📝 Create README for examples

ImNotAVirus · ImNotAVirus · commit caa6a62aba40 · 2022-02-17T21:34:29.000+01:00
diff --git a/delphi_analyser.py b/delphi_analyser.py
@@ -57,7 +57,7 @@ def __repr__(self):
     def __str__(self):
         if not self._is_valid:
             return f'<InvalidVmt address=0x{self._vmt_address:08X}>'
-        return f'<{self._class_name} start=0x{self.start:08X} size=0x{self._instance_size:X}>'
+        return f'<{self._class_name} start=0x{self.start:08X} instance_size=0x{self._instance_size:X}>'
 
 
     ## Properties
diff --git a/examples/README.md b/examples/README.md
@@ -1,66 +1,92 @@
 # Examples
 
-## list_class.py
+## list_vmts.py
 
 **Description**:
 
-TODO
+A simple script displaying all VMTs found for a Delphi binary.  
+It displays, for each VMT, its start address as well as the size of the instances of its class.
 
-**Example**:
+**Dependencies**:
 
-    > python3 list_class.py binary.exe 7
+- N/A
+
+**Usage**:
+
+    > python3 examples/list_vmts.py
+    Usage: examples/list_vmts.py <file_name> <delphi_version>
+
+    > python3 examples/list_vmts.py binary.exe 7
     <DelphiNinja> [13:37:42.724] [InfoLog] File loaded
     <DelphiNinja> [13:37:42.724] [InfoLog] -----------------------------        
     <DelphiNinja> [13:37:42.725] [InfoLog] Searching for VMT...
-    <DelphiNinja> [13:37:42.730] [InfoLog] <TObject start=0x00401058 size=0x4>
-    <DelphiNinja> [13:37:42.763] [InfoLog] <Exception start=0x00404F20 size=0xC>
-    <DelphiNinja> [13:37:42.764] [InfoLog] <EHeapException start=0x00404F88 size=0x10>    
-    <DelphiNinja> [13:37:42.765] [InfoLog] <EOutOfMemory start=0x00404FE4 size=0x10>      
-    <DelphiNinja> [13:37:42.765] [InfoLog] <EInOutError start=0x00405040 size=0x10>       
-    <DelphiNinja> [13:37:42.766] [InfoLog] <EExternal start=0x00405098 size=0x10>
-    <DelphiNinja> [13:37:42.766] [InfoLog] <EExternalException start=0x004050F0 size=0x10>
-    <DelphiNinja> [13:37:42.767] [InfoLog] <EIntError start=0x00405150 size=0x10>
-    <DelphiNinja> [13:37:42.767] [InfoLog] <EDivByZero start=0x004051A8 size=0x10>        
-    <DelphiNinja> [13:37:42.768] [InfoLog] <ERangeError start=0x00405200 size=0x10>       
-    <DelphiNinja> [13:37:42.775] [InfoLog] <EIntOverflow start=0x00405258 size=0x10>
-    <DelphiNinja> [13:37:42.781] [InfoLog] <EMathError start=0x004052B4 size=0x10>
-    <DelphiNinja> [13:37:42.782] [InfoLog] <EInvalidOp start=0x0040530C size=0x10>
-    <DelphiNinja> [13:37:42.786] [InfoLog] <EZeroDivide start=0x00405364 size=0x10>
-    <DelphiNinja> [13:37:42.812] [InfoLog] <EOverflow start=0x004053BC size=0x10>
-    <DelphiNinja> [13:37:42.820] [InfoLog] <EUnderflow start=0x00405414 size=0x10>
-    <DelphiNinja> [13:37:42.822] [InfoLog] <EInvalidPointer start=0x0040546C size=0x10>
-    <DelphiNinja> [13:37:42.824] [InfoLog] <EInvalidCast start=0x004054C8 size=0xC>
-    <DelphiNinja> [13:37:42.842] [InfoLog] <EConvertError start=0x00405524 size=0xC>
-    <DelphiNinja> [13:37:42.843] [InfoLog] <EAccessViolation start=0x00405580 size=0x10>
-    <DelphiNinja> [13:37:42.844] [InfoLog] <EPrivilege start=0x004055E0 size=0x10>
-    <DelphiNinja> [13:37:42.845] [InfoLog] <EStackOverflow start=0x00405638 size=0x10>
-    <DelphiNinja> [13:37:42.846] [InfoLog] <EControlC start=0x00405694 size=0x10>
-    <DelphiNinja> [13:37:42.847] [InfoLog] <EVariantError start=0x004056EC size=0xC>
-    <DelphiNinja> [13:37:42.848] [InfoLog] <EAssertionFailed start=0x00405748 size=0xC>
-    <DelphiNinja> [13:37:42.849] [InfoLog] <EAbstractError start=0x004057A8 size=0xC>
-    <DelphiNinja> [13:37:42.851] [InfoLog] <EIntfCastError start=0x00405804 size=0xC>
-    <DelphiNinja> [13:37:42.868] [InfoLog] <ESafecallException start=0x00405860 size=0xC>
-
-## vmt_visualize.py
+    <DelphiNinja> [13:37:42.730] [InfoLog] <TObject start=0x00401058 instance_size=0x4>
+    <DelphiNinja> [13:37:42.763] [InfoLog] <Exception start=0x00404F20 instance_size=0xC>
+    <DelphiNinja> [13:37:42.764] [InfoLog] <EHeapException start=0x00404F88 instance_size=0x10>    
+    <DelphiNinja> [13:37:42.765] [InfoLog] <EOutOfMemory start=0x00404FE4 instance_size=0x10>      
+    <DelphiNinja> [13:37:42.765] [InfoLog] <EInOutError start=0x00405040 instance_size=0x10>       
+    <DelphiNinja> [13:37:42.766] [InfoLog] <EExternal start=0x00405098 instance_size=0x10>
+    <DelphiNinja> [13:37:42.766] [InfoLog] <EExternalException start=0x004050F0 instance_size=0x10>
+    <DelphiNinja> [13:37:42.767] [InfoLog] <EIntError start=0x00405150 instance_size=0x10>
+    <DelphiNinja> [13:37:42.767] [InfoLog] <EDivByZero start=0x004051A8 instance_size=0x10>        
+    <DelphiNinja> [13:37:42.768] [InfoLog] <ERangeError start=0x00405200 instance_size=0x10>       
+    <DelphiNinja> [13:37:42.775] [InfoLog] <EIntOverflow start=0x00405258 instance_size=0x10>
+    <DelphiNinja> [13:37:42.781] [InfoLog] <EMathError start=0x004052B4 instance_size=0x10>
+    <DelphiNinja> [13:37:42.782] [InfoLog] <EInvalidOp start=0x0040530C instance_size=0x10>
+    <DelphiNinja> [13:37:42.786] [InfoLog] <EZeroDivide start=0x00405364 instance_size=0x10>
+    <DelphiNinja> [13:37:42.812] [InfoLog] <EOverflow start=0x004053BC instance_size=0x10>
+    <DelphiNinja> [13:37:42.820] [InfoLog] <EUnderflow start=0x00405414 instance_size=0x10>
+    <DelphiNinja> [13:37:42.822] [InfoLog] <EInvalidPointer start=0x0040546C instance_size=0x10>
+    <DelphiNinja> [13:37:42.824] [InfoLog] <EInvalidCast start=0x004054C8 instance_size=0xC>
+    <DelphiNinja> [13:37:42.842] [InfoLog] <EConvertError start=0x00405524 instance_size=0xC>
+    <DelphiNinja> [13:37:42.843] [InfoLog] <EAccessViolation start=0x00405580 instance_size=0x10>
+    <DelphiNinja> [13:37:42.844] [InfoLog] <EPrivilege start=0x004055E0 instance_size=0x10>
+    <DelphiNinja> [13:37:42.845] [InfoLog] <EStackOverflow start=0x00405638 instance_size=0x10>
+    <DelphiNinja> [13:37:42.846] [InfoLog] <EControlC start=0x00405694 instance_size=0x10>
+    <DelphiNinja> [13:37:42.847] [InfoLog] <EVariantError start=0x004056EC instance_size=0xC>
+    <DelphiNinja> [13:37:42.848] [InfoLog] <EAssertionFailed start=0x00405748 instance_size=0xC>
+    <DelphiNinja> [13:37:42.849] [InfoLog] <EAbstractError start=0x004057A8 instance_size=0xC>
+    <DelphiNinja> [13:37:42.851] [InfoLog] <EIntfCastError start=0x00405804 instance_size=0xC>
+    <DelphiNinja> [13:37:42.868] [InfoLog] <ESafecallException start=0x00405860 instance_size=0xC>
+
+## vmt_visualizer.py
 
 **Description**:
 
-TODO
+A script to graphically represent the inheritance of all classes for a Delphi binary.
+
+**Dependencies**:
+
+- pip install graphviz
+- Graphviz binaries ([https://graphviz.org/download/](https://graphviz.org/download/#executable-packages))
 
-**Example**:
+**Usage**:
 
-    > python3 vmt_visualize.py binary.exe 7
+    > python3 examples/vmt_visualizer.py
+    Usage: examples/vmt_visualizer.py <file_name> <delphi_version>
+
+    > python3 examples/vmt_visualizer.py binary.exe 7
 
 ![graph](./assets/graph.png)
 
 ## create_vmt_struct.py
 
 **Description**:
 
-TODO
+This script finds the VMTs of a binary, creates the corresponding structures and saves them in a Binary Ninja (`.bndb`) database.  
+It's the equivalent of the `DelphiNinja\Analyze current binary` command in graphical mode.
+
+**Dependencies**:
+
+- N/A
+
+**Usage**:
 
-**Example**:
+    > python3 examples/create_vmt_structs.py
+    Usage: examples/create_vmt_structs.py <file_name> <delphi_version>
 
-    > python3 create_vmt_struct.py binary.exe 7
+    > python3 examples/create_vmt_structs.py binary.exe 7
+    [...]
+    <DelphiNinja> [13:37:42.089] [InfoLog] Saving database: `binary.exe.bndb`...
 
 ![graph](./assets/vmt_struct.png)
diff --git a/examples/assets/vmt_struct.png b/examples/assets/vmt_struct.png
diff --git a/examples/create_vmt_structs.py b/examples/create_vmt_structs.py
@@ -48,6 +48,8 @@ def main(target: str, delphi_version: int):
     finder.update_analysis_and_wait(lambda vmt: analyze_callback(vmt, bv))
 
     bv.update_analysis_and_wait()
+
+    BNLogger.log(f'Saving database: `{target}.bndb`...')
     bv.create_database(f'{target}.bndb')
 
 
