本文整理汇总了Python中idc.get_wide_dword方法的典型用法代码示例。如果您正苦于以下问题:Python idc.get_wide_dword方法的具体用法?Python idc.get_wide_dword怎么用?Python idc.get_wide_dword使用的例子?那么恭喜您, 这里精选的方法代码示例或许可以为您提供帮助。您也可以进一步了解该方法所在类idc的用法示例。
在下文中一共展示了idc.get_wide_dword方法的14个代码示例,这些例子默认根据受欢迎程度排序。您可以为喜欢或者感觉有用的代码点赞,您的评价将有助于系统推荐出更棒的Python代码示例。
示例1: find_fakefast
# 需要导入模块: import idc [as 别名]
# 或者: from idc import get_wide_dword [as 别名]
def find_fakefast(self, target_addr):
max_size = (0x80 if self.ptr_size == 8 else 0x40)
ea = target_addr - max_size - self.ptr_size
end_ea = target_addr - self.ptr_size
results = []
while ea < end_ea:
fake_size = idc.get_wide_dword(ea)
idx = self.fastbin_index(fake_size & ~SIZE_BITS)
if 0 <= idx <= 7:
if (fake_size & 2 == 2) and ((fake_size & 4 == 4) or (fake_size & 4 == 0)):
chunk_addr = ea-self.ptr_size
align_size = self.tidx2size(idx)
bytes_to = target_addr-ea-self.ptr_size
results.append({
'fast_id': idx,
'size': align_size,
'address': chunk_addr,
'bytes_to': bytes_to
})
ea += 1
return results 示例2: get_native_function
# 需要导入模块: import idc [as 别名]
# 或者: from idc import get_wide_dword [as 别名]
def get_native_function(self):
ecx = idc.get_reg_value("ECX")
esp = idc.get_reg_value("ESP")
method_name = self.get_method_name(esp)
if (idc.get_wide_byte(idc.get_wide_dword(ecx + 8) + 0x38) != 0):
function = idc.get_wide_dword(idc.get_wide_dword(esp + 4) + 0x28)
else:
function = idc.get_wide_dword(idc.get_wide_dword(esp + 4) + 0x24)
print("Resolved native function: 0x%x - %s" % (function, method_name))
if ((method_name not in self.ignore and not self.ignore_all) or
(method_name in self.debug_if_equals) or
(any(x for x in self.debug_if_contains if method_name is not None and x in method_name))):
self.traced.append({"name": method_name, "ea": function, "type": "native", "hit": 0})
idc.add_bpt(function) 示例3: __init__
# 需要导入模块: import idc [as 别名]
# 或者: from idc import get_wide_dword [as 别名]
def __init__(self, logger, num_bits, is_elf, data_fptr_alignment=4, mixed_code_and_data=False):
"""Create the analyzer's base class instance.
Args:
logger (logger): logger instance
num_bits (int): bitness of the CPU (32 bits by default)
data_fptr_alignment (int, optional): byte alignment needed for global fptrs (4 by default)
mixed_code_and_data (bool, optional): True iff the main code section includes RO data constants (False by default)
"""
self.logger = logger
self._num_bits = num_bits
self._is_elf = is_elf
self.data_fptr_alignment = data_fptr_alignment
self._mixed_code_and_data = mixed_code_and_data
if num_bits == 64:
self._address_parse_fn = idc.get_qword
self._address_make_fn = lambda x: ida_bytes.create_data(x, idc.FF_QWORD, 8, idc.BADADDR)
self.address_pack_format = "Q"
elif num_bits == 32:
self._address_parse_fn = idc.get_wide_dword
self._address_make_fn = lambda x: ida_bytes.create_data(x, idc.FF_DWORD, 4, idc.BADADDR)
self.address_pack_format = "L"
else:
self._address_parse_fn = idc.get_wide_word
self._address_make_fn = lambda x: ida_bytes.create_data(x, idc.FF_WORD, 2, idc.BADADDR)
self.address_pack_format = "H"
# fields to be linked later on
self.func_classifier = None
self.fptr_identifier = None
self.str_identifier = None
self.locals_identifier = None
self.switch_identifier = None
# code types
self._active_code_types = list(self.codeTypes()) 示例4: find_pointers
# 需要导入模块: import idc [as 别名]
# 或者: from idc import get_wide_dword [as 别名]
def find_pointers(start, end):
for va in range(start, end-0x4):
ptr = idc.get_wide_dword(va)
if idc.get_segm_start(ptr) == idc.BADADDR:
continue
yield va, ptr 示例5: find_bl_targets
# 需要导入模块: import idc [as 别名]
# 或者: from idc import get_wide_dword [as 别名]
def find_bl_targets(text_start, text_end):
targets = set()
for pc in range(text_start, text_end, 4):
d = idc.get_wide_dword(pc)
if (d & 0xfc000000) == 0x94000000:
imm = d & 0x3ffffff
if imm & 0x2000000:
imm |= ~0x1ffffff
if 0 <= imm <= 2:
continue
target = pc + imm * 4
if target >= text_start and target < text_end:
targets.add(target)
return targets 示例6: get_guid
# 需要导入模块: import idc [as 别名]
# 或者: from idc import get_wide_dword [as 别名]
def get_guid(address):
"""get GUID located by address"""
guid = []
guid.append(idc.get_wide_dword(address))
guid.append(idc.get_wide_word(address + 4))
guid.append(idc.get_wide_word(address + 6))
for addr in range(address + 8, address + 16, 1):
guid.append(idc.get_wide_byte(addr))
return guid 示例7: resolveDispatcher
# 需要导入模块: import idc [as 别名]
# 或者: from idc import get_wide_dword [as 别名]
def resolveDispatcher(code):
major = (code & 0x00ff0000) >> 0x10
minor = code & 0xff00ffff
res = getMajorDispatchTableAddress() + major*8
majorFlag = idc.get_wide_dword(res)
majorAddress = idc.get_wide_dword(res+4)
if majorFlag != 0:
return majorAddress + (minor*0x10)
#print "%x"% getMinorDispatchTableAddress(majorAddress)
#print "resolved by 0x%x(%x)"% (majorAddress, minor)
return majorAddress 示例8: parse
# 需要导入模块: import idc [as 别名]
# 或者: from idc import get_wide_dword [as 别名]
def parse(self):
self.start = Reader.pos
tag_code_and_length = idc.get_wide_word(Reader.pos)
Reader.pos += 2
self.tag_code = tag_code_and_length >> 6
self.tag_length = tag_code_and_length & 0x3F
self.data_length = idc.get_wide_dword(Reader.pos)
Reader.pos += 4
if (self.tag_code != 0x48): # DoABC1
self.flags = idc.get_wide_dword(Reader.pos)
Reader.pos += 4
self.name = idc.get_strlit_contents(Reader.pos)
if (self.name is not None):
Reader.pos += len(self.name)
Reader.pos += 1
self.minor_version = idc.get_wide_word(Reader.pos)
Reader.pos += 2
self.major_version = idc.get_wide_word(Reader.pos)
Reader.pos += 2 示例9: get_method_name
# 需要导入模块: import idc [as 别名]
# 或者: from idc import get_wide_dword [as 别名]
def get_method_name(self, esp):
stringp = self.get_method_name_func(idc.get_wide_dword(esp + 4), 0)
address = idc.get_wide_dword(stringp + 0x8)
return idc.get_strlit_contents(address, -1, idc.STRTYPE_C) 示例10: get_jit_function
# 需要导入模块: import idc [as 别名]
# 或者: from idc import get_wide_dword [as 别名]
def get_jit_function(self):
esp = idc.get_reg_value("ESP")
method_name = self.get_method_name(esp)
function = idc.get_wide_dword(esp + 8)
method_id = idc.get_wide_dword(idc.get_wide_dword(esp + 4) + 0x20)
abc_info_pos = idc.get_wide_dword(idc.get_wide_dword(esp + 4) + 0x1C)
method_info = get_qword(abc_info_pos) + get_qword(abc_info_pos + 8)
if (self.as3dump != []):
method = next((x for x in self.as3dump if x["id"] == method_id), None)
if (method is not None and method["info"] == method_info):
method_name = method["name"]
self.set_jit_info(method_id, function)
print("Resolved jit function: 0x%x - %s" % (function, method_name))
self.rename_addr(function, method_name)
if ((method_name not in self.ignore and not self.ignore_all) or
(method_name in self.debug_if_equals) or
(any(x for x in self.debug_if_contains if method_name is not None and x in method_name))):
self.traced.append({"name": method_name, "ea": function, "type": "jit", "hit": 0})
idc.add_bpt(function) 示例11: GetLastErrorEx
# 需要导入模块: import idc [as 别名]
# 或者: from idc import get_wide_dword [as 别名]
def GetLastErrorEx():
tib_ea = get_thread_tib(idaapi.get_current_thread())
if tib_ea:
return idc.get_wide_dword(tib_ea+0x34)
return None 示例12: initialize
# 需要导入模块: import idc [as 别名]
# 或者: from idc import get_wide_dword [as 别名]
def initialize():
if m.initialized:
return
info = idaapi.get_inf_structure()
if info.is_64bit():
m.ptr_size = 8
m.get_ptr = idc.get_qword
m.mem_fmt = "%016X"
m.pack_fmt = "<Q"
elif info.is_32bit():
m.ptr_size = 4
m.get_ptr = idc.get_wide_dword
m.mem_fmt = "%08X"
m.pack_fmt = "<L"
m.cpu_name = info.procname.lower()
m.is_be = idaapi.cvar.inf.is_be()
m.filetype = info.filetype
m.is_pefile = (m.filetype == idaapi.f_PE)
m.thread_id = idaapi.get_current_thread()
if m.cpu_name == "metapc":
m.registers = {
4: regs.x86,
8: regs.x64
}[m.ptr_size]
elif m.cpu_name.startswith("arm"):
m.registers = {
4: regs.arm,
8: regs.aarch64
}[m.ptr_size]
elif m.cpu_name.startswith("mips"):
m.registers = regs.mips
m.initialized = True
# ----------------------------------------------------------------------- 示例13: load
# 需要导入模块: import idc [as 别名]
# 或者: from idc import get_wide_dword [as 别名]
def load():
config = None
m.ptr_size = get_arch_ptrsize()
m.libc_version = get_libc_version()
m.libc_base = get_libc_base()
if m.ptr_size == 4:
m.get_ptr = idc.get_wide_dword
elif m.ptr_size == 8:
m.get_ptr = idc.get_qword
m.ptr_mask = (1 << 8*m.ptr_size)-1
m.program_module = get_program_module()
try:
with open(CONFIG_PATH, 'rb') as f:
config = json.loads(f.read())
except Exception as e:
# default config
config = {}
m.stop_during_tracing = config.get('stop_during_tracing', True)
m.start_tracing_at_startup = config.get('start_tracing_at_startup', False)
m.detect_double_frees_and_overlaps = config.get('detect_double_frees_and_overlaps', True)
m.filter_library_calls = config.get('filter_library_calls', False)
m.hexdump_limit = config.get('hexdump_limit', 1024)
m.libc_offsets = config.get('libc_offsets')
main_arena = None
malloc_par = None
if type(m.libc_offsets) is dict:
main_arena = m.libc_offsets.get("main_arena")
malloc_par = m.libc_offsets.get("mp_")
global_max_fast = m.libc_offsets.get("global_max_fast")
if main_arena is not None:
main_arena += m.libc_base
if malloc_par is not None:
malloc_par += m.libc_base
m.main_arena = main_arena
m.malloc_par = malloc_par 示例14: get_data_guids
# 需要导入模块: import idc [as 别名]
# 或者: from idc import get_wide_dword [as 别名]
def get_data_guids(self):
"""rename GUIDs in idb"""
EFI_GUID = 'EFI_GUID *'
EFI_GUID_ID = idc.get_struc_id('EFI_GUID')
segments = ['.text', '.data']
for segment in segments:
seg_start, seg_end = 0, 0
for seg in idautils.Segments():
if idc.get_segm_name(seg) == segment:
seg_start = idc.get_segm_start(seg)
seg_end = idc.get_segm_end(seg)
break
ea = seg_start
while (ea <= seg_end - 15):
prot_name = ''
if idc.get_name(ea, ida_name.GN_VISIBLE).find('unk_') != -1:
find = False
cur_guid = []
cur_guid.append(idc.get_wide_dword(ea))
cur_guid.append(idc.get_wide_word(ea + 4))
cur_guid.append(idc.get_wide_word(ea + 6))
for addr in range(ea + 8, ea + 16, 1):
cur_guid.append(idc.get_wide_byte(addr))
if cur_guid == [0] * 11:
ea += 1
continue
for guid_place in [
'ami_guids', 'asrock_guids', 'dell_guids',
'edk_guids', 'edk2_guids', 'lenovo_guids'
]:
for name in self.Protocols[guid_place]:
if self.Protocols[guid_place][name] == cur_guid:
prot_name = '{}_{:#x}'.format(name, ea)
record = {
'address': ea,
'service': 'unknown',
'guid': cur_guid,
'protocol_name': name,
'protocol_place': guid_place
}
find = True
break
if find:
break
if find and (idc.get_name(ea, ida_name.GN_VISIBLE) !=
prot_name):
idc.SetType(ea, EFI_GUID)
self.apply_struct(ea, 16, EFI_GUID_ID)
idc.set_name(ea, prot_name)
self.Protocols['data'].append(record)
ea += 1