当前位置: 首页>>代码示例>>Python>>正文


Python idc.Name方法代码示例

本文整理汇总了Python中idc.Name方法的典型用法代码示例。如果您正苦于以下问题:Python idc.Name方法的具体用法?Python idc.Name怎么用?Python idc.Name使用的例子?那么, 这里精选的方法代码示例或许可以为您提供帮助。您也可以进一步了解该方法所在idc的用法示例。


在下文中一共展示了idc.Name方法的11个代码示例,这些例子默认根据受欢迎程度排序。您可以为喜欢或者感觉有用的代码点赞,您的评价将有助于系统推荐出更棒的Python代码示例。

示例1: __call__

# 需要导入模块: import idc [as 别名]
# 或者: from idc import Name [as 别名]
def __call__(self, f):
        def wrapped_export_f(*args):
            if not globals().has_key("IDP_Hooks") or globals()["IDP_Hooks"] is None:
                from idaapi import IDP_Hooks, UI_Hooks
                from idc import Name, GetFunctionName, GetStrucIdByName, GetConstName, Warning, SetStrucName, GetStrucName
                globals()["IDP_Hooks"] = locals()["IDP_Hooks"]
                globals()["UI_Hooks"] = locals()["UI_Hooks"]
                globals()["Name"] = locals()["Name"]
                globals()["GetFunctionName"] = locals()["GetFunctionName"]
                globals()["GetStrucIdByName"] = locals()["GetStrucIdByName"]
                globals()["GetConstName"] = locals()["GetConstName"]
                globals()["Warning"] = locals()["Warning"]
                globals()["SetStrucName"] = locals()["SetStrucName"]
                globals()["GetStrucName"] = locals()["GetStrucName"]
            return f(*args)
        return wrapped_export_f 
开发者ID:CubicaLabs,项目名称:IDASynergy,代码行数:18,代码来源:IDASynergyHooks.py

示例2: get_function_name

# 需要导入模块: import idc [as 别名]
# 或者: from idc import Name [as 别名]
def get_function_name(ea):
        """
        Get the real function name
        """
        # Try to demangle
        function_name = idc.Demangle(idc.GetFunctionName(ea), idc.GetLongPrm(idc.INF_SHORT_DN))

        if function_name:
            function_name = function_name.split("(")[0]

        # Function name is not mangled
        if not function_name:
            function_name = idc.GetFunctionName(ea)

        if not function_name:
            function_name = idc.Name(ea)

        # If we still have no function name, make one up. Format is - 'UNKN_FNC_4120000'
        if not function_name:
            function_name = "UNKN_FNC_%s" % hex(ea)

        return function_name 
开发者ID:ynvb,项目名称:DIE,代码行数:24,代码来源:IDAConnector.py

示例3: get_name

# 需要导入模块: import idc [as 别名]
# 或者: from idc import Name [as 别名]
def get_name(ea):
    name = None

    if not sark.Line(ea).has_name:
        raise NoName("No non-trivial name for 0x{:08X}".format(ea))

    try:
        function = sark.Function(ea)
        if function.ea == ea:
            name = function.demangled
    except:
        pass

    if not name:
        name = idc.Name(ea)

    if not name:
        raise NoName("No named for address 0x{:08X}".format(ea))

    return name 
开发者ID:tmr232,项目名称:Sark,代码行数:22,代码来源:meaningful.py

示例4: initVars

# 需要导入模块: import idc [as 别名]
# 或者: from idc import Name [as 别名]
def initVars(self):
        self._import_table = qt.qtablewidget()()
        self._import_table.setEditTriggers(qt.qabstractitemview().NoEditTriggers)
        self._import_table.setRowCount(0)
        self._import_table.setColumnCount(6)
        self._import_table.setHorizontalHeaderLabels(["Address","DLL","ProcName","ProcAddress","Type","IDA Name"])
        self._import_table.setContextMenuPolicy(qt.qtcore().Qt.ActionsContextMenu)
        copyAction = qt.qaction()(self._import_table)
        copyAction.setText("Copy Cell Value")
        copyAction.triggered.connect(self.copyToClipboard)
        self._import_table.addAction(copyAction)
        renameAction = qt.qaction()(self._import_table)
        renameAction.setText("Rename DWORDs to Proc Name")
        renameAction.triggered.connect(self.renameDword)
        self._import_table.addAction(renameAction)

        self.clipboard = qt.qclipboard() 
开发者ID:jjo-sec,项目名称:idataco,代码行数:19,代码来源:imports.py

示例5: load

# 需要导入模块: import idc [as 别名]
# 或者: from idc import Name [as 别名]
def load(self):
        self._import_table.clear()
        self._import_table.setHorizontalHeaderLabels(["Address", "DLL", "ProcName", "ProcAddress", "Type", "IDA Name"])
        self._import_table.itemDoubleClicked.connect(self.clickRow)
        self._import_table.setRowCount(len(self.parent.impts))
        self._import_table.setAlternatingRowColors(True)
        row = 0
        for impt in self.parent.impts:
            self._import_table.setItem(row, 0, qt.qtablewidgetitem()(impt["addr"]))
            self._import_table.setItem(row, 1, qt.qtablewidgetitem()(impt["dll"]))
            self._import_table.setItem(row, 2, qt.qtablewidgetitem()(impt["proc_name"]))
            self._import_table.setItem(row, 3, qt.qtablewidgetitem()(impt["proc_address"]))
            self._import_table.setItem(row, 4, qt.qtablewidgetitem()(impt["type"]))
            self._import_table.setItem(row, 5, qt.qtablewidgetitem()(idc.Name(int(impt["proc_address"], 16))))
            self._import_table.resizeRowToContents(row)
            row += 1
        self._import_table.setSortingEnabled(True) 
开发者ID:jjo-sec,项目名称:idataco,代码行数:19,代码来源:imports.py

示例6: renamed

# 需要导入模块: import idc [as 别名]
# 或者: from idc import Name [as 别名]
def renamed(self, ea, new_name, local_name):
        struct_id = GetStrucIdByName(GetConstName(ea))
        is_struct = struct_id != 0xffffffffffffffff and struct_id != 0xffffffff
        if is_struct:
            Warning("IDASynergy still does not support renaming of structs.\nBy renaming it, other collaborators will get this struct deleted and a new one added\nIf you want to avoid this, please rename it to its old name.")
            return IDP_Hooks.renamed(self, ea, new_name, local_name)

        if Name(ea) != "" and GetFunctionName(ea) != "": # If renaming a function...
            self.data_io.apply_modification("functions", (ea, new_name))
            return IDP_Hooks.renamed(self, ea, new_name, local_name) 
开发者ID:CubicaLabs,项目名称:IDASynergy,代码行数:12,代码来源:IDASynergyHooks.py

示例7: get_var

# 需要导入模块: import idc [as 别名]
# 或者: from idc import Name [as 别名]
def get_var(block, var_expr, stop_ea):
    class ExtractVar(idaapi.ctree_visitor_t):
        def __init__(self, var_expr, stop_ea):
            idaapi.ctree_visitor_t.__init__(self, idaapi.CV_FAST)
            self.var_expr = var_expr
            self.ret_expr = None
            self.stop_ea = stop_ea

        def visit_expr(self, i):
            if i.op == idaapi.cot_asg:
                if i.x.op == idaapi.cot_var:
                    if i.x.v.idx == self.var_expr.v.idx:
                        self.ret_expr = i.y
                elif i.x.op == idaapi.cot_ptr:
                    if i.x.x.op == idaapi.cot_var:
                        if i.x.x.v.idx == self.var_expr.v.idx:
                            self.ret_expr = i.y
                    elif i.x.x.op == idaapi.cot_cast:
                        if i.x.x.x.op == idaapi.cot_var:
                            if i.x.x.x.v.idx == self.var_expr.v.idx:
                                self.ret_expr = i.y
            elif i.op == idaapi.cot_call:
                if i.x.helper in HELPER_COPY or idc.Name(i.x.obj_ea) in FUNC_COPY:
                    if i.a[0].op == idaapi.cot_var:
                        if i.a[0].v.idx == self.var_expr.v.idx:
                            self.ret_expr = i.a[1]
                    elif i.a[0].op == idaapi.cot_cast or i.a[0].op == idaapi.cot_ref:
                        if i.a[0].x.op == idaapi.cot_var:
                            if i.a[0].x.v.idx == self.var_expr.v.idx:
                                self.ret_expr = i.a[1]
                        elif i.a[0].x.op == idaapi.cot_ref:
                            if i.a[0].x.x.op == idaapi.cot_var:
                                if i.a[0].x.x.v.idx == self.var_expr.v.idx:
                                    self.ret_expr = i.a[1]
            if i.ea == self.stop_ea:
                 return 1
            return 0

    x = ExtractVar(var_expr, stop_ea)
    x.apply_to(block, None)
    return x.ret_expr 
开发者ID:eset,项目名称:malware-research,代码行数:43,代码来源:OL_OSX_decryptor.py

示例8: _cbEnumImports

# 需要导入模块: import idc [as 别名]
# 或者: from idc import Name [as 别名]
def _cbEnumImports(self, addr, name, ordinal):
        # potentially use: idc.Name(addr)
        if self._import_module_name:
            self._api_map[addr] = self._import_module_name + "!" + name
        else:
            self._api_map[addr] = name
        return True 
开发者ID:danielplohmann,项目名称:smda,代码行数:9,代码来源:IdaInterface.py

示例9: findGetProcAddress

# 需要导入模块: import idc [as 别名]
# 或者: from idc import Name [as 别名]
def findGetProcAddress(cfunc):
    class visitor(idaapi.ctree_visitor_t):
        def __init__(self, cfunc):
            idaapi.ctree_visitor_t.__init__(self, idaapi.CV_FAST)
            self.cfunc = cfunc

        def visit_expr(self, i):
            if i.op == idaapi.cot_call:
                # look for calls to GetProcAddress
                if idc.Name(i.x.obj_ea) == "GetProcAddress":

                    # ASCSTR_C == 0
                    # Check to see if the second argument is a C string
                    if idc.GetStringType(i.a[1].obj_ea) == 0:
                        targetName = idc.GetString(i.a[1].obj_ea, -1, 0)

                        # Found function name
                        # Look for global assignment
                        parent = self.cfunc.body.find_parent_of(i)
                        if parent.op == idaapi.cot_cast:
                            # Ignore casts and look for the parent
                            parent = self.cfunc.body.find_parent_of(parent)

                        if parent.op == idaapi.cot_asg:
                            # We want to find the left hand side (x)
                            idc.MakeName(parent.cexpr.x.obj_ea, targetName + "_")

            return 0
    
    v = visitor(cfunc)
    v.apply_to(cfunc.body, None) 
开发者ID:fireeye,项目名称:flare-ida,代码行数:33,代码来源:find_get_proc_address.py

示例10: check_for_wrapper

# 需要导入模块: import idc [as 别名]
# 或者: from idc import Name [as 别名]
def check_for_wrapper(func):
    flags = idc.GetFunctionFlags(func)
    #跳过库函数和简单的跳转函数
    if flags & FUNC_LIB or flags & FUNC_THUNK:
        return
    dism_addr = list(idautils.FuncItems(func))
    #获取函数的长度
    func_length = len(dism_addr)
    #如果函数的超过32条指令则返回
    if func_length > 0x20:
        return
    
    func_call = 0
    instr_cmp = 0
    op = None
    op_addr = None
    op_type = None
    
    #遍历函数中的每条指令
    for ea in dism_addr:
        m = idc.GetMnem(ea)
        if m == 'call' or m == 'jmp':
            if m == 'jmp':
                temp = idc.GetOperandValue(ea, 0)
                # 忽略函数边界内的跳转
                if temp in dism_addr:
                    continue
            func_call += 1
            #封装函数内不会包含多个函数调用
            if func_call == 2:
                return
            op_addr = idc.GetOperandValue(ea, 0)
            op_type = idc.GetOpType(ea, 0)
        elif m == 'cmp' or m == 'test':
            # 封装函数内不应该包含太多的逻辑运算
            instr_cmp += 1
            if instr_cmp == 3:
                return
        else:
            continue
    
    # 所有函数内的指令都被分析过了
    if op_addr == None:
        return
    
    name = idc.Name(op_addr)
    #跳过名称粉碎的函数名称
    if "[" in name or "$" in name or "?" in name or "@" in name or name == "":
        return
    name = "w_" + name
    if op_type == o_near:
        if idc.GetFunctionFlags(op_addr) & FUNC_THUNK:
            rename_wrapper(name, func)
            return
    if op_type == o_mem or op_type == o_far:
        rename_wrapper(name, func)
        return 
开发者ID:ExpLife0011,项目名称:IDAPython_Note,代码行数:59,代码来源:13_注释和重命名.py

示例11: renameDword

# 需要导入模块: import idc [as 别名]
# 或者: from idc import Name [as 别名]
def renameDword(self):
        proc_addr = self._import_table.item(self._import_table.currentRow(), 3).text()
        proc_name = str(self._import_table.item(self._import_table.currentRow(), 2).text())
        renamed = 0
        if proc_addr:
            try:
                proc_addr = int(proc_addr, 16)
                proc_bin_str = " ".join([x.encode("hex") for x in struct.pack("<I", proc_addr)])
                next_dword = idc.FindBinary(idc.MinEA(), idc.SEARCH_DOWN|idc.SEARCH_NEXT, proc_bin_str)
                while next_dword != idc.BADADDR:
                    log.debug("Trying to fix-up 0x{:08x}".format(next_dword))
                    # DWORDs can be "inaccessible" for many reasons and it requires "breaking up" the data blobs
                    # and manually fixing them

                    # Reason 1: In a dword array in an unknown section
                    if idc.isUnknown(next_dword):
                        idc.MakeUnkn(next_dword, idc.DOUNK_EXPAND)
                        idc.MakeDword(next_dword)
                    # Reason 2: In a dword array in a data section
                    elif idc.isData(next_dword):
                        hd = idc.ItemHead(next_dword)
                        idc.MakeDword(hd)
                        idc.MakeDword(next_dword)
                    # Reason 3: In a dword array in a code section (validate via "dd <dword>,")
                    elif idc.isCode(next_dword) and idc.GetDisasm(next_dword).startswith("dd "):
                        hd = idc.ItemHead(next_dword)
                        idc.MakeDword(hd)
                        idc.MakeDword(next_dword)

                    # Only perform
                    if idc.Name(next_dword).startswith(("off_", "dword_")) or idc.Name(next_dword) == "":
                        success = idc.MakeNameEx(next_dword, proc_name, idc.SN_NOWARN|idc.SN_NON_AUTO)
                        i = 0
                        new_proc_name = proc_name
                        while not success and i < 10:
                            new_proc_name = "{}{}".format(proc_name, i)
                            success = idc.MakeNameEx(next_dword, new_proc_name, idc.SN_NOWARN|idc.SN_NON_AUTO)
                            i += 1
                        if success:
                            renamed += 1
                            item = self._import_table.item(self._import_table.currentRow(), 5)
                            item.setText("{}, {}".format(str(item.text()), new_proc_name))
                            log.debug("DWORD @ 0x{:08x} now has name {}".format(next_dword, new_proc_name))
                        else:
                            log.error("Unable to auto-rename successfully, terminating search")
                            break
                    else: log.debug("Value at 0x{:08x} does not meet renaming requirements".format(next_dword))
                    next_dword = idc.FindBinary(next_dword+4, idc.SEARCH_DOWN|idc.SEARCH_NEXT, proc_bin_str)
            except Exception, e:
                log.error("Error encountered: {}".format(e))
            log.debug("Renamed {:d} instances of {}".format(renamed, proc_name)) 
开发者ID:jjo-sec,项目名称:idataco,代码行数:53,代码来源:imports.py


注:本文中的idc.Name方法示例由纯净天空整理自Github/MSDocs等开源代码及文档管理平台,相关代码片段筛选自各路编程大神贡献的开源项目,源码版权归原作者所有,传播和使用请参考对应项目的License;未经允许,请勿转载。