當前位置: 首頁>>代碼示例>>Python>>正文

Python idaapi.get_import_module_qty方法代碼示例

本文整理匯總了Python中idaapi.get_import_module_qty方法的典型用法代碼示例。如果您正苦於以下問題:Python idaapi.get_import_module_qty方法的具體用法?Python idaapi.get_import_module_qty怎麽用?Python idaapi.get_import_module_qty使用的例子?那麽, 這裏精選的方法代碼示例或許可以為您提供幫助。您也可以進一步了解該方法所在idaapi的用法示例。


在下文中一共展示了idaapi.get_import_module_qty方法的9個代碼示例,這些例子默認根據受歡迎程度排序。您可以為喜歡或者感覺有用的代碼點讚,您的評價將有助於係統推薦出更棒的Python代碼示例。

示例1: driver_type

# 需要導入模塊: import idaapi [as 別名]
# 或者: from idaapi import get_import_module_qty [as 別名]
def driver_type():

    implist = idaapi.get_import_module_qty()

    for i in range(0, implist):
        name = idaapi.get_import_module_name(i)
        idaapi.enum_import_names(i, cb)
    for name in names:
        if name == "FltRegisterFilter":
            return "Mini-Filter"
        elif name == "WdfVersionBind":
            return "WDF"
        elif name == "StreamClassRegisterMinidriver":
            return "Stream Minidriver"
        elif name == "KsCreateFilterFactory":
            return "AVStream"
        elif name == "PcRegisterSubdevice":
            return "PortCls"
    return "WDM"
開發者ID:FSecureLABS,項目名稱:win_driver_plugin,代碼行數:21,代碼來源:device_type.py

示例2: get_iat_data

# 需要導入模塊: import idaapi [as 別名]
# 或者: from idaapi import get_import_module_qty [as 別名]
def get_iat_data(self):
        """
        Retrive data from IAT
        """
        imp_num = idaapi.get_import_module_qty()  # Number of imported modules

        for i in xrange(0,imp_num):
            name = idaapi.get_import_module_name(i).lower()
            if not name:
                #self.logger.error("Failed to get import module name for #%d", i)
                continue

            if not name in self.iat:
                self.iat[name]= []

            self.current_module = self.iat[name]
            idaapi.enum_import_names(i, self.imp_cb)
開發者ID:ynvb,項目名稱:DIE,代碼行數:19,代碼來源:DbgImports.py

示例3: _build_imports

# 需要導入模塊: import idaapi [as 別名]
# 或者: from idaapi import get_import_module_qty [as 別名]
def _build_imports(self):
        '''Build imports table. (Was taken from examples.)'''

        tree = {}
        nimps = idaapi.get_import_module_qty()

        for i in xrange(0, nimps):
            name = idaapi.get_import_module_name(i)
            if not name:
                continue
            # Create a list for imported names
            self.tmp_items = []

            # Enum imported entries in this module
            idaapi.enum_import_names(i, self._imports_names_cb)

            if name not in tree:
                tree[name] = []
            tree[name].extend(self.tmp_items)

        return tree
開發者ID:ax330d,項目名稱:hrdev,代碼行數:23,代碼來源:__init__.py

示例4: compute_imports

# 需要導入模塊: import idaapi [as 別名]
# 或者: from idaapi import get_import_module_qty [as 別名]
def compute_imports():
        imports = {}
        current = ""

        def callback(ea, name, ordinal):
            imports[current].append((ea, name, ordinal))
            return True

        nimps = idaapi.get_import_module_qty()
        for i in xrange(0, nimps):
            current = idaapi.get_import_module_name(i)
            imports[current] = []
            idaapi.enum_import_names(i, callback)
        return imports
開發者ID:RobinDavid,項目名稱:idasec,代碼行數:16,代碼來源:idasec_core.py

示例5: getImportTableData

# 需要導入模塊: import idaapi [as 別名]
# 或者: from idaapi import get_import_module_qty [as 別名]
def getImportTableData(self):
        """
        Update rt_import_table with current import table data.
        """

        def imp_cb(ea, name, ord):
            """
            Import enumeration callback function. used by idaapi.enum_import_names .
            """
            tmpImports.append([self.current_module_name, ea, name, ord])
            return True

        tmpImports = []  # Contains static import table data (w\o real function addresses)
        imp_num = idaapi.get_import_module_qty()  # Number of imported modules

        for i in xrange(0, imp_num):
            self.current_module_name = idaapi.get_import_module_name(i).lower()
            idaapi.enum_import_names(i, imp_cb)

        #  Get runtime function addresses and store in self.rt_import_table
        if not idaapi.is_debugger_on():
            raise RuntimeError("Debugger is not currently active.")

        for module_name, ea, name, ord in tmpImports:
            func_real_adrs = get_adrs_mem(ea)
            self.rt_import_table[func_real_adrs] = (module_name, ea, name, ord)
開發者ID:ynvb,項目名稱:DIE,代碼行數:28,代碼來源:DbgImports.py

示例6: get_imports

# 需要導入模塊: import idaapi [as 別名]
# 或者: from idaapi import get_import_module_qty [as 別名]
def get_imports():
        for i in xrange(0, idaapi.get_import_module_qty()):
            name = idaapi.get_import_module_name(i)
            if name:
                yield name
開發者ID:tintinweb,項目名稱:ida-batch_decompile,代碼行數:7,代碼來源:ida_batch_decompile.py

示例7: getApiMap

# 需要導入模塊: import idaapi [as 別名]
# 或者: from idaapi import get_import_module_qty [as 別名]
def getApiMap(self):
        self._api_map = {}
        num_imports = ida_nalt.get_import_module_qty()
        for i in range(0, num_imports):
            self._import_module_name = ida_nalt.get_import_module_name(i)
            ida_nalt.enum_import_names(i, self._cbEnumImports)
        return self._api_map
開發者ID:danielplohmann,項目名稱:smda,代碼行數:9,代碼來源:IdaInterface.py

示例8: get_imports

# 需要導入模塊: import idaapi [as 別名]
# 或者: from idaapi import get_import_module_qty [as 別名]
def get_imports(library_calls, library_addr):
    """ Populate dictionaries with import information. """
    import_names_callback = make_import_names_callback(library_calls,
                                                       library_addr)
    for i in xrange(0, idaapi.get_import_module_qty()):
        idaapi.enum_import_names(i, import_names_callback)
開發者ID:fireeye,項目名稱:flare-ida,代碼行數:8,代碼來源:__init__.py

示例9: find_pool_tags

# 需要導入模塊: import idaapi [as 別名]
# 或者: from idaapi import get_import_module_qty [as 別名]
def find_pool_tags():
	""" Dirty hack around IDA's type information, find references to tag using functions then the comment marking the tag 
	then add the function caller/tag to output dictionary.
	"""
	
	funcs = [
		'ExAllocatePoolWithTag',
		'ExFreePoolWithTag',
		'ExAllocatePoolWithTagPriority'
	]

	tags = {}

	def imp_cb(ea, name, ord):
		if name in funcs:
			for xref in idautils.XrefsTo(ea):
				call_addr = xref.frm
				caller_name = idc.GetFunctionName(call_addr)
				prev = idc.PrevHead(call_addr)
				for _ in range(10):
					if idc.Comment(prev) == 'Tag' and idc.GetOpType(prev, 1) == 5:
						tag_raw = idc.GetOperandValue(prev, 1)
						tag = ''
						for i in range(3, -1, -1):
							tag += chr((tag_raw >> 8 * i) & 0xFF)
						if tag in tags.keys():
							tags[tag].add(caller_name)
						else:
							tags[tag] = set([caller_name])
						break
					prev = idc.PrevHead(prev)
		return True
	
	nimps = idaapi.get_import_module_qty()

	for i in xrange(0, nimps):
		name = idaapi.get_import_module_name(i)
		if not name:
			continue

		idaapi.enum_import_names(i, imp_cb)
	return tags
開發者ID:FSecureLABS,項目名稱:win_driver_plugin,代碼行數:44,代碼來源:dump_pool_tags.py


注:本文中的idaapi.get_import_module_qty方法示例由純淨天空整理自Github/MSDocs等開源代碼及文檔管理平台,相關代碼片段篩選自各路編程大神貢獻的開源項目,源碼版權歸原作者所有,傳播和使用請參考對應項目的License;未經允許,請勿轉載。