Commit Graph

134 Commits

Author SHA1 Message Date
qdlmcfresh 372908ba9d
add regex filter in string view (#345)
* Filter by regex in string view

* Dont recompile the regex for every string, display error message

* localization

* Use data->Buf for pattern creation / searching
The filter string seems to get updated after the callback finished.
Therefore the search string was always 1 character behind the actual
string in the textfield when calling find() / creating the regex.
2021-11-25 08:46:42 +01:00
WerWolv 434de44ef5 yara: Added support for displaying variable names 2021-11-04 20:41:56 +01:00
RADICS Áron a6b8597f5a
Fix CRC and hash calculations (#321)
* Fix CRC calculation, add more CRC parameters

Use the Boost CRC module to calculate the CRC values.
Add options for final xor value, reflectIn and reflectOut.
Fixes #320

* Cleanup Hash view combo box, add CRC8

* Use offset/size consistently

* Cleanup: unify processing data by chunks

* Change CRC algorithm back, drop boost dependency

This is mostly the original algorithm, with a few fixes and small
additions (support for reflect In / Out, final XOR value).

* Use size_t for file read size consistently
2021-10-26 17:21:48 +02:00
WerWolv 5db608c3fc ui: Fixed automatic pattern loading, added better pattern browse popup 2021-09-26 21:18:25 +02:00
WerWolv 82ee4ad4ca yara: Fixed major memory leak and added include support 2021-09-23 22:57:19 +02:00
WerWolv d9134f7fe1 store: Added support for downloading tar'd folders 2021-09-23 22:56:49 +02:00
WerWolv 471ba80b4d ux: Properly evaluate pattern changes when already evaluating 2021-09-21 23:17:50 +02:00
WerWolv c051f5d3e7
patterns: Rewrite evaluation engine (#306)
* patterns: Rewrite most of the evaluator to mainly use polymorphism instead of just RTTI

* patterns: Fixed a couple of AST memory leaks

* patterns: Parse string operations correctly

* patterns: Various fixes and cleanup

* patterns: Implement primitive function definitions

Function parameters now need to provide their type in the definition

* patterns: Added function variable definition and assignment

* patterns: Added remaining function statements

* patterns: Added unsized and while-sized arrays

* patterns: Added multi variable declarations to functions

* patterns: Added std::format built-in function

* patterns: Allow passing custom types to functions

* patterns: Added attributes and new "format" attribute

* patterns: Use libfmt for std::print instead of custom version

* patterns: Remove unnecessary string compare function

* pattern: Fix preprocessor directives

* patterns: Fix unit tests

* patterns: Added cast expression

* patterns: Handle endianess in function parameters

* patterns: Added casting to different endian

* patterns: Added 'str' type for functions
2021-09-21 21:29:18 +02:00
WerWolv ed9e463550 ui: Added diff view 2021-09-21 19:54:13 +02:00
WerWolv 26a0352851 tests: Fixed unit test compiling 2021-09-21 02:48:41 +02:00
WerWolv ccac2e497d sys: Finish implementing constants view and its store 2021-09-09 12:58:44 +02:00
WerWolv e74c0f5cf5 sys: Tons of long overdue cleanup
- std::string -> const std::string& where needed
- Added a FileIO abstraction class
- Fixed recent files not updating
- Removed localization file from global include
- Renamed lang to pattern_language/pl
- Renamed EventFileDropped to RequestFileOpen
2021-09-08 15:18:24 +02:00
WerWolv 680587e050 sys: Massively improve string search memory usage 2021-09-06 22:45:55 +02:00
WerWolv ee7c6a91a7 patterns: Add optimization for arrays of statically sized types 2021-09-06 20:35:38 +02:00
WerWolv 4b40546750 views: Add simple pattern, library and magics store 2021-09-03 02:34:40 +02:00
WerWolv 633fa7213a sys: More compile time improvements 2021-08-29 22:15:18 +02:00
WerWolv f60f9f9fc9 patterns: Fix endian settings not applying to char16 2021-08-29 11:10:48 +02:00
WerWolv a7e2c06bc4 sys: Better name for the pattern editor view 2021-08-28 21:51:33 +02:00
WerWolv 2ccf8e777c sys: Added create file and resize option
Fixes #172
2021-07-27 21:07:36 +02:00
WerWolv 35c7f826bc views: Added constants search view 2021-06-26 01:18:33 +02:00
WerWolv ee2b412a10 nodes: Added primitive saving and loading mechanism
Not fully integrated yet. Also doesn't yet save any node settings, just nodes and links
2021-05-17 23:17:58 +02:00
WerWolv 1f2fe6b93d sys: Merge splash screen and ImHex into one application
This fixes so many issues the previous implementation had, especially on Unix
2021-04-20 21:46:48 +02:00
WerWolv 771bb22962 sys: Improve shortcut api 2021-04-16 19:43:54 +02:00
WerWolv 59dd372ec8 ux: Added support for pasting bytes 2021-04-16 17:01:01 +02:00
WerWolv 1e6b493b41 ux: Add slider to entropy plot 2021-04-12 22:20:05 +02:00
WerWolv 6223b26888 ui: Added hex editor highlight opacity setting 2021-03-29 23:07:18 +02:00
WerWolv a91afdb6ae ux: Allow copying value from data inspector 2021-03-02 22:09:38 +01:00
WerWolv 9481c70ecd sys: ImU64 is not 64 bit everywhere... 2021-03-02 14:32:18 +01:00
WerWolv de327cf3a4 ui: Make use of ImPlot to drastically improve information view 2021-03-02 13:49:45 +01:00
WerWolv 31e5ec7bc3
Add Yara rule matching interface (#178)
* build: Added YARA as submodule

* ui: Added basic yara rules matching interface

* build: Make libyara link libpthread on Unix

* ui: Add jump-to feature to yara matches list

* yara: Add more modules and patch yara to support mbedtls crypto

* yara: Started to fix scanning of bigger data

* yara: Fixed implementation

* ui: Improved yara matcher interface and added localization

* build: Ignore changed files in yara submodule

* yara: Fixed rules matching agianst entire file

* yara: Properly handle compiler errors
2021-02-26 13:35:19 +01:00
WerWolv 0af8b8155f ui/ux: Give up on custom ImGui file browsers and just use the system one 2021-02-22 23:36:13 +01:00
WerWolv 7f97416e6e ui/ux: Improve data analyzer interface, make it run asynchronously 2021-02-22 13:08:06 +01:00
WerWolv 0e2add204b ux: Disassemble asynchronously 2021-02-22 11:56:33 +01:00
WerWolv 490c7e8fec ux: Search for strings asynchronously 2021-02-22 10:16:58 +01:00
WerWolv 9b9c040d2d ui: Run pattern language runtime asynchronously, added compile button 2021-02-20 22:38:31 +01:00
WerWolv 460d5a9386 Various fixes and improvements 2021-02-17 14:47:25 +01:00
WerWolv b4c2f7d371 Implemented crude support for custom encodings via thingy files
Relevant issue: #26
2021-02-14 01:11:55 +01:00
WerWolv 179e222919 Fixed command palette and added /web command 2021-02-08 19:56:04 +01:00
WerWolv 8e7bfb7f1a Fixed some popups not appearing when no views are open 2021-02-07 14:29:13 +01:00
WerWolv 5b38c43b7e Fixed plugin loading and closing issues mainly on Windows
This fixes #87
2021-02-07 13:40:47 +01:00
WerWolv 5eb289f1fe Added proper error messages to data processor 2021-02-04 01:14:05 +01:00
WerWolv 785ecb8a78 Switch from openssl/libcrypto to mbedtls 2021-02-02 23:11:23 +01:00
WerWolv 5c7a529fa1
Added Data Processor using Nodes (#152)
* Added imnodes

* Added basic data processor view. Still needs to be cleaned up

* Make sure all attached links get properly removed when a Node is deleted

* Cleanup and API exposing

* Added data provider overlays and integrate them with the data processor

* Optimized data processing

* Node UI enhancements

* Added support for all themes to the nodes editor

* Improved data processor context menus

* Fixed data processor context menu showing up everywhere

* Make hex editor context menu behave the same as data processor one

* Add different node pin types and prevent incompatible ones from being connected

* Don't require explicitly marking node as end node

* Fixed plugin copying

* Added some more nodes
2021-01-30 22:39:06 +01:00
WerWolv 319068eef5 Implemented Open File and Preferences button in Welcome screen 2021-01-27 14:26:24 +01:00
WerWolv 8990fad85a Make File Dialogs less hacky 2021-01-27 00:44:10 +01:00
WerWolv 27e5f8eeb6 Fixed capstone build issue on mac
On mac, capstone's include path is `include/capstone` instead of just `include`...
2021-01-25 15:19:56 +01:00
WerWolv b8e383368d Make pattern popup when loading a file list all available patterns 2021-01-23 14:01:23 +01:00
WerWolv 8e46751e98 Improved about page 2021-01-23 00:46:50 +01:00
WerWolv 104000fbc4 Huge refactoring of builtin features into an external plugin 2021-01-22 18:01:42 +01:00
WerWolv 22d75ed856 Improved logging and aborting from pattern language builtin functions 2021-01-21 11:36:58 +01:00