當前位置: 首頁>>代碼示例>>Python>>正文


Python idc.get_qword方法代碼示例

本文整理匯總了Python中idc.get_qword方法的典型用法代碼示例。如果您正苦於以下問題:Python idc.get_qword方法的具體用法?Python idc.get_qword怎麽用?Python idc.get_qword使用的例子?那麽, 這裏精選的方法代碼示例或許可以為您提供幫助。您也可以進一步了解該方法所在idc的用法示例。


在下文中一共展示了idc.get_qword方法的7個代碼示例,這些例子默認根據受歡迎程度排序。您可以為喜歡或者感覺有用的代碼點讚,您的評價將有助於係統推薦出更棒的Python代碼示例。

示例1: pablo

# 需要導入模塊: import idc [as 別名]
# 或者: from idc import get_qword [as 別名]
def pablo(mode, address, end, search):

    while address < end:
        address = idaapi.find_binary(address, end, search, 0x10, SEARCH_DOWN)
        
        if address > idaapi.get_segm_by_name('CODE').end_ea:
            offset = address - 0x3
            
            if idaapi.isUnknown(idaapi.getFlags(offset)):
                if idaapi.get_qword(offset) <= end:
                    idaapi.create_data(offset, FF_QWORD, 0x8, BADNODE)
            
            address = offset + 0x4
        
        else:
            address += mode
            idaapi.do_unknown(address, 0)
            idaapi.create_insn(address)
            idaapi.add_func(address, BADADDR)
            address += 0x1

# Load Input Binary... 
開發者ID:SocraticBliss,項目名稱:ps4_module_loader,代碼行數:24,代碼來源:ps4_module.py

示例2: __init__

# 需要導入模塊: import idc [as 別名]
# 或者: from idc import get_qword [as 別名]
def __init__(self, logger, num_bits, is_elf, data_fptr_alignment=4, mixed_code_and_data=False):
        """Create the analyzer's base class instance.

        Args:
            logger (logger): logger instance
            num_bits (int): bitness of the CPU (32 bits by default)
            data_fptr_alignment (int, optional): byte alignment needed for global fptrs (4 by default)
            mixed_code_and_data (bool, optional): True iff the main code section includes RO data constants (False by default)
        """
        self.logger = logger
        self._num_bits = num_bits
        self._is_elf = is_elf
        self.data_fptr_alignment = data_fptr_alignment
        self._mixed_code_and_data = mixed_code_and_data
        if num_bits == 64:
            self._address_parse_fn = idc.get_qword
            self._address_make_fn = lambda x: ida_bytes.create_data(x, idc.FF_QWORD, 8, idc.BADADDR)
            self.address_pack_format = "Q"
        elif num_bits == 32:
            self._address_parse_fn = idc.get_wide_dword
            self._address_make_fn = lambda x: ida_bytes.create_data(x, idc.FF_DWORD, 4, idc.BADADDR)
            self.address_pack_format = "L"
        else:
            self._address_parse_fn = idc.get_wide_word
            self._address_make_fn = lambda x: ida_bytes.create_data(x, idc.FF_WORD, 2, idc.BADADDR)
            self.address_pack_format = "H"
        # fields to be linked later on
        self.func_classifier = None
        self.fptr_identifier = None
        self.str_identifier = None
        self.locals_identifier = None
        self.switch_identifier = None
        # code types
        self._active_code_types = list(self.codeTypes()) 
開發者ID:CheckPointSW,項目名稱:Karta,代碼行數:36,代碼來源:analyzer.py

示例3: parse_doubles

# 需要導入模塊: import idc [as 別名]
# 或者: from idc import get_qword [as 別名]
def parse_doubles(self):

        start = Reader.pos
        idc.set_name(Reader.pos, "cpool_doubles")

        count = Reader.get_array_count()
    
        for i in xrange(1, count, 1):
            self.abc_doubles.append(idc.get_qword(Reader.pos))
            Reader.pos += 8
    
        create_byte(start, Reader.pos - start) 
開發者ID:KasperskyLab,項目名稱:ActionScript3,代碼行數:14,代碼來源:as3.py

示例4: initialize

# 需要導入模塊: import idc [as 別名]
# 或者: from idc import get_qword [as 別名]
def initialize():
    if m.initialized:
        return
        
    info = idaapi.get_inf_structure()
    if info.is_64bit():
        m.ptr_size = 8
        m.get_ptr = idc.get_qword
        m.mem_fmt = "%016X"
        m.pack_fmt = "<Q"
    elif info.is_32bit():
        m.ptr_size = 4
        m.get_ptr = idc.get_wide_dword
        m.mem_fmt = "%08X"
        m.pack_fmt = "<L"

    m.cpu_name = info.procname.lower()
    m.is_be = idaapi.cvar.inf.is_be()
    m.filetype = info.filetype
    m.is_pefile = (m.filetype == idaapi.f_PE)
    m.thread_id = idaapi.get_current_thread()

    if m.cpu_name == "metapc":
        m.registers = {
            4: regs.x86,
            8: regs.x64
        }[m.ptr_size]

    elif m.cpu_name.startswith("arm"):
        m.registers = {
            4: regs.arm,
            8: regs.aarch64
        }[m.ptr_size]
    elif m.cpu_name.startswith("mips"):
        m.registers = regs.mips

    m.initialized = True

# ----------------------------------------------------------------------- 
開發者ID:danigargu,項目名稱:deREferencing,代碼行數:41,代碼來源:dbg.py

示例5: load

# 需要導入模塊: import idc [as 別名]
# 或者: from idc import get_qword [as 別名]
def load():
    config = None
    m.ptr_size = get_arch_ptrsize()
    m.libc_version = get_libc_version()
    m.libc_base = get_libc_base()

    if m.ptr_size == 4:
        m.get_ptr = idc.get_wide_dword
    elif m.ptr_size == 8:
        m.get_ptr = idc.get_qword

    m.ptr_mask = (1 << 8*m.ptr_size)-1
    m.program_module = get_program_module()

    try:
        with open(CONFIG_PATH, 'rb') as f:
            config = json.loads(f.read())
    except Exception as e:
        # default config
        config = {}

    m.stop_during_tracing = config.get('stop_during_tracing', True)
    m.start_tracing_at_startup = config.get('start_tracing_at_startup', False)
    m.detect_double_frees_and_overlaps = config.get('detect_double_frees_and_overlaps', True)
    m.filter_library_calls = config.get('filter_library_calls', False)
    m.hexdump_limit = config.get('hexdump_limit', 1024)
    m.libc_offsets = config.get('libc_offsets')

    main_arena = None
    malloc_par = None

    if type(m.libc_offsets) is dict:
        main_arena = m.libc_offsets.get("main_arena")
        malloc_par = m.libc_offsets.get("mp_")
        global_max_fast = m.libc_offsets.get("global_max_fast")

    if main_arena is not None:
        main_arena += m.libc_base

    if malloc_par is not None:
        malloc_par += m.libc_base
        
    m.main_arena = main_arena
    m.malloc_par = malloc_par 
開發者ID:danigargu,項目名稱:heap-viewer,代碼行數:46,代碼來源:config.py

示例6: resolve

# 需要導入模塊: import idc [as 別名]
# 或者: from idc import get_qword [as 別名]
def resolve(self, alphabet, nids, symbols, libraries):
    
        if self.INFO > Relocation.R_X86_64_ORBIS_GOTPCREL_LOAD:
            self.INDEX = self.INFO >> 32
            self.INFO &= 0xFF
            symbol = next(value for key, value in enumerate(symbols) if key + 2 == self.INDEX)[1]
        
        # Library
        try:
            lid1 = alphabet[symbol[12:13]]
            
            # [base64]#
            if symbol[13:14] == '#':
                library = libraries[lid1]
            
            # [base64][base64]#
            elif symbol[14:15] == '#':
                lid2 = alphabet[symbol[13:14]]
                library = libraries[lid1 + lid2]
            
            else:
                raise
        
        # Not a NID
        except:
            library = ''
        
        # Function Name (Offset) == Symbol Value + AddEnd (S + A)
        # Library Name  (Offset) == Symbol Value (S)
        real = idc.get_qword(self.OFFSET)
        idc.add_func(real)
        
        # Hacky way to determine if this is the real function...
        real -= 0x6 if idc.print_insn_mnem(real) == 'push' else 0x0
        
        # Resolve the NID...
        idc.set_cmt(real, 'NID: ' + symbol, False)
        function = nids.get(symbol[:11], symbol)
        
        # Rename the Jump Function...
        idc.set_name(self.OFFSET, '__imp_' + function, SN_NOCHECK | SN_NOWARN | SN_FORCE)
        
        # Rename the Real Function...
        idc.set_name(real, function, SN_NOCHECK | SN_NOWARN | SN_FORCE)
        
        try:
            import_node = idaapi.netnode(library, 0, True)
            import_node.supset(ea2node(real), function)
        
            # Requires customized loader.i / ida_loader.py(d)
            idaapi.import_module(library, None, import_node.index(), None, 'linux')
        
        except:
            pass
        
        return self.type() 
開發者ID:SocraticBliss,項目名稱:ps4_module_loader,代碼行數:58,代碼來源:ps4_module.py

示例7: notify_gen_map_file

# 需要導入模塊: import idc [as 別名]
# 或者: from idc import get_qword [as 別名]
def notify_gen_map_file(self, qfile):
        """
        Generate map file. If this function is absent then the kernel will create the map file.
        This function returns number of lines in output file.
        0 - empty file, -1 - write error
        """
    
        dump = []
        
        for method in self.abc.methods:

            if (method["body"] is None):
                continue

            methodInfo1 = idc.get_qword(method["pos"])
            methodInfo2 = idc.get_qword(method["pos"]+8)
            index = method["id"]
            
            ea = method["body"]["pos"]
            length = method["body"]["length"]
        
            name = get_name(ea)
        
            start = ea
            end = ea + length
        
            instructions = {}
        
            while (ea < end):
            
                line = generate_disasm_line(ea, GENDSM_REMOVE_TAGS)
                instructions[ea-start] = line
        
                ea += get_item_size(ea)
        
            dump.append({"id": index, "info": methodInfo1 + methodInfo2, "name": name, "instructions": instructions})
        
        data = cPickle.dumps(dump)
        
        qfile.write(data)

        return len(data.splitlines())

    # ---------------------------------------------------------------------- 
開發者ID:KasperskyLab,項目名稱:ActionScript3,代碼行數:46,代碼來源:as3.py


注:本文中的idc.get_qword方法示例由純淨天空整理自Github/MSDocs等開源代碼及文檔管理平台,相關代碼片段篩選自各路編程大神貢獻的開源項目,源碼版權歸原作者所有,傳播和使用請參考對應項目的License;未經允許,請勿轉載。