def export_bp_notice(self): if not self.dbg_dialect: rs_log("idb isn't synced yet, can't export bp") return mod = self.name.split('.')[0].strip() nbp = ida_dbg.get_bpt_qty() for i in range(nbp): ea = idc.get_bpt_ea(i) attrs = [idc.BPTATTR_TYPE, idc.BPTATTR_COND, idc.BPTATTR_FLAGS] btype, cond, flags = [idc.get_bpt_attr(ea, x) for x in attrs] if cond: rs_log("bp %d: conditional bp not supported" % i) else: if ((btype in [idc.BPT_EXEC, idc.BPT_SOFT]) and ((flags & idc.BPT_ENABLED) != 0)): offset = ea - self.base bp = self.dbg_dialect['hbp' if (btype == idc.BPT_EXEC) else 'bp'] cmd = "%s%s+0x%x" % (bp, mod, offset) self.notice_broker("cmd", "\"cmd\":\"%s\"" % cmd) rs_log("bp %d: %s" % (i, cmd)) rs_log('export done')
def get_all_bpt_list(self): """ 获取所有断点的地址列表 """ bpt_list = [] bpt_num = ida_dbg.get_bpt_qty() bpt_t = ida_dbg.bpt_t() for i in range(bpt_num): if ida_dbg.getn_bpt(i, bpt_t) == True: bpt_list.append(bpt_t.ea) else: FELogger.info("获取断点失败 %d" % i) return bpt_list
def export_bp_notice(self): if not self.dbg_dialect: rs_log("idb isn't synced yet, can't export bp") return is_windbg = (self.dbg_dialect == 'windbg') # Windbg supports relative address, ie. mod+0xCAFE # for non relative address the remote base address is needed if (not is_windbg) and (not self.base_remote): rs_log("idb isn't enabled, can't export bp") return mod = self.name.split('.')[0].strip() nbp = ida_dbg.get_bpt_qty() for i in range(nbp): ea = idc.get_bpt_ea(i) attrs = [idc.BPTATTR_TYPE, idc.BPTATTR_COND, idc.BPTATTR_FLAGS] btype, cond, flags = [idc.get_bpt_attr(ea, x) for x in attrs] if cond: rs_log("bp %d: conditional bp not supported" % i) else: if ((btype in [idc.BPT_EXEC, idc.BPT_SOFT]) and ((flags & idc.BPT_ENABLED) != 0)): bp = self.dbg_dialect['hbp' if (btype == idc.BPT_EXEC) else 'bp'] if is_windbg: offset = ea - self.base cmd = "%s%s+0x%x" % (bp, mod, offset) else: offset = self.rebase_remote(ea) cmd = "%s0x%x" % (bp, offset) self.notice_broker("cmd", "\"cmd\":\"%s\"" % cmd) rs_log("bp %d: %s" % (i, cmd)) rs_log('export done')
def Breakpoints(): count = ida_dbg.get_bpt_qty() for i in range(0, count): ea = get_bpt_ea(i) bpt = idaapi.bpt_t() if not idaapi.get_bpt(ea, bpt): continue if bpt.type & BPT_SOFT != 0: yield (ea, BPNORMAL, 0, ida_bytes.get_wide_word(ea)) else: bptype = BPNORMAL if bpt.type == BPT_DEFAULT else BPHARDWARE hwtype = { BPT_WRITE: UE_HARDWARE_WRITE, BPT_RDWR: UE_HARDWARE_READWRITE, BPT_EXEC: UE_HARDWARE_EXECUTE }[bpt.type] hwsize = { 1: UE_HARDWARE_SIZE_1, 2: UE_HARDWARE_SIZE_2, 4: UE_HARDWARE_SIZE_4, 8: UE_HARDWARE_SIZE_8, }[bpt.size] yield (ea, bptype, (hwtype << 4 | hwsize), 0)
def get_bpt_qty(): if idaapi.IDA_SDK_VERSION <= 699: return idc.GetBptQty() else: return ida_dbg.get_bpt_qty()