Skip to content

Instantly share code, notes, and snippets.

@trietptm
Created August 23, 2015 15:05
Show Gist options
  • Save trietptm/a88c255a6208974bb110 to your computer and use it in GitHub Desktop.
Save trietptm/a88c255a6208974bb110 to your computer and use it in GitHub Desktop.
'''
********************************************************************************
Name: HighlightMnemsAndLocs.py
Author: case b <[email protected]>
Version: 1
[Description]
This script can be run from IDA's 'Script File' menu item or included in
idapythonrc.py. When run it will add or remove a menu item under
'Edit->Other->Highlight Special Lines' with a hot key of alt-h.
This script will highlight lines that contain jumps, calls and calls to
user named locations with special prefixes. Highlights will need to be
reapplied if changes to location names occur and you would like the highlighting
to reflect this. This involves hitting Alt-h twice.
[Notes]
Prefix matching compares the prefix of the location with those in
self.__CONFIG['locs']*['Prefix'] and dumbly iterates over them. This means if
you have a prefix of 'pre' before a prefix of 'prepre' in the configuration,
the color of 'pre' will be applied to a location with the name of 'prepreLoc'
and not the color of 'prepre'.
To have this script run at startup, place lines like the following in your
idapythonrc.py file:
from HighlightMnemsAndLocs import Highlighter
hl = Highlighter(); hl.Run()
This script has only been tested in IDA 6.3 on MacOS. YMMV.
Happy hunting. If you have any questions, comments, rants, etc. please send
them my way.
********************************************************************************
'''
import idaapi, idc, idautils
class Highlighter( object):
'''Highlights lines with jumps or calls and applies special highlighting to
calls with specially named locations.
'''
def __init__( self):
self.__ERRORS = {
'SUCCESS' : 0, # Everything's great
}
self.__CONFIG = {
'HIGHLIGHT_CALLS' : True,
'HIGHLIGHT_LOCS' : True,
'HIGHLIGHT_JUMPS' : True,
'calls' : {
'Mnems': ['call'],
'Color': 0xFF222244
},
'jumps' : {
'Mnems': ['jo','jno','js','jns','je','jz','jne','jnz','jb','jnae','jc',\
'jnb','jae','jnc','jbe','jna','ja','jnbe','jl','jnge','jge',\
'jnl','jle','jng','jg','jpe','jnp','jpo','jcxz','jecxz'],
'Color' : 0xFF442222
},
'locs' : [
{
'Prefix' : '____?',
'Color': 0xFFDD6644
},
{
'Prefix' : '__?',
'Color': 0xFFCC5544
},
{
'Prefix' : '_?',
'Color': 0xFF994422
}
]
}
self.__HighLighted = False
def DoHighLight( self, resetColors = False):
from idautils import * # Ensure imports since we may been started from idapythonrc.py
from idc import *
for segment in Segments():
for head in Heads( segment, SegEnd( segment)):
if isCode( GetFlags( head)):
mnemonic = GetMnem( head)
if self.__CONFIG['HIGHLIGHT_CALLS'] and mnemonic in self.__CONFIG['calls']['Mnems']:
op = GetOpnd( head, 0)
opEA = LocByName( op)
of = GetFlags( opEA)
if resetColors:
SetColor( head, CIC_ITEM, 0xFFFFFF)
elif self.__CONFIG['HIGHLIGHT_LOCS'] and hasUserName( of):
for locs in self.__CONFIG['locs']:
if op.startswith( locs['Prefix']):
if resetColors:
SetColor( head, CIC_ITEM, 0xFFFFFF)
else:
SetColor( head, CIC_ITEM, locs['Color'])
break
else:
SetColor( head, CIC_ITEM, self.__CONFIG['calls']['Color'])
elif self.__CONFIG['HIGHLIGHT_JUMPS'] and mnemonic in self.__CONFIG['jumps']['Mnems']:
if resetColors:
SetColor( head, CIC_ITEM, 0xFFFFFF)
else:
SetColor( head, CIC_ITEM, self.__CONFIG['jumps']['Color'])
def MenuItemSelected( self):
if self.__HighLighted:
self.DoHighLight( True)
else:
self.DoHighLight()
self.__HighLighted = not self.__HighLighted
def AddMenuItemAndKey( self):
return idaapi.add_menu_item( "Edit/Other/", "Highlight Special Lines", \
'Alt-h', 0, self.MenuItemSelected, tuple())
def RemoveMenuItemAndKey( self, menuItem):
idaapi.del_menu_item( menuItem)
del menuItem
def Run( self):
global HighlighterSet
try:
HighlighterSet
self.RemoveMenuItemAndKey( HighlighterSet)
del HighlighterSet
except:
HighlighterSet = self.AddMenuItemAndKey()
return self.__ERRORS['SUCCESS']
if __name__ == "__main__":
script = Highlighter()
script.Run()
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment