当前位置: 首页>>代码示例>>Python>>正文


Python idaapi.getseg方法代码示例

本文整理汇总了Python中idaapi.getseg方法的典型用法代码示例。如果您正苦于以下问题:Python idaapi.getseg方法的具体用法?Python idaapi.getseg怎么用?Python idaapi.getseg使用的例子?那么, 这里精选的方法代码示例或许可以为您提供帮助。您也可以进一步了解该方法所在idaapi的用法示例。


在下文中一共展示了idaapi.getseg方法的15个代码示例,这些例子默认根据受欢迎程度排序。您可以为喜欢或者感觉有用的代码点赞,您的评价将有助于系统推荐出更棒的Python代码示例。

示例1: _Assemble

# 需要导入模块: import idaapi [as 别名]
# 或者: from idaapi import getseg [as 别名]
def _Assemble(ea, line):
    """
    Please refer to Assemble() - INTERNAL USE ONLY
    """
    if type(line) == types.StringType:
        lines = [line]
    else:
        lines = line
    ret = []
    for line in lines:
        seg = idaapi.getseg(ea)
        if not seg:
            return (False, "No segment at ea")
        ip  = ea - (idaapi.ask_selector(seg.sel) << 4)
        buf = idaapi.AssembleLine(ea, seg.sel, ip, seg.bitness, line)
        if not buf:
            return (False, "Assembler failed: " + line)
        ea += len(buf)
        ret.append(buf)

    if len(ret) == 1:
        ret = ret[0]
    return (True, ret) 
开发者ID:CvvT,项目名称:dumpDex,代码行数:25,代码来源:idautils.py

示例2: seg_by_addr

# 需要导入模块: import idaapi [as 别名]
# 或者: from idaapi import getseg [as 别名]
def seg_by_addr(self, addr):
        ida_seg = idaapi.getseg(addr)
        name = "<no name>"
        if ida_seg is not None:
            name = ida_seg.name
        if self.vmmap is None:
            self._get_vmmap()
        for start, end, perms, n in self.vmmap:
            if addr >= start and addr < end:
                if n == "": n = name
                return self.angrdbg_mod.Segment(n, start, end, perms)
        # fallback on ida segs
        perms = 0
        perms |= SEG_PROT_R if ida_seg.perm & idaapi.SEGPERM_READ else 0
        perms |= SEG_PROT_W if ida_seg.perm & idaapi.SEGPERM_WRITE else 0
        perms |= SEG_PROT_X if ida_seg.perm & idaapi.SEGPERM_EXEC else 0
        return self.angrdbg_mod.Segment(ida_seg.name, ida_seg.start_ea, ida_seg.end_ea, perms) 
开发者ID:andreafioraldi,项目名称:IDAngr,代码行数:19,代码来源:ida_debugger.py

示例3: get_offset_name

# 需要导入模块: import idaapi [as 别名]
# 或者: from idaapi import getseg [as 别名]
def get_offset_name(ea):
    # Try and get the function name
    try:
        func = get_func(ea)
        name = idaapi.get_ea_name(func.start_ea)
        name = demangle(name, 0x60) # MNG_NOTYPE | MNG_NORETTYPE
        if name:
            offset = ea - func.start_ea
            if offset:
                return '{}+{:X}'.format(name, offset)
            return name
    except exceptions.SarkNoFunction:
        pass

    # If that failed, use the segment name instead.
    segment = idaapi.getseg(ea)
    name = idaapi.get_segm_name(segment)
    offset_format = '{{:0{}X}}'.format(get_native_size() * 2)
    ea_text = offset_format.format(ea)
    if name:
        return '{}:{}'.format(name, ea_text)

    # Nothing found, simply return the address
    return ea_text 
开发者ID:tmr232,项目名称:Sark,代码行数:26,代码来源:base.py

示例4: is_mapped

# 需要导入模块: import idaapi [as 别名]
# 或者: from idaapi import getseg [as 别名]
def is_mapped(ea, size=1, value=True):
    """Check if the given address is mapped.

    Specify a size greater than 1 to check if an address range is mapped.

    Arguments:
        ea: The linear address to check.

    Options:
        size: The number of bytes at ea to check. Default is 1.
        value: Only consider an address mapped if it has a value. For example, the contents of a
            bss section exist but don't have a static value. If value is False, consider such
            addresses as mapped. Default is True.

    Notes:
        This function is currently a hack: It only checks the first and last byte.
    """
    if size < 1:
        raise ValueError('Invalid argument: size={}'.format(size))
    # HACK: We only check the first and last byte, not all the bytes in between.
    if value:
        return idc.isLoaded(ea) and (size == 1 or idc.isLoaded(ea + size - 1))
    else:
        return idaapi.getseg(ea) and (size == 1 or idaapi.getseg(ea + size - 1)) 
开发者ID:bazad,项目名称:ida_kernelcache,代码行数:26,代码来源:ida_utilities.py

示例5: print_section_list

# 需要导入模块: import idaapi [as 别名]
# 或者: from idaapi import getseg [as 别名]
def print_section_list():
    for s in idautils.Segments():
        seg = idaapi.getseg(s)
        print("%s" % idc.SegName(s))
        print(" - start address: 0x%x" % seg.startEA)
        print(" - sclass: 0x%x" % seg.sclass)
        print(" - orgbase: 0x%x" % seg.orgbase)
        print(" - flags: 0x%x" % seg.flags)
        print(" - align: 0x%x" % seg.align)
        print(" - comb: 0x%x" % seg.comb)
        print(" - perm: 0x%x" % seg.perm)
        print(" - bitness: 0x%x" % seg.bitness)
        print(" - sel: 0x%x" % seg.sel)
        # print(' - defsr: 0x%x' % seg.defsr)
        print(" - type: 0x%x" % seg.type)
        print(" - color: 0x%x" % seg.color) 
开发者ID:williballenthin,项目名称:python-idb,代码行数:18,代码来源:dump_section_list.py

示例6: Code

# 需要导入模块: import idaapi [as 别名]
# 或者: from idaapi import getseg [as 别名]
def Code(*args):
    """
    Enumerate code bytes

    @param <range>: see getrange

    @return: list of addresses of code bytes

    Example::

        for ea in Code():
            MakeUnkn(ea, DOUNK_EXPAND)
            Wait()

    Will delete all code in the selected area.


        len(list(MakeUnkn(ea, DOUNK_EXPAND) and Wait() for ea in enumerators.Code(idaapi.getseg(here()))))

    will delete all code in the current segment, and can be pasted in the command area of ida

    """
    (first, last)= getrange(args)

    ea= first
    # explicitly testing first byte, since find_code
    # implicitly sets SEARCH_NEXT flag
    if ea<last and not idaapi.is_code(idaapi.get_full_flags(ea)):
        ea= idaapi.find_code(ea, idaapi.SEARCH_DOWN)
    while ea!=idaapi.BADADDR and ea<last:
        yield ea
        ea= idaapi.find_code(ea, idaapi.SEARCH_DOWN) 
开发者ID:nlitsme,项目名称:idascripts,代码行数:34,代码来源:enumerators.py

示例7: get_segment_buffer

# 需要导入模块: import idaapi [as 别名]
# 或者: from idaapi import getseg [as 别名]
def get_segment_buffer(segstart):
    '''
    fetch the bytes of the section that starts at the given address.
    if the entire section cannot be accessed, try smaller regions until it works.
    '''
    segend = idaapi.getseg(segstart).end_ea
    buf = None
    segsize = segend - segstart
    while buf is None:
        buf = idc.get_bytes(segstart, segsize)
        if buf is None:
            segsize -= 0x1000
    return buf 
开发者ID:williballenthin,项目名称:idawilli,代码行数:15,代码来源:yara_fn.py

示例8: get_segments

# 需要导入模块: import idaapi [as 别名]
# 或者: from idaapi import getseg [as 别名]
def get_segments():
    '''
    fetch the segments in the current executable.
    '''
    for segstart in idautils.Segments():
         segend = idaapi.getseg(segstart).end_ea
         segsize = segend - segstart
         segname = str(idc.SegName(segstart)).rstrip('\x00')
         segbuf = get_segment_buffer(segstart)
         yield Segment(segstart, segend, segname, segbuf) 
开发者ID:williballenthin,项目名称:idawilli,代码行数:12,代码来源:yara_fn.py

示例9: get_segment_buffer

# 需要导入模块: import idaapi [as 别名]
# 或者: from idaapi import getseg [as 别名]
def get_segment_buffer(segstart):
    '''
    fetch the bytes of the section that starts at the given address.
    if the entire section cannot be accessed, try smaller regions until it works.
    '''
    segend = idaapi.getseg(segstart).end_ea
    buf = None
    segsize = segend - segstart
    while buf is None and segsize > 0:
        buf = GetManyBytes(segstart, segsize)
        if buf is None:
            segsize -= 0x1000
    return buf 
开发者ID:TakahiroHaruyama,项目名称:ida_haru,代码行数:15,代码来源:yara_fn.py

示例10: get_segments

# 需要导入模块: import idaapi [as 别名]
# 或者: from idaapi import getseg [as 别名]
def get_segments():
    '''
    fetch the segments in the current executable.
    '''
    for segstart in idautils.Segments():
         segend = idaapi.getseg(segstart).end_ea
         segsize = segend - segstart
         segname = str(SegName(segstart)).rstrip('\x00')
         segbuf = get_segment_buffer(segstart)
         yield Segment(segstart, segend, segname, segbuf) 
开发者ID:TakahiroHaruyama,项目名称:ida_haru,代码行数:12,代码来源:yara_fn.py

示例11: recover_region

# 需要导入模块: import idaapi [as 别名]
# 或者: from idaapi import getseg [as 别名]
def recover_region(M, region_name, region_ea, region_end_ea, exported_vars):
  """Recover the data and cross-references from a segment. The data of a
  segment is stored verbatim within the protobuf, and accompanied by a
  series of variable and cross-reference entries."""

  seg_name = idc.SegName(region_ea)

  DEBUG("Recovering region {} [{:x}, {:x}) in segment {}".format(
      region_name, region_ea, region_end_ea, seg_name))

  seg = idaapi.getseg(region_ea)

  # An item spans two regions. This may mean that there's a reference into
  # the middle of an item. This happens with strings.
  item_size = idc.ItemSize(region_end_ea - 1)
  if 1 < item_size:
    DEBUG("  ERROR: Segment should probably include {} more bytes".format(
        item_size - 1))

  S = M.segments.add()
  S.ea = region_ea
  S.data = read_bytes_slowly(region_ea, region_end_ea)
  S.read_only = (seg.perm & idaapi.SEGPERM_WRITE) == 0
  S.is_external = is_external_segment_by_flags(region_ea)
  S.is_thread_local = is_tls_segment(region_ea)
  S.name = seg_name.format('utf-8')
  S.is_exported = region_ea in exported_vars

  if region_name != seg_name:
    S.variable_name = region_name.format('utf-8')

  DEBUG_PUSH()
  recover_region_cross_references(M, S, region_ea, region_end_ea)
  recover_region_variables(M, S, region_ea, region_end_ea, exported_vars)
  DEBUG_POP() 
开发者ID:lifting-bits,项目名称:mcsema,代码行数:37,代码来源:get_cfg.py

示例12: recover_region

# 需要导入模块: import idaapi [as 别名]
# 或者: from idaapi import getseg [as 别名]
def recover_region(M, region_name, region_ea, region_end_ea, exported_vars):
  """Recover the data and cross-references from a segment. The data of a
  segment is stored verbatim within the protobuf, and accompanied by a
  series of variable and cross-reference entries."""

  seg_name = idc.get_segm_name(region_ea)

  DEBUG("Recovering region {} [{:x}, {:x}) in segment {}".format(
      region_name, region_ea, region_end_ea, seg_name))

  seg = idaapi.getseg(region_ea)

  # An item spans two regions. This may mean that there's a reference into
  # the middle of an item. This happens with strings.
  item_size = idc.get_item_size(region_end_ea - 1)
  if 1 < item_size:
    DEBUG("  ERROR: Segment should probably include {} more bytes".format(
        item_size - 1))

  S = M.segments.add()
  S.ea = region_ea
  S.data = read_bytes_slowly(region_ea, region_end_ea)
  S.read_only = (seg.perm & idaapi.SEGPERM_WRITE) == 0
  S.is_external = is_external_segment_by_flags(region_ea)
  S.is_thread_local = is_tls_segment(region_ea)
  S.name = seg_name.format('utf-8')
  S.is_exported = region_ea in exported_vars

  if region_name != seg_name:
    S.variable_name = region_name.format('utf-8')

  DEBUG_PUSH()
  recover_region_cross_references(M, S, region_ea, region_end_ea)
  recover_region_variables(M, S, region_ea, region_end_ea, exported_vars)
  DEBUG_POP() 
开发者ID:lifting-bits,项目名称:mcsema,代码行数:37,代码来源:get_cfg.py

示例13: __init__

# 需要导入模块: import idaapi [as 别名]
# 或者: from idaapi import getseg [as 别名]
def __init__(self, ea=UseCurrentAddress, name=None, index=None, segment_t=None):
        """Wrapper around IDA segments.

        There are 3 ways to get a segment - by name, ea or index. Only use one.

        Args:
            ea - address in the segment
            name - name of the segment
            index - index of the segment
        """
        if sum((ea not in (self.UseCurrentAddress, None), name is not None, index is not None,
                segment_t is not None,)) > 1:
            raise ValueError((
                                 "Expected only one (ea, name, index or segment_t)."
                                 " Got (ea={!r}, name={!r}, index={!r}, segment_t={!r})"
                             ).format(ea,
                                      name,
                                      index,
                                      segment_t))


        elif segment_t is not None:
            seg = segment_t

        elif name is not None:
            seg = idaapi.get_segm_by_name(name)

        elif index is not None:
            seg = idaapi.getnseg(index)

        elif ea == self.UseCurrentAddress:
            seg = idaapi.getseg(idc.here())

        elif ea is None:
            raise ValueError("`None` is not a valid address. To use the current screen ea, "
                             "use `Function(ea=Function.UseCurrentAddress)` or supply no `ea`.")

        else:
            seg = idaapi.getseg(ea)

        self._segment = seg 
开发者ID:tmr232,项目名称:Sark,代码行数:43,代码来源:segment.py

示例14: output_segments

# 需要导入模块: import idaapi [as 别名]
# 或者: from idaapi import getseg [as 别名]
def output_segments(out):
    """Dump binary segmentation."""
    info = idaapi.get_inf_structure()
    size = "r32" if info.is_32bit else "r64"
    out.writelines(('(', info.get_proc_name()[1], ' ', size, ' ('))
    for seg in idautils.Segments():
        out.write("\n({} {} {:d} ({:#x} {:d}))".format(
            get_segm_name(seg),
            "code" if idaapi.segtype(seg) == idaapi.SEG_CODE else "data",
            idaapi.get_fileregion_offset(seg),
            seg, idaapi.getseg(seg).size()))
    out.write("))\n") 
开发者ID:BinaryAnalysisPlatform,项目名称:bap-ida-python,代码行数:14,代码来源:ida.py

示例15: get_segment_buffer

# 需要导入模块: import idaapi [as 别名]
# 或者: from idaapi import getseg [as 别名]
def get_segment_buffer(segstart):
    """
    fetch the bytes of the section that starts at the given address.
    if the entire section cannot be accessed, try smaller regions until it works.
    """
    segend = idaapi.getseg(segstart).endEA
    buf = None
    segsize = segend - segstart
    while buf is None:
        buf = idc.GetManyBytes(segstart, segsize - 1)
        if buf is None:
            segsize -= 0x1000
    return buf 
开发者ID:williballenthin,项目名称:python-idb,代码行数:15,代码来源:yara_fn.py


注:本文中的idaapi.getseg方法示例由纯净天空整理自Github/MSDocs等开源代码及文档管理平台,相关代码片段筛选自各路编程大神贡献的开源项目,源码版权归原作者所有,传播和使用请参考对应项目的License;未经允许,请勿转载。