本文整理匯總了Python中idaapi.get_import_module_name方法的典型用法代碼示例。如果您正苦於以下問題:Python idaapi.get_import_module_name方法的具體用法?Python idaapi.get_import_module_name怎麽用?Python idaapi.get_import_module_name使用的例子?那麽, 這裏精選的方法代碼示例或許可以為您提供幫助。您也可以進一步了解該方法所在類idaapi
的用法示例。
在下文中一共展示了idaapi.get_import_module_name方法的8個代碼示例,這些例子默認根據受歡迎程度排序。您可以為喜歡或者感覺有用的代碼點讚,您的評價將有助於係統推薦出更棒的Python代碼示例。
示例1: driver_type
# 需要導入模塊: import idaapi [as 別名]
# 或者: from idaapi import get_import_module_name [as 別名]
def driver_type():
implist = idaapi.get_import_module_qty()
for i in range(0, implist):
name = idaapi.get_import_module_name(i)
idaapi.enum_import_names(i, cb)
for name in names:
if name == "FltRegisterFilter":
return "Mini-Filter"
elif name == "WdfVersionBind":
return "WDF"
elif name == "StreamClassRegisterMinidriver":
return "Stream Minidriver"
elif name == "KsCreateFilterFactory":
return "AVStream"
elif name == "PcRegisterSubdevice":
return "PortCls"
return "WDM"
示例2: get_iat_data
# 需要導入模塊: import idaapi [as 別名]
# 或者: from idaapi import get_import_module_name [as 別名]
def get_iat_data(self):
"""
Retrive data from IAT
"""
imp_num = idaapi.get_import_module_qty() # Number of imported modules
for i in xrange(0,imp_num):
name = idaapi.get_import_module_name(i).lower()
if not name:
#self.logger.error("Failed to get import module name for #%d", i)
continue
if not name in self.iat:
self.iat[name]= []
self.current_module = self.iat[name]
idaapi.enum_import_names(i, self.imp_cb)
示例3: _build_imports
# 需要導入模塊: import idaapi [as 別名]
# 或者: from idaapi import get_import_module_name [as 別名]
def _build_imports(self):
'''Build imports table. (Was taken from examples.)'''
tree = {}
nimps = idaapi.get_import_module_qty()
for i in xrange(0, nimps):
name = idaapi.get_import_module_name(i)
if not name:
continue
# Create a list for imported names
self.tmp_items = []
# Enum imported entries in this module
idaapi.enum_import_names(i, self._imports_names_cb)
if name not in tree:
tree[name] = []
tree[name].extend(self.tmp_items)
return tree
示例4: compute_imports
# 需要導入模塊: import idaapi [as 別名]
# 或者: from idaapi import get_import_module_name [as 別名]
def compute_imports():
imports = {}
current = ""
def callback(ea, name, ordinal):
imports[current].append((ea, name, ordinal))
return True
nimps = idaapi.get_import_module_qty()
for i in xrange(0, nimps):
current = idaapi.get_import_module_name(i)
imports[current] = []
idaapi.enum_import_names(i, callback)
return imports
示例5: getImportTableData
# 需要導入模塊: import idaapi [as 別名]
# 或者: from idaapi import get_import_module_name [as 別名]
def getImportTableData(self):
"""
Update rt_import_table with current import table data.
"""
def imp_cb(ea, name, ord):
"""
Import enumeration callback function. used by idaapi.enum_import_names .
"""
tmpImports.append([self.current_module_name, ea, name, ord])
return True
tmpImports = [] # Contains static import table data (w\o real function addresses)
imp_num = idaapi.get_import_module_qty() # Number of imported modules
for i in xrange(0, imp_num):
self.current_module_name = idaapi.get_import_module_name(i).lower()
idaapi.enum_import_names(i, imp_cb)
# Get runtime function addresses and store in self.rt_import_table
if not idaapi.is_debugger_on():
raise RuntimeError("Debugger is not currently active.")
for module_name, ea, name, ord in tmpImports:
func_real_adrs = get_adrs_mem(ea)
self.rt_import_table[func_real_adrs] = (module_name, ea, name, ord)
示例6: get_imports
# 需要導入模塊: import idaapi [as 別名]
# 或者: from idaapi import get_import_module_name [as 別名]
def get_imports():
for i in xrange(0, idaapi.get_import_module_qty()):
name = idaapi.get_import_module_name(i)
if name:
yield name
示例7: getApiMap
# 需要導入模塊: import idaapi [as 別名]
# 或者: from idaapi import get_import_module_name [as 別名]
def getApiMap(self):
self._api_map = {}
num_imports = ida_nalt.get_import_module_qty()
for i in range(0, num_imports):
self._import_module_name = ida_nalt.get_import_module_name(i)
ida_nalt.enum_import_names(i, self._cbEnumImports)
return self._api_map
示例8: find_pool_tags
# 需要導入模塊: import idaapi [as 別名]
# 或者: from idaapi import get_import_module_name [as 別名]
def find_pool_tags():
""" Dirty hack around IDA's type information, find references to tag using functions then the comment marking the tag
then add the function caller/tag to output dictionary.
"""
funcs = [
'ExAllocatePoolWithTag',
'ExFreePoolWithTag',
'ExAllocatePoolWithTagPriority'
]
tags = {}
def imp_cb(ea, name, ord):
if name in funcs:
for xref in idautils.XrefsTo(ea):
call_addr = xref.frm
caller_name = idc.GetFunctionName(call_addr)
prev = idc.PrevHead(call_addr)
for _ in range(10):
if idc.Comment(prev) == 'Tag' and idc.GetOpType(prev, 1) == 5:
tag_raw = idc.GetOperandValue(prev, 1)
tag = ''
for i in range(3, -1, -1):
tag += chr((tag_raw >> 8 * i) & 0xFF)
if tag in tags.keys():
tags[tag].add(caller_name)
else:
tags[tag] = set([caller_name])
break
prev = idc.PrevHead(prev)
return True
nimps = idaapi.get_import_module_qty()
for i in xrange(0, nimps):
name = idaapi.get_import_module_name(i)
if not name:
continue
idaapi.enum_import_names(i, imp_cb)
return tags