当前位置: 首页>>代码示例>>Python>>正文


Python idc.Dword方法代码示例

本文整理汇总了Python中idc.Dword方法的典型用法代码示例。如果您正苦于以下问题:Python idc.Dword方法的具体用法?Python idc.Dword怎么用?Python idc.Dword使用的例子?那么, 这里精选的方法代码示例或许可以为您提供帮助。您也可以进一步了解该方法所在idc的用法示例。


在下文中一共展示了idc.Dword方法的8个代码示例,这些例子默认根据受欢迎程度排序。您可以为喜欢或者感觉有用的代码点赞,您的评价将有助于系统推荐出更棒的Python代码示例。

示例1: read_word

# 需要导入模块: import idc [as 别名]
# 或者: from idc import Dword [as 别名]
def read_word(ea, wordsize=WORD_SIZE):
    """Get the word at the given address.

    Words are read using Byte(), Word(), Dword(), or Qword(), as appropriate. Addresses are checked
    using is_mapped(). If the address isn't mapped, then None is returned.
    """
    if not is_mapped(ea, wordsize):
        return None
    if wordsize == 1:
        return idc.Byte(ea)
    if wordsize == 2:
        return idc.Word(ea)
    if wordsize == 4:
        return idc.Dword(ea)
    if wordsize == 8:
        return idc.Qword(ea)
    raise ValueError('Invalid argument: wordsize={}'.format(wordsize)) 
开发者ID:bazad,项目名称:ida_kernelcache,代码行数:19,代码来源:ida_utilities.py

示例2: decrypt_data

# 需要导入模块: import idc [as 别名]
# 或者: from idc import Dword [as 别名]
def decrypt_data(xref, cfunc, xref_args):
    print("%s: " % hex(int(xref)), end='')
    args = convert_args_to_long(xref_args)
    if args:
        try:
            key = idaapi.get_many_bytes(args[2], args[3] if idc.Dword(args[3]) == 0xffffffff else idc.Dword(args[3]))
            data = idaapi.get_many_bytes(args[0], args[1] if idc.Dword(args[1]) == 0xffffffff else idc.Dword(args[1]))
        except TypeError:
            print("Couldn't retrieve the cipher or the key.")
            print(xref_args)
        else:
            key = null_pad(key, 0x20)
            if args[4] == 1:
                data = custom_b64decode(data)
            plain = PKCS7_unpad(AES.new(key, AES.MODE_CBC, "\x00"*16).decrypt(data))
            #add_comment(cfunc, plain, xref)
            print(plain)
    else:
        print("Not all args are numbers")
        print(xref_args) 
开发者ID:eset,项目名称:malware-research,代码行数:22,代码来源:OL_OSX_decryptor.py

示例3: get_prev_ascii_string_address

# 需要导入模块: import idc [as 别名]
# 或者: from idc import Dword [as 别名]
def get_prev_ascii_string_address(address):
        """

        :param address: must be current ascii string start address.
        :return:
        """
        prev_string_start_address = address
        # string table interval should less than 5 bytes.
        if idc.Dword(address - 5) == 0:
            return None
        else:
            prev_string_start_address -= 5
            # TODO: Need handle short string.
            while idaapi.get_byte(prev_string_start_address) != 0:
                prev_string_start_address -= 1
            return prev_string_start_address + 1 
开发者ID:PAGalaxyLab,项目名称:vxhunter,代码行数:18,代码来源:vxhunter_ida.py

示例4: get_next_ascii_string_address

# 需要导入模块: import idc [as 别名]
# 或者: from idc import Dword [as 别名]
def get_next_ascii_string_address(address):
        """

        :param address: must be current ascii string start address.
        :return:
        """
        next_string_start_address = address
        # find current string end address
        while idaapi.get_byte(next_string_start_address) != 0:
            next_string_start_address += 1

        # string table interval should less than 5 bytes.
        # TODO: need handle short string.
        if idc.Dword(next_string_start_address + 1) == 0:
            return None

        while idaapi.get_byte(next_string_start_address) == 0:
            next_string_start_address += 1

        return next_string_start_address 
开发者ID:PAGalaxyLab,项目名称:vxhunter,代码行数:22,代码来源:vxhunter_ida.py

示例5: walk_methods

# 需要导入模块: import idc [as 别名]
# 或者: from idc import Dword [as 别名]
def walk_methods(self,objc_selrefs,objc_msgrefs,objc_const):
        Message("Walking methods starting at virtual address: 0x%x\n" % self.method_list_va)
        class_methods_va=self.method_list_va
        #deref the method list struct to get method count:
        count=Dword(class_methods_va+DWORD_SIZE)

        method_size=self.ObjCMethod.OBJC_METHOD_SIZE #sizeof(struct _objc_method)

        #skip first two dwords in the method_list struct
        class_methods_start=class_methods_va+self.METHOD_LIST_OFFSET
        
        class_methods_end=class_methods_start+(method_size*count)

        for va in range(class_methods_start,class_methods_end,method_size):
            #Parse this method struct and create a method object
            #If possible, the method will patch the IDB to replace references to its selector
            #with a reference to its implementation
            objc_method=self.ObjCMethod(va,self.segment_map)

            self.append(objc_method) 
开发者ID:fireeye,项目名称:flare-ida,代码行数:22,代码来源:objc2_xrefs_helper.py

示例6: lookForDwordArray

# 需要导入模块: import idc [as 别名]
# 或者: from idc import Dword [as 别名]
def lookForDwordArray(self, start, end):
        logger.debug("Starting to look between: %08x:%08x", start, end)
        for i in range(end-start):
            loc = start + i
            if using_ida7api:
                val = idaapi.get_dword(loc)
            else:
                val = idc.Dword(loc)

            for h in self.params.hashTypes:
                hits = self.dbstore.getSymbolByTypeHash(h.hashType, val)
                for sym in hits:
                    logger.info("0x%08x: %s", loc, str(sym))
                    self.addHit(loc, sym)
                    self.markupLine(loc, sym)

###################################################################
#
################################################################### 
开发者ID:fireeye,项目名称:flare-ida,代码行数:21,代码来源:shellcode_hash_search.py

示例7: get_jlocs

# 需要导入模块: import idc [as 别名]
# 或者: from idc import Dword [as 别名]
def get_jlocs(self, sw):
        jlocs = []
        ncases = sw.ncases if sw.jcases == 0 else sw.jcases
        for i in range(ncases):
            addr = idc.Dword(sw.jumps+i*4)
            name = idaapi.get_name(idc.BADADDR, addr)
            comm = idc.GetCommentEx(idc.LocByName(name), 1)
            comm = comm[comm.find('case'):] if comm is not None and comm.startswith('jumptable') else comm
            jlocs.append((name, idc.LocByName(name), comm))
        return jlocs 
开发者ID:jjo-sec,项目名称:idataco,代码行数:12,代码来源:switch_jumps.py

示例8: fix_vxworks_idb

# 需要导入模块: import idc [as 别名]
# 或者: from idc import Dword [as 别名]
def fix_vxworks_idb(load_address, vx_version, symbol_table_start, symbol_table_end):
        current_image_base = idaapi.get_imagebase()
        symbol_interval = 16
        if vx_version == 6:
            symbol_interval = 20
        symbol_table_start += load_address
        symbol_table_end += load_address
        ea = symbol_table_start
        shift_address = load_address - current_image_base
        while shift_address >= 0x70000000:
            idaapi.rebase_program(0x70000000, 0x0008)
            shift_address -= 0x70000000
        idaapi.rebase_program(shift_address, 0x0008)
        while ea < symbol_table_end:
            # for VxWorks 6 unknown symbol format
            if idc.Byte(ea + symbol_table_end - 2) == 3:
                ea += symbol_interval
                continue
            offset = 4
            if idaapi.IDA_SDK_VERSION >= 700:
                idc.create_strlit(idc.Dword(ea + offset), idc.BADADDR)
            else:
                idc.MakeStr(idc.Dword(ea + offset), idc.BADADDR)
            sName = idc.GetString(idc.Dword(ea + offset), -1, idc.ASCSTR_C)
            print("Found %s in symbol table" % sName)
            if sName:
                sName_dst = idc.Dword(ea + offset + 4)
                if vx_version == 6:
                    sName_type = idc.Dword(ea + offset + 12)
                else:
                    sName_type = idc.Dword(ea + offset + 8)
                idc.MakeName(sName_dst, sName)
                if sName_type in need_create_function:
                    # flags = idc.GetFlags(ea)
                    print("Start fix Function %s at %s" % (sName, hex(sName_dst)))
                    idc.MakeCode(sName_dst)  # might not need
                    idc.MakeFunction(sName_dst, idc.BADADDR)
            ea += symbol_interval
        print("Fix function by symbol table finish.")
        print("Start IDA auto analysis, depending on the size of the firmware this might take a few minutes.")
        idaapi.autoWait() 
开发者ID:PAGalaxyLab,项目名称:vxhunter,代码行数:43,代码来源:vxhunter_ida.py


注:本文中的idc.Dword方法示例由纯净天空整理自Github/MSDocs等开源代码及文档管理平台,相关代码片段筛选自各路编程大神贡献的开源项目,源码版权归原作者所有,传播和使用请参考对应项目的License;未经允许,请勿转载。