当前位置: 首页>>代码示例>>Python>>正文


Python idc.FUNC_LIB属性代码示例

本文整理汇总了Python中idc.FUNC_LIB属性的典型用法代码示例。如果您正苦于以下问题:Python idc.FUNC_LIB属性的具体用法?Python idc.FUNC_LIB怎么用?Python idc.FUNC_LIB使用的例子?那么, 这里精选的属性代码示例或许可以为您提供帮助。您也可以进一步了解该属性所在idc的用法示例。


在下文中一共展示了idc.FUNC_LIB属性的7个代码示例,这些例子默认根据受欢迎程度排序。您可以为喜欢或者感觉有用的代码点赞,您的评价将有助于系统推荐出更棒的Python代码示例。

示例1: find_dispatch_by_struct_index

# 需要导入模块: import idc [as 别名]
# 或者: from idc import FUNC_LIB [as 别名]
def find_dispatch_by_struct_index():
    """Attempts to locate the dispatch function based off it being loaded in a structure
    at offset 70h, based off of https://github.com/kbandla/ImmunityDebugger/blob/master/1.73/Libs/driverlib.py """
    
    out = set()
    for function_ea in idautils.Functions():
        flags = idc.get_func_flags(function_ea)
        # skip library functions
        if flags & idc.FUNC_LIB:
            continue
        func = idaapi.get_func(function_ea)
        addr = func.startEA
        while addr < func.endEA:
            if idc.GetMnem(addr) == 'mov':
                if '+70h' in idc.GetOpnd(addr, 0) and idc.GetOpType(addr, 1) == 5:
                    out.add(idc.GetOpnd(addr, 1))
            addr = idc.NextHead(addr)
    return out 
开发者ID:FSecureLABS,项目名称:win_driver_plugin,代码行数:20,代码来源:win_driver_plugin.py

示例2: _handle_function_data_instance

# 需要导入模块: import idc [as 别名]
# 或者: from idc import FUNC_LIB [as 别名]
def _handle_function_data_instance(self, function_tree, root):
        '''
        Handles FunctionData instance.
        '''

        flags = int(function_tree.flags)
        addr = function_tree.addr

        self.cols.set_data(addr, flags)

        for index in xrange(0, len(self.cols.names)):
            if index > 0:
                root.setText(index, self.cols.item(index))
            if flags & idc.FUNC_THUNK:
                root.setBackground(index, QtGui.QColor('#E8DAEF'))
            if flags & idc.FUNC_LIB:
                root.setBackground(index, QtGui.QColor('#D1F2EB')) 
开发者ID:ax330d,项目名称:functions-plus,代码行数:19,代码来源:functions_plus.py

示例3: find_dispatch_by_cfg

# 需要导入模块: import idc [as 别名]
# 或者: from idc import FUNC_LIB [as 别名]
def find_dispatch_by_cfg():
    """ 
    Finds the functions in the binary which are not directly called anywhere and counts how many other functions they call,
    returing all functions which call > 0 other functions but are not called themselves. As a dispatch function is not normally directly
    called but will normally many other functions this is a fairly good way to guess which function it is.
    """
        
    out = []
    called = set()
    caller = dict()
    # Loop through all the functions in the binary
    for function_ea in idautils.Functions():
        flags = idc.get_func_flags(function_ea)
        # skip library functions
        if flags & idc.FUNC_LIB:
            continue
        f_name = idc.GetFunctionName(function_ea)
        # For each of the incoming references
        for ref_ea in idautils.CodeRefsTo(function_ea, 0):
            called.add(f_name)
            # Get the name of the referring function
            caller_name = idc.GetFunctionName(ref_ea)
            if caller_name not in caller.keys():
                caller[caller_name] = 1
            else:
                caller[caller_name] += 1
    while True:
        if len(caller.keys()) == 0:
            break
        potential = max(caller, key=caller.get)
        if potential not in called:
            out.append(potential)
        del caller[potential]
    return out 
开发者ID:FSecureLABS,项目名称:win_driver_plugin,代码行数:36,代码来源:win_driver_plugin.py

示例4: hook_lib_funcs

# 需要导入模块: import idc [as 别名]
# 或者: from idc import FUNC_LIB [as 别名]
def hook_lib_funcs():
    from angrdbg import load_project
    project = load_project()
    for func in idautils.Functions():
        flags = idc.GetFunctionFlags(func)
        if flags & idc.FUNC_LIB:
            name = idc.GetFunctionName(func)
            simproc = search_simproc(name)
            if simproc is not None:
                print name, simproc
                project.hook_symbol(func, simproc()) 
开发者ID:andreafioraldi,项目名称:IDAngr,代码行数:13,代码来源:hook_lib_funcs.py

示例5: __init__

# 需要导入模块: import idc [as 别名]
# 或者: from idc import FUNC_LIB [as 别名]
def __init__(self, show_extra_fields):
        self.addr = None
        self.flags = None
        self.show_extra_fields = show_extra_fields
        self.names = [
            'Name', 'Address', 'Segment', 'Length', 'Locals', 'Arguments'
        ]

        self.handlers = {
            0: lambda: None,
            1: lambda: self.fmt(self.addr),
            2: lambda: '{}'.format(idc.get_segm_name(self.addr)),
            3: lambda: self.fmt(idc.get_func_attr(self.addr, idc.FUNCATTR_END) - self.addr),
            4: lambda: self.fmt(idc.get_func_attr(self.addr, idc.FUNCATTR_FRSIZE)),
            5: lambda: self.fmt(idc.get_func_attr(self.addr, idc.FUNCATTR_ARGSIZE))
        }

        if self.show_extra_fields:
            self.names.extend(['R', 'F', 'L', 'S', 'B', 'T', '='])
            # TODO: add Lumina column info
            self.handlers.update({
                6: lambda: self.is_true(not self.flags & idc.FUNC_NORET, 'R'),
                7: lambda: self.is_true(self.flags & idc.FUNC_FAR, 'F'),
                8: lambda: self.is_true(self.flags & idc.FUNC_LIB, 'L'),
                9: lambda: self.is_true(self.flags & idc.FUNC_STATIC, 'S'),
                10: lambda: self.is_true(self.flags & idc.FUNC_FRAME, 'B'),
                11: lambda: self.is_true(idc.get_type(self.addr), 'T'),
                12: lambda: self.is_true(self.flags & idc.FUNC_BOTTOMBP, '=')
            }) 
开发者ID:ax330d,项目名称:functions-plus,代码行数:31,代码来源:functions_plus.py

示例6: export_functions

# 需要导入模块: import idc [as 别名]
# 或者: from idc import FUNC_LIB [as 别名]
def export_functions(self):
        """
        Exports information about all functions. 
        """
        functions = idautils.Functions()
        if functions == None:
            return
        self.update_status(FUNCTIONS)
        timer = time.clock()
        self.start_element(FUNCTIONS, True)
        for addr in functions:
            function = ida_funcs.get_func(addr)
            if ida_segment.is_spec_ea(function.start_ea) == True:
                continue
            self.start_element(FUNCTION)
            self.write_address_attribute(ENTRY_POINT, function.start_ea)
            if ida_bytes.has_user_name(idc.get_full_flags(addr)) == True:
                name = self.get_symbol_name(addr)
                if name != None and len(name) > 0:
                    self.write_attribute(NAME, name)
            if function.flags & idc.FUNC_LIB != 0:
                self.write_attribute(LIBRARY_FUNCTION, "y")
            self.close_tag(True)
            fchunks = idautils.Chunks(addr)
            for (startEA, endEA) in fchunks:
                self.start_element(ADDRESS_RANGE)
                self.write_address_attribute(START, startEA)
                self.write_address_attribute(END, endEA - 1)
                self.close_tag()
            regcmt = ida_funcs.get_func_cmt(function, False)
            if regcmt != None:
                self.export_regular_cmt(regcmt)
            rptcmt = ida_funcs.get_func_cmt(function, True)
            if rptcmt != None:
                self.export_repeatable_cmt(rptcmt)
            demangled = ida_name.get_demangled_name(addr,
                                                    DEMANGLED_TYPEINFO,
                                                    self.inf.demnames, True)
            if demangled != None and demangled == "'string'":
                demangled = None
            outbuf = ''
            # TODO: How to handle print_type for function typeinfo cmts
            #outbuf = idaapi.print_type(addr, False)
            has_typeinfo = (demangled != None or (outbuf != None and
                                                  len(outbuf) > 0))
            if demangled != None:
                self.export_typeinfo_cmt(demangled)
            elif has_typeinfo == True:
                self.export_typeinfo_cmt(outbuf[:-1])
            self.export_stack_frame(function)
            self.end_element(FUNCTION)
        self.end_element(FUNCTIONS)
        self.display_cpu_time(timer) 
开发者ID:Cisco-Talos,项目名称:GhIDA,代码行数:55,代码来源:idaxml.py

示例7: import_function

# 需要导入模块: import idc [as 别名]
# 或者: from idc import FUNC_LIB [as 别名]
def import_function(self, function):
        """
        Creates a function using the FUNCTION attributes.

        Args:
            function: XML element containing the function address and
                attributes.
        """
        if self.options.Functions.checked == False:
            return
        try:
            entry_point = self.get_address(function, ENTRY_POINT)
            name = ''
            if self.has_attribute(function, NAME):
                name = self.get_attribute(function, NAME)
            libfunc = 'n'
            if self.has_attribute(function, LIBRARY_FUNCTION):
                libfunc = self.get_attribute(function, LIBRARY_FUNCTION)
            if idc.is_mapped(entry_point) == False:
                msg = ("import_function: address %X not enabled in database"
                       % entry_point)
                print(msg)
                return
            idc.add_func(entry_point, BADADDR)
            self.update_counter(FUNCTION)
            func = ida_funcs.get_func(entry_point)
            if libfunc == 'y':
                func.flags |= idc.FUNC_LIB
            ranges = function.findall(ADDRESS_RANGE)
            for addr_range in ranges:
                (start, end) = self.import_address_range(addr_range)
                ida_funcs.append_func_tail(func, start, end)
            # TODO: auto_wait is probably not needed...
            if AUTO_WAIT:
                ida_auto.auto_wait()
            regcmt = function.find(REGULAR_CMT)
            if regcmt != None:
                self.update_counter(FUNCTION + ':' + REGULAR_CMT)
                ida_funcs.set_func_cmt(func, regcmt.text, False)
            rptcmt = function.find(REPEATABLE_CMT)
            if rptcmt != None:
                self.update_counter(FUNCTION + ':' + REPEATABLE_CMT)
                ida_funcs.set_func_cmt(func, rptcmt.text, True)
            typecmt = function.find(TYPEINFO_CMT)
            if typecmt != None:
                self.update_counter(FUNCTION + ':' + TYPEINFO_CMT)
                # TODO: TYPECMTs
                #idc.SetType(entry_point, typecmt.text + ';')
            sf = function.find(STACK_FRAME)
            if sf != None:
                self.import_stack_frame(sf, func)
            register_vars = function.findall(REGISTER_VAR)
            for register_var in register_vars:
                self.import_register_var(register_var, func)
        except:
            msg = "** Exception occurred in import_function **"
            print("\n" + msg + "\n", sys.exc_type, sys.exc_value) 
开发者ID:Cisco-Talos,项目名称:GhIDA,代码行数:59,代码来源:idaxml.py


注:本文中的idc.FUNC_LIB属性示例由纯净天空整理自Github/MSDocs等开源代码及文档管理平台,相关代码片段筛选自各路编程大神贡献的开源项目,源码版权归原作者所有,传播和使用请参考对应项目的License;未经允许,请勿转载。