当前位置: 首页>>代码示例>>Python>>正文


Python idc.get_segm_start方法代码示例

本文整理汇总了Python中idc.get_segm_start方法的典型用法代码示例。如果您正苦于以下问题:Python idc.get_segm_start方法的具体用法?Python idc.get_segm_start怎么用?Python idc.get_segm_start使用的例子?那么, 这里精选的方法代码示例或许可以为您提供帮助。您也可以进一步了解该方法所在idc的用法示例。


在下文中一共展示了idc.get_segm_start方法的15个代码示例,这些例子默认根据受欢迎程度排序。您可以为喜欢或者感觉有用的代码点赞,您的评价将有助于系统推荐出更棒的Python代码示例。

示例1: find_malloc_par

# 需要导入模块: import idc [as 别名]
# 或者: from idc import get_segm_start [as 别名]
def find_malloc_par():
    mp_ = idc.get_name_ea_simple("mp_")
    if mp_ != idc.BADADDR:
        return mp_

    segm = idaapi.get_segm_by_name("[heap]")
    if segm is None:
        return None

    offset = get_struct_offsets(malloc_par()).get('sbrk_base')
    sbrk_base = segm.start_ea
    ea = idc.get_segm_start(get_name_ea_simple("_IO_2_1_stdin_"))
    end_ea = idc.get_segm_end(ea)

    while ea < end_ea:
        ptr = config.get_ptr(ea)
        if idaapi.is_loaded(ptr) and ptr == sbrk_base:
            return (ea-offset)
        ea += config.ptr_size

    return None

# -------------------------------------------------------------------------- 
开发者ID:danigargu,项目名称:heap-viewer,代码行数:25,代码来源:ptmalloc.py

示例2: get_boot_services

# 需要导入模块: import idc [as 别名]
# 或者: from idc import get_segm_start [as 别名]
def get_boot_services(self):
        """found boot services in idb"""
        code = list(idautils.Functions())[0]
        start = idc.get_segm_start(code)
        end = idc.get_segm_end(code)
        ea = start
        while (ea <= end):
            if idc.print_insn_mnem(ea) != 'call':
                ea = idc.next_head(ea)
                continue
            for service_name in self.BOOT_SERVICES_OFFSET:
                # yapf: disable
                if (idc.get_operand_value(ea, 0) == self.BOOT_SERVICES_OFFSET[service_name]):
                    if not self.gBServices[service_name].count(ea):
                        self.gBServices[service_name].append(ea)
            ea = idc.next_head(ea) 
开发者ID:yeggor,项目名称:UEFI_RETool,代码行数:18,代码来源:analyser.py

示例3: processCode

# 需要导入模块: import idc [as 别名]
# 或者: from idc import get_segm_start [as 别名]
def processCode(self):
        if (self.params.startAddr==idc.BADADDR) and (self.params.endAddr==idc.BADADDR):

            if using_ida7api:
                self.params.startAddr = idc.get_segm_start(idc.here())
                self.params.endAddr = idc.get_segm_end(idc.here())
            else:
                self.params.startAddr = idc.SegStart(idc.here())
                self.params.endAddr = idc.SegEnd(idc.here())
            logger.info('Processing current segment only: 0x%08x - 0x%08x', self.params.startAddr, self.params.endAddr)
        else:
            logger.info('Processing range 0x%08x - 0x%08x', self.params.startAddr, self.params.endAddr)
        if self.params.searchDwordArray:
            self.lookForDwordArray(self.params.startAddr, self.params.endAddr)
        if self.params.searchPushArgs:
            self.lookForOpArgs(self.params.startAddr, self.params.endAddr) 
开发者ID:fireeye,项目名称:flare-ida,代码行数:18,代码来源:shellcode_hash_search.py

示例4: find_pointers

# 需要导入模块: import idc [as 别名]
# 或者: from idc import get_segm_start [as 别名]
def find_pointers(start, end):
    for va in range(start, end-0x4):
        ptr = idc.get_wide_dword(va)
        if idc.get_segm_start(ptr) == idc.BADADDR:
            continue

        yield va, ptr 
开发者ID:williballenthin,项目名称:idawilli,代码行数:9,代码来源:ida_find_ptrs.py

示例5: find_main_arena

# 需要导入模块: import idc [as 别名]
# 或者: from idc import get_segm_start [as 别名]
def find_main_arena():
    main_arena = idc.get_name_ea_simple("main_arena") # from libc6-dbg
    if main_arena != idc.BADADDR:
        return main_arena

    ea = idc.get_segm_start(idc.get_name_ea_simple("_IO_2_1_stdin_"))
    end_ea = idc.get_segm_end(ea)

    # &main_arena->next
    offsets = {
        4: [1088, 1096], # 32 bits
        8: [2152, 2160]  # 64 bits
    }[config.ptr_size]

    if ea == idc.BADADDR or end_ea == idc.BADADDR:
        return None

    while ea < end_ea:
        ptr = config.get_ptr(ea) # ptr to main_arena
        if idaapi.is_loaded(ptr) and ptr < ea:
            if (ea-ptr) in offsets:
                return ptr
        ea += config.ptr_size
    return None

# -------------------------------------------------------------------------- 
开发者ID:danigargu,项目名称:heap-viewer,代码行数:28,代码来源:ptmalloc.py

示例6: is_code

# 需要导入模块: import idc [as 别名]
# 或者: from idc import get_segm_start [as 别名]
def is_code(ea):
  if is_invalid_ea(ea):
    return False

  seg_ea = idc.get_segm_start(ea)
  seg_type = idc.get_segm_attr(seg_ea, idc.SEGATTR_TYPE)
  return (seg_type == idc.SEG_CODE)

# A stricter form of `is_code`, where we also check whether IDA thinks something
# is code. IDA is able to identify some things like embedded exception tables
# in the code section as not truly being code. 
开发者ID:lifting-bits,项目名称:mcsema,代码行数:13,代码来源:util.py

示例7: is_invalid_ea

# 需要导入模块: import idc [as 别名]
# 或者: from idc import get_segm_start [as 别名]
def is_invalid_ea(ea):
  """Returns `True` if `ea` is not valid, i.e. it doesn't point into any
  valid segment."""
  if (idc.BADADDR == ea) or \
    (idc.get_segm_name(ea) == "LOAD"):
    return True

  try:
    idc.get_segm_attr(idc.get_segm_start(ea), idc.SEGATTR_TYPE)
    return False  # If we get here, then it must be a valid ea!
  except:
    return True 
开发者ID:lifting-bits,项目名称:mcsema,代码行数:14,代码来源:util.py

示例8: is_external_segment_by_flags

# 需要导入模块: import idc [as 别名]
# 或者: from idc import get_segm_start [as 别名]
def is_external_segment_by_flags(ea):
  """Returns `True` if IDA believes that `ea` belongs to an external segment."""
  try:
    seg_ea = idc.get_segm_start(ea)
    seg_type = idc.get_segm_attr(seg_ea, idc.SEGATTR_TYPE)
    if seg_type == idc.SEG_XTRN:
      _EXTERNAL_SEGMENTS.add(seg_ea)
      return True
    else:
      return False
  except:
    return False 
开发者ID:lifting-bits,项目名称:mcsema,代码行数:14,代码来源:util.py

示例9: is_external_segment

# 需要导入模块: import idc [as 别名]
# 或者: from idc import get_segm_start [as 别名]
def is_external_segment(ea):
  """Returns `True` if the segment containing `ea` looks to be solely containing
  external references."""
  global _NOT_EXTERNAL_SEGMENTS

  seg_ea = idc.get_segm_start(ea)
  if seg_ea in _NOT_EXTERNAL_SEGMENTS:
    return False

  if seg_ea in _EXTERNAL_SEGMENTS:
    return True

  if is_external_segment_by_flags(ea):
    _EXTERNAL_SEGMENTS.add(seg_ea)
    return True

  ext_types = []
  seg_name = idc.get_segm_name(seg_ea).lower()
  
  if IS_ELF:
    if ".got" in seg_name or ".plt" in seg_name:
      _EXTERNAL_SEGMENTS.add(seg_ea)
      return True

  elif IS_PE:
    if ".idata" == seg_name:  # Import table.
      _EXTERNAL_SEGMENTS.add(seg_ea)
      return True

  _NOT_EXTERNAL_SEGMENTS.add(seg_ea)
  return False 
开发者ID:lifting-bits,项目名称:mcsema,代码行数:33,代码来源:util.py

示例10: is_constructor_segment

# 需要导入模块: import idc [as 别名]
# 或者: from idc import get_segm_start [as 别名]
def is_constructor_segment(ea):
  """Returns `True` if the segment containing `ea` belongs to global constructor section"""
  seg_ea = idc.get_segm_start(ea)
  seg_name = idc.get_segm_name(seg_ea).lower()
  if seg_name in [".init_array", ".ctor"]:
    return True
  return False 
开发者ID:lifting-bits,项目名称:mcsema,代码行数:9,代码来源:util.py

示例11: recover_frame_entries

# 需要导入模块: import idc [as 别名]
# 或者: from idc import get_segm_start [as 别名]
def recover_frame_entries(seg_ea):
  if seg_ea == idc.BADADDR:
    return

  DEBUG("Recover entries from section : {}".format(idc.get_segm_name(seg_ea)))
  ea = idc.get_segm_start(seg_ea)
  end_ea = idc.get_segm_end(seg_ea)
  while ea != idc.BADADDR and ea < end_ea:
    ea = format_entries(ea) 
开发者ID:lifting-bits,项目名称:mcsema,代码行数:11,代码来源:exception.py

示例12: get_list_of_functions

# 需要导入模块: import idc [as 别名]
# 或者: from idc import get_segm_start [as 别名]
def get_list_of_functions(self):
        '''
        Gets all functions list.
        '''

        functions_list = {}
        seg_ea = idc.get_segm_by_sel(idc.SEG_NORM)

        for func_ea in idautils.Functions(idc.get_segm_start(seg_ea),
                                          idc.get_segm_end(seg_ea)):
            function_name = idc.get_func_name(func_ea)
            functions_list[function_name] = func_ea

        return functions_list 
开发者ID:ax330d,项目名称:functions-plus,代码行数:16,代码来源:functions_plus.py

示例13: getFuncRanges_ida7

# 需要导入模块: import idc [as 别名]
# 或者: from idc import get_segm_start [as 别名]
def getFuncRanges_ida7(ea, doAllFuncs):
    if doAllFuncs:
        funcs = []
        funcGen = idautils.Functions(idc.get_segm_start(ea), idc.get_segm_end(ea))
        for i in funcGen:
            funcs.append(i)
        funcRanges = []
        for i in range(len(funcs) - 1):
            funcRanges.append( (funcs[i], funcs[i+1]) )
        funcRanges.append( (funcs[-1], idc.get_segm_end(ea)) )
        return funcRanges
    else:
        #just get the range of the current function
        fakeRanges = [( idc.get_func_attr(idc.here(), idc.FUNCATTR_START), idc.get_func_attr(idc.here(), idc.FUNCATTR_END)), ]
        return fakeRanges 
开发者ID:fireeye,项目名称:flare-ida,代码行数:17,代码来源:stackstrings.py

示例14: processAllSegments

# 需要导入模块: import idc [as 别名]
# 或者: from idc import get_segm_start [as 别名]
def processAllSegments(self):
        for seg in idautils.Segments():
            if using_ida7api:
                segStart = idc.get_segm_start(seg)
                segEnd = idc.get_segm_end(seg)
            else:
                segStart = idc.SegStart(seg)
                segEnd = idc.SegEnd(seg)

            if self.params.searchPushArgs:
                self.lookForOpArgs(segStart, segEnd)
            if self.params.searchDwordArray:
                self.lookForDwordArray(segStart, segEnd) 
开发者ID:fireeye,项目名称:flare-ida,代码行数:15,代码来源:shellcode_hash_search.py

示例15: promptForRange

# 需要导入模块: import idc [as 别名]
# 或者: from idc import get_segm_start [as 别名]
def promptForRange(self):
        # Only run if QT not available, so not bothering with ida7 check
        #check if a range has already been selected - if so skip prompt
        if using_ida7api:
            selstart = idc.read_selection_start()
            selend = idc.read_selection_end()
            segstart = idc.get_segm_start(idc.here())
            segend = idc.get_segm_end(idc.here())
        else:
            selstart = idc.SelStart()
            selend = idc.SelEnd()
            seg = idc.SegStart(idc.here())
            self.params.endAddr = idc.SegEnd(idc.here())

        if selstart != idc.BADADDR:
            self.params.startAddr = selstart
            self.params.endAddr = selend
            logger.info('Processing range 0x%08x - 0x%08x', self.params.startAddr, self.params.endAddr)
        else:
            self.params.startAddr = segstart
            self.params.endAddr = segend
            logger.info('Processing current segment only')

###################################################################
#
################################################################### 
开发者ID:fireeye,项目名称:flare-ida,代码行数:28,代码来源:shellcode_hash_search.py


注:本文中的idc.get_segm_start方法示例由纯净天空整理自Github/MSDocs等开源代码及文档管理平台,相关代码片段筛选自各路编程大神贡献的开源项目,源码版权归原作者所有,传播和使用请参考对应项目的License;未经允许,请勿转载。