本文整理汇总了Python中idc.SegEnd方法的典型用法代码示例。如果您正苦于以下问题:Python idc.SegEnd方法的具体用法?Python idc.SegEnd怎么用?Python idc.SegEnd使用的例子?那么, 这里精选的方法代码示例或许可以为您提供帮助。您也可以进一步了解该方法所在类idc
的用法示例。
在下文中一共展示了idc.SegEnd方法的15个代码示例,这些例子默认根据受欢迎程度排序。您可以为喜欢或者感觉有用的代码点赞,您的评价将有助于系统推荐出更棒的Python代码示例。
示例1: create_call_map
# 需要导入模块: import idc [as 别名]
# 或者: from idc import SegEnd [as 别名]
def create_call_map(self, ftype):
assert_ida_available()
import idc
import idautils
seg_mapping = {idc.SegName(x): (idc.SegStart(x), idc.SegEnd(x)) for x in idautils.Segments()}
imports = seg_mapping[".idata"] if ftype == PE else seg_mapping['.plt']
start, stop = seg_mapping[".text"]
current = start
while current <= stop:
inst = current
if idc.GetMnem(inst) in ["call", "jmp"]:
value = idc.GetOperandValue(inst, 0)
name = idc.GetOpnd(inst, 0)
if imports[0] <= value <= imports[1]:
entry = self.config.call_map.add()
entry.address = inst
entry.name = name
current = idc.NextHead(current, stop)
示例2: initialize_data_offsets
# 需要导入模块: import idc [as 别名]
# 或者: from idc import SegEnd [as 别名]
def initialize_data_offsets():
"""Convert offsets in data segments into offsets in IDA.
Segment names must be initialized with segments.initialize_segments() first.
"""
# Normally, for user-space programs, this operation would be dangerous because there's a good
# chance that a valid userspace address would happen to show up in regular program data that is
# not actually an address. However, since kernel addresses are numerically much larger, the
# chance of this happening is much less.
for seg in idautils.Segments():
name = idc.SegName(seg)
if not (name.endswith('__DATA_CONST.__const') or name.endswith('__got')
or name.endswith('__DATA.__data')):
continue
for word, ea in idau.ReadWords(seg, idc.SegEnd(seg), addresses=True):
if idau.is_mapped(word, value=False):
idc.OpOff(ea, 0, 0)
示例3: _initialize_kext_regions
# 需要导入模块: import idc [as 别名]
# 或者: from idc import SegEnd [as 别名]
def _initialize_kext_regions():
"""Get region information for each kext based on iOS 12's __PRELINK_INFO.__kmod_start.
NOTE: This only accounts for __TEXT_EXEC, not the other segments."""
kmod_start = idc.SegByBase(idc.SegByName('__PRELINK_INFO.__kmod_start'))
if kmod_start == idc.BADADDR:
return
for kmod in idau.ReadWords(kmod_start, idc.SegEnd(kmod_start)):
_log(1, 'Found kmod {:x}', kmod)
segments = list(_macho_segments_and_sections(kmod))
if len(segments) != 1:
_log(0, 'Skipping unrecognized kmod {:x}', kmod)
continue
segname, segstart, segend, sects = segments[0]
if segname != '__TEXT_EXEC' or len(sects) != 1:
_log(0, 'Skipping unrecognized kmod {:x}', kmod)
continue
kmod_name = 'kext.{:x}'.format(kmod)
_log(1, 'Adding module: {:x} - {:x} {}', segstart, segend, kmod_name)
_kext_regions.append((segstart, segend, kmod_name))
示例4: tagged_pointer_next
# 需要导入模块: import idc [as 别名]
# 或者: from idc import SegEnd [as 别名]
def tagged_pointer_next(ea, tp, end=None):
assert ea
# First try to get the offset to the next link.
if tp:
link_offset = tagged_pointer_link(tagged_pointer_tag(tp))
if link_offset:
return ea + link_offset
# Skip the current tagged pointer in preparation for scanning.
ea += idau.WORD_SIZE
# We don't have a link. Do a forward scan until we find the next tagged pointer.
_log(3, 'Scanning for next tagged pointer')
if end is None:
end = idc.SegEnd(ea)
for value, value_ea in idau.ReadWords(ea, end, step=4, addresses=True):
if is_tagged_pointer(value):
return value_ea
# If we didn't find any tagged pointers at all, return None.
return None
示例5: getFuncRanges
# 需要导入模块: import idc [as 别名]
# 或者: from idc import SegEnd [as 别名]
def getFuncRanges(ea, doAllFuncs):
if using_ida7api:
return getFuncRanges_ida7(ea, doAllFuncs)
if doAllFuncs:
funcs = []
funcGen = idautils.Functions(idc.SegStart(ea), idc.SegEnd(ea))
for i in funcGen:
funcs.append(i)
funcRanges = []
for i in range(len(funcs) - 1):
funcRanges.append( (funcs[i], funcs[i+1]) )
funcRanges.append( (funcs[-1], idc.SegEnd(ea)) )
return funcRanges
else:
#just get the range of the current function
fakeRanges = [( idc.GetFunctionAttr(idc.here(), idc.FUNCATTR_START), idc.GetFunctionAttr(idc.here(), idc.FUNCATTR_END)), ]
return fakeRanges
示例6: get_segment_end_ea
# 需要导入模块: import idc [as 别名]
# 或者: from idc import SegEnd [as 别名]
def get_segment_end_ea(ea):
""" Return address where next MSDN info can be written to in added
segment.
Argument:
ea -- effective address within added segment where search starts
"""
addr = ea
while idc.GetCommentEx(addr, 0) is not None:
addr = addr + 1
if addr > idc.SegEnd(ea):
g_logger.debug('Address {} out of segment bounds. Expanding segment.'
.format(hex(addr)))
try:
expand_segment(ea)
except FailedToExpandSegmentException as e:
g_logger.warning(e.message)
raise e
else:
return addr
示例7: init_seginfo
# 需要导入模块: import idc [as 别名]
# 或者: from idc import SegEnd [as 别名]
def init_seginfo(self):
#print("seg len:%d\n" % len(list(idautils.Segments())))
for seg in idautils.Segments():
segname = idc.SegName(seg)
if segname.startswith('func_'):
self.segstarts[idc.SegStart(seg)] = segname
self.segends[idc.SegEnd(seg)] = segname
#print("segname:%s\n" % segname)
#print("add_func() called ret:%d" % add_func(idc.SegStart(seg), idc.SegEnd(seg)))
示例8: update_mapping
# 需要导入模块: import idc [as 别名]
# 或者: from idc import SegEnd [as 别名]
def update_mapping(self):
pass
self.fun_mapping = {idc.GetFunctionName(x): (idaapi.get_func(x).startEA, idaapi.get_func(x).endEA-1) for x in
idautils.Functions()}
self.seg_mapping = {idc.SegName(x): (idc.SegStart(x), idc.SegEnd(x)) for x in idautils.Segments()}
示例9: recover_frame_entries
# 需要导入模块: import idc [as 别名]
# 或者: from idc import SegEnd [as 别名]
def recover_frame_entries(seg_ea):
if seg_ea == idc.BADADDR:
return
DEBUG("Recover entries from section : {}".format(idc.SegName(seg_ea)))
ea = idc.SegStart(seg_ea)
end_ea = idc.SegEnd(seg_ea)
while ea != idc.BADADDR and ea < end_ea:
ea = format_entries(ea)
示例10: find_default_function_heads
# 需要导入模块: import idc [as 别名]
# 或者: from idc import SegEnd [as 别名]
def find_default_function_heads():
"""Loop through every function, to discover the heads of all blocks that
IDA recognizes. This will populate some global sets in `flow.py` that
will help distinguish block heads."""
func_heads = set()
for seg_ea in idautils.Segments():
seg_type = idc.GetSegmentAttr(seg_ea, idc.SEGATTR_TYPE)
if seg_type != idc.SEG_CODE:
continue
for func_ea in idautils.Functions(seg_ea, idc.SegEnd(seg_ea)):
if is_code_by_flags(func_ea):
func_heads.add(func_ea)
return func_heads
示例11: setBPs
# 需要导入模块: import idc [as 别名]
# 或者: from idc import SegEnd [as 别名]
def setBPs(self):
"""
Set breakpoints on all CALL and RET instructions in all of the executable sections.
"""
for seg_ea in idautils.Segments():
for head in idautils.Heads(seg_ea, idc.SegEnd(seg_ea)):
if idc.isCode(idc.GetFlags(head)):
# Add BP if instruction is a CALL
if is_call(head):
self.addBP(head)
示例12: iter_lines
# 需要导入模块: import idc [as 别名]
# 或者: from idc import SegEnd [as 别名]
def iter_lines():
"""
Iterate through all line addresses in the IDB
Yields addresses of all lines.
"""
for ea in idautils.Segments():
seg_start = idc.SegStart(ea)
seg_end = idc.SegEnd(ea)
cur_addr = seg_start
while (cur_addr < seg_end) and (cur_addr != idaapi.BADADDR):
yield cur_addr
cur_addr = idc.NextHead(cur_addr)
示例13: _process_mod_init_func_section_for_metaclasses
# 需要导入模块: import idc [as 别名]
# 或者: from idc import SegEnd [as 别名]
def _process_mod_init_func_section_for_metaclasses(segstart, found_metaclass):
"""Process a __mod_init_func section for OSMetaClass information."""
segend = idc.SegEnd(segstart)
for func in idau.ReadWords(segstart, segend):
_process_mod_init_func_for_metaclasses(func, found_metaclass)
示例14: _process_const_section_for_vtables
# 需要导入模块: import idc [as 别名]
# 或者: from idc import SegEnd [as 别名]
def _process_const_section_for_vtables(segstart, metaclass_info, found_vtable):
"""Process a __const section to search for virtual method tables."""
segend = idc.SegEnd(segstart)
addr = segstart
while addr < segend:
possible, length = vtable.vtable_length(addr, segend, scan=True)
if possible:
metaclass = _get_vtable_metaclass(addr, metaclass_info)
if metaclass:
_log(4, 'Vtable at address {:#x} has metaclass {:#x}', addr, metaclass)
found_vtable(metaclass, addr, length)
addr += length * idau.WORD_SIZE
示例15: _process_offsets_section
# 需要导入模块: import idc [as 别名]
# 或者: from idc import SegEnd [as 别名]
def _process_offsets_section(segstart, next_offset):
"""Process all the offsets in a __got section."""
for offset, ea in idau.ReadWords(segstart, idc.SegEnd(segstart), addresses=True):
if not offset_name_target(idau.get_ea_name(ea)):
# This is not a previously named offset.
if idau.is_mapped(offset, value=False):
_process_offset(offset, ea, next_offset)
else:
_log(-1, 'Offset {:#x} at address {:#x} is unmapped', offset, ea)