initial commit of BinaryNinja import script #205
Conversation
scripts/import-to-bn.py
Outdated
|
|
||
| def load_analysis(bv): | ||
| #not that I expect many files with multiple periods but why not | ||
| shortname = '.'.join(os.path.basename(bv.file.filename).split(".")[0:-1]) |
There was a problem hiding this comment.
or os.path.splitext https://docs.python.org/2/library/os.path.html#os.path.splitext
There was a problem hiding this comment.
Oh, that's a good suggestion, cleaner. Thanks.
scripts/import-to-bn.py
Outdated
| log_info("ok") | ||
|
|
||
|
|
||
| PluginCommand.register("Load CAPA file", "Loads an analysis file from capa", load_analysis) |
There was a problem hiding this comment.
nit: capa not CAPA since its not an acronym or anything.
|
|
||
| This script will verify that the report matches the workspace. | ||
| Check the log window for any errors, and/or the summary of changes. | ||
|
|
There was a problem hiding this comment.
would you like to add your handle here for recognition?
There was a problem hiding this comment.
Sure, thanks. Will amend.
|
this is ready to merge. @psifertex if you want to add your handle, please do! let me know when i should press "merge". |
| Derived from: https://github.com/fireeye/capa/blob/master/scripts/import-to-ida.py | ||
| """ | ||
| import json | ||
| import os |
There was a problem hiding this comment.
style: order by line length, so use this:
import os
import json
|
I'm bad at GH PR modification so I"m just closing this and re-submitting with the requested changes. :-) |
What is the problem exactly? Maybe we can help 😉 |
|
I was under the impression that merely pushing to my fork and would update the PR but that didn't appear to be the case? I started to create a PR and saw it was just going to make a fresh one in addition to the prior one. Maybe I should have ignored it and continued the process? |
That should be exactly the case. In fact, this PR has exactly the same commits as the new one you open. I think it worked. You may need to reload the page to see the new changes. GitHub shows a If you add changes to an already pushed commit (for example using |
|
Yup, I first tried the amend commit option but didn't see anything on the PR page when I checked it. Probably the case that I needed to do a forced reload of the page. Thanks, good to know I was on the right track. Next time I won't give up so easily. :-) Also, thanks for catching the other bug that crept in on the first line. vim motion leftover that snuck in after testing. |
Just the import script for now. One feature I did add that might be worth pulling into the IDA script is to attempt to first load a
.jsor.jsonversion of the exectuable/dll automatically if it exists since that seems like a common naming convention for capa outputs.Two remaining (larger!) tasks are to implement a replacement for the vivisect analysis since that would provide python3 support, and then of course an implementation of the full IDA plugin for BN.