当前位置: 首页>>代码示例>>Python>>正文

Python idaapi.get_func_name方法代码示例

本文整理汇总了Python中idaapi.get_func_name方法的典型用法代码示例。如果您正苦于以下问题:Python idaapi.get_func_name方法的具体用法?Python idaapi.get_func_name怎么用?Python idaapi.get_func_name使用的例子?那么恭喜您, 这里精选的方法代码示例或许可以为您提供帮助。您也可以进一步了解该方法所在idaapi的用法示例。


在下文中一共展示了idaapi.get_func_name方法的15个代码示例,这些例子默认根据受欢迎程度排序。您可以为喜欢或者感觉有用的代码点赞,您的评价将有助于系统推荐出更棒的Python代码示例。

示例1: pointer_renamer

# 需要导入模块: import idaapi [as 别名]
# 或者: from idaapi import get_func_name [as 别名]
def pointer_renamer():
    renamed = 0

    text_seg = get_text_seg()
    if text_seg is None:
        debug('Failed to get text segment')
        return renamed

    for addr in Functions(text_seg.start_ea, text_seg.end_ea):
        name = idc.get_func_name(addr)

        # Look at data xrefs to the function - find the pointer that is located in .rodata
        data_ref = idaapi.get_first_dref_to(addr)
        while data_ref != BADADDR:
            if 'rodata' in get_segm_name(data_ref):
                # Only rename things that are currently listed as an offset; eg. off_9120B0
                if 'off_' in ida_name.get_ea_name(data_ref):
                    if idc.set_name(data_ref, ('%s_ptr' % name)):
                        renamed += 1
                    else:
                        error('error attempting to name pointer @ 0x%02x for %s' % (data_ref, name))

            data_ref = idaapi.get_next_dref_to(addr, data_ref)

    return renamed
开发者ID:strazzere,项目名称:golang_loader_assist,代码行数:27,代码来源:golang_loader_assist.py

示例2: load

# 需要导入模块: import idaapi [as 别名]
# 或者: from idaapi import get_func_name [as 别名]
def load(self):
        self._bytestring_table.clear()
        self._bytestring_table.setColumnCount(3)
        self._bytestring_table.setHorizontalHeaderLabels(("Address", "Function", "String"))
        self._bytestring_table.itemDoubleClicked.connect(self.click_row)
        self.find_byte_strings()
        self._bytestring_table.setRowCount(len(self.byte_strings.keys()))
        row = 0
        for addr, bstr in self.byte_strings.items():
            self._bytestring_table.setItem(row, 0, qt.qtablewidgetitem()(addr))
            self._bytestring_table.setItem(row, 1, qt.qtablewidgetitem()(idaapi.get_func_name(int(addr[2:], 16))))
            self._bytestring_table.setItem(row, 2, qt.qtablewidgetitem()(bstr))
            self._bytestring_table.resizeRowToContents(row)
            row += 1
        self._bytestring_table.setSortingEnabled(True)
        self._bytestring_table.resizeRowsToContents()
        self._bytestring_table.resizeColumnsToContents()
开发者ID:jjo-sec,项目名称:idataco,代码行数:19,代码来源:byte_strings.py

示例3: search_relationships

# 需要导入模块: import idaapi [as 别名]
# 或者: from idaapi import get_func_name [as 别名]
def search_relationships(self):
        """Searching relationships between patterns.

        The goal of the method is to link pattern matches that are in the same
        area (function). It fills the `_links` attribute of each `Match`.
        """
        patterns = self._patterns.get_patterns()

        # For all patterns
        for p1 in patterns:
            for p2 in patterns:
                # For all matches
                for m1 in p1.get_matches():

                    # Get the first node_t
                    n1 = list(m1.get_match().values())[0][0]

                    for m2 in p2.get_matches():
                        # Get the first node_t
                        n2 = list(m2.get_match().values())[0][0]

                        # If they are in the same area (function)
                        try:
                            b = get_func_name(n1.info.address) == get_func_name(n2.info.address)
                        except:
                            b = GetFunctionName(n1.info.address) == GetFunctionName(n2.info.address)
                        
                        if b:
                            m1.add_link(m2)
开发者ID:AirbusCyber,项目名称:grap,代码行数:31,代码来源:Analysis.py

示例4: traverse_xrefs

# 需要导入模块: import idaapi [as 别名]
# 或者: from idaapi import get_func_name [as 别名]
def traverse_xrefs(func):
    func_created = 0

    if func is None:
        return func_created

    # First
    func_xref = idaapi.get_first_cref_to(func.start_ea)
    # Attempt to go through crefs
    while func_xref != BADADDR:
        # See if there is a function already here
        if idaapi.get_func(func_xref) is None:
            # Ensure instruction bit looks like a jump
            func_end = ida_search.find_code(func_xref, SEARCH_DOWN)
            if idc.print_insn_mnem(func_end) == "jmp":
                # Ensure we're jumping back "up"
                func_start = idc.get_operand_value(func_end, 0)
                if func_start < func_xref:
                    if ida_funcs.add_func(func_start, func_end):
                        func_created += 1
                    else:
                        # If this fails, we should add it to a list of failed functions
                        # Then create small "wrapper" functions and backtrack through the xrefs of this
                        error('Error trying to create a function @ 0x%x - 0x%x' %(func_start, func_end))
        else:
            xref_func = idaapi.get_func(func_xref)
            # Simple wrapper is often runtime_morestack_noctxt, sometimes it isn't though...
            if is_simple_wrapper(xref_func.start_ea):
                debug('Stepping into a simple wrapper')
                func_created += traverse_xrefs(xref_func)
            if idaapi.get_func_name(xref_func.start_ea) is not None and 'sub_' not in idaapi.get_func_name(xref_func.start_ea):
                debug('Function @0x%x already has a name of %s; skipping...' % (func_xref, idaapi.get_func_name(xref_func.start_ea)))
            else:
                debug('Function @ 0x%x already has a name %s' % (xref_func.start_ea, idaapi.get_func_name(xref_func.start_ea)))

        func_xref = idaapi.get_next_cref_to(func.start_ea, func_xref)

    return func_created
开发者ID:strazzere,项目名称:golang_loader_assist,代码行数:40,代码来源:golang_loader_assist.py

示例5: find_func_by_name

# 需要导入模块: import idaapi [as 别名]
# 或者: from idaapi import get_func_name [as 别名]
def find_func_by_name(name):
    text_seg = get_text_seg()
    if text_seg is None:
        return None

    for addr in Functions(text_seg.start_ea, text_seg.end_ea):
        if name == idaapi.get_func_name(addr):
            return idaapi.get_func(addr)

    return None
开发者ID:strazzere,项目名称:golang_loader_assist,代码行数:12,代码来源:golang_loader_assist.py

示例6: recursive_prefix

# 需要导入模块: import idaapi [as 别名]
# 或者: from idaapi import get_func_name [as 别名]
def recursive_prefix(addr):
    """
    Recursively prefix a function tree with a user defined string.
    """
    func_addr = idaapi.get_name_ea(idaapi.BADADDR, idaapi.get_func_name(addr))
    if func_addr == idaapi.BADADDR:
        idaapi.msg("Prefix: 0x%08X does not belong to a defined function\n" % addr)
        return

    # prompt the user for a prefix to apply to the selected functions
    tag = idaapi.ask_str(PREFIX_DEFAULT, 0, "Function Tag")

    # the user closed the window... ignore
    if tag == None:
        return

    # the user put a blank string and hit 'okay'... notify & ignore
    elif tag == '':
        idaapi.warning("[ERROR] Tag cannot be empty [ERROR]")
        return

    # recursively collect all the functions called by this function
    nodes_xref_down = graph_down(func_addr, path=set([]))

    # graph_down returns the int address needs to be converted
    tmp  = []
    tmp1 = ''
    for func_addr in nodes_xref_down:
        tmp1 = idaapi.get_func_name(func_addr)
        if tmp1:
            tmp.append(tmp1)
    nodes_xref_down = tmp

    # prefix the tree of functions
    for rename in nodes_xref_down:
        func_addr = idaapi.get_name_ea(idaapi.BADADDR, rename)
        if tag not in rename:
            idaapi.set_name(func_addr,'%s%s%s' % (str(tag), PREFIX_SEPARATOR, rename), idaapi.SN_NOWARN)

    # refresh the IDA views
    refresh_views()
开发者ID:gaasedelen,项目名称:prefix,代码行数:43,代码来源:ida_prefix.py

示例7: get_all_funcs

# 需要导入模块: import idaapi [as 别名]
# 或者: from idaapi import get_func_name [as 别名]
def get_all_funcs():
    """
    Enumerate all function names defined in the IDB.
    """
    return set(idaapi.get_func_name(ea) for ea in idautils.Functions())
开发者ID:gaasedelen,项目名称:prefix,代码行数:7,代码来源:ida_prefix.py

示例8: find_all_switch_jumps

# 需要导入模块: import idaapi [as 别名]
# 或者: from idaapi import get_func_name [as 别名]
def find_all_switch_jumps(self):
        self._switch_dict = defaultdict(list)
        next_switch = idc.FindBinary(idc.MinEA(), idc.SEARCH_DOWN|idc.SEARCH_NEXT, "ff 24")
        while next_switch != idc.BADADDR:
            sw = idaapi.get_switch_info_ex(next_switch)
            if idc.GetMnem(next_switch).startswith("jmp") and sw:
                ic = self.get_jlocs(sw)
                self._switch_dict[idaapi.get_func_name(next_switch)].append((next_switch, sw.ncases, ic))
            next_switch = idc.FindBinary(idc.NextHead(next_switch), idc.SEARCH_DOWN|idc.SEARCH_NEXT, "ff 24")
开发者ID:jjo-sec,项目名称:idataco,代码行数:11,代码来源:switch_jumps.py

示例9: output_symbols

# 需要导入模块: import idaapi [as 别名]
# 或者: from idaapi import get_func_name [as 别名]
def output_symbols(out):
    """Dump symbols."""
    try:
        from idaapi import get_func_name2 as get_func_name
        # Since get_func_name is deprecated (at least from IDA 6.9)
    except ImportError:
        from idaapi import get_func_name
        # Older versions of IDA don't have get_func_name2
        # so we just use the older name get_func_name

    def func_name_propagate_thunk(ea):
        current_name = get_func_name(ea)
        if current_name[0].isalpha():
            return current_name
        func = idaapi.get_func(ea)
        temp_ptr = idaapi.ea_pointer()
        ea_new = idaapi.BADADDR
        if func.flags & idaapi.FUNC_THUNK == idaapi.FUNC_THUNK:
            ea_new = idaapi.calc_thunk_func_target(func, temp_ptr.cast())
        if ea_new != idaapi.BADADDR:
            ea = ea_new
        propagated_name = get_func_name(ea) or ''  # Ensure it is not `None`
        if len(current_name) > len(propagated_name) > 0:
            return propagated_name
        else:
            return current_name
            # Fallback to non-propagated name for weird times that IDA gives
            #     a 0 length name, or finds a longer import name

    for ea in idautils.Segments():
        fs = idautils.Functions(idc.SegStart(ea), idc.SegEnd(ea))
        for f in fs:
            out.write('("%s" 0x%x 0x%x)\n' % (
                func_name_propagate_thunk(f),
                idc.GetFunctionAttr(f, idc.FUNCATTR_START),
                idc.GetFunctionAttr(f, idc.FUNCATTR_END)))
开发者ID:BinaryAnalysisPlatform,项目名称:bap-ida-python,代码行数:38,代码来源:ida.py

示例10: name

# 需要导入模块: import idaapi [as 别名]
# 或者: from idaapi import get_func_name [as 别名]
def name(func):
    '''Return the name of the function `func`.'''
    get_name = functools.partial(idaapi.get_name, idaapi.BADADDR) if idaapi.__version__ < 7.0 else idaapi.get_name

    # check to see if it's a runtime-linked function
    rt, ea = interface.addressOfRuntimeOrStatic(func)
    if rt:
        name = get_name(ea)

        # decode the string from IDA's UTF-8
        # XXX: how does demangling work with unicode? this would be implementation specific, no?
        res = utils.string.of(name)

        # demangle it if necessary
        return internal.declaration.demangle(res) if internal.declaration.mangledQ(res) else res
        #return internal.declaration.extract.fullname(internal.declaration.demangle(res)) if internal.declaration.mangledQ(res) else res

    # otherwise it's a regular function, so try and get its name in a couple of ways
    name = idaapi.get_func_name(ea)
    if not name: name = get_name(ea)
    if not name: name = idaapi.get_true_name(ea, ea) if idaapi.__version__ < 6.8 else idaapi.get_ea_name(ea, idaapi.GN_VISIBLE)

    # decode the string from IDA's UTF-8
    # XXX: how does demangling work with unicode? this would be implementation specific, no?
    res = utils.string.of(name)

    # demangle it if we need to
    return internal.declaration.demangle(res) if internal.declaration.mangledQ(res) else res
    #return internal.declaration.extract.fullname(internal.declaration.demangle(res)) if internal.declaration.mangledQ(res) else res
    #return internal.declaration.extract.name(internal.declaration.demangle(res)) if internal.declaration.mangledQ(res) else res
开发者ID:arizvisa,项目名称:ida-minsc,代码行数:32,代码来源:function.py

示例11: btn_pick_clicked

# 需要导入模块: import idaapi [as 别名]
# 或者: from idaapi import get_func_name [as 别名]
def btn_pick_clicked(self):
        ida_f = idaapi.choose_func("Pick a function to hook", idaapi.BADADDR)
        func_addr = ida_f.startEA
        func_name = idaapi.get_func_name(func_addr)

        self.picked_function = func_addr
        self.edit_picked_fun.setText("0x{:X} ({})".format(func_addr, func_name))
开发者ID:Riscure,项目名称:DROP-IDA-plugin,代码行数:9,代码来源:gui.py

示例12: preEmuCallback

# 需要导入模块: import idaapi [as 别名]
# 或者: from idaapi import get_func_name [as 别名]
def preEmuCallback(self, eh, userData, funcStart):
        userData["magicVals"] = []
        userData["magicValsCount"] = 0
        if eh.size_pointer == 4:
            magicMask = self.magicMask32
        else:
            magicMask = self.magicMask64
        # get "self" id if in objc function
        clsName = None
        funcName = idaapi.get_func_name(funcStart)
        if funcName[0] in ["-", "+"] and "[" in funcName and "]" in funcName and " " in funcName:
            shortClsName = clsName = funcName[2:funcName.find(" ")]
            if "(" in clsName:
                clsName = "_OBJC_CATEGORY_" + \
                    clsName[:clsName.find(
                        "(")] + "_$_" + clsName[clsName.find("(") + 1:clsName.find(")")]
                shortClsName = shortClsName[:shortClsName.find(
                    "(")] + "_" + shortClsName[shortClsName.find("(") + 1:shortClsName.find(")")]
            else:
                clsName = "_OBJC_CLASS_$_" + clsName
        if clsName:
            if funcName[0] == "+":
                # this is a class method, use classRef
                self_ = idc.get_name_ea_simple(clsName)
                # assume rdx will hold an instance of the class
                userData["magicVals"].append(
                    ("(%s *)instance" % shortClsName, shortClsName))
                inst = magicMask | userData["magicValsCount"]
                userData["magicValsCount"] += 1
                eh.uc.reg_write(eh.regs["arg3"], inst)
            elif funcName[0] == "-":
                # this is an instance method, use magic value to store "self"
                userData["magicVals"].append(
                    ("(%s *)self" % shortClsName, shortClsName))
                self_ = magicMask | userData["magicValsCount"]
                userData["magicValsCount"] += 1
            eh.uc.reg_write(eh.regs["arg1"], self_)
开发者ID:fireeye,项目名称:flare-ida,代码行数:39,代码来源:objc2_analyzer.py

示例13: strings_init

# 需要导入模块: import idaapi [as 别名]
# 或者: from idaapi import get_func_name [as 别名]
def strings_init():
    strings_added = 0
    retry = []
    text_seg = get_text_seg()
    if text_seg is None:
        debug('Failed to get text segment')
        return strings_added

    # This may be inherently flawed as it will only search for defined functions
    # and as of IDA Pro 6.95 it fails to autoanalyze many GO functions, currently
    # this works well since we redefine/find (almost) all the functions prior to
    # this being used. Could be worth a strategy rethink later one or on diff archs
    for addr in Functions(text_seg.start_ea, text_seg.end_ea):
        name = idc.get_func_name(addr)

        end_addr = next(Chunks(addr))[1]
        if(end_addr < addr):
            error('Unable to find good end for the function %s' % name)
            pass

        debug('Found function %s starting/ending @ 0x%x 0x%x' %  (name, addr, end_addr))

        while addr <= end_addr:
            if is_string_load(addr):
                if 'rodata' not in get_segm_name(addr) and 'text' not in get_segm_name(addr):
                    debug('Should a string be in the %s section?' % get_segm_name(addr))
                string_addr = idc.get_operand_value(addr, 1)
                addr_3 = ida_search.find_code(ida_search.find_code(addr, SEARCH_DOWN), SEARCH_DOWN)
                string_len = idc.get_operand_value(addr_3, 1)
                if create_string(string_addr, string_len):
                    if create_offset(addr):
                        strings_added += 1
                else:
                    # There appears to be something odd that goes on with IDA making some strings, always works
                    # the second time, so lets just force a retry...
                   retry.append((addr, string_addr, string_len))

                # Skip the extra mov lines since we know it won't be a load on any of them
                addr = ida_search.find_code(addr_3, SEARCH_DOWN)
            else:
                addr = ida_search.find_code(addr, SEARCH_DOWN)

    for instr_addr, string_addr, string_len in retry:
        if create_string(string_addr, string_len):
            if create_offset(instr_addr):
                strings_added += 1
        else:
            error('FAILED-RETRY : Unable to make a string @ 0x%x with length of %d for usage in function @ 0x%x' % (string_addr, string_len, instr_addr))

    return strings_added

#
# Function defining methods
#
开发者ID:strazzere,项目名称:golang_loader_assist,代码行数:56,代码来源:golang_loader_assist.py

示例14: renamer_init

# 需要导入模块: import idaapi [as 别名]
# 或者: from idaapi import get_func_name [as 别名]
def renamer_init():
    renamed = 0

    gopclntab = get_gopclntab_seg()
    if gopclntab is not None:
        info('type : %s' % type(gopclntab))
        start_ea = 0
        if isinstance(gopclntab, int):
            start_ea = gopclntab
        else:
            start_ea = gopclntab.start_ea
        # Skip unimportant header and goto section size
        addr = start_ea + 8
        size, addr_size = create_pointer(addr)
        addr += addr_size

        # Unsure if this end is correct
        early_end = addr + (size * addr_size * 2)
        while addr < early_end:
            func_offset, addr_size = create_pointer(addr)
            name_offset, addr_size = create_pointer(addr + addr_size)
            addr += addr_size * 2

            func_name_addr = idc.get_wide_dword(name_offset + start_ea + addr_size) + start_ea
            func_name = ida_bytes.get_strlit_contents(func_name_addr, -1, STRTYPE_C)
            ida_bytes.create_strlit(func_name_addr, len(func_name), STRTYPE_C)
            appended = clean_func_name = clean_function_name(func_name)
            debug('Going to remap function at 0x%x with %s - cleaned up as %s' % (func_offset, func_name, clean_func_name))

            if idaapi.get_func_name(func_offset) is not None:
                if idc.set_name(func_offset, clean_func_name):
                    renamed += 1
                else:
                    error('clean_func_name error %s' % clean_func_name)

    return renamed


# Function pointers are often used instead of passing a direct address to the
# function -- this function names them based off what they're currently named
# to ease reading
#
# lea     rax, main_GetExternIP_ptr <-- pointer to actual function
# mov     [rsp+1C0h+var_1B8], rax <-- loaded as arg for next function
# call    runtime_newproc <-- function is used inside a new process
开发者ID:strazzere,项目名称:golang_loader_assist,代码行数:47,代码来源:golang_loader_assist.py

示例15: run

# 需要导入模块: import idaapi [as 别名]
# 或者: from idaapi import get_func_name [as 别名]
def run(self):
        '''Start the plugin.'''

        if not idaapi.init_hexrays_plugin():
            print "HRDEV Error: Failed to initialise Hex-Rays plugin."
            return

        function_name = idaapi.get_func_name(idaapi.get_screen_ea())
        demangled_name = self.tools.demangle_name(function_name)

        src = idaapi.decompile(idaapi.get_screen_ea())

        file_name = '{}.cpp'.format(self.tools.to_file_name(demangled_name))
        cache_path = os.path.sep.join([tempfile.gettempdir(),
                                       'hrdev_cache',
                                       self._bin_name])

        # Create required directories if they dont exist
        tmp_dir_path = os.path.sep.join([tempfile.gettempdir(), 'hrdev_cache'])
        if not os.path.isdir(tmp_dir_path):
            os.mkdir(tmp_dir_path)

        if not os.path.isdir(cache_path):
            os.mkdir(cache_path)

        complete_path = os.path.sep.join([cache_path, file_name])
        idaapi.msg("HRDEV cache path: {}\n".format(complete_path))

        # Check if file is already in cache
        if not os.path.isfile(complete_path) or \
           self.config_main.getboolean('etc', 'disable_cache'):
            self.tools.save_file(complete_path, str(src))

        self.tools.set_file_path(complete_path)

        lvars = {}
        for v in src.lvars:
            _type = idaapi.print_tinfo('', 0, 0, idaapi.PRTYPE_1LINE, v.tif, '', '')
            lvars[str(v.name)] = "{} {} {}".\
                format(_type, str(v.name), str(v.cmt))

        max_title = self.config_main.getint('etc', 'max_title')
        self.gui = hrdev_plugin.include.gui.Canvas(self.config_main,
                                                   self.config_theme,
                                                   self.tools,
                                                   lvars,
                                                   demangled_name[:max_title])
        self.gui.Show('HRDEV')

        self.parser = hrdev_plugin.include.syntax.Parser(self, lvars)
        self.parser.run(complete_path)
        return
开发者ID:ax330d,项目名称:hrdev,代码行数:54,代码来源:__init__.py


注:本文中的idaapi.get_func_name方法示例由纯净天空整理自Github/MSDocs等开源代码及文档管理平台,相关代码片段筛选自各路编程大神贡献的开源项目,源码版权归原作者所有,传播和使用请参考对应项目的License;未经允许,请勿转载。