forked from dev-zzo/idascripts
-
Notifications
You must be signed in to change notification settings - Fork 0
/
MsvcScript.py
83 lines (69 loc) · 2.05 KB
/
MsvcScript.py
1
import idaapiimport Msvc.RttiMsvc.Rtti = reload(Msvc.Rtti)print "*" * 40print "dev_zzo's Uber MSVC Script!"print "*" * 40def rtti_scan() : Msvc.Rtti.scanRtti()def rtti_td(ea) : try : print Msvc.Rtti.TypeDescriptor(ea) except Exception, e: print str(e)def hk_rtti_td() : rtti_td(idaapi.get_screen_ea())def rtti_bcd(ea) : try : print Msvc.Rtti.BaseClassDescriptor(ea) except Exception, e: print str(e)def hk_rtti_bcd() : rtti_bcd(idaapi.get_screen_ea())def rtti_chd(ea) : try : print Msvc.Rtti.ClassHierarchyDescriptor(ea) except Exception, e: print str(e)def hk_rtti_chd() : rtti_chd(idaapi.get_screen_ea())def rtti_col(ea) : try : print Msvc.Rtti.CompleteObjectLocator(ea) except Exception, e: print str(e)def hk_rtti_col() : rtti_col(idaapi.get_screen_ea())def reg_hotkey(hotkey, func) : hk_ctx = idaapi.add_hotkey(hotkey, func) if hk_ctx is None: print("Failed to register hotkey `%s'!" % hotkey)reg_hotkey('Shift-Ctrl-Alt-T', hk_rtti_td)reg_hotkey("Shift-Ctrl-Alt-B", hk_rtti_bcd)reg_hotkey("Shift-Ctrl-Alt-H", hk_rtti_chd)reg_hotkey("Shift-Ctrl-Alt-L", hk_rtti_col)print "Call msvc_help() for help."def msvc_help() : print """ Welcome!Useful functions:rtti_scan() Scan for RTTI information; mark up structures and VFTables. This *will* take some time.rtti_td(ea) Parse the TypeDescriptor structure at the given ea.rtti_bcd(ea) Parse the BaseClassDescriptor structure at the given ea.rtti_chd(ea) Parse the ClassHierarchyDescriptor structure at the given ea.rtti_col(ea) Parse the CompleteObjectLocator structure at the given ea.Useful key combos:Shift-Ctrl-Alt-T Parse the TypeDescriptor structure at the cursor position.Shift-Ctrl-Alt-B Parse the BaseClassDescriptor structure at the cursor position.Shift-Ctrl-Alt-H Parse the ClassHierarchyDescriptor structure at the cursor position.Shift-Ctrl-Alt-L Parse the CompleteObjectLocator structure at the cursor position."""