插件框架
| 字段名 | 功能 |
|---|---|
| flags | 插件的状态 |
| comment | 描述信息 |
| help | 帮助信息 |
| wanted_name | 菜单中显示的名字 |
| wanted_hotkey | 希望注册的快捷键 |
class UnknowClass(idaapi.plugin_t):'''给插件接口,实例的类定义'''flags = idaapi.PLUGIN_KEEP # 插件的状态, 当前状态保持在Plugin菜单中comment = "XXX" # 描述信息help = "" # 帮助信息wanted_name = "XXX" # 菜单中显示的名字#wanted_hotkey = "Ctrl+Alt+Shift+F12" # 希望注册的快捷键wanted_hotkey = ""#_PREFIX_NAME = 'carveSelectedBytes'#_MIN_MAX_MATH_OPS_TO_ALLOW_RENAME = 11def __init__(self):'''构造基类,一般没实名操作,记得给Super第一个参数更正为 当前类的名称'''super(UnknowClass, self).__init__()self._data = Nonedef term(self):'''Destory函数, 同析构函数, 留待释放资源'''passdef init(self):'''进行初始化操作,可在此输出一些描述信息'''self.view = None# self._cfg = None# print("=" * 80)# print("carveSelectedBytes")# print(u"保存所选的 HexData 到文件")# print("=" * 80)return idaapi.PLUGIN_OKdef run(self, arg):'''每次运行插件时, 执行的具体操作功能代码在此编写'''passdef PLUGIN_ENTRY():'''插件入口,用于实例对象返回的就是插件的功能等'''return carveSelectedBytes()
增加菜单
#IDA7 定义 菜单的Handle, 其他版本直接传入函数均可class Kp_MC_Patcher(Kp_Menu_Context): //继承def activate(self, ctx):self.plugin.patcher()return 1
class Kp_Menu_Context(ida_kernwin.action_handler_t)| Method resolution order:| Kp_Menu_Context| ida_kernwin.action_handler_t| __builtin__.object|| Class methods defined here:|| activate(self, ctx) from __builtin__.type # 当菜单激活时 Handle处理函数|| get_label(self) from __builtin__.type|| get_name(self) from __builtin__.type # 获取Handle对象|| register(self, plugin, label) from __builtin__.type # 注册菜单|| unregister(self) from __builtin__.type| Unregister the action.| After unregistering the class cannot be used.|| update(self, ctx) from __builtin__.type
# 一般在插件主类的 Init 中 注册菜单if idaapi.IDA_SDK_VERSION >= 700:# Add menu IDA >= 7.0# attach_action_to_menu(menupath, name, flags) -> bool# 参数1: 要增加在哪个菜单路径下# 参数2: 继承重写的类对象# 参数3: 显示出来为 什么属性idaapi.attach_action_to_menu("Edit/Keypatch/Patcher", Kp_MC_Patcher.get_name(), idaapi.SETMENU_APP)else:# add Keypatch menu# IDA 7 以下menu = idaapi.add_menu_item("Edit/Keypatch/", "Patcher (Ctrl-Alt-K)", "", 1, self.patcher, None)if menu is not None:#add_menu_item(menupath, name, hotkey, flags, pyfunc, args) -> PyObject *# 菜单路径, 显示名称, 热键, 排序, 处理的Handle, 传入参数idaapi.add_menu_item("Edit/Keypatch/", "About", "", 1, self.about, None)elif idaapi.IDA_SDK_VERSION < 680:# older IDAPython (such as in IDAPro 6.6) does add new submenu.# in this case, put Keypatch menu in menu Edit \ Patch program# not sure about v6.7, so to be safe we just check against v6.8# 68以下 暂不关心idaapi.add_menu_item("Edit/Patch program/", "-", "", 0, self.menu_null, None)
弹出菜单
# 在插件Init函数中 注册弹出菜单# register popup menu handlerstry:# register(self, plugin, label) method of __builtin__.type instanceKp_MC_Patcher.register(self, "Patcher (Ctrl-Alt-K)")except:pass# setup popup menuself.hooks = Hooks()self.hooks.hook()# hooks for popup menuclass Hooks(idaapi.UI_Hooks): # 名为HOOKdef finish_populating_tform_popup(self, form, popup): #重写虚函数, popup 自传入# We'll add our action to all "IDA View-*"s.# If we wanted to add it only to "IDA View-A", we could# also discriminate on the widget's title:## if idaapi.get_tform_title(form) == "IDA View-A":# ...#if idaapi.get_tform_type(form) == idaapi.BWN_DISASM:try:# attach_action_to_popup(widget, popup_handle, name, popuppath=None, flags=0) -> bool# 目标窗口, 弹出处理Handle, 名称, 弹出菜单的位置idaapi.attach_action_to_popup(form, popup, Kp_MC_Patcher.get_name(), 'Keypatch/')except:pass
IDA 界面库
IDA7 支持了PyQt5
而IDA6 却只支持PySide
则需兼容代码
if idaapi.IDA_SDK_VERSION >= 700:from PyQt5.Qt import QApplicationelse:from PySide.QtGui import QApplication
若有收获,就点个赞吧
0 人点赞
