当前位置: 首页>>代码示例>>Python>>正文


Python idc.NextHead方法代码示例

本文整理汇总了Python中idc.NextHead方法的典型用法代码示例。如果您正苦于以下问题:Python idc.NextHead方法的具体用法?Python idc.NextHead怎么用?Python idc.NextHead使用的例子?那么, 这里精选的方法代码示例或许可以为您提供帮助。您也可以进一步了解该方法所在idc的用法示例。


在下文中一共展示了idc.NextHead方法的10个代码示例,这些例子默认根据受欢迎程度排序。您可以为喜欢或者感觉有用的代码点赞,您的评价将有助于系统推荐出更棒的Python代码示例。

示例1: find_dispatch_by_struct_index

# 需要导入模块: import idc [as 别名]
# 或者: from idc import NextHead [as 别名]
def find_dispatch_by_struct_index():
    """Attempts to locate the dispatch function based off it being loaded in a structure
    at offset 70h, based off of https://github.com/kbandla/ImmunityDebugger/blob/master/1.73/Libs/driverlib.py """
    
    out = set()
    for function_ea in idautils.Functions():
        flags = idc.get_func_flags(function_ea)
        # skip library functions
        if flags & idc.FUNC_LIB:
            continue
        func = idaapi.get_func(function_ea)
        addr = func.startEA
        while addr < func.endEA:
            if idc.GetMnem(addr) == 'mov':
                if '+70h' in idc.GetOpnd(addr, 0) and idc.GetOpType(addr, 1) == 5:
                    out.add(idc.GetOpnd(addr, 1))
            addr = idc.NextHead(addr)
    return out 
开发者ID:FSecureLABS,项目名称:win_driver_plugin,代码行数:20,代码来源:win_driver_plugin.py

示例2: chunk_from_path

# 需要导入模块: import idc [as 别名]
# 或者: from idc import NextHead [as 别名]
def chunk_from_path(path):
    assert_ida_available()
    import idc
    chunk = chunk_t()
    for i in xrange(len(path)):
        body = chunk.body.add()
        body.typeid = body.INSTRUCTION
        inst = body.instruction
        inst.thread_id = 0
        addr = path[i]
        inst.address = addr
        inst.opcode = idc.GetManyBytes(addr, idc.NextHead(addr)-addr)
        try:
            next_a = path[i+1]
            inf1 = inst.concrete_infos.add()
            inf1.next_address = next_a
            inf1.typeid = inf1.NEXT_ADDRESS
        except IndexError:
            pass
        inf2 = inst.concrete_infos.add()
        inf2.typeid = inf2.NOT_RETRIEVED
    return chunk 
开发者ID:RobinDavid,项目名称:idasec,代码行数:24,代码来源:trace.py

示例3: create_call_map

# 需要导入模块: import idc [as 别名]
# 或者: from idc import NextHead [as 别名]
def create_call_map(self, ftype):
        assert_ida_available()
        import idc
        import idautils
        seg_mapping = {idc.SegName(x): (idc.SegStart(x), idc.SegEnd(x)) for x in idautils.Segments()}
        imports = seg_mapping[".idata"] if ftype == PE else seg_mapping['.plt']
        start, stop = seg_mapping[".text"]
        current = start
        while current <= stop:
            inst = current
            if idc.GetMnem(inst) in ["call", "jmp"]:
                value = idc.GetOperandValue(inst, 0)
                name = idc.GetOpnd(inst, 0)
                if imports[0] <= value <= imports[1]:
                    entry = self.config.call_map.add()
                    entry.address = inst
                    entry.name = name
            current = idc.NextHead(current, stop) 
开发者ID:RobinDavid,项目名称:idasec,代码行数:20,代码来源:configuration_file.py

示例4: enum_function_addrs

# 需要导入模块: import idc [as 别名]
# 或者: from idc import NextHead [as 别名]
def enum_function_addrs(fva):
    '''
    yield the effective addresses of each instruction in the given function.
    these addresses are not guaranteed to be in any order.
    
    Args:
      fva (int): the starting address of a function
    
    Returns:
      sequence[int]: the addresses of each instruction
    '''
    f = idaapi.get_func(fva)
    if not f:
        raise ValueError('not a function')

    for block in idaapi.FlowChart(f):
        ea = block.startEA
        while ea <= block.endEA:
            yield ea
            ea = idc.NextHead(ea) 
开发者ID:williballenthin,项目名称:idawilli,代码行数:22,代码来源:hint_calls.py

示例5: addRetBP

# 需要导入模块: import idc [as 别名]
# 或者: from idc import NextHead [as 别名]
def addRetBP(self, ea):
        """
        Add a breakpoint for a return instruction.
        This will place a breakpoint on the next instruction,
        e.g - the instruction that will be hit after the function returns.
        @param ea: effective address of a CALL instruction
        @return: True if breakpoint was successfully added, otherwise return False
        """
        if not is_call(ea):
            self.logger.error("The instruction at address %s is not recognized as a CALL instruction", hex(ea))
            raise UnrecognizedCallInstruction()

        next_inst = idc.NextHead(ea)

        # Add breakpoint on next instruction
        if next_inst not in self.ret_bps:
            idc.AddBpt(next_inst)
            self.ret_bps[next_inst] = 0
            return True

        return False 
开发者ID:ynvb,项目名称:DIE,代码行数:23,代码来源:BpHandler.py

示例6: _fill_instrs

# 需要导入模块: import idc [as 别名]
# 或者: from idc import NextHead [as 别名]
def _fill_instrs(self):
        cur_addr = self.startEA
        while cur_addr != idc.BADADDR:
            self.instrs.append(cur_addr)
            cur_addr = idc.NextHead(cur_addr, self.endEA) 
开发者ID:RobinDavid,项目名称:idasec,代码行数:7,代码来源:ida_utils.py

示例7: decode_here_clicked

# 需要导入模块: import idc [as 别名]
# 或者: from idc import NextHead [as 别名]
def decode_here_clicked(self):
        inst = idc.here()
        if not idc.isCode(idc.GetFlags(inst)):
            print "Not code instruction"
        else:
            raw = idc.GetManyBytes(inst, idc.NextHead(inst)-inst)
            s = to_hex(raw)
            self.decode_ir(s) 
开发者ID:RobinDavid,项目名称:idasec,代码行数:10,代码来源:MainWidget.py

示例8: generate_dead_alive_dump

# 需要导入模块: import idc [as 别名]
# 或者: from idc import NextHead [as 别名]
def generate_dead_alive_dump(self):
        f = Path("dead_or_alive_dump.txt")
        handle = f.open("w")
        for cfg in self.functions_cfg.values():
            for bb in cfg.values():
                for i in bb.instrs:
                    status = bb.instrs_status[i] if bb.is_alive() else Status.DEAD
                    size = idc.NextHead(i)-i
                    handle.write(u"%x,%d,%s\n" % (i, size, status))
        handle.close() 
开发者ID:RobinDavid,项目名称:idasec,代码行数:12,代码来源:static_opaque_analysis.py

示例9: iter_lines

# 需要导入模块: import idc [as 别名]
# 或者: from idc import NextHead [as 别名]
def iter_lines():
    """
    Iterate through all line addresses in the IDB
    Yields addresses of all lines.
    """
    for ea in idautils.Segments():
        seg_start = idc.SegStart(ea)
        seg_end = idc.SegEnd(ea)

        cur_addr = seg_start
        while (cur_addr < seg_end) and (cur_addr != idaapi.BADADDR):
            yield cur_addr
            cur_addr = idc.NextHead(cur_addr) 
开发者ID:xorpd,项目名称:idsearch,代码行数:15,代码来源:idb_indexer.py

示例10: get_function_args_count

# 需要导入模块: import idc [as 别名]
# 或者: from idc import NextHead [as 别名]
def get_function_args_count(self, function_ea, local_vars):
        """
        The function returns count of function arguments
        @function_ea - function entry point
        @local_vars - local variables dictionary
        @return - function arguments count
        """
        # i#9 Now, we can't identify fastcall functions.

        function_args_count = 0
        args_dict = dict()
        for local_var in local_vars:
            usage_list = local_vars.get(local_var, None)
            if usage_list == None:
                print "WARNING: empty usage list for ", local_var
                continue
            for head in usage_list:
                ops = self.get_instr_operands(int(head, 16))
                for idx, (op,type) in enumerate(ops):
                    if op.count("+") == 1:
                        value = idc.GetOperandValue(int (head, 16), idx)
                        if value < (15 * ARGUMENT_SIZE) and "ebp" in op:
                            args_dict.setdefault(local_var, []).append(head)
                    elif op.count("+") == 2:
                        if "arg" in local_var:
                            args_dict.setdefault(local_var, []).append(head)
                    else:
                        continue

        function_args_count = len(args_dict)
        if function_args_count:
            return function_args_count, args_dict

        #TODO Check previous algorithm here
        f_end = idc.FindFuncEnd(function_ea)
        f_end = idc.PrevHead(f_end, 0)
        instr_mnem = idc.GetMnem(f_end)
        #stdcall ?
        if "ret" in instr_mnem:
            ops = self.get_instr_operands(f_end)
            if len(ops) == 1:
                for op,type in ops:
                    op = op.replace("h", "")
                    function_args_count = int(op,16)/ARGUMENT_SIZE
                    return function_args_count, args_dict
        #cdecl ?
        refs = idautils.CodeRefsTo(function_ea, 0)
        for ref in refs:
            #trying to find add esp,x signature after call
            head = idc.NextHead(ref, 0xFFFFFFFF)
            if head:
                disasm = idc.GetDisasm(head)
                if "add" in disasm and "esp," in disasm:
                    ops = self.get_instr_operands(head)
                    op,type = ops[1]
                    if op:
                        op = op.replace("h", "")
                        function_args_count = int(op,16)/ARGUMENT_SIZE
                        return function_args_count, args_dict
        return function_args_count, args_dict 
开发者ID:mxmssh,项目名称:IDAmetrics,代码行数:62,代码来源:IDAMetrics_static.py


注:本文中的idc.NextHead方法示例由纯净天空整理自Github/MSDocs等开源代码及文档管理平台,相关代码片段筛选自各路编程大神贡献的开源项目,源码版权归原作者所有,传播和使用请参考对应项目的License;未经允许,请勿转载。