当前位置: 首页>>代码示例>>Python>>正文

Python idautils.XrefsTo方法代码示例

本文整理汇总了Python中idautils.XrefsTo方法的典型用法代码示例。如果您正苦于以下问题:Python idautils.XrefsTo方法的具体用法?Python idautils.XrefsTo怎么用?Python idautils.XrefsTo使用的例子?那么恭喜您, 这里精选的方法代码示例或许可以为您提供帮助。您也可以进一步了解该方法所在idautils的用法示例。


在下文中一共展示了idautils.XrefsTo方法的15个代码示例,这些例子默认根据受欢迎程度排序。您可以为喜欢或者感觉有用的代码点赞,您的评价将有助于系统推荐出更棒的Python代码示例。

示例1: decrypt_strings

# 需要导入模块: import idautils [as 别名]
# 或者: from idautils import XrefsTo [as 别名]
def decrypt_strings(info):
    xor_key = info['xor_key']
    for i, crypt_func_addr in enumerate(info['addr']):
        for xref in idautils.XrefsTo(crypt_func_addr):
            str_addr, str_len = find_params(xref)
            if str_addr == 0 or str_len == 0:
                print "ERROR: Can't find parameters for func" \
                  "at 0x{:08X}".format(xref)

            cipher = ida_bytes.get_bytes(str_addr, str_len)
            s = decrypt_str(cipher, xor_key)
            # Strings from the first decryption routine are UTF-16 encoded
            if i == 0:
                s = s.decode('utf-16').encode('utf-8')
                print "Str at 0x{:08X}: u'{}'".format(xref.frm, s)
                ida_bytes.set_cmt(xref.frm, "u'{}'".format(s), False)
                f_addr = ida_funcs.get_func(xref.frm)
                for xref_ in idautils.XrefsTo(f_addr.startEA):
                    ida_bytes.set_cmt(xref_.frm, "u'{}'".format(s), False)
            else:
                print "Str at 0x{:08X} : {}".format(xref.frm, repr(s))
                ida_bytes.set_cmt(xref.frm, repr(s), False)
                f_addr = ida_funcs.get_func(xref.frm)
                for xref_ in idautils.XrefsTo(f_addr.startEA):
                    ida_bytes.set_cmt(xref_.frm, repr(s), False)
开发者ID:eset,项目名称:malware-research,代码行数:27,代码来源:decrypt_str.py

示例2: getSelRefFromImpPtr

# 需要导入模块: import idautils [as 别名]
# 或者: from idautils import XrefsTo [as 别名]
def getSelRefFromImpPtr(self, eh, imp):
        selref = None
        retClsName = ""
        if eh.arch == unicorn.UC_ARCH_ARM and eh.isThumbMode(imp):
            imp |= 1
        logging.debug("checking xrefs for IMP %s" % eh.hexString(imp))
        for x in idautils.XrefsTo(imp):
            if x.frm >= self.objcConst[0] and x.frm < self.objcConst[1]:
                # even though imp ptr is stored at offset 0x10 in struct, xref just goes to base of struct, we want the
                # first field
                for y in idautils.XrefsTo(eh.derefPtr(x.frm)):
                    if y.frm >= self.objcSelRefs[0] and y.frm < self.objcSelRefs[1]:
                        selref = y.frm
                        break
                # determine return value's type
                # check type string to see if id is returned
                typeStr = eh.getIDBString(eh.derefPtr(x.frm + eh.size_pointer))
                if len(typeStr) > 0 and typeStr[0] == "@":
                    # scan imp for ivar reference, grab its type
                    if eh.arch == unicorn.UC_ARCH_ARM and eh.isThumbMode(imp):
                        imp = imp & ~1
                    retClsName = self.getIvarTypeFromFunc(eh, imp)

        return selref, retClsName
开发者ID:fireeye,项目名称:flare-ida,代码行数:26,代码来源:objc2_analyzer.py

示例3: get_xref

# 需要导入模块: import idautils [as 别名]
# 或者: from idautils import XrefsTo [as 别名]
def get_xref(self,objc_selrefs,objc_msgrefs,objc_const):
        #We're looking for references to the selector string (think char **)
        #Which is either a selref, a msgref, or a pointer to the selector from the class's const method list
        name_ptr = self.name_pointer
        is_msg_ref=False
        selector_ref=None
        #how many references from __objc_const are there? This indicates how many classes
        #reference this selector
        const_ref_count=0
        for xref in XrefsTo(name_ptr):
            #Is this cross reference in the range of selector references?
            if objc_selrefs and xref.frm >= objc_selrefs[0] and xref.frm < objc_selrefs[1]:
                is_msg_ref=False
                selector_ref=xref
            #else, is this cross reference in the range of msg references?
            elif objc_msgrefs and xref.frm >= objc_msgrefs[0] and xref.frm < objc_msgrefs[1]:
                is_msg_ref=True
                selector_ref=xref
            #else, is this cross reference a pointer from a (const) method list?
            elif objc_const and xref.frm >= objc_const[0] and xref.frm < objc_const[1]:
                const_ref_count += 1



        return (is_msg_ref,selector_ref,const_ref_count)
开发者ID:fireeye,项目名称:flare-ida,代码行数:27,代码来源:objc2_xrefs_helper.py

示例4: export_user_memory_reference

# 需要导入模块: import idautils [as 别名]
# 或者: from idautils import XrefsTo [as 别名]
def export_user_memory_reference(self, addr):
        """
        Exports a user-specified memory reference at the address.

        Args:
            addr: Integer representing the instruction address.
        """
        for xref in idautils.XrefsTo(addr, ida_xref.XREF_FAR):
            if xref.user == 1:
                self.start_element(MEMORY_REFERENCE)
                self.write_address_attribute(ADDRESS, xref.frm)
                self.write_address_attribute(TO_ADDRESS, xref.to)
                self.write_attribute(USER_DEFINED, "y")
                self.close_tag()
开发者ID:Cisco-Talos,项目名称:GhIDA,代码行数:16,代码来源:idaxml.py

示例5: xrefs_to

# 需要导入模块: import idautils [as 别名]
# 或者: from idautils import XrefsTo [as 别名]
def xrefs_to(self):
        """Xrefs to the function.

        This only includes references to that function's start address.
        """
        return map(Xref, idautils.XrefsTo(self.start_ea))
开发者ID:tmr232,项目名称:Sark,代码行数:8,代码来源:function.py

示例6: xrefs_to

# 需要导入模块: import idautils [as 别名]
# 或者: from idautils import XrefsTo [as 别名]
def xrefs_to(self):
        """Xrefs to this line.

        Returns:
            Xrefs as `sark.code.xref.Xref` objects.
        """
        return list(map(Xref, idautils.XrefsTo(self.ea)))
开发者ID:tmr232,项目名称:Sark,代码行数:9,代码来源:line.py

示例7: get_xrefs_to

# 需要导入模块: import idautils [as 别名]
# 或者: from idautils import XrefsTo [as 别名]
def get_xrefs_to(ea):
    xref_set = set()
    for xref in idautils.XrefsTo(ea, 1):
        xref_set.add(xref.frm)
    return xref_set
开发者ID:ExpLife0011,项目名称:IDAPython_Note,代码行数:7,代码来源:10_交叉引用.py

示例8: get_xref_code_to_func

# 需要导入模块: import idautils [as 别名]
# 或者: from idautils import XrefsTo [as 别名]
def get_xref_code_to_func(func_addr):
    a = idautils.XrefsTo(func_addr, 1)
    addr = {}
    for xref in a:
        frm = xref.frm  # ea in func
        start = idc.get_func_attr(frm, idc.FUNCATTR_START)  # to_xref func addr
        func_name = idc.get_func_name(start)  # to_xref func name
        addr[func_name] = [xref.iscode, start]
    return addr
开发者ID:0xgalz,项目名称:Virtuailor,代码行数:11,代码来源:Main.py

示例9: _ok_to_rename_method

# 需要导入模块: import idautils [as 别名]
# 或者: from idautils import XrefsTo [as 别名]
def _ok_to_rename_method(override, name):
    """Some method names are ok to rename."""
    return (name.startswith('j_') and idau.iterlen(idautils.XrefsTo(override)) == 1)
开发者ID:bazad,项目名称:ida_kernelcache,代码行数:5,代码来源:vtable.py

示例10: get_xrefs

# 需要导入模块: import idautils [as 别名]
# 或者: from idautils import XrefsTo [as 别名]
def get_xrefs(self):
        return (IdaLocation(x.frm) for x in idautils.XrefsTo(self.at))
开发者ID:tintinweb,项目名称:ida-batch_decompile,代码行数:4,代码来源:ida_batch_decompile.py

示例11: applyApiNames

# 需要导入模块: import idautils [as 别名]
# 或者: from idautils import XrefsTo [as 别名]
def applyApiNames(self, api_results):
        num_renamed = 0
        num_skipped = 0
        num_xrefs_adapted = 0

        prev_offset = 0
        for api in sorted(api_results):
            if api[0] > prev_offset + 16:
                print("Annotating API Block @0x{:x}.".format(api[0]))
            prev_offset = api[0]
            if str(api[3]) == "None":
                num_skipped += 1
                print("Skipping 0x{:x}: no name provided by API DB (is None).".format(api[0]))
                self.makeDQWord(api)
                continue
            named = self.makeNameAndStructure(api)
            if not named:
                for suffix in range(10):
                    print("naming 0x{:x} to {} failed, trying with suffix \"_{}\".".format(api[0], str(api[3]), suffix))
                    named = self.makeNameAndStructure(api, suffix)
                    if named:
                        break
                    else:
                        print("  naming 0x{:x} to {} failed as well, trying next index...".format(api[0], str(api[3] + "_{}".format(suffix))))
            if named:
                num_renamed += 1
                for xref in idautils.XrefsTo(api[0]):
                    if self.setFunctionInformation(api[3], xref.frm):
                        num_xrefs_adapted += 1
        return num_renamed, num_skipped, num_xrefs_adapted
开发者ID:danielplohmann,项目名称:apiscout,代码行数:32,代码来源:IdaTools.py

示例12: getRefPtr

# 需要导入模块: import idautils [as 别名]
# 或者: from idautils import XrefsTo [as 别名]
def getRefPtr(self, eh, methodVa):
        isMsgRef, isAmbiguous, refPtr = (None, None, None)
        namePtr = eh.derefPtr(methodVa)
        cnt = 0
        for x in idautils.XrefsTo(namePtr):
            if self.objcSelRefs and x.frm >= self.objcSelRefs[0] and x.frm < self.objcSelRefs[1]:
                refPtr = x.frm
                isMsgRef = False
            elif self.objcMsgRefs and x.frm >= self.objcMsgRefs[0] and x.frm < self.objcMsgRefs[1]:
                refPtr = x.frm
                isMsgRef = True
            elif self.objcConst and x.frm >= self.objcConst[0] and x.frm < self.objcConst[1]:
                cnt += 1

        # ambiguous sel names
        isAmbiguous = False
        if cnt > 1:
            isAmbiguous = True
        return isAmbiguous, isMsgRef, refPtr


    # adds objc comment and calls fixXref to fix xrefs for objc_msgSend
    # address: address of msgSend call
    # id: class/instance name to show in comment
    # sel: selector name to show in comment
    # clsName: name of class to lookup for sel->imp mapping
    # selref: sel reference to lookup in sel->imp mapping
开发者ID:fireeye,项目名称:flare-ida,代码行数:29,代码来源:objc2_analyzer.py

示例13: main

# 需要导入模块: import idautils [as 别名]
# 或者: from idautils import XrefsTo [as 别名]
def main():
    #jayutils.configLogger(__name__, logging.DEBUG)
    jayutils.configLogger(__name__, logging.INFO)
    logger = jayutils.getLogger('')
    logger.debug('Starting up in main')
    #name = idc.AskStr('CreateThread', 'Enter function to find args for')
    #argNum = idc.AskLong(6)

    filePath = jayutils.getInputFilepath()
    if filePath is None:
        self.logger.info('No input file provided. Stopping')
        return
    vw = jayutils.loadWorkspace(filePath)
    logger.debug('Loaded workspace')
    tracker = ArgTracker(vw)

    import idautils
    funcEa = idc.LocByName('CreateThread')
    if funcEa == idc.BADADDR:
        logger.info('CreateThread not found. Returning now')
        return
    for xref in idautils.XrefsTo(funcEa):
        argsList = tracker.getPushArgs(xref.frm, 6)
        for argDict in argsList:
            print '-'*60
            pc, value = argDict[3]
            print '0x%08x: 0x%08x: 0x%08x' % (xref.frm, pc, value)
开发者ID:fireeye,项目名称:flare-ida,代码行数:29,代码来源:argtracker.py

示例14: for_each_call_to

# 需要导入模块: import idautils [as 别名]
# 或者: from idautils import XrefsTo [as 别名]
def for_each_call_to(callback, va=None):
    """For each xref to va that is a call, pass xref va to callback.

    Falls back to highlighted identifier or current location if va is
    unspecified.
    """
    if not va:
        v = ida_kernwin.get_current_viewer()
        hi = ida_kernwin.get_highlight(v)
        if hi and hi[1]:
            nm = hi[0]
            va = idc.get_name_ea_simple(nm)
            if va >= idaapi.cvar.inf.maxEA:
                va = None

    va = va or idc.here()

    # Obtain and de-duplicate addresses of xrefs that are calls
    callsites = set([x.frm for x in idautils.XrefsTo(va)
                     if idc.print_insn_mnem(x.frm) == 'call'])
    for va in callsites:
        callback(va)


# Instruction operand specification.
#
# Operand types are from ida_ua.o_* e.g. o_reg, o_mem.
# >>> {x: getattr(ida_ua, x) for x in dir(ida_ua) if x.startswith('o_')}
#
# Quick ref:
#   ida_ua.o_reg ==      1: "General Register (al,ax,es,ds...)",
#   ida_ua.o_mem ==      2: "Memory Reference",
#   ida_ua.o_phrase ==   3: "Base + Index",
#   ida_ua.o_displ ==    4: "Base + Index + Displacement",
#   ida_ua.o_imm ==      5: "Immediate",
#   ida_ua.o_far ==      6: "Immediate Far Address",
#   ida_ua.o_near ==     7: "Immediate Near Address",
#   ida_ua.o_idpspec0 == 8: "FPP register",
#   ida_ua.o_idpspec1 == 9: "386 control register",
#   ida_ua.o_idpspec2 == 10: "386 debug register",
#   ida_ua.o_idpspec3 == 11: "386 trace register",
开发者ID:fireeye,项目名称:flare-ida,代码行数:43,代码来源:mykutils.py

示例15: make_islands_xrefs_force_bl_call

# 需要导入模块: import idautils [as 别名]
# 或者: from idautils import XrefsTo [as 别名]
def make_islands_xrefs_force_bl_call(ea, verbose=True):
    """ makes all BL references to a branch islands as call """
    segname = idc.SegName(ea)
    if verbose:
        print "[+] forcing bl call on: %s [0x%X]" % (segname, ea)
    if "branch_islands" in segname:
        idc.SetFunctionFlags(ea, idc.GetFunctionFlags(ea) & (0xffffffff - 1))
        for x in idautils.XrefsTo(ea):
            make_islands_xrefs_force_bl_call(x.frm)
        return
    idc.ArmForceBLCall(ea)
开发者ID:deepinstinct,项目名称:dsc_fix,代码行数:13,代码来源:dsc_fix.py


注:本文中的idautils.XrefsTo方法示例由纯净天空整理自Github/MSDocs等开源代码及文档管理平台,相关代码片段筛选自各路编程大神贡献的开源项目,源码版权归原作者所有,传播和使用请参考对应项目的License;未经允许,请勿转载。