Esempi in Python per get_debug_names

Linguaggio di programmazione: Python

Spazio dei nomi/nome del pacchetto: idaapi

Metodo/funzione: get_debug_names

Esempi su hotexamples.com: 4

get_debug_names in Python: 4 esempi trovati. Questi sono i migliori esempi reali in Python per idaapi.get_debug_names, estratti da progetti open source. Li puoi valutare, per aiutarci a migliorare la qualità dei nostri esempi.

Esempio n. 1

Mostra file

File: CallStackWalk.py Progetto: 5l1v3r1/nightmare-2

def main():
    if not idaapi.is_debugger_on():
        idc.Warning("Please run the process first!")
        return
    if idaapi.get_process_state() != -1:
        idc.Warning("Please suspend the debugger first!")
        return

    # only avail from IdaPython r232
    if hasattr(idaapi, "NearestName"):
        # get all debug names
        dn = idaapi.get_debug_names(idaapi.cvar.inf.minEA, idaapi.cvar.inf.maxEA)
        # initiate a nearest name search (using debug names)
        nn = idaapi.NearestName(dn)
    else:
        nn = None

    ret, callstack = CallStackWalk(nn)
    if ret:
        title = "Call stack walker (thread %X)" % (GetCurrentThreadId())
        idaapi.close_chooser(title)
        c = CallStackWalkChoose(callstack, title)
        c.choose()
    else:
        idc.Warning("Failed to walk the stack:" + callstack)

Esempio n. 2

Mostra file

File: resolve_api_dridex.py Progetto: tuian/IDA-appcall

def resolve_n_comment(func, func_name):
    """
    Resolve API
    """

    for xref in XrefsTo(LocByName(func_name)):
        # init retrieve arguments
        val1_ea = search_inst(xref.frm, "mov", "edx")
        val1_op = GetOperandValue(val1_ea, 1)
        val2_ea = search_inst(PrevHead(val1_ea), "mov", "ecx")
        val2_op = GetOperandValue(val2_ea, 1)

        # Call Dridex's func
        try:
            addr = func(val1_op, val2_op)
        except:
            continue

        try:
            # Get exported names of all loaded modules
            names = idaapi.get_debug_names(idaapi.cvar.inf.minEA,
                                           idaapi.cvar.inf.maxEA)
            # Add comments
            MakeComm(xref.frm, "{:}".format(names[addr].replace("_", "!")))
        except:
            continue

Esempio n. 3

Mostra file

File: IdaRetAddr.py Progetto: Trietptm-on-Coding-Algorithms/IdaRetAddr

def main():
    if not idaapi.is_debugger_on():
        idc.Warning("Please run the process first!")
        return
    if idaapi.get_process_state() != -1:
        idc.Warning("Please suspend the debugger first!")
        return

    info = idaapi.get_inf_structure()
    if info.is_64bit():
        long_size = 8
    elif info.is_32bit():
        long_size = 4
    else:
        idc.Warning("Only 32 or 64 bit is supported!")
        return

    # only avail from IdaPython r232
    if hasattr(idaapi, "NearestName"):
        # get all debug names
        dn = idaapi.get_debug_names(idaapi.cvar.inf.minEA,
                                    idaapi.cvar.inf.maxEA)
        # initiate a nearest name search (using debug names)
        nn = idaapi.NearestName(dn)
    else:
        nn = None

    RetAddrStackWalk(nn, long_size)

Esempio n. 4

Mostra file

File: ex_debug_names.py Progetto: xcode2010/XMicro

def main():
    if not idaapi.is_debugger_on():
        print("Please run the process first!")
        return
    if idaapi.get_process_state() != -1:
        print("Please suspend the debugger first!")
        return

    dn = idaapi.get_debug_names(idaapi.cvar.inf.min_ea, idaapi.cvar.inf.max_ea)
    for i in dn:
        print("%08x: %s" % (i, dn[i]))