当前位置: 首页>>代码示例>>Python>>正文


Python idc.ScreenEA方法代码示例

本文整理汇总了Python中idc.ScreenEA方法的典型用法代码示例。如果您正苦于以下问题:Python idc.ScreenEA方法的具体用法?Python idc.ScreenEA怎么用?Python idc.ScreenEA使用的例子?那么, 这里精选的方法代码示例或许可以为您提供帮助。您也可以进一步了解该方法所在idc的用法示例。


在下文中一共展示了idc.ScreenEA方法的15个代码示例,这些例子默认根据受欢迎程度排序。您可以为喜欢或者感觉有用的代码点赞,您的评价将有助于系统推荐出更棒的Python代码示例。

示例1: find_all_ioctls

# 需要导入模块: import idc [as 别名]
# 或者: from idc import ScreenEA [as 别名]
def find_all_ioctls():
    """
    From the currently selected address attempts to traverse all blocks inside the current function to find all immediate values which
    are used for a comparison/sub immediately before a jz. Returns a list of address, second operand pairs.
    """
    
    ioctls = []
    # Find the currently selected function and get a list of all of it's basic blocks
    addr = idc.ScreenEA()
    f = idaapi.get_func(addr)
    fc = idaapi.FlowChart(f, flags=idaapi.FC_PREDS)
    for block in fc:
        # grab the last two instructions in the block 
        last_inst = idc.PrevHead(block.endEA)
        penultimate_inst = idc.PrevHead(last_inst)
        # If the penultimate instruction is cmp or sub against an immediate value immediately preceding a 'jz' 
        # then it's a decent guess that it's an IOCTL code (if this is a dispatch function)
        if idc.GetMnem(penultimate_inst) in ['cmp', 'sub'] and idc.GetOpType(penultimate_inst, 1) == 5:
            if idc.GetMnem(last_inst) == 'jz':
                value = get_operand_value(penultimate_inst)
                ioctls.append((penultimate_inst, value))
                ioctl_tracker.add_ioctl(penultimate_inst, value)
    return ioctls 
开发者ID:FSecureLABS,项目名称:win_driver_plugin,代码行数:25,代码来源:win_driver_plugin.py

示例2: get_position_and_translate

# 需要导入模块: import idc [as 别名]
# 或者: from idc import ScreenEA [as 别名]
def get_position_and_translate():
    """
    Gets the current selected address and decodes the second parameter to the instruction if it exists/is an immediate
    then adds the C define for the code as a comment and prints a summary table of all decoded IOCTL codes.
    """

    pos = idc.ScreenEA()
    if idc.GetOpType(pos, 1) != 5:   # Check the second operand to the instruction is an immediate
        return
    
    value = get_operand_value(pos)
    ioctl_tracker.add_ioctl(pos, value)
    define = ioctl_decoder.get_define(value)
    make_comment(pos, define)
    # Print summary table each time a new IOCTL code is decoded
    ioctls = []
    for inst in ioctl_tracker.ioctl_locs:
        value = get_operand_value(inst)
        ioctls.append((inst, value))
    ioctl_tracker.print_table(ioctls) 
开发者ID:FSecureLABS,项目名称:win_driver_plugin,代码行数:22,代码来源:win_driver_plugin.py

示例3: finish_populating_tform_popup

# 需要导入模块: import idc [as 别名]
# 或者: from idc import ScreenEA [as 别名]
def finish_populating_tform_popup(self, form, popup):
        tft = idaapi.get_tform_type(form)
        if tft != idaapi.BWN_DISASM:
            return

        pos = idc.ScreenEA()
        register_dynamic_action(form, popup, 'Decode All IOCTLs in Function', DecodeAllHandler())
        register_dynamic_action(form, popup, 'Decode IOCTLs using Angr', DecodeAngrHandler())
		# If the second argument to the current selected instruction is an immediately
        # then give the option to decode it.
        if idc.GetOpType(pos, 1) == 5:
            register_dynamic_action(form, popup, 'Decode IOCTL', DecodeHandler())
            if pos in ioctl_tracker.ioctl_locs:
                register_dynamic_action(form, popup, 'Invalid IOCTL', InvalidHandler())
        if len(ioctl_tracker.ioctl_locs) > 0:
            register_dynamic_action(form, popup, 'Show All IOCTLs', ShowAllHandler()) 
开发者ID:FSecureLABS,项目名称:win_driver_plugin,代码行数:18,代码来源:win_driver_plugin.py

示例4: __init__

# 需要导入模块: import idc [as 别名]
# 或者: from idc import ScreenEA [as 别名]
def __init__(self, text_max_length=30, **kwargs):
    super(QFunctionSelect, self).__init__(**kwargs)

    self.text_max = text_max_length
    self.func = None

    self.label = QtWidgets.QPushButton()
    self.label.clicked.connect(self.label_clicked)
    self.label.setFlat(True)
    self.btn = QtWidgets.QPushButton("...")
    self.btn.setMaximumWidth(20)
    self.btn.clicked.connect(self.btn_clicked)

    current_func = ida_funcs.get_func(idc.ScreenEA())
    if current_func:
      self.set_func(current_func)

    layout = QtWidgets.QHBoxLayout()
    layout.setContentsMargins(0, 0, 0, 0)
    layout.addWidget(self.label)
    layout.addWidget(self.btn)
    layout.setStretch(0, 1)
    self.setLayout(layout) 
开发者ID:nirizr,项目名称:rematch,代码行数:25,代码来源:widgets.py

示例5: get_current_function_strings

# 需要导入模块: import idc [as 别名]
# 或者: from idc import ScreenEA [as 别名]
def get_current_function_strings( self ):

        addr_in_func = idc.ScreenEA()
        curr_func = idc.GetFunctionName(addr_in_func)

        funcs = [ addr_in_func ]
        if ConfigStingray.SEARCH_RECURSION_MAXLVL > 0:
            funcs = find_function_callees(  addr_in_func, 
                                            ConfigStingray.SEARCH_RECURSION_MAXLVL  )

        total_strs = []
        for func in funcs:
            strs = find_function_strings(func)
            total_strs += [ s.get_row() for s in strs ]

        return total_strs


# ------------------------------------------------------------------------------ 
开发者ID:darx0r,项目名称:Stingray,代码行数:21,代码来源:Stingray.py

示例6: __init__

# 需要导入模块: import idc [as 别名]
# 或者: from idc import ScreenEA [as 别名]
def __init__(self):

        addr = idc.ScreenEA()
        func = idaapi.get_func(addr)

        tests_choice = "\n".join(map(lambda x: "<%s:{r%s}>" % (x, x), AVAILABLE_TESTS))
        ida_kernwin.Form.__init__(self,
r"""BUTTON YES* Launch
BUTTON CANCEL NONE
Sibyl Settings

{FormChangeCb}
Apply on:
<One function:{rOneFunc}>
<All functions:{rAllFunc}>{cMode}>

<Targeted function:{cbFunc}>

Testsets to use:
%s{cTest}>

""" % tests_choice, {
    'FormChangeCb': ida_kernwin.Form.FormChangeCb(self.OnFormChange),
    'cMode': ida_kernwin.Form.RadGroupControl(("rOneFunc", "rAllFunc")),
    'cTest': ida_kernwin.Form.ChkGroupControl(map(lambda x: "r%s" % x,
                                      AVAILABLE_TESTS),
                                  value=(1 << len(AVAILABLE_TESTS)) - 1),
    'cbFunc': ida_kernwin.Form.DropdownListControl(
        items=self.available_funcs,
        readonly=False,
        selval="0x%x" % func.startEA),
}
        )

        self.Compile() 
开发者ID:cea-sec,项目名称:Sibyl,代码行数:37,代码来源:find.py

示例7: decode_angr

# 需要导入模块: import idc [as 别名]
# 或者: from idc import ScreenEA [as 别名]
def decode_angr():
	"""Attempts to locate all the IOCTLs in a function and decode them all using symbolic execution"""
	
	path = idaapi.get_input_file_path()
	addr = idc.ScreenEA()
	ioctls = angr_analysis.angr_find_ioctls(path, addr)
	track_ioctls(ioctls) 
开发者ID:FSecureLABS,项目名称:win_driver_plugin,代码行数:9,代码来源:win_driver_plugin.py

示例8: activate

# 需要导入模块: import idc [as 别名]
# 或者: from idc import ScreenEA [as 别名]
def activate(self, ctx):
        pos = idc.ScreenEA()
        # Get current comment for this instruction and remove the C define from it, if present
        comment = idc.Comment(pos)
        code = get_operand_value(pos)
        define = ioctl_decoder.get_define(code)
        comment = comment.replace(define, "")
        idc.MakeComm(pos, comment)
        # Remove the ioctl from the valid list and add it to the invalid list to avoid 'find_all_ioctls' accidently re-indexing it.
        ioctl_tracker.remove_ioctl(pos, code) 
开发者ID:FSecureLABS,项目名称:win_driver_plugin,代码行数:12,代码来源:win_driver_plugin.py

示例9: _onSetRootNode

# 需要导入模块: import idc [as 别名]
# 或者: from idc import ScreenEA [as 别名]
def _onSetRootNode(self):
        try:
            self.cc.PatternGenerator.setRootNode(idc.get_screen_ea())
        except:
            self.cc.PatternGenerator.setRootNode(idc.ScreenEA())

        self._render_if_real_time() 
开发者ID:AirbusCyber,项目名称:grap,代码行数:9,代码来源:PatternGenerationWidget.py

示例10: _onAddTargetNode

# 需要导入模块: import idc [as 别名]
# 或者: from idc import ScreenEA [as 别名]
def _onAddTargetNode(self):
        try:
            self.cc.PatternGenerator.addTargetNode(idc.get_screen_ea())
        except:
            self.cc.PatternGenerator.addTargetNode(idc.ScreenEA())

        self._render_if_real_time() 
开发者ID:AirbusCyber,项目名称:grap,代码行数:9,代码来源:PatternGenerationWidget.py

示例11: setMatchType

# 需要导入模块: import idc [as 别名]
# 或者: from idc import ScreenEA [as 别名]
def setMatchType(self, type):
        try:
            selection, begin, end = None, None, None
            err = idaapi.read_selection(selection, begin, end)
            if err and selection:
                for ea in range(begin, end+1):
                    self.cc.PatternGenerator.setMatchType(ea, type)
            else:
                self.cc.PatternGenerator.setMatchType(idc.get_screen_ea(), type)  
        except:
            self.cc.PatternGenerator.setMatchType(idc.ScreenEA(), type)

        self._render_if_real_time() 
开发者ID:AirbusCyber,项目名称:grap,代码行数:15,代码来源:PatternGenerationWidget.py

示例12: _onRemoveTargetNode

# 需要导入模块: import idc [as 别名]
# 或者: from idc import ScreenEA [as 别名]
def _onRemoveTargetNode(self):
        try:
            self.cc.PatternGenerator.removeTargetNode(idc.get_screen_ea())
        except:
            self.cc.PatternGenerator.removeTargetNode(idc.ScreenEA())

        self._render_if_real_time() 
开发者ID:AirbusCyber,项目名称:grap,代码行数:9,代码来源:PatternGenerationWidget.py

示例13: get_current_function_xrefs_from

# 需要导入模块: import idc [as 别名]
# 或者: from idc import ScreenEA [as 别名]
def get_current_function_xrefs_from( self ):
    
        addr_in_func = idc.ScreenEA()
        curr_func = idc.GetFunctionName( addr_in_func )

        refs = self.find_xrefs_from( addr_in_func )
        return [ ref.get_row( XrefsFromFinder.XREF_TYPE2STR ) for ref in refs ]


# ------------------------------------------------------------------------------ 
开发者ID:darx0r,项目名称:Reef,代码行数:12,代码来源:Reef.py

示例14: _do_callbacks

# 需要导入模块: import idc [as 别名]
# 或者: from idc import ScreenEA [as 别名]
def _do_callbacks(cls, ptr_or_reg):
        data = {
            'ea': idc.ScreenEA(),
            'ptr_or_reg': ptr_or_reg
        }
        for callback in cls._callbacks[ptr_or_reg]:
            callback(data) 
开发者ID:BinaryAnalysisPlatform,项目名称:bap-ida-python,代码行数:9,代码来源:bap_taint.py

示例15: start

# 需要导入模块: import idc [as 别名]
# 或者: from idc import ScreenEA [as 别名]
def start(self):
        tainter = PropagateTaint(idc.ScreenEA(), self.kind)
        tainter.on_finish(lambda bap: self.finish(bap))
        tainter.run() 
开发者ID:BinaryAnalysisPlatform,项目名称:bap-ida-python,代码行数:6,代码来源:bap_taint.py


注:本文中的idc.ScreenEA方法示例由纯净天空整理自Github/MSDocs等开源代码及文档管理平台,相关代码片段筛选自各路编程大神贡献的开源项目,源码版权归原作者所有,传播和使用请参考对应项目的License;未经允许,请勿转载。