Skip to content

Commit f348af8

Browse files
hello-adamhello-adam
committed
feat: include file loading and presets in kaitai struct plugin
1 parent 4981eee commit f348af8

File tree

147 files changed

+33322
-1
lines changed

Some content is hidden

Large Commits have some content hidden by default. Use the searchbox below for content that may be hidden.

147 files changed

+33322
-1
lines changed

src/hobbits-gui/hobbits-gui.pro

+2
Original file line numberDiff line numberDiff line change
@@ -21,6 +21,8 @@ TEMPLATE = app
2121
# deprecated API in order to know how to port your code away from it.
2222
DEFINES += QT_DEPRECATED_WARNINGS
2323

24+
QMAKE_RESOURCE_FLAGS += -no-compress
25+
2426
# You can also make your code fail to compile if you use deprecated APIs.
2527
# In order to do so, uncomment the following line.
2628
# You can also select to disable deprecated APIs only up to a certain version of Qt.

src/hobbits-gui/icons.qrc

+1
Original file line numberDiff line numberDiff line change
@@ -2,5 +2,6 @@
22
<qresource prefix="/hobbitsgui">
33
<file>images/icons/trash.png</file>
44
<file>images/icons/HobbitsRingSmall.png</file>
5+
<file>images/icons/mahlet.bits</file>
56
</qresource>
67
</RCC>

src/hobbits-gui/images/icons/mahlet.bits

11 KB
Binary file not shown.

src/hobbits-plugins/analyzers/KaitaiStruct/kaitaiscripts.qrc

+140
Original file line numberDiff line numberDiff line change
@@ -1,5 +1,145 @@
11
<RCC>
22
<qresource prefix="/kaitaistruct">
33
<file>scripts/runner.py</file>
4+
<file>ksy/windows/windows_systemtime.ksy</file>
5+
<file>ksy/windows/windows_shell_items.ksy</file>
6+
<file>ksy/windows/windows_resource_file.ksy</file>
7+
<file>ksy/windows/windows_minidump.ksy</file>
8+
<file>ksy/windows/windows_lnk_file.ksy</file>
9+
<file>ksy/windows/regf.ksy</file>
10+
<file>ksy/serialization/ruby_marshal.ksy</file>
11+
<file>ksy/serialization/python_pickle.ksy</file>
12+
<file>ksy/serialization/php_serialized_value.ksy</file>
13+
<file>ksy/serialization/msgpack.ksy</file>
14+
<file>ksy/serialization/microsoft_cfb.ksy</file>
15+
<file>ksy/serialization/google_protobuf.ksy</file>
16+
<file>ksy/serialization/bson.ksy</file>
17+
<file>ksy/serialization/asn1_der.ksy</file>
18+
<file>ksy/security/ssh_public_key.ksy</file>
19+
<file>ksy/security/openpgp_message.ksy</file>
20+
<file>ksy/security/efivar_signature_list.ksy</file>
21+
<file>ksy/scientific/nt_mdt.ksy</file>
22+
<file>ksy/scientific/nt_mdt_pal.ksy</file>
23+
<file>ksy/scientific/avantes_roh60.ksy</file>
24+
<file>ksy/scientific/specpr.ksy</file>
25+
<file>ksy/network/websocket.ksy</file>
26+
<file>ksy/network/udp_datagram.ksy</file>
27+
<file>ksy/network/tls_client_hello.ksy</file>
28+
<file>ksy/network/tcp_segment.ksy</file>
29+
<file>ksy/network/rtp_packet.ksy</file>
30+
<file>ksy/network/rtcp_payload.ksy</file>
31+
<file>ksy/network/protocol_body.ksy</file>
32+
<file>ksy/network/pcap.ksy</file>
33+
<file>ksy/network/packet_ppi.ksy</file>
34+
<file>ksy/network/microsoft_network_monitor_v2.ksy</file>
35+
<file>ksy/network/ipv6_packet.ksy</file>
36+
<file>ksy/network/ipv4_packet.ksy</file>
37+
<file>ksy/network/icmp_packet.ksy</file>
38+
<file>ksy/network/hccapx.ksy</file>
39+
<file>ksy/network/hccap.ksy</file>
40+
<file>ksy/network/ethernet_frame.ksy</file>
41+
<file>ksy/network/dns_packet.ksy</file>
42+
<file>ksy/network/bitcoin_transaction.ksy</file>
43+
<file>ksy/media/wav.ksy</file>
44+
<file>ksy/media/vp8_ivf.ksy</file>
45+
<file>ksy/media/stl.ksy</file>
46+
<file>ksy/media/standard_midi_file.ksy</file>
47+
<file>ksy/media/quicktime_mov.ksy</file>
48+
<file>ksy/media/ogg.ksy</file>
49+
<file>ksy/media/magicavoxel_vox.ksy</file>
50+
<file>ksy/media/id3v2_4.ksy</file>
51+
<file>ksy/media/id3v2_3.ksy</file>
52+
<file>ksy/media/id3v1_1.ksy</file>
53+
<file>ksy/media/genmidi_op2.ksy</file>
54+
<file>ksy/media/creative_voice_file.ksy</file>
55+
<file>ksy/media/blender_blend.ksy</file>
56+
<file>ksy/media/avi.ksy</file>
57+
<file>ksy/media/android_opengl_shaders_cache.ksy</file>
58+
<file>ksy/media/fasttracker_xm_module.ksy</file>
59+
<file>ksy/media/s3m.ksy</file>
60+
<file>ksy/macos/ds_store.ksy</file>
61+
<file>ksy/machine_code/code_6502.ksy</file>
62+
<file>ksy/log/windows_evt_log.ksy</file>
63+
<file>ksy/log/systemd_journal.ksy</file>
64+
<file>ksy/log/sudoers_ts.ksy</file>
65+
<file>ksy/log/hashcat_restore.ksy</file>
66+
<file>ksy/log/glibc_utmp.ksy</file>
67+
<file>ksy/log/aix_utmp.ksy</file>
68+
<file>ksy/image/xwd.ksy</file>
69+
<file>ksy/image/wmf.ksy</file>
70+
<file>ksy/image/tga.ksy</file>
71+
<file>ksy/image/psx_tim.ksy</file>
72+
<file>ksy/image/png.ksy</file>
73+
<file>ksy/image/pcx_dcx.ksy</file>
74+
<file>ksy/image/pcx.ksy</file>
75+
<file>ksy/image/jpeg.ksy</file>
76+
<file>ksy/image/ico.ksy</file>
77+
<file>ksy/image/icc_4.ksy</file>
78+
<file>ksy/image/gif.ksy</file>
79+
<file>ksy/image/exif.ksy</file>
80+
<file>ksy/image/dicom.ksy</file>
81+
<file>ksy/image/bmp.ksy</file>
82+
<file>ksy/hardware/edid.ksy</file>
83+
<file>ksy/hardware/mifare_classic.ksy</file>
84+
<file>ksy/geospatial/shapefile_main.ksy</file>
85+
<file>ksy/geospatial/shapefile_index.ksy</file>
86+
<file>ksy/game/warcraft_2_pud.ksy</file>
87+
<file>ksy/game/saints_row_2_vpp_pc.ksy</file>
88+
<file>ksy/game/renderware_binary_stream.ksy</file>
89+
<file>ksy/game/quake_pak.ksy</file>
90+
<file>ksy/game/quake_mdl.ksy</file>
91+
<file>ksy/game/heroes_of_might_and_magic_bmp.ksy</file>
92+
<file>ksy/game/heroes_of_might_and_magic_agg.ksy</file>
93+
<file>ksy/game/heaps_pak.ksy</file>
94+
<file>ksy/game/gran_turismo_vol.ksy</file>
95+
<file>ksy/game/ftl_dat.ksy</file>
96+
<file>ksy/game/fallout_dat.ksy</file>
97+
<file>ksy/game/fallout2_dat.ksy</file>
98+
<file>ksy/game/dune_2_pak.ksy</file>
99+
<file>ksy/game/doom_wad.ksy</file>
100+
<file>ksy/game/allegro_dat.ksy</file>
101+
<file>ksy/font/ttf.ksy</file>
102+
<file>ksy/firmware/uimage.ksy</file>
103+
<file>ksy/firmware/ines.ksy</file>
104+
<file>ksy/firmware/andes_firmware.ksy</file>
105+
<file>ksy/filesystem/zx_spectrum_tap.ksy</file>
106+
<file>ksy/filesystem/vmware_vmdk.ksy</file>
107+
<file>ksy/filesystem/vfat.ksy</file>
108+
<file>ksy/filesystem/vdi.ksy</file>
109+
<file>ksy/filesystem/tr_dos_image.ksy</file>
110+
<file>ksy/filesystem/mbr_partition_table.ksy</file>
111+
<file>ksy/filesystem/lvm2.ksy</file>
112+
<file>ksy/filesystem/luks.ksy</file>
113+
<file>ksy/filesystem/iso9660.ksy</file>
114+
<file>ksy/filesystem/gpt_partition_table.ksy</file>
115+
<file>ksy/filesystem/ext2.ksy</file>
116+
<file>ksy/filesystem/cramfs.ksy</file>
117+
<file>ksy/filesystem/apple_single_double.ksy</file>
118+
<file>ksy/filesystem/apm_partition_table.ksy</file>
119+
<file>ksy/executable/uefi_te.ksy</file>
120+
<file>ksy/executable/swf.ksy</file>
121+
<file>ksy/executable/python_pyc_27.ksy</file>
122+
<file>ksy/executable/microsoft_pe.ksy</file>
123+
<file>ksy/executable/mach_o.ksy</file>
124+
<file>ksy/executable/java_class.ksy</file>
125+
<file>ksy/executable/elf.ksy</file>
126+
<file>ksy/executable/dos_mz.ksy</file>
127+
<file>ksy/executable/dex.ksy</file>
128+
<file>ksy/database/tsm.ksy</file>
129+
<file>ksy/database/sqlite3.ksy</file>
130+
<file>ksy/database/gettext_mo.ksy</file>
131+
<file>ksy/database/dbf.ksy</file>
132+
<file>ksy/common/vlq_base128_le.ksy</file>
133+
<file>ksy/common/vlq_base128_be.ksy</file>
134+
<file>ksy/common/utf8_string.ksy</file>
135+
<file>ksy/common/bcd.ksy</file>
136+
<file>ksy/cad/monomakh_sapr_chg.ksy</file>
137+
<file>ksy/archive/zip.ksy</file>
138+
<file>ksy/archive/rar.ksy</file>
139+
<file>ksy/archive/phar_without_stub.ksy</file>
140+
<file>ksy/archive/lzh.ksy</file>
141+
<file>ksy/archive/gzip.ksy</file>
142+
<file>ksy/archive/cpio_old_le.ksy</file>
143+
<file>ksy/archive/android_img.ksy</file>
4144
</qresource>
5145
</RCC>

src/hobbits-plugins/analyzers/KaitaiStruct/kaitaistruct.cpp

+37-1
Original file line numberDiff line numberDiff line change
@@ -8,21 +8,55 @@
88
#include <QProcess>
99
#include <QProcessEnvironment>
1010
#include <QJsonArray>
11+
#include <QDirIterator>
1112

1213
const QString PYTHON_PATH_KEY = "python_runner_path";
1314
const QString KAITAI_PATH_KEY = "kaitai_struct_compiler_path";
15+
const QString KSY_PATH_KEY = "ksy_directory_path";
1416
const QString KAITAI_STRUCT_CATEGORY = "kaitai_struct";
1517
const QString KAITAI_RESULT_LABEL = "kaitai_struct_result_label";
1618

1719
KaitaiStruct::KaitaiStruct() :
1820
ui(new Ui::KaitaiStruct()),
21+
m_loadKsyMenu(new QMenu()),
1922
m_highlightNav(nullptr)
2023
{
21-
24+
m_loadKsyMenu->addAction("Load File...", [this]() {
25+
QString fileName = QFileDialog::getOpenFileName(
26+
nullptr,
27+
tr("Select ksy File"),
28+
SettingsManager::getInstance().getPrivateSetting(KSY_PATH_KEY).toString(),
29+
tr("Kaitai Struct File (*.ksy);;All Files (*)"));
30+
if (fileName.isEmpty()) {
31+
return;
32+
}
33+
QFile ksyFile(fileName);
34+
if (!ksyFile.open(QIODevice::ReadOnly)) {
35+
return;
36+
}
37+
SettingsManager::getInstance().setPrivateSetting(KSY_PATH_KEY, QFileInfo(ksyFile).path());
38+
ui->te_ksy->setPlainText(ksyFile.readAll());
39+
});
40+
41+
QDirIterator it(":/kaitaistruct/ksy", QDir::Dirs | QDir::NoDotAndDotDot);
42+
while (it.hasNext()) {
43+
QDir category = it.next();
44+
QMenu* menu = m_loadKsyMenu->addMenu(category.dirName());
45+
for (QFileInfo ksyFileInfo :category.entryInfoList(QDir::Files)) {
46+
menu->addAction(ksyFileInfo.baseName(), [this, ksyFileInfo]() {
47+
QFile ksyFile(ksyFileInfo.filePath());
48+
if (!ksyFile.open(QIODevice::ReadOnly)) {
49+
return;
50+
}
51+
ui->te_ksy->setPlainText(ksyFile.readAll());
52+
});
53+
}
54+
}
2255
}
2356

2457
KaitaiStruct::~KaitaiStruct()
2558
{
59+
delete m_loadKsyMenu;
2660
delete ui;
2761
}
2862

@@ -50,6 +84,8 @@ void KaitaiStruct::applyToWidget(QWidget *widget)
5084
{
5185
ui->setupUi(widget);
5286

87+
ui->pb_loadKsy->setMenu(m_loadKsyMenu);
88+
5389
connect(ui->tb_choosePython, SIGNAL(pressed()), this, SLOT(openPythonPathDialog()));
5490
connect(ui->tb_chooseKsc, SIGNAL(pressed()), this, SLOT(openKscPathDialog()));
5591
ui->le_python->setText(SettingsManager::getInstance().getPrivateSetting(PYTHON_PATH_KEY).toString());

src/hobbits-plugins/analyzers/KaitaiStruct/kaitaistruct.h

+3
Original file line numberDiff line numberDiff line change
@@ -3,6 +3,7 @@
33

44
#include "analyzerinterface.h"
55
#include "highlightnavigator.h"
6+
#include <QMenu>
67

78
namespace Ui
89
{
@@ -43,9 +44,11 @@ private slots:
4344

4445
private:
4546
Ui::KaitaiStruct *ui;
47+
QMenu* m_loadKsyMenu;
4648
HighlightNavigator* m_highlightNav;
4749
QSharedPointer<BitContainerPreview> m_previewContainer;
4850
QSharedPointer<PluginCallback> m_pluginCallback;
51+
4952
};
5053

5154
#endif // KAITAISTRUCT_H

src/hobbits-plugins/analyzers/KaitaiStruct/kaitaistruct.ui

+7
Original file line numberDiff line numberDiff line change
@@ -107,6 +107,13 @@
107107
</item>
108108
</layout>
109109
</item>
110+
<item>
111+
<widget class="QPushButton" name="pb_loadKsy">
112+
<property name="text">
113+
<string>Load existing ksy...</string>
114+
</property>
115+
</widget>
116+
</item>
110117
<item>
111118
<widget class="QLabel" name="label">
112119
<property name="text">

src/hobbits-plugins/analyzers/KaitaiStruct/ksy/archive/android_img.ksy

+120
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,120 @@
1+
meta:
2+
id: android_img
3+
title: Android Boot Image
4+
license: CC0-1.0
5+
file-extension: img
6+
endian: le
7+
doc-ref: https://source.android.com/devices/bootloader/boot-image-header
8+
seq:
9+
- id: magic
10+
contents: ANDROID!
11+
- id: kernel
12+
type: load
13+
- id: ramdisk
14+
type: load
15+
- id: second
16+
type: load
17+
- id: tags_load
18+
type: u4
19+
- id: page_size
20+
type: u4
21+
- id: header_version
22+
type: u4
23+
- id: os_version
24+
type: os_version
25+
- id: name
26+
type: strz
27+
size: 16
28+
encoding: ASCII
29+
- id: cmdline
30+
type: strz
31+
size: 512
32+
encoding: ASCII
33+
- id: sha
34+
size: 32
35+
- id: extra_cmdline
36+
type: strz
37+
size: 1024
38+
encoding: ASCII
39+
- id: recovery_dtbo
40+
type: size_offset
41+
if: header_version > 0
42+
- id: boot_header_size
43+
type: u4
44+
if: header_version > 0
45+
- id: dtb
46+
type: load_long
47+
if: header_version > 1
48+
instances:
49+
base:
50+
value: kernel.addr - 0x00008000
51+
doc: base loading address
52+
kernel_offset:
53+
value: kernel.addr - base
54+
doc: kernel offset from base
55+
ramdisk_offset:
56+
value: 'ramdisk.addr > 0 ? ramdisk.addr - base : 0'
57+
doc: ramdisk offset from base
58+
second_offset:
59+
value: 'second.addr > 0 ? second.addr - base : 0'
60+
doc: 2nd bootloader offset from base
61+
tags_offset:
62+
value: tags_load - base
63+
doc: tags offset from base
64+
dtb_offset:
65+
value: 'dtb.addr > 0 ? dtb.addr - base : 0'
66+
if: header_version > 1
67+
doc: dtb offset from base
68+
kernel_img:
69+
pos: page_size
70+
size: kernel.size
71+
ramdisk_img:
72+
pos: ((page_size + kernel.size + page_size - 1) / page_size) * page_size
73+
size: ramdisk.size
74+
if: ramdisk.size > 0
75+
second_img:
76+
pos: ((page_size + kernel.size + ramdisk.size + page_size - 1) / page_size) * page_size
77+
size: second.size
78+
if: second.size > 0
79+
recovery_dtbo_img:
80+
pos: recovery_dtbo.offset
81+
size: recovery_dtbo.size
82+
if: header_version > 0 and recovery_dtbo.size > 0
83+
dtb_img:
84+
pos: ((page_size + kernel.size + ramdisk.size + second.size + recovery_dtbo.size + page_size - 1) / page_size) * page_size
85+
size: dtb.size
86+
if: header_version > 1 and dtb.size > 0
87+
types:
88+
load:
89+
seq:
90+
- id: size
91+
type: u4
92+
- id: addr
93+
type: u4
94+
load_long:
95+
seq:
96+
- id: size
97+
type: u4
98+
- id: addr
99+
type: u8
100+
size_offset:
101+
seq:
102+
- id: size
103+
type: u4
104+
- id: offset
105+
type: u8
106+
os_version:
107+
seq:
108+
- id: version
109+
type: u4
110+
instances:
111+
major:
112+
value: (version >> 25) & 0x7f
113+
minor:
114+
value: (version >> 18) & 0x7f
115+
patch:
116+
value: (version >> 11) & 0x7f
117+
year:
118+
value: ((version >> 4) & 0x7f) + 2000
119+
month:
120+
value: version & 0xf

0 commit comments

Comments
 (0)