = Disasm((uchar *)szLine, uSize, uIndex, (uchar *)szSrcDec, &disasm, DISASM_ALL, 0); if (StrStrI(disasm.result, "CALL") || StrStrI(disasm.result, "ret")) { // 是call直接下断点,方便日后api记录 if(0 == Setbreakpointext(uIndex,TY_ACTIVE,0,0)) { // 先判断断点是否存在,不存在的话丢进链表中去 if(FALSE == ListExist(&pRunData->BreakPointList, uIndex)) { pRunData->BreakPointList.push_back(uIndex) ; } } } } // 判断当前设的断点是不是在显示屏幕中,是的话刷新 ulong uBase = 0 ; Getdisassemblerrange(&uBase, &uSize) ; if (uFunctionStart >= uBase && uFunctionStart <= (uBase + uSize)) { Redrawdisassembler() ; } return TRUE ; }
//prompt user for name/label and push it out to the server void insert_name(t_dump *pd) { char buf [MAXSTR+128]; char text [MAXSTR+128]; if (connector->is_connected()) // && origin==PM_DISASM) --> do we need this? { Findname(pd->sel0,NM_LABEL,text); //get existing name if (-1 == Gettext("Enter "PLUGIN_NAME" label(name):", text, 0x00, NM_LABEL, FIXEDFONT)) return; //cancelled by user Insertname(pd->sel0, NM_LABEL, text); Redrawdisassembler(); sprintf(buf, "%d:::%08x:::%s", IDA_SYNC_COMMAND_NAME, pd->sel0, // our current selected address text); if (connector_push(buf)) Message(pd->sel0, "[*] "PLUGIN_NAME"> Successfully pushed name/label at address 0x%08x to server.", pd->sel0); }//if connected }
bool connector_pull (void) { int len; char buf [1024]; char data [1024]; int command; //ea_t address; ulong address; SOCKET connection; memset(buf, 0, sizeof(buf)); memset(data, 0, sizeof(data)); // grab the socket we wil be reading from. connection = connector->get_connection(); len = recv(connection, buf, sizeof(buf), 0); // connection closed. if (len == 0 || len == SOCKET_ERROR) { connector->cleanup(); //TODO: perhaps change to a MessageBox(): Message(0, "[!] "PLUGIN_NAME"> Socket read failed. Connection closed."); return false; } // null terminate the string. buf[len] = 0; // parse the inbound request. if we can't extract the correct fields, return. if (sscanf(buf, "%d:::%08x:::%1023[^\0]", &command, &address, data) != 3) return true; // // handle the received command appropriately // switch(command) { case IDA_SYNC_COMMAND_JUMPTO: Setdisasm(address, 0, 0); Redrawdisassembler(); break; case IDA_SYNC_COMMAND_NAME: Message(address, "[*] "PLUGIN_NAME"> Received new name (label) @%08x: %s", address, data); Insertname(address, NM_LABEL, data); Redrawdisassembler(); break; case IDA_SYNC_COMMAND_REG_COMMENT: case IDA_SYNC_COMMAND_REP_COMMENT: Message(address, "[*] "PLUGIN_NAME"> Received comment @%08x: %s", address, data); Insertname(address, NM_COMMENT, data); Redrawdisassembler(); break; default: Message(0, "[*] "PLUGIN_NAME"> Received unknown command code: %d, ignoring.", command); } // ping pong. let the server know we're alive? send(connection, "1", 1, 0); return true; }