zznop · March 19, 2025 14:53
diff --git a/fwn_sidekick_indexer_example.py b/fwn_sidekick_indexer_example.py
 from binaryninja import BinaryView, FirmwareNinja, FirmwareNinjaMemoryAccessType, StructureType
 from binaryninja.variable import ConstantPointerRegisterValue, ConstantRegisterValue
 from Vector35_Sidekick.scripting.api import open_index


 def _read_write_memory_accesses(bv: BinaryView, fwn: FirmwareNinja, index) -> None:
    for entry in fwn.query_function_memory_accesses():
        func = entry.function
        for access in entry.accesses:
            is_read = access.type == FirmwareNinjaMemoryAccessType.ReadMemoryAccessType
            is_write = access.type == FirmwareNinjaMemoryAccessType.WriteMemoryAccessType
            if not is_read and not is_write:
                continue  # Skip unknown access type

            instr_addr = access.instr_address
            mem_addr = access.mem_address
            mem_addr_is_constant = False
            if isinstance(mem_addr, (ConstantPointerRegisterValue, ConstantRegisterValue)):
                mem_addr_is_constant = True

            mv = "undetermined"
            if mem_addr_is_constant:
                mv = mem_addr.value

            rwval = "undetermined"
            value = access.value
            if isinstance(value, (ConstantPointerRegisterValue, ConstantRegisterValue)):
                rwval = value.value

            llil = func.get_llil_at(instr_addr)
            if not llil:
                continue

            mlil = llil.mlil
            if not mlil:
                continue

            datavar = bv.get_data_var_at(mv)
            datavar_accessed = hex(mv)
            if datavar and datavar.name:
                if isinstance(datavar.type, StructureType):
                    try:
                        member = datavar.type.member_at_offset(mv - datavar.address)
                        datavar_accessed = f"{datavar.name}.{member.name}"
                    except ValueError:
                        datavar_accessed = f"{datavar.name}.offset_{hex(mv-datavar.address)}"
                else:
                    datavar_accessed = datavar.name

            sections = bv.get_sections_at(mv)
            section_name = ""
            datavar_offset = ""
            if sections:
                section = sections[0]
                section_name = section.name
                datavar_offset = mv - section.start

            index.add_entry(
                mlil,
                {
                    "function": hex(func.start),
                    "kind": "read" if is_read else "write",
                    "datavar_accessed": datavar_accessed,
                    "datavar_section": section_name,
                    "datavar_section_offset": (
                        hex(datavar_offset) if isinstance(datavar_offset, int) else datavar_offset
                    ),
                    "value_read_or_written": hex(rwval) if isinstance(rwval, int) else rwval,
                },
            )


 def _open_indexes(bv: BinaryView) -> None:
    fwn = FirmwareNinja(bv)
    with open_index(bv, "Firmware Ninja: Read/Write Memory Accesses") as index:  # pylint: disable=undefined-variable
        _read_write_memory_accesses(bv, fwn, index)


 print('running')
 _open_indexes(bv)  # pylint: disable=undefined-variable
	from binaryninja import BinaryView, FirmwareNinja, FirmwareNinjaMemoryAccessType, StructureType
	from binaryninja.variable import ConstantPointerRegisterValue, ConstantRegisterValue
	from Vector35_Sidekick.scripting.api import open_index


	def _read_write_memory_accesses(bv: BinaryView, fwn: FirmwareNinja, index) -> None:
	for entry in fwn.query_function_memory_accesses():
	func = entry.function
	for access in entry.accesses:
	is_read = access.type == FirmwareNinjaMemoryAccessType.ReadMemoryAccessType
	is_write = access.type == FirmwareNinjaMemoryAccessType.WriteMemoryAccessType
	if not is_read and not is_write:
	continue # Skip unknown access type

	instr_addr = access.instr_address
	mem_addr = access.mem_address
	mem_addr_is_constant = False
	if isinstance(mem_addr, (ConstantPointerRegisterValue, ConstantRegisterValue)):
	mem_addr_is_constant = True

	mv = "undetermined"
	if mem_addr_is_constant:
	mv = mem_addr.value

	rwval = "undetermined"
	value = access.value
	if isinstance(value, (ConstantPointerRegisterValue, ConstantRegisterValue)):
	rwval = value.value

	llil = func.get_llil_at(instr_addr)
	if not llil:
	continue

	mlil = llil.mlil
	if not mlil:
	continue

	datavar = bv.get_data_var_at(mv)
	datavar_accessed = hex(mv)
	if datavar and datavar.name:
	if isinstance(datavar.type, StructureType):
	try:
	member = datavar.type.member_at_offset(mv - datavar.address)
	datavar_accessed = f"{datavar.name}.{member.name}"
	except ValueError:
	datavar_accessed = f"{datavar.name}.offset_{hex(mv-datavar.address)}"
	else:
	datavar_accessed = datavar.name

	sections = bv.get_sections_at(mv)
	section_name = ""
	datavar_offset = ""
	if sections:
	section = sections[0]
	section_name = section.name
	datavar_offset = mv - section.start

	index.add_entry(
	mlil,
	{
	"function": hex(func.start),
	"kind": "read" if is_read else "write",
	"datavar_accessed": datavar_accessed,
	"datavar_section": section_name,
	"datavar_section_offset": (
	hex(datavar_offset) if isinstance(datavar_offset, int) else datavar_offset
	),
	"value_read_or_written": hex(rwval) if isinstance(rwval, int) else rwval,
	},
	)


	def _open_indexes(bv: BinaryView) -> None:
	fwn = FirmwareNinja(bv)
	with open_index(bv, "Firmware Ninja: Read/Write Memory Accesses") as index: # pylint: disable=undefined-variable
	_read_write_memory_accesses(bv, fwn, index)


	print('running')
	_open_indexes(bv) # pylint: disable=undefined-variable