def doStepOver(self):
#print('in doStepOver')
idaapi.step_over()
idc.GetDebuggerEvent(idc.WFNE_SUSP, -1)
cur_addr = idc.GetRegValue(self.PC)
if cur_addr > self.kernel_base:
self.runToUserSpace()
def doStepOver(self):
#print('in doStepOver')
idaapi.step_over()
#print('back from step over')
idc.GetDebuggerEvent(idc.WFNE_SUSP, -1)
#print('back getDebuggerEvent')
cur_addr = idc.GetRegValue(self.PC)
#print('cur_addr is 0x%x' % cur_addr)
if cur_addr > self.kernel_base:
print('run to user space')
self.runToUserSpace()
def doStepOver(self):
#print('in doStepOver')
idaapi.step_over()
#print('back from step over')
idaversion.wait_for_next_event(idc.WFNE_SUSP, -1)
#print('back getDebuggerEvent')
cur_addr = idaversion.get_reg_value(self.PC)
#print('cur_addr is 0x%x' % cur_addr)
if cur_addr > self.kernel_base:
print('doStepOver in kernel run to user space')
self.runToUserSpace()
else:
print('doStepOver signal client')
self.signalClient()
def fn_f8():
idaapi.step_over()
GetDebuggerEvent(WFNE_SUSP | WFNE_CONT, -1)
#used to follow instructions when debug
import idaapi
x=0
while x<100:
idaapi.step_over()
GetDebuggerEvent(WFNE_SUSP, -1)
rv = idaapi.regval_t()
idaapi.get_reg_val('EIP',rv)
print GetDisasm(rv.ival)
if GetMnem(rv.ival) == "retn":
break
x = x + 1
def step_until_ret():
mnem = idc.GetMnem(idc.here())
while not mnem == 'retn':
idaapi.step_over()
idc.GetDebuggerEvent(idc.WFNE_SUSP, -1)
mnem = idc.GetMnem(idc.here())