本文整理汇总了Python中idaapi.dt_qword方法的典型用法代码示例。如果您正苦于以下问题:Python idaapi.dt_qword方法的具体用法?Python idaapi.dt_qword怎么用?Python idaapi.dt_qword使用的例子?那么, 这里精选的方法代码示例或许可以为您提供帮助。您也可以进一步了解该方法所在类idaapi
的用法示例。
在下文中一共展示了idaapi.dt_qword方法的5个代码示例,这些例子默认根据受欢迎程度排序。您可以为喜欢或者感觉有用的代码点赞,您的评价将有助于系统推荐出更棒的Python代码示例。
示例1: by_indextype
# 需要导入模块: import idaapi [as 别名]
# 或者: from idaapi import dt_qword [as 别名]
def by_indextype(self, index, dtype):
"""Lookup a register according to its `index` and `dtype`.
Some examples of dtypes: idaapi.dt_byte, idaapi.dt_word, idaapi.dt_dword, idaapi.dt_qword
"""
res = idaapi.ph.regnames[index]
name = self.__cache__[res, dtype]
return getattr(self.__register__, name)
示例2: dt_to_width
# 需要导入模块: import idaapi [as 别名]
# 或者: from idaapi import dt_qword [as 别名]
def dt_to_width(self, dt):
'''
returns OOFW_xxx flag given a dt_xxx
'''
return {
idaapi.dt_byte: idaapi.OOFW_8,
idaapi.dt_word: idaapi.OOFW_16,
idaapi.dt_dword: idaapi.OOFW_32,
idaapi.dt_qword: idaapi.OOFW_64,
}[dt]
示例3: _emulate_arm64
# 需要导入模块: import idaapi [as 别名]
# 或者: from idaapi import dt_qword [as 别名]
def _emulate_arm64(start, end, on_BL=None, on_RET=None):
"""A very basic partial Arm64 emulator that does just enough to find OSMetaClass
information."""
# Super basic emulation.
reg = _Regs()
def load(addr, dtyp):
if not addr:
return None
if dtyp == idaapi.dt_qword:
size = 8
elif dtyp == idaapi.dt_dword:
size = 4
else:
return None
return idau.read_word(addr, size)
def cleartemps():
for t in ['X{}'.format(i) for i in range(0, 19)]:
reg.clear(t)
for insn in idau.Instructions(start, end):
_log(11, 'Processing instruction {:#x}', insn.ea)
mnem = insn.get_canon_mnem()
if mnem == 'ADRP' or mnem == 'ADR':
reg[insn.Op1.reg] = insn.Op2.value
elif mnem == 'ADD' and insn.Op2.type == idc.o_reg and insn.Op3.type == idc.o_imm:
reg[insn.Op1.reg] = reg[insn.Op2.reg] + insn.Op3.value
elif mnem == 'NOP':
pass
elif mnem == 'MOV' and insn.Op2.type == idc.o_imm:
reg[insn.Op1.reg] = insn.Op2.value
elif mnem == 'MOV' and insn.Op2.type == idc.o_reg:
reg[insn.Op1.reg] = reg[insn.Op2.reg]
elif mnem == 'RET':
if on_RET:
on_RET(reg)
break
elif (mnem == 'STP' or mnem == 'LDP') and insn.Op3.type == idc.o_displ:
if insn.auxpref & _MEMOP_WBINDEX:
reg[insn.Op3.reg] = reg[insn.Op3.reg] + insn.Op3.addr
if mnem == 'LDP':
reg.clear(insn.Op1.reg)
reg.clear(insn.Op2.reg)
elif (mnem == 'STR' or mnem == 'LDR') and not insn.auxpref & _MEMOP_WBINDEX:
if mnem == 'LDR':
if insn.Op2.type == idc.o_displ:
reg[insn.Op1.reg] = load(reg[insn.Op2.reg] + insn.Op2.addr, insn.Op1.dtyp)
else:
reg.clear(insn.Op1.reg)
elif mnem == 'BL' and insn.Op1.type == idc.o_near:
if on_BL:
on_BL(insn.Op1.addr, reg)
cleartemps()
else:
_log(10, 'Unrecognized instruction at address {:#x}', insn.ea)
reg.clearall()
示例4: __init__
# 需要导入模块: import idaapi [as 别名]
# 或者: from idaapi import dt_qword [as 别名]
def __init__(self):
super(Intel, self).__init__()
getitem, setitem = self.__register__.__getattr__, self.__register__.__setattr__
i2s = "{:d}".format
[ setitem('r'+_, self.new('r'+_, 64, _)) for _ in ('ax', 'cx', 'dx', 'bx', 'sp', 'bp', 'si', 'di', 'ip') ]
[ setitem('r'+_, self.new('r'+_, 64)) for _ in map(i2s, six.moves.range(8, 16)) ]
[ setitem('e'+_, self.child(self.by_name('r'+_), 'e'+_, 0, 32, _)) for _ in ('ax', 'cx', 'dx', 'bx', 'sp', 'bp', 'si', 'di', 'ip') ]
[ setitem('r'+_+'d', self.child(self.by_name('r'+_), 'r'+_+'d', 0, 32, idaname='r'+_)) for _ in map(i2s, six.moves.range(8, 16)) ]
[ setitem('r'+_+'w', self.child(self.by_name('r'+_+'d'), 'r'+_+'w', 0, 16, idaname='r'+_)) for _ in map(i2s, six.moves.range(8, 16)) ]
[ setitem('r'+_+'b', self.child(self.by_name('r'+_+'w'), 'r'+_+'b', 0, 8, idaname='r'+_)) for _ in map(i2s, six.moves.range(8, 16)) ]
[ setitem( _, self.child(self.by_name('e'+_), _, 0, 16)) for _ in ('ax', 'cx', 'dx', 'bx', 'sp', 'bp', 'si', 'di', 'ip') ]
[ setitem(_+'h', self.child(self.by_name(_+'x'), _+'h', 8, 8)) for _ in ('a', 'c', 'd', 'b') ]
[ setitem(_+'l', self.child(self.by_name(_+'x'), _+'l', 0, 8)) for _ in ('a', 'c', 'd', 'b') ]
[ setitem(_+'l', self.child(self.by_name(_), _+'l', 0, 8)) for _ in ('sp', 'bp', 'si', 'di') ]
[ setitem( _, self.new(_, 16)) for _ in ('es', 'cs', 'ss', 'ds', 'fs', 'gs') ]
setitem('fpstack', self.new('fptags', 80*8, dtype=None)) # FIXME: is this the right IDA register name??
# FIXME: rex-prefixed 32-bit registers are implicitly extended to the 64-bit regs which implies that 64-bit are children of 32-bit
for _ in ('ax', 'cx', 'dx', 'bx', 'sp', 'bp', 'si', 'di', 'ip'):
r32, r64 = getitem('e'+_), getitem('r'+_)
r32.alias, r64.alias = { r64 }, { r32 }
for _ in map(i2s, six.moves.range(8, 16)):
r32, r64 = getitem('r'+_+'d'), getitem('r'+_)
r32.alias, r64.alias = { r64 }, { r32 }
# explicitly set the lookups for (word-register, idaapi.dt_byte) which exist due to ida's love for the inconsistent
[ self.__cache__.setdefault((_+'x', self.by_name(_+'l').dtype), self.by_name(_+'l').__name__) for _ in ('a', 'c', 'd', 'b') ]
fpstack = self.__register__.fpstack
# single precision
[ setitem("st{:d}f".format(_), self.child(fpstack, "st{:d}f".format(_), _*80, 80, "st{:d}".format(_), dtype=idaapi.dt_float)) for _ in six.moves.range(8) ]
# double precision
[ setitem("st{:d}d".format(_), self.child(fpstack, "st{:d}d".format(_), _*80, 80, "st{:d}".format(_), dtype=idaapi.dt_double)) for _ in six.moves.range(8) ]
# umm..80-bit precision? i've seen op_t's in ida for fsubp with the implied st(0) using idaapi.dt_tbyte
[ setitem("st{:d}".format(_), self.child(fpstack, "st{:d}".format(_), _*80, 80, "st{:d}".format(_), dtype=idaapi.dt_tbyte)) for _ in six.moves.range(8) ]
# not sure if the mmx registers trash the other 16 bits of an fp register
[ setitem("mm{:d}".format(_), self.child(fpstack, "mm{:d}".format(_), _*80, 64, dtype=idaapi.dt_qword)) for _ in six.moves.range(8) ]
# sse1/sse2 simd registers
[ setitem("xmm{:d}".format(_), self.new("xmm{:d}".format(_), 128, dtype=idaapi.dt_byte16)) for _ in six.moves.range(16) ]
[ setitem("ymm{:d}".format(_), self.new("ymm{:d}".format(_), 128, dtype=idaapi.dt_ldbl)) for _ in six.moves.range(16) ]
# control registers
[ setitem("cr{:d}".format(_), self.new("cr{:d}".format(_), database.config.bits())) for _ in six.moves.range(8) ]
##fpctrl, fpstat, fptags
##mxcsr
## 'cf', 'zf', 'sf', 'of', 'pf', 'af', 'tf', 'if', 'df', 'efl',
示例5: build_yara_string
# 需要导入模块: import idaapi [as 别名]
# 或者: from idaapi import dt_qword [as 别名]
def build_yara_string():
ea = GetFunctionAttr(ScreenEA(), FUNCATTR_START)
if ea == BADADDR:
print 'Failed to determine function start'
return
y = YaraBuffer()
is_64bit = idaapi.get_inf_structure().is_64bit()
nq = 0
for rip in Heads(*Chunks(ea).next()):
rip_next = NextHead(rip)
if rip_next - rip <= 4: # Anything smaller than DWord has no relation
y.ship(rip, rip_next)
continue
# both 32-bit and 64-bit mode have 32bit near jumps
# (far jumps & far calls are tacitly ignored here)
if GetMnem(rip) == 'call' and GetOpType(rip, 0) != o_reg:
y.ship(rip, rip_next - 4)
y.shipq(4)
continue
# 32bit and 64-bit cases are somewhat different
insn = DecodeInstruction(rip)
if is_64bit:
if insn.Op2.type == o_void:
# Single operand
if insn.Op1.type == o_mem:
y.ship(rip, rip_next - 4)
y.shipq(4)
else:
y.ship(rip, rip_next)
else:
# Two opearands
if insn.Op1.type == o_mem:
# rip relative Op1
y.ship(rip, rip + insn.Op1.offb)
y.shipq(rip_next - rip - insn.Op1.offb)
else:
if (insn.Op2.type == o_imm and insn.Op2.dtyp == idaapi.dt_qword
and rip_next - rip - insn.Op2.offb == 8
and insn.Op2.value >= MinEA()
and insn.Op2.value < MaxEA()):
y.ship(rip, rip_next - 8)
y.shipq(8)
else:
y.ship(rip, rip_next)
else:
# 32bit heuristic treatment
t = Dword(rip_next - 4)
if GetMnem(rip) == 'call' or (t >= MinEA() and t < MaxEA()):
y.ship(rip, rip_next - 4)
y.shipq(4)
nq += 4
else:
y.ship(rip, rip_next)
return y.get_string()