本文整理汇总了Python中idc.Name方法的典型用法代码示例。如果您正苦于以下问题:Python idc.Name方法的具体用法?Python idc.Name怎么用?Python idc.Name使用的例子?那么, 这里精选的方法代码示例或许可以为您提供帮助。您也可以进一步了解该方法所在类idc
的用法示例。
在下文中一共展示了idc.Name方法的11个代码示例,这些例子默认根据受欢迎程度排序。您可以为喜欢或者感觉有用的代码点赞,您的评价将有助于系统推荐出更棒的Python代码示例。
示例1: __call__
# 需要导入模块: import idc [as 别名]
# 或者: from idc import Name [as 别名]
def __call__(self, f):
def wrapped_export_f(*args):
if not globals().has_key("IDP_Hooks") or globals()["IDP_Hooks"] is None:
from idaapi import IDP_Hooks, UI_Hooks
from idc import Name, GetFunctionName, GetStrucIdByName, GetConstName, Warning, SetStrucName, GetStrucName
globals()["IDP_Hooks"] = locals()["IDP_Hooks"]
globals()["UI_Hooks"] = locals()["UI_Hooks"]
globals()["Name"] = locals()["Name"]
globals()["GetFunctionName"] = locals()["GetFunctionName"]
globals()["GetStrucIdByName"] = locals()["GetStrucIdByName"]
globals()["GetConstName"] = locals()["GetConstName"]
globals()["Warning"] = locals()["Warning"]
globals()["SetStrucName"] = locals()["SetStrucName"]
globals()["GetStrucName"] = locals()["GetStrucName"]
return f(*args)
return wrapped_export_f
示例2: get_function_name
# 需要导入模块: import idc [as 别名]
# 或者: from idc import Name [as 别名]
def get_function_name(ea):
"""
Get the real function name
"""
# Try to demangle
function_name = idc.Demangle(idc.GetFunctionName(ea), idc.GetLongPrm(idc.INF_SHORT_DN))
if function_name:
function_name = function_name.split("(")[0]
# Function name is not mangled
if not function_name:
function_name = idc.GetFunctionName(ea)
if not function_name:
function_name = idc.Name(ea)
# If we still have no function name, make one up. Format is - 'UNKN_FNC_4120000'
if not function_name:
function_name = "UNKN_FNC_%s" % hex(ea)
return function_name
示例3: get_name
# 需要导入模块: import idc [as 别名]
# 或者: from idc import Name [as 别名]
def get_name(ea):
name = None
if not sark.Line(ea).has_name:
raise NoName("No non-trivial name for 0x{:08X}".format(ea))
try:
function = sark.Function(ea)
if function.ea == ea:
name = function.demangled
except:
pass
if not name:
name = idc.Name(ea)
if not name:
raise NoName("No named for address 0x{:08X}".format(ea))
return name
示例4: initVars
# 需要导入模块: import idc [as 别名]
# 或者: from idc import Name [as 别名]
def initVars(self):
self._import_table = qt.qtablewidget()()
self._import_table.setEditTriggers(qt.qabstractitemview().NoEditTriggers)
self._import_table.setRowCount(0)
self._import_table.setColumnCount(6)
self._import_table.setHorizontalHeaderLabels(["Address","DLL","ProcName","ProcAddress","Type","IDA Name"])
self._import_table.setContextMenuPolicy(qt.qtcore().Qt.ActionsContextMenu)
copyAction = qt.qaction()(self._import_table)
copyAction.setText("Copy Cell Value")
copyAction.triggered.connect(self.copyToClipboard)
self._import_table.addAction(copyAction)
renameAction = qt.qaction()(self._import_table)
renameAction.setText("Rename DWORDs to Proc Name")
renameAction.triggered.connect(self.renameDword)
self._import_table.addAction(renameAction)
self.clipboard = qt.qclipboard()
示例5: load
# 需要导入模块: import idc [as 别名]
# 或者: from idc import Name [as 别名]
def load(self):
self._import_table.clear()
self._import_table.setHorizontalHeaderLabels(["Address", "DLL", "ProcName", "ProcAddress", "Type", "IDA Name"])
self._import_table.itemDoubleClicked.connect(self.clickRow)
self._import_table.setRowCount(len(self.parent.impts))
self._import_table.setAlternatingRowColors(True)
row = 0
for impt in self.parent.impts:
self._import_table.setItem(row, 0, qt.qtablewidgetitem()(impt["addr"]))
self._import_table.setItem(row, 1, qt.qtablewidgetitem()(impt["dll"]))
self._import_table.setItem(row, 2, qt.qtablewidgetitem()(impt["proc_name"]))
self._import_table.setItem(row, 3, qt.qtablewidgetitem()(impt["proc_address"]))
self._import_table.setItem(row, 4, qt.qtablewidgetitem()(impt["type"]))
self._import_table.setItem(row, 5, qt.qtablewidgetitem()(idc.Name(int(impt["proc_address"], 16))))
self._import_table.resizeRowToContents(row)
row += 1
self._import_table.setSortingEnabled(True)
示例6: renamed
# 需要导入模块: import idc [as 别名]
# 或者: from idc import Name [as 别名]
def renamed(self, ea, new_name, local_name):
struct_id = GetStrucIdByName(GetConstName(ea))
is_struct = struct_id != 0xffffffffffffffff and struct_id != 0xffffffff
if is_struct:
Warning("IDASynergy still does not support renaming of structs.\nBy renaming it, other collaborators will get this struct deleted and a new one added\nIf you want to avoid this, please rename it to its old name.")
return IDP_Hooks.renamed(self, ea, new_name, local_name)
if Name(ea) != "" and GetFunctionName(ea) != "": # If renaming a function...
self.data_io.apply_modification("functions", (ea, new_name))
return IDP_Hooks.renamed(self, ea, new_name, local_name)
示例7: get_var
# 需要导入模块: import idc [as 别名]
# 或者: from idc import Name [as 别名]
def get_var(block, var_expr, stop_ea):
class ExtractVar(idaapi.ctree_visitor_t):
def __init__(self, var_expr, stop_ea):
idaapi.ctree_visitor_t.__init__(self, idaapi.CV_FAST)
self.var_expr = var_expr
self.ret_expr = None
self.stop_ea = stop_ea
def visit_expr(self, i):
if i.op == idaapi.cot_asg:
if i.x.op == idaapi.cot_var:
if i.x.v.idx == self.var_expr.v.idx:
self.ret_expr = i.y
elif i.x.op == idaapi.cot_ptr:
if i.x.x.op == idaapi.cot_var:
if i.x.x.v.idx == self.var_expr.v.idx:
self.ret_expr = i.y
elif i.x.x.op == idaapi.cot_cast:
if i.x.x.x.op == idaapi.cot_var:
if i.x.x.x.v.idx == self.var_expr.v.idx:
self.ret_expr = i.y
elif i.op == idaapi.cot_call:
if i.x.helper in HELPER_COPY or idc.Name(i.x.obj_ea) in FUNC_COPY:
if i.a[0].op == idaapi.cot_var:
if i.a[0].v.idx == self.var_expr.v.idx:
self.ret_expr = i.a[1]
elif i.a[0].op == idaapi.cot_cast or i.a[0].op == idaapi.cot_ref:
if i.a[0].x.op == idaapi.cot_var:
if i.a[0].x.v.idx == self.var_expr.v.idx:
self.ret_expr = i.a[1]
elif i.a[0].x.op == idaapi.cot_ref:
if i.a[0].x.x.op == idaapi.cot_var:
if i.a[0].x.x.v.idx == self.var_expr.v.idx:
self.ret_expr = i.a[1]
if i.ea == self.stop_ea:
return 1
return 0
x = ExtractVar(var_expr, stop_ea)
x.apply_to(block, None)
return x.ret_expr
示例8: _cbEnumImports
# 需要导入模块: import idc [as 别名]
# 或者: from idc import Name [as 别名]
def _cbEnumImports(self, addr, name, ordinal):
# potentially use: idc.Name(addr)
if self._import_module_name:
self._api_map[addr] = self._import_module_name + "!" + name
else:
self._api_map[addr] = name
return True
示例9: findGetProcAddress
# 需要导入模块: import idc [as 别名]
# 或者: from idc import Name [as 别名]
def findGetProcAddress(cfunc):
class visitor(idaapi.ctree_visitor_t):
def __init__(self, cfunc):
idaapi.ctree_visitor_t.__init__(self, idaapi.CV_FAST)
self.cfunc = cfunc
def visit_expr(self, i):
if i.op == idaapi.cot_call:
# look for calls to GetProcAddress
if idc.Name(i.x.obj_ea) == "GetProcAddress":
# ASCSTR_C == 0
# Check to see if the second argument is a C string
if idc.GetStringType(i.a[1].obj_ea) == 0:
targetName = idc.GetString(i.a[1].obj_ea, -1, 0)
# Found function name
# Look for global assignment
parent = self.cfunc.body.find_parent_of(i)
if parent.op == idaapi.cot_cast:
# Ignore casts and look for the parent
parent = self.cfunc.body.find_parent_of(parent)
if parent.op == idaapi.cot_asg:
# We want to find the left hand side (x)
idc.MakeName(parent.cexpr.x.obj_ea, targetName + "_")
return 0
v = visitor(cfunc)
v.apply_to(cfunc.body, None)
示例10: check_for_wrapper
# 需要导入模块: import idc [as 别名]
# 或者: from idc import Name [as 别名]
def check_for_wrapper(func):
flags = idc.GetFunctionFlags(func)
#跳过库函数和简单的跳转函数
if flags & FUNC_LIB or flags & FUNC_THUNK:
return
dism_addr = list(idautils.FuncItems(func))
#获取函数的长度
func_length = len(dism_addr)
#如果函数的超过32条指令则返回
if func_length > 0x20:
return
func_call = 0
instr_cmp = 0
op = None
op_addr = None
op_type = None
#遍历函数中的每条指令
for ea in dism_addr:
m = idc.GetMnem(ea)
if m == 'call' or m == 'jmp':
if m == 'jmp':
temp = idc.GetOperandValue(ea, 0)
# 忽略函数边界内的跳转
if temp in dism_addr:
continue
func_call += 1
#封装函数内不会包含多个函数调用
if func_call == 2:
return
op_addr = idc.GetOperandValue(ea, 0)
op_type = idc.GetOpType(ea, 0)
elif m == 'cmp' or m == 'test':
# 封装函数内不应该包含太多的逻辑运算
instr_cmp += 1
if instr_cmp == 3:
return
else:
continue
# 所有函数内的指令都被分析过了
if op_addr == None:
return
name = idc.Name(op_addr)
#跳过名称粉碎的函数名称
if "[" in name or "$" in name or "?" in name or "@" in name or name == "":
return
name = "w_" + name
if op_type == o_near:
if idc.GetFunctionFlags(op_addr) & FUNC_THUNK:
rename_wrapper(name, func)
return
if op_type == o_mem or op_type == o_far:
rename_wrapper(name, func)
return
示例11: renameDword
# 需要导入模块: import idc [as 别名]
# 或者: from idc import Name [as 别名]
def renameDword(self):
proc_addr = self._import_table.item(self._import_table.currentRow(), 3).text()
proc_name = str(self._import_table.item(self._import_table.currentRow(), 2).text())
renamed = 0
if proc_addr:
try:
proc_addr = int(proc_addr, 16)
proc_bin_str = " ".join([x.encode("hex") for x in struct.pack("<I", proc_addr)])
next_dword = idc.FindBinary(idc.MinEA(), idc.SEARCH_DOWN|idc.SEARCH_NEXT, proc_bin_str)
while next_dword != idc.BADADDR:
log.debug("Trying to fix-up 0x{:08x}".format(next_dword))
# DWORDs can be "inaccessible" for many reasons and it requires "breaking up" the data blobs
# and manually fixing them
# Reason 1: In a dword array in an unknown section
if idc.isUnknown(next_dword):
idc.MakeUnkn(next_dword, idc.DOUNK_EXPAND)
idc.MakeDword(next_dword)
# Reason 2: In a dword array in a data section
elif idc.isData(next_dword):
hd = idc.ItemHead(next_dword)
idc.MakeDword(hd)
idc.MakeDword(next_dword)
# Reason 3: In a dword array in a code section (validate via "dd <dword>,")
elif idc.isCode(next_dword) and idc.GetDisasm(next_dword).startswith("dd "):
hd = idc.ItemHead(next_dword)
idc.MakeDword(hd)
idc.MakeDword(next_dword)
# Only perform
if idc.Name(next_dword).startswith(("off_", "dword_")) or idc.Name(next_dword) == "":
success = idc.MakeNameEx(next_dword, proc_name, idc.SN_NOWARN|idc.SN_NON_AUTO)
i = 0
new_proc_name = proc_name
while not success and i < 10:
new_proc_name = "{}{}".format(proc_name, i)
success = idc.MakeNameEx(next_dword, new_proc_name, idc.SN_NOWARN|idc.SN_NON_AUTO)
i += 1
if success:
renamed += 1
item = self._import_table.item(self._import_table.currentRow(), 5)
item.setText("{}, {}".format(str(item.text()), new_proc_name))
log.debug("DWORD @ 0x{:08x} now has name {}".format(next_dword, new_proc_name))
else:
log.error("Unable to auto-rename successfully, terminating search")
break
else: log.debug("Value at 0x{:08x} does not meet renaming requirements".format(next_dword))
next_dword = idc.FindBinary(next_dword+4, idc.SEARCH_DOWN|idc.SEARCH_NEXT, proc_bin_str)
except Exception, e:
log.error("Error encountered: {}".format(e))
log.debug("Renamed {:d} instances of {}".format(renamed, proc_name))