本文整理汇总了Python中idaapi.get_bytes方法的典型用法代码示例。如果您正苦于以下问题:Python idaapi.get_bytes方法的具体用法?Python idaapi.get_bytes怎么用?Python idaapi.get_bytes使用的例子?那么, 这里精选的方法代码示例或许可以为您提供帮助。您也可以进一步了解该方法所在类idaapi
的用法示例。
在下文中一共展示了idaapi.get_bytes方法的8个代码示例,这些例子默认根据受欢迎程度排序。您可以为喜欢或者感觉有用的代码点赞,您的评价将有助于系统推荐出更棒的Python代码示例。
示例1: memory
# 需要导入模块: import idaapi [as 别名]
# 或者: from idaapi import get_bytes [as 别名]
def memory(ea, op):
'''Operand type decoder for returning a memory reference on either the AArch32 or AArch64 architectures.'''
get_dtype_attribute = operator.attrgetter('dtyp' if idaapi.__version__ < 7.0 else 'dtype')
get_dtype_size = idaapi.get_dtyp_size if idaapi.__version__ < 7.0 else idaapi.get_dtype_size
get_bytes = idaapi.get_many_bytes if idaapi.__version__ < 7.0 else idaapi.get_bytes
# get the address and the operand size
addr, size = op.addr, get_dtype_size(get_dtype_attribute(op))
maxval = 1<<size*8
# dereference the address and return its integer.
res = get_bytes(addr, size) or ''
res = reversed(res) if database.config.byteorder() == 'little' else iter(res)
res = reduce(lambda agg, n: (agg*0x100)|n, six.iterbytes(res), 0)
sf = bool(res & maxval>>1)
return armops.memory(long(addr), long(res-maxval) if sf else long(res))
示例2: get_struct
# 需要导入模块: import idaapi [as 别名]
# 或者: from idaapi import get_bytes [as 别名]
def get_struct(self, address, struct_type):
assert idaapi.is_loaded(address) == True, "Can't access memory at 0x%x" % address
sbytes = idaapi.get_bytes(address, sizeof(struct_type))
return struct_type.from_buffer_copy(sbytes)
示例3: get_struct
# 需要导入模块: import idaapi [as 别名]
# 或者: from idaapi import get_bytes [as 别名]
def get_struct(address, struct_type):
assert idaapi.is_loaded(address) == True, "Can't access memory at 0x%x" % address
sbytes = idaapi.get_bytes(address, sizeof(struct_type))
struct = struct_type.from_buffer_copy(sbytes)
struct._addr = address
return struct
# --------------------------------------------------------------------------
示例4: bytes
# 需要导入模块: import idaapi [as 别名]
# 或者: from idaapi import get_bytes [as 别名]
def bytes(self):
return idaapi.get_bytes(self.ea, self.size)
示例5: read_memory
# 需要导入模块: import idaapi [as 别名]
# 或者: from idaapi import get_bytes [as 别名]
def read_memory(start, end):
size = end - start
return idaapi.get_bytes(start, size)
示例6: generate_yara_rule
# 需要导入模块: import idaapi [as 别名]
# 或者: from idaapi import get_bytes [as 别名]
def generate_yara_rule(self, mode, is_data=False):
start, end = get_selection()
size = end - start
data = idaapi.get_bytes(start, size)
ins_set, ins_mode = get_arch_info()
yr_gen = YaraGenerator(mode, ins_set, ins_mode)
yr_gen.add_chunk(data, offset=start, is_data=is_data)
rule_obj = yr_gen.generate_rule()
file_hash = get_input_file_hash()
rule_obj.metas["hash"] = "\"{}\"".format(file_hash)
rule = rule_obj.get_rule_string()
self.dialog = YaraRuleDialog(None, start, end, rule)
self.dialog.show()
示例7: read
# 需要导入模块: import idaapi [as 别名]
# 或者: from idaapi import get_bytes [as 别名]
def read():
'''Return the contents of the current segment.'''
get_bytes = idaapi.get_many_bytes if idaapi.__version__ < 7.0 else idaapi.get_bytes
seg = ui.current.segment()
if seg is None:
raise E.SegmentNotFoundError(u"{:s}.read() : Unable to locate the current segment.".format(__name__))
return get_bytes(interface.range.start(seg), interface.range.size(seg))
示例8: hook
# 需要导入模块: import idaapi [as 别名]
# 或者: from idaapi import get_bytes [as 别名]
def hook(self, hook_addr = 0):
"""
Args:
hook_addr(int): address for inline hook code, 0 indicates bpt hook.
Returns:
memory size in bytes used for inline hook.
"""
self.hook_addr = hook_addr
self.func_addr = idc.get_name_ea_simple(self.name)
if self.func_addr == 0:
return 0
print("Hooking %s at 0x%x" % (self.name, self.func_addr))
if self.hook_addr == 0:
idc.add_bpt(self.func_addr)
idc.set_bpt_cond(self.func_addr, self.bpt_cond_hook_code)
return 0
else:
# assemble jmp code
jmp_code = "jmp 0x%x" % self.hook_addr
jmp_buf, _ = assemble(jmp_code, self.func_addr)
# read function prologue according to jmp code length
# NOTE: instructions like 'call $+5' in prologue will
# cause problems.
insn = idaapi.insn_t()
move_length = 0
while move_length < len(jmp_buf):
idaapi.decode_insn(insn, self.func_addr + move_length)
move_length += insn.size
prologue = idaapi.get_bytes(self.func_addr, move_length)
# write jmp code
idaapi.patch_bytes(self.func_addr, jmp_buf)
# assmble hook code
hook_buf, _ = assemble(self.inline_hook_code, self.hook_addr)
hook_buf += prologue
jmp_back_code = 'jmp 0x%x' % (self.func_addr + move_length)
jmp_back_buf, _ = assemble(jmp_back_code, self.hook_addr + len(hook_buf))
hook_buf += jmp_back_buf
# wirte hook code
idaapi.patch_bytes(self.hook_addr, hook_buf)
return len(hook_buf)