PyHiew (open source project) is a Hiew external module (HEM) that allows users to write Python scripts that can interface with Hiew.
It wraps most of the functionality present in the HEM SDK, thus allowing the users to programmatically access Hiew and do things like:
- Create windows
- Create menus
- Show messages
- Get input from user
- File I/O: Read, Write, Find
- etc…
For example, here is a “Hello world” script:
import hiew
hiew.Message(“Hi”, “Hello world!”)
To demonstrate how it works, let us download the pre-compiled package and install it:
- Unzip the package to %HIEW%
- Verify that %HIEW%\pyhiew folder exists
- Make sure that Python 2.7 is installed
- Run hiew32 against an input file
- Press F11 to launch Hiew’s the external modules browser
If other HEMs are installed they will be listed too.
Pressing ENTER to select “Python Hiew” will take you to PyHiew’s script browser:
What you see is a list of PyHiew scripts (in %HIEW%\pyhiew) that come with the package:
- ClipText: a script that allows you to copy Hiew selection to clipboard into various formats (C source, Pascal, text, …)
- Decompress: a script that will allow you to decompress a gzip compatible stream from inside Hiew
- hello: the hello world script
- test_pyshell: a simple script that allows you to execute Python statements
Let us now play with ClipText by making a block selection with Hiew and pressing F11 –> PyHiew –> ClipText
We select “Copy as C array” and press ENTER:
To verify that it works, let us open a text editor and paste from the clipboard:
It works! 🙂
Let us now run the Decompress script by first loading a PDF file that got some streams with FlateDecode filter:
We manually select the stream (we don’t have to if we write a small script that detected the boundaries for us) and press F11 –> PyHiew –> Decompress:
The script will ask for an output file name, and after that we can open that file and verify if decompression went okay:
Neat huh?! 🙂
If you’re curious, here’s the Decompress.py source code:
That’s it for now. Make sure you refer to the “doc” folder if you want to write your own scripts.
A discussion group has been created to share useful scripts and address technical problems.
Last but not least, for those who do not know, you can have process editing facilities in Hiew simply by using my old utility Hiew+ (which still works with the latest versions of Hiew). Get it from http://lgwm.org/projects/hiewplus/.
Stay tuned!
Elias
great idea – hiew was one of the last great tools not (correctly) pythonized.
what’s next ? an unifying python layer for hiew/imdbg/ida ? 😉
Yes, now that Python can access almost every tool, one can easily talk to each of them 🙂
So was Hiew pythonized before (at least incorrectly, referring to your words) ? I would be interested to see previous work.
Thank you!
>>what’s next ? an unifying python layer for hiew/imdbg/ida
+1, Funny! )
Hello,
Can you pleas re-upload “Hiew+”, thanks.
I will make it open-source any time soon.
Please reply if you are interested.
Pingback: Genesis « Shortjump!