本文整理汇总了Python中idc.ScreenEA方法的典型用法代码示例。如果您正苦于以下问题:Python idc.ScreenEA方法的具体用法?Python idc.ScreenEA怎么用?Python idc.ScreenEA使用的例子?那么, 这里精选的方法代码示例或许可以为您提供帮助。您也可以进一步了解该方法所在类idc
的用法示例。
在下文中一共展示了idc.ScreenEA方法的15个代码示例,这些例子默认根据受欢迎程度排序。您可以为喜欢或者感觉有用的代码点赞,您的评价将有助于系统推荐出更棒的Python代码示例。
示例1: find_all_ioctls
# 需要导入模块: import idc [as 别名]
# 或者: from idc import ScreenEA [as 别名]
def find_all_ioctls():
"""
From the currently selected address attempts to traverse all blocks inside the current function to find all immediate values which
are used for a comparison/sub immediately before a jz. Returns a list of address, second operand pairs.
"""
ioctls = []
# Find the currently selected function and get a list of all of it's basic blocks
addr = idc.ScreenEA()
f = idaapi.get_func(addr)
fc = idaapi.FlowChart(f, flags=idaapi.FC_PREDS)
for block in fc:
# grab the last two instructions in the block
last_inst = idc.PrevHead(block.endEA)
penultimate_inst = idc.PrevHead(last_inst)
# If the penultimate instruction is cmp or sub against an immediate value immediately preceding a 'jz'
# then it's a decent guess that it's an IOCTL code (if this is a dispatch function)
if idc.GetMnem(penultimate_inst) in ['cmp', 'sub'] and idc.GetOpType(penultimate_inst, 1) == 5:
if idc.GetMnem(last_inst) == 'jz':
value = get_operand_value(penultimate_inst)
ioctls.append((penultimate_inst, value))
ioctl_tracker.add_ioctl(penultimate_inst, value)
return ioctls
示例2: get_position_and_translate
# 需要导入模块: import idc [as 别名]
# 或者: from idc import ScreenEA [as 别名]
def get_position_and_translate():
"""
Gets the current selected address and decodes the second parameter to the instruction if it exists/is an immediate
then adds the C define for the code as a comment and prints a summary table of all decoded IOCTL codes.
"""
pos = idc.ScreenEA()
if idc.GetOpType(pos, 1) != 5: # Check the second operand to the instruction is an immediate
return
value = get_operand_value(pos)
ioctl_tracker.add_ioctl(pos, value)
define = ioctl_decoder.get_define(value)
make_comment(pos, define)
# Print summary table each time a new IOCTL code is decoded
ioctls = []
for inst in ioctl_tracker.ioctl_locs:
value = get_operand_value(inst)
ioctls.append((inst, value))
ioctl_tracker.print_table(ioctls)
示例3: finish_populating_tform_popup
# 需要导入模块: import idc [as 别名]
# 或者: from idc import ScreenEA [as 别名]
def finish_populating_tform_popup(self, form, popup):
tft = idaapi.get_tform_type(form)
if tft != idaapi.BWN_DISASM:
return
pos = idc.ScreenEA()
register_dynamic_action(form, popup, 'Decode All IOCTLs in Function', DecodeAllHandler())
register_dynamic_action(form, popup, 'Decode IOCTLs using Angr', DecodeAngrHandler())
# If the second argument to the current selected instruction is an immediately
# then give the option to decode it.
if idc.GetOpType(pos, 1) == 5:
register_dynamic_action(form, popup, 'Decode IOCTL', DecodeHandler())
if pos in ioctl_tracker.ioctl_locs:
register_dynamic_action(form, popup, 'Invalid IOCTL', InvalidHandler())
if len(ioctl_tracker.ioctl_locs) > 0:
register_dynamic_action(form, popup, 'Show All IOCTLs', ShowAllHandler())
示例4: __init__
# 需要导入模块: import idc [as 别名]
# 或者: from idc import ScreenEA [as 别名]
def __init__(self, text_max_length=30, **kwargs):
super(QFunctionSelect, self).__init__(**kwargs)
self.text_max = text_max_length
self.func = None
self.label = QtWidgets.QPushButton()
self.label.clicked.connect(self.label_clicked)
self.label.setFlat(True)
self.btn = QtWidgets.QPushButton("...")
self.btn.setMaximumWidth(20)
self.btn.clicked.connect(self.btn_clicked)
current_func = ida_funcs.get_func(idc.ScreenEA())
if current_func:
self.set_func(current_func)
layout = QtWidgets.QHBoxLayout()
layout.setContentsMargins(0, 0, 0, 0)
layout.addWidget(self.label)
layout.addWidget(self.btn)
layout.setStretch(0, 1)
self.setLayout(layout)
示例5: get_current_function_strings
# 需要导入模块: import idc [as 别名]
# 或者: from idc import ScreenEA [as 别名]
def get_current_function_strings( self ):
addr_in_func = idc.ScreenEA()
curr_func = idc.GetFunctionName(addr_in_func)
funcs = [ addr_in_func ]
if ConfigStingray.SEARCH_RECURSION_MAXLVL > 0:
funcs = find_function_callees( addr_in_func,
ConfigStingray.SEARCH_RECURSION_MAXLVL )
total_strs = []
for func in funcs:
strs = find_function_strings(func)
total_strs += [ s.get_row() for s in strs ]
return total_strs
# ------------------------------------------------------------------------------
示例6: __init__
# 需要导入模块: import idc [as 别名]
# 或者: from idc import ScreenEA [as 别名]
def __init__(self):
addr = idc.ScreenEA()
func = idaapi.get_func(addr)
tests_choice = "\n".join(map(lambda x: "<%s:{r%s}>" % (x, x), AVAILABLE_TESTS))
ida_kernwin.Form.__init__(self,
r"""BUTTON YES* Launch
BUTTON CANCEL NONE
Sibyl Settings
{FormChangeCb}
Apply on:
<One function:{rOneFunc}>
<All functions:{rAllFunc}>{cMode}>
<Targeted function:{cbFunc}>
Testsets to use:
%s{cTest}>
""" % tests_choice, {
'FormChangeCb': ida_kernwin.Form.FormChangeCb(self.OnFormChange),
'cMode': ida_kernwin.Form.RadGroupControl(("rOneFunc", "rAllFunc")),
'cTest': ida_kernwin.Form.ChkGroupControl(map(lambda x: "r%s" % x,
AVAILABLE_TESTS),
value=(1 << len(AVAILABLE_TESTS)) - 1),
'cbFunc': ida_kernwin.Form.DropdownListControl(
items=self.available_funcs,
readonly=False,
selval="0x%x" % func.startEA),
}
)
self.Compile()
示例7: decode_angr
# 需要导入模块: import idc [as 别名]
# 或者: from idc import ScreenEA [as 别名]
def decode_angr():
"""Attempts to locate all the IOCTLs in a function and decode them all using symbolic execution"""
path = idaapi.get_input_file_path()
addr = idc.ScreenEA()
ioctls = angr_analysis.angr_find_ioctls(path, addr)
track_ioctls(ioctls)
示例8: activate
# 需要导入模块: import idc [as 别名]
# 或者: from idc import ScreenEA [as 别名]
def activate(self, ctx):
pos = idc.ScreenEA()
# Get current comment for this instruction and remove the C define from it, if present
comment = idc.Comment(pos)
code = get_operand_value(pos)
define = ioctl_decoder.get_define(code)
comment = comment.replace(define, "")
idc.MakeComm(pos, comment)
# Remove the ioctl from the valid list and add it to the invalid list to avoid 'find_all_ioctls' accidently re-indexing it.
ioctl_tracker.remove_ioctl(pos, code)
示例9: _onSetRootNode
# 需要导入模块: import idc [as 别名]
# 或者: from idc import ScreenEA [as 别名]
def _onSetRootNode(self):
try:
self.cc.PatternGenerator.setRootNode(idc.get_screen_ea())
except:
self.cc.PatternGenerator.setRootNode(idc.ScreenEA())
self._render_if_real_time()
示例10: _onAddTargetNode
# 需要导入模块: import idc [as 别名]
# 或者: from idc import ScreenEA [as 别名]
def _onAddTargetNode(self):
try:
self.cc.PatternGenerator.addTargetNode(idc.get_screen_ea())
except:
self.cc.PatternGenerator.addTargetNode(idc.ScreenEA())
self._render_if_real_time()
示例11: setMatchType
# 需要导入模块: import idc [as 别名]
# 或者: from idc import ScreenEA [as 别名]
def setMatchType(self, type):
try:
selection, begin, end = None, None, None
err = idaapi.read_selection(selection, begin, end)
if err and selection:
for ea in range(begin, end+1):
self.cc.PatternGenerator.setMatchType(ea, type)
else:
self.cc.PatternGenerator.setMatchType(idc.get_screen_ea(), type)
except:
self.cc.PatternGenerator.setMatchType(idc.ScreenEA(), type)
self._render_if_real_time()
示例12: _onRemoveTargetNode
# 需要导入模块: import idc [as 别名]
# 或者: from idc import ScreenEA [as 别名]
def _onRemoveTargetNode(self):
try:
self.cc.PatternGenerator.removeTargetNode(idc.get_screen_ea())
except:
self.cc.PatternGenerator.removeTargetNode(idc.ScreenEA())
self._render_if_real_time()
示例13: get_current_function_xrefs_from
# 需要导入模块: import idc [as 别名]
# 或者: from idc import ScreenEA [as 别名]
def get_current_function_xrefs_from( self ):
addr_in_func = idc.ScreenEA()
curr_func = idc.GetFunctionName( addr_in_func )
refs = self.find_xrefs_from( addr_in_func )
return [ ref.get_row( XrefsFromFinder.XREF_TYPE2STR ) for ref in refs ]
# ------------------------------------------------------------------------------
示例14: _do_callbacks
# 需要导入模块: import idc [as 别名]
# 或者: from idc import ScreenEA [as 别名]
def _do_callbacks(cls, ptr_or_reg):
data = {
'ea': idc.ScreenEA(),
'ptr_or_reg': ptr_or_reg
}
for callback in cls._callbacks[ptr_or_reg]:
callback(data)
示例15: start
# 需要导入模块: import idc [as 别名]
# 或者: from idc import ScreenEA [as 别名]
def start(self):
tainter = PropagateTaint(idc.ScreenEA(), self.kind)
tainter.on_finish(lambda bap: self.finish(bap))
tainter.run()