Exemple #1
0
def mod_base(module):
    module = "lib" + module + ".so"
    modules = idautils.Modules()
    if modules:
        for m in modules:
            if m.name.endswith(module):
                return m.base
    return idc.get_first_seg()
Exemple #2
0
    def _get_segments(self, attr):
        segments = []
        start = idc.BADADDR
        end = idc.BADADDR
        seg = idc.get_first_seg()

        while seg != idc.BADADDR:
            if idc.get_segm_attr(seg, idc.SEGATTR_TYPE) == attr:
                start = idc.get_segm_start(seg)
                end = idc.get_segm_end(seg)
                segments.append((start, end))
            seg = idc.get_next_seg(seg)

        return segments
Exemple #3
0
def get_segments_filtered(filter_func=None):
    segments = []
    ea = idc.get_first_seg()
    while True:
        name = idc.get_segm_name(ea)
        if filter_func and filter_func(ea):
            ea = idc.get_next_seg(ea)
            if ea is idc.BADADDR:
                break
            continue
        if not name in segments:
            segments.append(name)
        ea = idc.get_next_seg(ea)
        if ea is idc.BADADDR:
            break
    return segments
Exemple #4
0
 def add_rodata_segment(self):
     last_seg_end = idc.get_first_seg()
     # print(hex(last_seg_end))
     for s in idautils.Segments():
         start = idc.get_segm_start(s)
         end = idc.get_segm_end(s)
         if int(start) != int(last_seg_end):
             # found
             idaapi.add_segm(0, last_seg_end, start, "roooodata", "CONST")
             print("Adding segment from 0x%x to 0x%x" %
                   (last_seg_end, start))
             print("OK")
             break
         else:
             last_seg_end = end
     idc.plan_and_wait(ida_ida.inf_get_min_ea(), ida_ida.inf_get_max_ea())
     # idc.plan_and_wait(idc.MinEA(), idc.MaxEA())
     self.start = last_seg_end
     self.end = start
     return last_seg_end, start
Exemple #5
0
def apply_tdinfo_symbols():
    # A heuristic, since get_imagebase returns wrong result
    image_base = idc.get_first_seg()

    parsed_exe_file = _parse_exe_file()

    applied_symbols_count = 0
    already_existing_symbols_count = 0
    for symbol in parsed_exe_file.symbol_records:
        try:
            _apply_tdinfo_symbol(image_base, parsed_exe_file.name_pool, symbol)
            applied_symbols_count += 1
        except TdinfoParserSymbolAlreadyAppliedException:
            already_existing_symbols_count += 1
        except TdinfoParserException:
            pass

    print('Detected {} global symbols.'.format(
        parsed_exe_file.tdinfo_header.globals_count)),
    print('{} identical symbols already existed, {} new symbols were applied.'.
          format(already_existing_symbols_count, applied_symbols_count))
Exemple #6
0
currentMnem = ''
prevMnem = ''
nextMnem = ''
currentOp = ''

print("Running IDA setup script")
print("Setting startup options")

# set demangled names options to show names
idc.set_inf_attr(INF_DEMNAMES, DEMNAM_NAME)
# show the address next to each command
idc.set_inf_attr(INF_OUTFLAGS, OFLG_SHOW_PREF)
idc.set_inf_attr(INF_PREFFLAG, 0)
print("Finished setting options")

currentEA = idc.get_first_seg()
currentEA = idc.next_head(currentEA, 0xFFFFFFFFFFFFFFFF)

while (currentEA != BADADDR):
    currentMnem = idc.print_insn_mnem(currentEA)

    #Highlight call functions
    if (currentMnem == "call"):
        #check to see if it's a call pop
        nextMnem = idc.print_insn_mnem(idc.get_operand_value(currentEA, 0))
        if nextMnem == "pop":
            idc.set_color(currentEA, CIC_ITEM, 0xff1d4a)
            idc.set_color(idc.get_operand_value(currentEA, 0), CIC_ITEM,
                          0x4a1dFF)
        else:
            idc.set_color(currentEA, CIC_ITEM, 0xc7c7ff)