From 5ceed68a50b264a5f4de2a747b7fbe2eb1a3cd50 Mon Sep 17 00:00:00 2001 From: dude719 Date: Tue, 7 Nov 2017 01:55:06 -0400 Subject: [PATCH] Options fix + cleanup --- SigMaker/Generate.cpp | 11 ++--- SigMaker/Main.cpp | 94 ++++++++++++++++++++++++------------------- SigMaker/Misc.h | 11 +++-- 3 files changed, 63 insertions(+), 53 deletions(-) diff --git a/SigMaker/Generate.cpp b/SigMaker/Generate.cpp index 07d0590..0ef7818 100644 --- a/SigMaker/Generate.cpp +++ b/SigMaker/Generate.cpp @@ -102,7 +102,7 @@ bool AutoGenerate( qSigVector& refvecSig, ea_t dwAddress ) if (get_func_num( dwAddress ) != -1) // this just a check to see if the function is valid code { - sAutoSig_t TargetLocation; + AutoSig_t TargetLocation; TargetLocation.dwStartAddress = TargetLocation.dwCurrentAddress = dwAddress; TargetLocation.iOpCount = 0; TargetLocation.eType = PT_DIRECT; @@ -124,7 +124,7 @@ bool AutoGenerate( qSigVector& refvecSig, ea_t dwAddress ) if (dwCurrent == dwAddress) continue; - sAutoSig_t TargetLocation; + AutoSig_t TargetLocation; TargetLocation.dwStartAddress = TargetLocation.dwCurrentAddress = dwCurrent; TargetLocation.iOpCount = 0; TargetLocation.eType = PT_REFERENCE; @@ -166,8 +166,7 @@ bool AutoGenerate( qSigVector& refvecSig, ea_t dwAddress ) if (dwCurrent == dwAddress) continue; - sAutoSig_t TargetLocation; - + AutoSig_t TargetLocation; TargetLocation.dwStartAddress = pFunc->start_ea; TargetLocation.dwCurrentAddress = dwCurrent; TargetLocation.iOpCount = 0; @@ -177,8 +176,10 @@ bool AutoGenerate( qSigVector& refvecSig, ea_t dwAddress ) nTotalCount++; if (Settings.iMaxRefCount > 0) + { if (nTotalCount >= Settings.iMaxRefCount) break; + } } } else @@ -244,7 +245,7 @@ bool AutoGenerate( qSigVector& refvecSig, ea_t dwAddress ) { if (Settings.iLogLevel >= 3) { - msg( "[%x] Signature %s is viable candidate for final evaluation.", (*i).dwStartAddress, (*i).strSig.c_str( ) ); + msg( "[%x] Signature %s is viable candidate for final evaluation.\n", (*i).dwStartAddress, (*i).strSig.c_str( ) ); } refvecSig.push_back( (*i) ); } diff --git a/SigMaker/Main.cpp b/SigMaker/Main.cpp index 56bbeda..d3902e3 100644 --- a/SigMaker/Main.cpp +++ b/SigMaker/Main.cpp @@ -3,66 +3,77 @@ void ShowOptions( void ) { - char szBuffer[MAXSTR]; - qsnprintf( szBuffer, MAXSTR - 1, "%i", Settings.iMaxRefCount ); + char szBuffer[MAXSTR] = ""; + ushort selectionType, keepUnsafeData, logLevel; - int iResult = ask_form( - "Options\n" - "<##choose the best sig from total length:R>\n" // 0 - "<##choose the best sig from the amount of opcodes:R>\n" // 1 - "<##choose the best sig by the smallest amount of wildcards:R>>\n\n" // 2 - "\n" - "<##add only relilable data to sigs(choose if unsure):R>\n" // 0 - "<##include unsafe data in sigs(may produce better results):R>>\n\n" // 1 - "<##disable logging:R>\n" // 0 - "<##log results:R>\n" // 1 - "<##log errors and results:R>\n" // 2 - "<##log errors, results and interim steps of all proceedures:R>>\n\n" // 3 - , &Settings.iSelectionType, szBuffer, &Settings.iKeepUnsafeData, &Settings.iLogLevel ); + _itoa_s( Settings.iMaxRefCount, szBuffer, MAXSTR, 10 ); + selectionType = (ushort)Settings.iSelectionType; + keepUnsafeData = (ushort)Settings.iKeepUnsafeData; + logLevel = (ushort)Settings.iLogLevel; - qsscanf( szBuffer, "%i", &Settings.iMaxRefCount ); + int iResult = ask_form( + "Options\n" + "<#Choose the best sig from total length:R>\n" // 0 + "<#Choose the best sig from the amount of opcodes:R>\n" // 1 + "<#Choose the best sig by the smallest amount of wildcards:R>>\n" // 2 + "\n" + "<#Add only relilable data to sigs(choose if unsure):R>\n" // 0 + "<#Include unsafe data in sigs(may produce better results):R>>\n" // 1 + "<#Disable logging:R>\n" // 0 + "<#Log results:R>\n" // 1 + "<#Log errors and results:R>\n" // 2 + "<#Log errors, results and interim steps of all proceedures:R>>\n" // 3 + , &selectionType, szBuffer, &keepUnsafeData, &logLevel ); - Settings.Save( "sigmaker.ini" ); + if (iResult > 0) + { + qsscanf( szBuffer, "%i", &Settings.iMaxRefCount ); + Settings.iSelectionType = selectionType; + Settings.iKeepUnsafeData = keepUnsafeData; + Settings.iLogLevel = logLevel; + Settings.Save( "sigmaker.ini" ); + } } bool idaapi run( size_t /*arg*/ ) { int iAction = 0; + int iResult = ask_form( "What do you want to do?\n" - "<##create ida pattern from selection:R>\n" // 0 - "<##create code pattern from selection:R>\n" // 1 - "<##create crc32 pattern from selection:R>\n" // 2 - "<##auto create ida pattern:R>\n" // 3 - "<##auto create code pattern:R>\n" // 4 - "<##auto create crc32 pattern:R>\n" // 5 - "<##test ida pattern:R>\n" // 6 - "<##test code pattern:R>\n" // 7 - "<##convert a sig:R>\n" // 8 - "<##configure the plugin:R>>\n\n", // 9 - &iAction ); + "<#Auto create ida pattern:R>\n" // 0 + "<#Auto create code pattern:R>\n" // 1 + "<#Auto create crc32 pattern:R>\n" // 2 + "<#Create ida pattern from selection:R>\n" // 3 + "<#Create code pattern from selection:R>\n" // 4 + "<#Create crc32 pattern from selection:R>\n" // 5 + "<#Test ida pattern:R>\n" // 6 + "<#Test code pattern:R>\n" // 7 + "<#Convert a sig:R>\n" // 8 + "<#Configure the plugin:R>>\n\n" // 9 + , &iAction ); if (iResult > 0) { switch (iAction) { - case 0: - CreateSig( SIG_IDA ); + case 0: + GenerateSig( SIG_IDA ); break; - case 1: - CreateSig( SIG_CODE ); + case 1: + GenerateSig( SIG_CODE ); break; - case 2: - CreateSig( SIG_CRC ); + case 2: + GenerateSig( SIG_CRC ); break; case 3: - GenerateSig( SIG_IDA ); + CreateSig( SIG_IDA ); break; case 4: - GenerateSig( SIG_CODE ); + CreateSig( SIG_CODE ); break; case 5: - GenerateSig( SIG_CRC ); + CreateSig( SIG_CRC ); break; case 6: ShowSearchWindow( ); @@ -82,7 +93,7 @@ bool idaapi run( size_t /*arg*/ ) return true; } -int __stdcall init( void ) +int idaapi init( void ) { if (inf.filetype != f_PE) return PLUGIN_SKIP; @@ -93,15 +104,14 @@ int __stdcall init( void ) return PLUGIN_OK; } -plugin_t PLUGIN = -{ +plugin_t PLUGIN = { IDP_INTERFACE_VERSION, PLUGIN_KEEP, init, NULL, run, - "creates a sigs", + "Creates a unique signature", "SigMaker plugin\n", "SigMaker", - "Ctrl-Alt-S"// Alt-F11 + "Ctrl-Alt-S" // Alt-F11 }; \ No newline at end of file diff --git a/SigMaker/Misc.h b/SigMaker/Misc.h index 44b9c06..722c758 100644 --- a/SigMaker/Misc.h +++ b/SigMaker/Misc.h @@ -10,16 +10,15 @@ enum ePatternType { PT_REFERENCE }; -typedef struct { +struct AutoSig_t { qstring strSig; ea_t dwStartAddress; ea_t dwCurrentAddress; int iHitCount; unsigned int iOpCount; ePatternType eType; -} sAutoSig_t; - -typedef qvector qSigVector; +}; +typedef qvector qSigVector; typedef enum { @@ -28,7 +27,7 @@ typedef enum { SIG_CRC, } SigType; -typedef struct { +struct Settings_t { int iSelectionType; unsigned int iMaxRefCount; int iKeepUnsafeData; @@ -37,7 +36,7 @@ typedef struct { void Init( void ); void Save( const char* pszFileName ); void Load( const char* pszFileName ); -} Settings_t; +}; extern Settings_t Settings;