本文整理汇总了Python中idc.get_qword方法的典型用法代码示例。如果您正苦于以下问题:Python idc.get_qword方法的具体用法?Python idc.get_qword怎么用?Python idc.get_qword使用的例子?那么, 这里精选的方法代码示例或许可以为您提供帮助。您也可以进一步了解该方法所在类idc
的用法示例。
在下文中一共展示了idc.get_qword方法的7个代码示例,这些例子默认根据受欢迎程度排序。您可以为喜欢或者感觉有用的代码点赞,您的评价将有助于系统推荐出更棒的Python代码示例。
示例1: pablo
# 需要导入模块: import idc [as 别名]
# 或者: from idc import get_qword [as 别名]
def pablo(mode, address, end, search):
while address < end:
address = idaapi.find_binary(address, end, search, 0x10, SEARCH_DOWN)
if address > idaapi.get_segm_by_name('CODE').end_ea:
offset = address - 0x3
if idaapi.isUnknown(idaapi.getFlags(offset)):
if idaapi.get_qword(offset) <= end:
idaapi.create_data(offset, FF_QWORD, 0x8, BADNODE)
address = offset + 0x4
else:
address += mode
idaapi.do_unknown(address, 0)
idaapi.create_insn(address)
idaapi.add_func(address, BADADDR)
address += 0x1
# Load Input Binary...
示例2: __init__
# 需要导入模块: import idc [as 别名]
# 或者: from idc import get_qword [as 别名]
def __init__(self, logger, num_bits, is_elf, data_fptr_alignment=4, mixed_code_and_data=False):
"""Create the analyzer's base class instance.
Args:
logger (logger): logger instance
num_bits (int): bitness of the CPU (32 bits by default)
data_fptr_alignment (int, optional): byte alignment needed for global fptrs (4 by default)
mixed_code_and_data (bool, optional): True iff the main code section includes RO data constants (False by default)
"""
self.logger = logger
self._num_bits = num_bits
self._is_elf = is_elf
self.data_fptr_alignment = data_fptr_alignment
self._mixed_code_and_data = mixed_code_and_data
if num_bits == 64:
self._address_parse_fn = idc.get_qword
self._address_make_fn = lambda x: ida_bytes.create_data(x, idc.FF_QWORD, 8, idc.BADADDR)
self.address_pack_format = "Q"
elif num_bits == 32:
self._address_parse_fn = idc.get_wide_dword
self._address_make_fn = lambda x: ida_bytes.create_data(x, idc.FF_DWORD, 4, idc.BADADDR)
self.address_pack_format = "L"
else:
self._address_parse_fn = idc.get_wide_word
self._address_make_fn = lambda x: ida_bytes.create_data(x, idc.FF_WORD, 2, idc.BADADDR)
self.address_pack_format = "H"
# fields to be linked later on
self.func_classifier = None
self.fptr_identifier = None
self.str_identifier = None
self.locals_identifier = None
self.switch_identifier = None
# code types
self._active_code_types = list(self.codeTypes())
示例3: parse_doubles
# 需要导入模块: import idc [as 别名]
# 或者: from idc import get_qword [as 别名]
def parse_doubles(self):
start = Reader.pos
idc.set_name(Reader.pos, "cpool_doubles")
count = Reader.get_array_count()
for i in xrange(1, count, 1):
self.abc_doubles.append(idc.get_qword(Reader.pos))
Reader.pos += 8
create_byte(start, Reader.pos - start)
示例4: initialize
# 需要导入模块: import idc [as 别名]
# 或者: from idc import get_qword [as 别名]
def initialize():
if m.initialized:
return
info = idaapi.get_inf_structure()
if info.is_64bit():
m.ptr_size = 8
m.get_ptr = idc.get_qword
m.mem_fmt = "%016X"
m.pack_fmt = "<Q"
elif info.is_32bit():
m.ptr_size = 4
m.get_ptr = idc.get_wide_dword
m.mem_fmt = "%08X"
m.pack_fmt = "<L"
m.cpu_name = info.procname.lower()
m.is_be = idaapi.cvar.inf.is_be()
m.filetype = info.filetype
m.is_pefile = (m.filetype == idaapi.f_PE)
m.thread_id = idaapi.get_current_thread()
if m.cpu_name == "metapc":
m.registers = {
4: regs.x86,
8: regs.x64
}[m.ptr_size]
elif m.cpu_name.startswith("arm"):
m.registers = {
4: regs.arm,
8: regs.aarch64
}[m.ptr_size]
elif m.cpu_name.startswith("mips"):
m.registers = regs.mips
m.initialized = True
# -----------------------------------------------------------------------
示例5: load
# 需要导入模块: import idc [as 别名]
# 或者: from idc import get_qword [as 别名]
def load():
config = None
m.ptr_size = get_arch_ptrsize()
m.libc_version = get_libc_version()
m.libc_base = get_libc_base()
if m.ptr_size == 4:
m.get_ptr = idc.get_wide_dword
elif m.ptr_size == 8:
m.get_ptr = idc.get_qword
m.ptr_mask = (1 << 8*m.ptr_size)-1
m.program_module = get_program_module()
try:
with open(CONFIG_PATH, 'rb') as f:
config = json.loads(f.read())
except Exception as e:
# default config
config = {}
m.stop_during_tracing = config.get('stop_during_tracing', True)
m.start_tracing_at_startup = config.get('start_tracing_at_startup', False)
m.detect_double_frees_and_overlaps = config.get('detect_double_frees_and_overlaps', True)
m.filter_library_calls = config.get('filter_library_calls', False)
m.hexdump_limit = config.get('hexdump_limit', 1024)
m.libc_offsets = config.get('libc_offsets')
main_arena = None
malloc_par = None
if type(m.libc_offsets) is dict:
main_arena = m.libc_offsets.get("main_arena")
malloc_par = m.libc_offsets.get("mp_")
global_max_fast = m.libc_offsets.get("global_max_fast")
if main_arena is not None:
main_arena += m.libc_base
if malloc_par is not None:
malloc_par += m.libc_base
m.main_arena = main_arena
m.malloc_par = malloc_par
示例6: resolve
# 需要导入模块: import idc [as 别名]
# 或者: from idc import get_qword [as 别名]
def resolve(self, alphabet, nids, symbols, libraries):
if self.INFO > Relocation.R_X86_64_ORBIS_GOTPCREL_LOAD:
self.INDEX = self.INFO >> 32
self.INFO &= 0xFF
symbol = next(value for key, value in enumerate(symbols) if key + 2 == self.INDEX)[1]
# Library
try:
lid1 = alphabet[symbol[12:13]]
# [base64]#
if symbol[13:14] == '#':
library = libraries[lid1]
# [base64][base64]#
elif symbol[14:15] == '#':
lid2 = alphabet[symbol[13:14]]
library = libraries[lid1 + lid2]
else:
raise
# Not a NID
except:
library = ''
# Function Name (Offset) == Symbol Value + AddEnd (S + A)
# Library Name (Offset) == Symbol Value (S)
real = idc.get_qword(self.OFFSET)
idc.add_func(real)
# Hacky way to determine if this is the real function...
real -= 0x6 if idc.print_insn_mnem(real) == 'push' else 0x0
# Resolve the NID...
idc.set_cmt(real, 'NID: ' + symbol, False)
function = nids.get(symbol[:11], symbol)
# Rename the Jump Function...
idc.set_name(self.OFFSET, '__imp_' + function, SN_NOCHECK | SN_NOWARN | SN_FORCE)
# Rename the Real Function...
idc.set_name(real, function, SN_NOCHECK | SN_NOWARN | SN_FORCE)
try:
import_node = idaapi.netnode(library, 0, True)
import_node.supset(ea2node(real), function)
# Requires customized loader.i / ida_loader.py(d)
idaapi.import_module(library, None, import_node.index(), None, 'linux')
except:
pass
return self.type()
示例7: notify_gen_map_file
# 需要导入模块: import idc [as 别名]
# 或者: from idc import get_qword [as 别名]
def notify_gen_map_file(self, qfile):
"""
Generate map file. If this function is absent then the kernel will create the map file.
This function returns number of lines in output file.
0 - empty file, -1 - write error
"""
dump = []
for method in self.abc.methods:
if (method["body"] is None):
continue
methodInfo1 = idc.get_qword(method["pos"])
methodInfo2 = idc.get_qword(method["pos"]+8)
index = method["id"]
ea = method["body"]["pos"]
length = method["body"]["length"]
name = get_name(ea)
start = ea
end = ea + length
instructions = {}
while (ea < end):
line = generate_disasm_line(ea, GENDSM_REMOVE_TAGS)
instructions[ea-start] = line
ea += get_item_size(ea)
dump.append({"id": index, "info": methodInfo1 + methodInfo2, "name": name, "instructions": instructions})
data = cPickle.dumps(dump)
qfile.write(data)
return len(data.splitlines())
# ----------------------------------------------------------------------