本文整理汇总了Python中idc.LocByName方法的典型用法代码示例。如果您正苦于以下问题:Python idc.LocByName方法的具体用法?Python idc.LocByName怎么用?Python idc.LocByName使用的例子?那么恭喜您, 这里精选的方法代码示例或许可以为您提供帮助。您也可以进一步了解该方法所在类idc的用法示例。
在下文中一共展示了idc.LocByName方法的9个代码示例,这些例子默认根据受欢迎程度排序。您可以为喜欢或者感觉有用的代码点赞,您的评价将有助于系统推荐出更棒的Python代码示例。
示例1: main_lina
# 需要导入模块: import idc [as 别名]
# 或者: from idc import LocByName [as 别名]
def main_lina(dbname):
symbols = {
"clock_interval":idc.LocByName,
"mempool_array":idc.LocByName,
"mempool_list_":idc.LocByName,
"socks_proxy_server_start":idc.LocByName,
"aaa_admin_authenticate":idc.LocByName,
"mempool_list_":idc.LocByName,
}
symbols32 = {}
symbols64 = {}
if ida_helper.ARCHITECTURE == 32:
symbols.update(symbols32)
elif ida_helper.ARCHITECTURE == 64:
symbols.update(symbols64)
else:
logmsg("Invalid architecture")
sys.exit()
hunt(symbols, dbname, bin_name="lina") 示例2: serialize
# 需要导入模块: import idc [as 别名]
# 或者: from idc import LocByName [as 别名]
def serialize(self):
s = str(self.target_field.text())
if self.radio_addr.isChecked():
try:
int(s, 16)
except ValueError:
print "Bad address given"
return None
elif self.radio_routine.isChecked():
addr = idc.LocByName(s)
if addr == idc.BADADDR:
print "Bad function name given"
return None
return specific_parameters_t() 示例3: run
# 需要导入模块: import idc [as 别名]
# 或者: from idc import LocByName [as 别名]
def run(self):
# -- GUI stuff
self.result_widget.set_actions_visible_and_enabled(False)
self.set_progress_visible(True)
# -----------
# Refill the configuration file
if self.configuration.ksteps != 0 and self.config_widget.radio_path_routine.isChecked():
self.k = self.configuration.ksteps # Use the ksteps given if making the path on the whole routine
self.result_widget.webview.append("### Opaque predicates Detection ###\n")
self.configuration.analysis_name = "static opaque"
self.configuration.additional_parameters.typeid = self.configuration.additional_parameters.STANDARD
target_val = str(self.config_widget.target_field.text())
start_tps = time.time()
if self.config_widget.radio_addr.isChecked():
addr = utils.to_addr(target_val)
self.process_routine(idaapi.get_func(addr).startEA, pred_addr=addr)
elif self.config_widget.radio_routine.isChecked():
addr = idc.LocByName(target_val)
if addr == idc.BADADDR:
addr = utils.to_addr(target_val)
self.process_routine(addr)
elif self.config_widget.radio_program.isChecked():
self.process_program()
else:
pass
self.exec_time_total = time.time() - start_tps - self.exec_time_dep
self.analyse_finished = True
self.broker.terminate()
# -- GUI stuff
self.result_widget.set_actions_visible_and_enabled(True)
self.set_progress_visible(False)
# ------------
self.analysis_terminated() 示例4: is_start_of_function
# 需要导入模块: import idc [as 别名]
# 或者: from idc import LocByName [as 别名]
def is_start_of_function(ea):
"""Returns `True` if `ea` is the start of a function."""
if not is_code(ea):
return False
name = idc.GetTrueName(ea) or idc.GetFunctionName(ea)
return ea == idc.LocByName(name) 示例5: find_main_in_ELF_file
# 需要导入模块: import idc [as 别名]
# 或者: from idc import LocByName [as 别名]
def find_main_in_ELF_file():
"""Tries to automatically find the `main` function if we haven't found it
yet. IDA recognizes the pattern of `_start` calling `__libc_start_main` in
ELF binaries, where one of the parameters is the `main` function. IDA will
helpfully comment it as such."""
start_ea = idc.LocByName("_start")
if is_invalid_ea(start_ea):
start_ea = idc.LocByName("start")
if is_invalid_ea(start_ea):
return idc.BADADDR
for begin_ea, end_ea in idautils.Chunks(start_ea):
for inst_ea in Heads(begin_ea, end_ea):
comment = idc.GetCommentEx(inst_ea, 0)
if comment and "main" in comment:
for main_ea in xrefs_from(inst_ea):
if not is_code(main_ea):
continue
# Sometimes the `main` function isn't identified as code. This comes
# up when there are some alignment bytes in front of `main`.
try_mark_as_code(main_ea)
if is_code_by_flags(main_ea):
try_mark_as_function(main_ea)
main = idaapi.get_func(main_ea)
if not main:
continue
if main and main.startEA == main_ea:
set_symbol_name(main_ea, "main")
DEBUG("Found main at {:x}".format(main_ea))
return main_ea
return idc.BADADDR 示例6: get_jlocs
# 需要导入模块: import idc [as 别名]
# 或者: from idc import LocByName [as 别名]
def get_jlocs(self, sw):
jlocs = []
ncases = sw.ncases if sw.jcases == 0 else sw.jcases
for i in range(ncases):
addr = idc.Dword(sw.jumps+i*4)
name = idaapi.get_name(idc.BADADDR, addr)
comm = idc.GetCommentEx(idc.LocByName(name), 1)
comm = comm[comm.find('case'):] if comm is not None and comm.startswith('jumptable') else comm
jlocs.append((name, idc.LocByName(name), comm))
return jlocs 示例7: main_lina_monitor
# 需要导入模块: import idc [as 别名]
# 或者: from idc import LocByName [as 别名]
def main_lina_monitor(dbname):
symbols = {
"jz_after_code_sign_verify_signature_image":idc.LocByName,
}
if ida_helper.ARCHITECTURE == 32:
logmsg("WARNING: not supported/tested yet")
elif ida_helper.ARCHITECTURE == 64:
pass
else:
logmsg("Invalid architecture")
sys.exit()
hunt(symbols, dbname, bin_name="lina_monitor") 示例8: main
# 需要导入模块: import idc [as 别名]
# 或者: from idc import LocByName [as 别名]
def main():
beginThreadExLoc = idc.LocByName('_beginthreadex')
if beginThreadExLoc == idc.BADADDR:
print 'Function "_beginthreadex" not found. Returning'
return
for xref in idautils.CodeRefsTo(beginThreadExLoc, 1):
if getFunctionArgumentCount(xref) == 7:
print 'Found likely MyCreateThread: 0x%08x' % xref
handleCreateThread(idc.GetFunctionAttr(xref, idc.FUNCATTR_START)) 示例9: main
# 需要导入模块: import idc [as 别名]
# 或者: from idc import LocByName [as 别名]
def main():
#jayutils.configLogger(__name__, logging.DEBUG)
jayutils.configLogger(__name__, logging.INFO)
logger = jayutils.getLogger('')
logger.debug('Starting up in main')
#name = idc.AskStr('CreateThread', 'Enter function to find args for')
#argNum = idc.AskLong(6)
filePath = jayutils.getInputFilepath()
if filePath is None:
self.logger.info('No input file provided. Stopping')
return
vw = jayutils.loadWorkspace(filePath)
logger.debug('Loaded workspace')
tracker = ArgTracker(vw)
import idautils
funcEa = idc.LocByName('CreateThread')
if funcEa == idc.BADADDR:
logger.info('CreateThread not found. Returning now')
return
for xref in idautils.XrefsTo(funcEa):
argsList = tracker.getPushArgs(xref.frm, 6)
for argDict in argsList:
print '-'*60
pc, value = argDict[3]
print '0x%08x: 0x%08x: 0x%08x' % (xref.frm, pc, value)