當前位置: 首頁>>代碼示例>>Python>>正文

Python idaapi.get_bytes方法代碼示例

本文整理匯總了Python中idaapi.get_bytes方法的典型用法代碼示例。如果您正苦於以下問題:Python idaapi.get_bytes方法的具體用法?Python idaapi.get_bytes怎麽用?Python idaapi.get_bytes使用的例子?那麽, 這裏精選的方法代碼示例或許可以為您提供幫助。您也可以進一步了解該方法所在idaapi的用法示例。


在下文中一共展示了idaapi.get_bytes方法的8個代碼示例,這些例子默認根據受歡迎程度排序。您可以為喜歡或者感覺有用的代碼點讚,您的評價將有助於係統推薦出更棒的Python代碼示例。

示例1: memory

# 需要導入模塊: import idaapi [as 別名]
# 或者: from idaapi import get_bytes [as 別名]
def memory(ea, op):
        '''Operand type decoder for returning a memory reference on either the AArch32 or AArch64 architectures.'''
        get_dtype_attribute = operator.attrgetter('dtyp' if idaapi.__version__ < 7.0 else 'dtype')
        get_dtype_size = idaapi.get_dtyp_size if idaapi.__version__ < 7.0 else idaapi.get_dtype_size
        get_bytes = idaapi.get_many_bytes if idaapi.__version__ < 7.0 else idaapi.get_bytes

        # get the address and the operand size
        addr, size = op.addr, get_dtype_size(get_dtype_attribute(op))
        maxval = 1<<size*8

        # dereference the address and return its integer.
        res = get_bytes(addr, size) or ''
        res = reversed(res) if database.config.byteorder() == 'little' else iter(res)
        res = reduce(lambda agg, n: (agg*0x100)|n, six.iterbytes(res), 0)
        sf = bool(res & maxval>>1)

        return armops.memory(long(addr), long(res-maxval) if sf else long(res))
開發者ID:arizvisa,項目名稱:ida-minsc,代碼行數:19,代碼來源:instruction.py

示例2: get_struct

# 需要導入模塊: import idaapi [as 別名]
# 或者: from idaapi import get_bytes [as 別名]
def get_struct(self, address, struct_type):
        assert idaapi.is_loaded(address) == True, "Can't access memory at 0x%x" % address
        sbytes = idaapi.get_bytes(address, sizeof(struct_type))
        return struct_type.from_buffer_copy(sbytes)
開發者ID:danigargu,項目名稱:heap-viewer,代碼行數:6,代碼來源:ptmalloc.py

示例3: get_struct

# 需要導入模塊: import idaapi [as 別名]
# 或者: from idaapi import get_bytes [as 別名]
def get_struct(address, struct_type):
    assert idaapi.is_loaded(address) == True, "Can't access memory at 0x%x" % address
    sbytes = idaapi.get_bytes(address, sizeof(struct_type))
    struct = struct_type.from_buffer_copy(sbytes)
    struct._addr = address
    return struct

# --------------------------------------------------------------------------
開發者ID:danigargu,項目名稱:heap-viewer,代碼行數:10,代碼來源:misc.py

示例4: bytes

# 需要導入模塊: import idaapi [as 別名]
# 或者: from idaapi import get_bytes [as 別名]
def bytes(self):
        return idaapi.get_bytes(self.ea, self.size)
開發者ID:tmr232,項目名稱:Sark,代碼行數:4,代碼來源:line.py

示例5: read_memory

# 需要導入模塊: import idaapi [as 別名]
# 或者: from idaapi import get_bytes [as 別名]
def read_memory(start, end):
    size = end - start
    return idaapi.get_bytes(start, size)
開發者ID:tmr232,項目名稱:Sark,代碼行數:5,代碼來源:data.py

示例6: generate_yara_rule

# 需要導入模塊: import idaapi [as 別名]
# 或者: from idaapi import get_bytes [as 別名]
def generate_yara_rule(self, mode, is_data=False):
        start, end = get_selection()
        size = end - start
        data = idaapi.get_bytes(start, size)
        ins_set, ins_mode = get_arch_info()
        yr_gen = YaraGenerator(mode, ins_set, ins_mode)
        yr_gen.add_chunk(data, offset=start, is_data=is_data)
        rule_obj = yr_gen.generate_rule()
        file_hash = get_input_file_hash()
        rule_obj.metas["hash"] = "\"{}\"".format(file_hash)
        rule = rule_obj.get_rule_string()
        self.dialog = YaraRuleDialog(None, start, end, rule)
        self.dialog.show()
開發者ID:fox-it,項目名稱:mkYARA,代碼行數:15,代碼來源:mkyara_plugin.py

示例7: read

# 需要導入模塊: import idaapi [as 別名]
# 或者: from idaapi import get_bytes [as 別名]
def read():
    '''Return the contents of the current segment.'''
    get_bytes = idaapi.get_many_bytes if idaapi.__version__ < 7.0 else idaapi.get_bytes

    seg = ui.current.segment()
    if seg is None:
        raise E.SegmentNotFoundError(u"{:s}.read() : Unable to locate the current segment.".format(__name__))
    return get_bytes(interface.range.start(seg), interface.range.size(seg))
開發者ID:arizvisa,項目名稱:ida-minsc,代碼行數:10,代碼來源:segment.py

示例8: hook

# 需要導入模塊: import idaapi [as 別名]
# 或者: from idaapi import get_bytes [as 別名]
def hook(self, hook_addr = 0):
        """
        Args:
            hook_addr(int): address for inline hook code, 0 indicates bpt hook.

        Returns:
            memory size in bytes used for inline hook.
        """

        self.hook_addr = hook_addr
        self.func_addr = idc.get_name_ea_simple(self.name)

        if self.func_addr == 0:
            return 0

        print("Hooking %s at 0x%x" % (self.name, self.func_addr))
        if self.hook_addr == 0:
            idc.add_bpt(self.func_addr)
            idc.set_bpt_cond(self.func_addr, self.bpt_cond_hook_code)
            return 0
        else:
            # assemble jmp code
            jmp_code = "jmp 0x%x" % self.hook_addr
            jmp_buf, _ = assemble(jmp_code, self.func_addr)

            # read function prologue according to jmp code length
            # NOTE: instructions like 'call $+5' in prologue will
            # cause problems.
            insn = idaapi.insn_t()
            move_length = 0
            while move_length < len(jmp_buf):
                idaapi.decode_insn(insn, self.func_addr + move_length)
                move_length += insn.size
            prologue = idaapi.get_bytes(self.func_addr, move_length)

            # write jmp code
            idaapi.patch_bytes(self.func_addr, jmp_buf)

            # assmble hook code
            hook_buf, _ = assemble(self.inline_hook_code, self.hook_addr)
            hook_buf += prologue
            jmp_back_code = 'jmp 0x%x' % (self.func_addr + move_length)
            jmp_back_buf, _ = assemble(jmp_back_code, self.hook_addr + len(hook_buf))
            hook_buf += jmp_back_buf

            # wirte hook code
            idaapi.patch_bytes(self.hook_addr, hook_buf)
            return len(hook_buf)
開發者ID:iweizime,項目名稱:DBGHider,代碼行數:50,代碼來源:DBGHider.py


注:本文中的idaapi.get_bytes方法示例由純淨天空整理自Github/MSDocs等開源代碼及文檔管理平台,相關代碼片段篩選自各路編程大神貢獻的開源項目,源碼版權歸原作者所有,傳播和使用請參考對應項目的License;未經允許,請勿轉載。