Package vivisect :: Module cli :: Class VivCli
[hide private]
[frames] | no frames]

Class VivCli

source code


Instance Methods [hide private]
 
__init__(self)
Instantiate a line-oriented interpreter framework.
source code
 
getExpressionLocals(self)
Over-ride this to have things like the eval command and the python command use more locals than the sybolic defaults.
source code
 
do_report(self, line)
Fire a report module by python path name.
source code
 
do_pathcount(self, line)
Mostly for testing the graph stuff...
source code
 
do_symboliks(self, line)
Use the new symboliks subsystem.
source code
 
do_names(self, line)
Show any names which contain the given argument.
source code
 
do_save(self, line)
Save the current workspace.
source code
 
do_xrefs(self, line)
Show xrefs for a particular location.
source code
 
do_imports(self, line)
Show the imports in the workspace (or potentially just one file)
source code
 
do_fscope(self, line)
The fscope command can be used to enumerate things from the scope of one function and down it's calling graph.
source code
 
do_exports(self, line)
List the exports in the workspace (or in a specific file).
source code
 
do_filemeta(self, line)
Show/List file metadata.
source code
 
do_funcmeta(self, line)
Show/Set function metadata.
source code
 
do_loc(self, line)
Display the repr of a single location by va.
source code
 
do_make(self, line)
Create new instances of locations in the vivisect workspace.
source code
 
do_emulate(self, line)
Create an emulator for the given function, and drop into a vdb interface to step through the code.
source code
 
do_argtrack(self, line)
Track input arguments to the given function by name or address.
source code
 
do_chat(self, line)
Echo a message to any other users of a shared workspace.
source code
 
do_codepath(self, line)
Enumerate and show any known code paths from the specified from address expression to the to address expression.
source code
 
do_vampsig(self, line)
Generate a vamp signature string for the given function's first block.
source code
 
do_vdb(self, line)
Execute vdb GUI from within vivisect (allowing special hooks between them...) (Optionally, specify a host to use for remote vdb debugging)
source code
 
do_codediff(self, line)
Use the new (*alpha*) code diffing engine to show similarities between the current vivisect workspace and the one specified on the command line.
source code

Inherited from envi.cli.EnviCli: __getattr__, addCmdAlias, addScriptPathEnvVar, aliascmd, cmdloop, do_EOF, do_alias, do_binstr, do_clear, do_config, do_eval, do_help, do_maps, do_mem, do_memcmp, do_memdump, do_python, do_quit, do_saveout, do_script, do_search, get_names, onecmd, parseExpression, registerCmdExtension, reprPointer, setCanvas, vprint, write

Inherited from cmd.Cmd: columnize, complete, complete_help, completedefault, completenames, default, emptyline, parseline, postcmd, postloop, precmd, preloop, print_topics

Inherited from VivWorkspace: addAnalysisModule, addCodeBlock, addColorMap, addConstModule, addEntryPoint, addExport, addFile, addFref, addFuncAnalysisModule, addFunctionSignatureBytes, addLibraryDependancy, addLocation, addMemoryMap, addNoReturnApi, addRelocation, addSegment, addStructureModule, addVaSet, addXref, analyze, analyzePointer, asciiStringSize, castPointer, chat, createEventChannel, delAnalysisModule, delCodeBlock, delColorMap, delFuncAnalysisModule, delFunction, delLocation, delMemoryMap, delVaSet, delVaSetRow, delXref, deleteEventChannel, exportWorkspace, exportWorkspaceChanges, findPointers, followPointer, followTheLeader, getAnalysisModuleNames, getCallGraph, getCallers, getCodeBlock, getCodeBlocks, getColorMap, getColorMaps, getComment, getComments, getEmulator, getEntryPoints, getExport, getExports, getFileByVa, getFileMeta, getFileMetaDict, getFiles, getFref, getFuncAnalysisModuleNames, getFunction, getFunctionApi, getFunctionArgs, getFunctionBlocks, getFunctionLocal, getFunctionLocals, getFunctionMeta, getFunctionMetaDict, getFunctions, getImportCallers, getImports, getLibraryDependancies, getLocation, getLocationByName, getLocationDistribution, getLocationRange, getLocations, getMeta, getName, getNames, getPrevLocation, getRelocation, getRelocations, getRenderInfo, getSegment, getSegments, getStructure, getSymByAddr, getSymByName, getSymHint, getTransMeta, getUserStructNames, getUserStructSource, getVaSet, getVaSetDef, getVaSetNames, getVaSetRow, getVaSetRows, getVivGui, getXrefs, getXrefsFrom, getXrefsTo, iAmLeader, importWorkspace, initMeta, initWorkspaceClient, isFunction, isFunctionSignature, isLocType, isLocation, isProbablyCode, isProbablyString, isProbablyUnicode, loadFromFd, loadFromFile, loadFromMemory, loadModule, loadWorkspace, makeCode, makeFunction, makeFunctionThunk, makeImport, makeName, makeNumber, makeOpcode, makePad, makePointer, makeString, makeStructure, makeUnicode, normFileName, parseNumber, parseOpcode, pointerString, reprLocation, reprVa, saveWorkspace, setComment, setFileMeta, setFunctionApi, setFunctionArg, setFunctionLocal, setFunctionMeta, setMeta, setSymHint, setTransMeta, setUserStructSource, setVaSetRow, uniStringSize, vaByName, verbprint, waitForEvent

Inherited from VivWorkspace (private): _clientThread, _saveSymbolCaches

Inherited from envi.memory.MemoryObject: getByteDef, getMemoryMap, getMemoryMaps, getMemorySnap, readMemory, setMemorySnap, writeMemory

Inherited from envi.memory.IMemory: allocateMemory, getMaxReadSize, getMemArchModule, getPointerSize, getSegmentInfo, isExecutable, isReadable, isShared, isValidPointer, isWriteable, probeMemory, protectMemory, readMemValue, readMemoryFormat, searchMemory, searchMemoryRange, setMemArchitecture, writeMemoryFormat

Inherited from base.VivWorkspaceCore (private): _addCallEdge, _createSaveMark, _fireEvent, _fireTransEvent, _fmcb_CallsFrom, _fmcb_LocalSymbol, _fmcb_Thunk, _handleADDCODEBLOCK, _handleADDCOLOR, _handleADDEXPORT, _handleADDFILE, _handleADDFMODULE, _handleADDFREF, _handleADDFSIG, _handleADDFUNCTION, _handleADDLOCATION, _handleADDMMAP, _handleADDMODULE, _handleADDRELOC, _handleADDSEGMENT, _handleADDVASET, _handleADDXREF, _handleAUTOANALFIN, _handleCHAT, _handleCOMMENT, _handleDELCODEBLOCK, _handleDELCOLOR, _handleDELFMODULE, _handleDELFREF, _handleDELFUNCTION, _handleDELLOCATION, _handleDELMODULE, _handleDELVASET, _handleDELVASETROW, _handleDELXREF, _handleFOLLOWME, _handleIAMLEADER, _handleSETFILEMETA, _handleSETFUNCARGS, _handleSETFUNCMETA, _handleSETMETA, _handleSETNAME, _handleSETVASETROW, _handleSYMHINT, _initEventHandlers, _initFunction, _mcb_Architecture, _mcb_WorkspaceServer, _mcb_ustruct, _snapInAnalysisModules

Inherited from object: __delattr__, __format__, __getattribute__, __hash__, __new__, __reduce__, __reduce_ex__, __repr__, __setattr__, __sizeof__, __str__, __subclasshook__

Inherited from impapi.ImportApi: addImpApi, getImpApi, getImpApiArgNames, getImpApiArgTypes, getImpApiArgs, getImpApiCallConv, getImpApiRetName, getImpApiRetType, getImpApiType, updateApiDef

Class Variables [hide private]

Inherited from cmd.Cmd: doc_header, doc_leader, identchars, intro, lastcmd, misc_header, nohelp, prompt, ruler, undoc_header, use_rawinput

Properties [hide private]

Inherited from object: __class__

Method Details [hide private]

__init__(self)
(Constructor)

source code 

Instantiate a line-oriented interpreter framework.

The optional argument 'completekey' is the readline name of a completion key; it defaults to the Tab key. If completekey is not None and the readline module is available, command completion is done automatically. The optional arguments stdin and stdout specify alternate input and output file objects; if not specified, sys.stdin and sys.stdout are used.

Overrides: impapi.ImportApi.__init__

getExpressionLocals(self)

source code 

Over-ride this to have things like the eval command and the python command use more locals than the sybolic defaults.

Overrides: envi.cli.EnviCli.getExpressionLocals
(inherited documentation)

do_report(self, line)

source code 

Fire a report module by python path name.

Usage: report <python.path.to.report.module>

do_pathcount(self, line)

source code 

Mostly for testing the graph stuff... this will likely be removed.

(does not count paths with loops currently...)

Usage: pathcount <func_expr>

do_symboliks(self, line)

source code 

Use the new symboliks subsystem. (NOTE: i386 only for a bit...)

Usage: symboliks [ options ]

-A  Run the emu and show the state of the machine for all found paths
    to the given address

do_names(self, line)

source code 

Show any names which contain the given argument.

Usage: names <name_regex>

FIXME unify do_sym from vdb into symbol context!

do_save(self, line)

source code 

Save the current workspace.

Usage: save

do_xrefs(self, line)

source code 

Show xrefs for a particular location.

Usage: xrefs [options] <va_expr> -T Show xrefs *to* the given address -F Show xrefs *from* the given address (default)

do_imports(self, line)

source code 

Show the imports in the workspace (or potentially just one file)

Usage: imports [fname]

do_fscope(self, line)

source code 

The fscope command can be used to enumerate things from the
scope of one function and down it's calling graph.

Usage: fscope [options] <func_addr_expr>

-I - Show import calls from this function scope
-S - Show strings from this function scope

Example: fscope -I kernel32.CreateFileW
         (Show imports called by CreateFileW and down...)

do_exports(self, line)

source code 

List the exports in the workspace (or in a specific file).

Usage: exports [fname]

do_filemeta(self, line)

source code 

Show/List file metadata.

Usage: filemeta [ fname [ keyname ] ]

Example: filemeta kernel32 Example: filemeta kernel32 md5

do_funcmeta(self, line)

source code 

Show/Set function metadata. Usage: funcmeta <func_expr> [key <value_expr>]

do_loc(self, line)

source code 

Display the repr of a single location by va.

Usage: loc <va_expr>

do_make(self, line)

source code 

Create new instances of locations in the vivisect workspace.

Usage: make [options] <va_expr> -c Make code -f Make function -s Make a string -u Make a unicode string -n <size> Make a number -p <size> Make a pad -S <structname> Make a structure

do_emulate(self, line)

source code 

Create an emulator for the given function, and drop into a vdb interface to step through the code.

(vdb CLI will appear in controlling terminal...)

Usage: emulate <va_expr>

do_argtrack(self, line)

source code 

Track input arguments to the given function by name or address.

Usage: argtrack <func_addr_expr> <arg_idx>

do_chat(self, line)

source code 

Echo a message to any other users of a shared workspace.

Usage: chat oh hai! Checkout 0x7c778030

do_codepath(self, line)

source code 

Enumerate and show any known code paths from the specified from address expression to the to address expression. Usage: codepath <from_expr> <to_expr>

do_vdb(self, line)

source code 

Execute vdb GUI from within vivisect (allowing special hooks between them...) (Optionally, specify a host to use for remote vdb debugging)

Usage: vdb [<remote_host>]

do_codediff(self, line)

source code 

Use the new (*alpha*) code diffing engine to show similarities between the
current vivisect workspace and the one specified on the command line.

COMMING SOON:
    * Matching similar but changed functions
    * Enumeration of individual changed blocks
    * Rename self/other based on matches
    * Export sig defs for later compare