//-------------------------------------------------------------------------- void idaapi run(int) { if ( !hook_to_notification_point(HT_DBG, callback, NULL) ) { warning("Could not hook to notification point\n"); return; } if ( dbg == NULL ) load_debugger("win32", false); // Let's start the debugger if ( !run_to(inf.beginEA) ) { unhook_from_notification_point(HT_DBG, callback, NULL); } }
//-------------------------------------------------------------------------- // 0 - run uunp interactively // 1 - run without questions // 2 - run manual reconstruction void idaapi run(int arg) { if ( arg == 2 ) { area_t impdir = area_t(0, 0); ea_t oep; netnode n; // Settings never stored before? if ( n.create("$ uunp") ) { // Populate default values oep = get_screen_ea(); segment_t *s = getseg(oep); if ( s != NULL ) { oep_area.startEA = s->startEA; oep_area.endEA = s->endEA; } } else { // Restore previous settings oep = n.altval(0); oep_area.startEA = n.altval(1); oep_area.endEA = n.altval(2); impdir.startEA = n.altval(3); impdir.endEA = n.altval(4); } if ( !AskUsingForm_c( "Reconstruction parameters\n" "\n" " <~O~riginal entrypoint:N:128:32::>\n" " <Code ~s~tart address:N:128:32::>\n" " <Code ~e~nd address :N:128:32::>\n" "\n" " <IAT s~t~art address:N:128:32::>\n" " <IAT e~n~d address:N:128:32::>\n" "\n", &oep, &oep_area.startEA, &oep_area.endEA, &impdir.startEA, &impdir.endEA) ) { // Cancelled? return; } // Invalid settings? if ( impdir.startEA == 0 || impdir.endEA == 0 ) { msg("Invalid import address table boundaries"); return; } // Store settings n.altset(0, oep); n.altset(1, oep_area.startEA); n.altset(2, oep_area.endEA); n.altset(3, impdir.startEA); n.altset(4, impdir.endEA); if ( !create_impdir(impdir) ) return; // reanalyze the unpacked code do_unknown_range(oep_area.startEA, oep_area.size(), DOUNK_EXPAND); auto_make_code(oep); noUsed(oep_area.startEA, oep_area.endEA); auto_mark_range(oep_area.startEA, oep_area.endEA, AU_FINAL); // mark the program's entry point move_entry(oep); take_memory_snapshot(true); return; } // Determine the original entry point area for ( segment_t *s = get_first_seg(); s != NULL; s=get_next_seg(s->startEA) ) { if ( s->type != SEG_GRP ) { oep_area = *s; break; } } if ( arg == 0 && askyn_c(0, "HIDECANCEL\n" "AUTOHIDE REGISTRY\n" "Universal PE unpacker\n" "\n" "IMPORTANT INFORMATION, PLEASE READ CAREFULLY!\n" "\n" "This plugin will start the program execution and try to suspend it\n" "as soon as the packer finishes its work. Since there might be many\n" "variations in packers and packing methods, the execution might go out\n" "of control. There are many ways how things can go wrong, but since you\n" "have the source code of this plugin, you can modify it as you wish.\n" "\n" "Do you really want to launch the program?\n") <= 0 ) { return; } success = false; set_file_ext(resfile, sizeof(resfile), database_idb, "res"); if ( arg == 0 && !AskUsingForm_c( "Uunp parameters\n" "IDA will suspend the program when the execution reaches\n" "the original entry point area. The default values are in\n" "this dialog box. Please verify them and correct if you wish.\n" "\n" "ORIGINAL ENTRY POINT AREA\n" " <~S~tart address:N:128:32::>\n" " <~E~nd address :N:128:32::>\n" "\n" "OUTPUT RESOURCE FILE NAME\n" " <~R~esource file:A:256:32::>\n" "\n", &oep_area.startEA, &oep_area.endEA, resfile) ) { return; } if ( !hook_to_notification_point(HT_DBG, callback, NULL) ) { warning("Could not hook to notification point\n"); return; } if ( dbg == NULL ) load_debugger("win32", false); // Let's start the debugger if ( !run_to(inf.beginEA) ) { warning("Sorry, could not start the process"); unhook_from_notification_point(HT_DBG, callback, NULL); } }
void Mssm<Two_scale>::calculate_spectrum() { run_to(maximum(displayMsusy(), MZ)); physical(3); runto(displayMz()); }