def dump_binary(fname):
max_addr = 0
# Check if we have a buggy IDA or not
try:
idaapi.get_many_bytes_ex(0, 1)
except TypeError:
buggy = True
else:
buggy = False
if buggy:
f = idaapi.qfile_t()
f.open(fname, 'wb+')
segments = [x for x in idautils.Segments()]
max_addr = idc.GetSegmentAttr(segments[-1], idc.SEGATTR_END)
# TODO check max_addr to see if it's sane to write such a big file
idaapi.base2file(f.get_fp(), 0, 0, max_addr)
f.close()
else:
with open(fname, 'wb+') as f:
# over all segments
for s in idautils.Segments():
start = idc.GetSegmentAttr(s, idc.SEGATTR_START)
end = idc.GetSegmentAttr(s, idc.SEGATTR_END)
# print "Start: %x, end: %x, size: %x" % (start, end, end-start)
max_addr = max(max_addr, end)
f.seek(start, 0)
# Only works with fixed IDAPython.
f.write(idaapi.get_many_bytes_ex(start, end - start)[0])
dump_log.debug("section[dump] = 0, 0x%x, 0, 0x%x", max_addr, max_addr)
def dump_binary(path):
max_addr = 0
# Check if we have a buggy IDA or not
try:
idaapi.get_many_bytes_ex(0, 1)
except TypeError:
buggy = True
else:
buggy = False
if buggy:
f = idaapi.qfile_t()
try:
f.open(path, 'wb+')
except TypeError:
# Another ugly hack for IDA 6/7 compat (unicode strings)
f.open(str(path), 'wb+')
segments = [idaapi.getnseg(x) for x in range(idaapi.get_segm_qty())]
# no need for IDA 7 compat, it's not buggy
max_addr = segments[-1].endEA
if max_addr > 200 * 1024 * 1024:
askyn = idaapi.ask_yn if hasattr(idaapi,
"ask_yn") else idaapi.askyn_c
if askyn(
idaapi.ASKBTN_NO, "Dump file is over 200MB,"
" do you want to dump it anyway ?") != idaapi.ASKBTN_YES:
return None
idaapi.base2file(f.get_fp(), 0, 0, max_addr)
f.close()
return [("dump", 0, max_addr, 0, max_addr)]
else:
sections = []
current_offset = 0
with open(path, 'wb+') as f:
# over all segments
for n in range(idaapi.get_segm_qty()):
seg = idaapi.getnseg(n)
if hasattr(seg, "start_ea"):
start_ea = seg.start_ea
else:
start_ea = seg.startEA
if hasattr(seg, "end_ea"):
end_ea = seg.end_ea
else:
end_ea = seg.endEA
size = end_ea - start_ea
# Only works with fixed IDAPython.
f.write(idaapi.get_many_bytes_ex(start_ea, size)[0])
sections.append((idaapi.get_segm_name(seg), start_ea, size,
current_offset, size))
current_offset += size
dump_log.debug(repr(sections))
return sections
def dump_binary(path):
max_addr = 0
# Check if we have a buggy IDA or not
try:
idaapi.get_many_bytes_ex(0, 1)
except TypeError:
buggy = True
else:
buggy = False
if buggy:
f = idaapi.qfile_t()
f.open(path, 'wb+')
segments = [idaapi.getnseg(x) for x in range(idaapi.get_segm_qty())]
max_addr = segments.endEA # no need for IDA 7 compat, it's not buggy
if max_addr > 200 * 1024 * 1024:
if idaapi.ask_yn(
idaapi.ASKBTN_NO, "Dump file is over 200MB,"
" do you want to dump it anyway ?") != idaapi.ASKBTN_YES:
return None
idaapi.base2file(f.get_fp(), 0, 0, max_addr)
f.close()
return [("dump", 0, max_addr, 0, max_addr)]
else:
sections = []
current_offset = 0
with open(path, 'wb+') as f:
# over all segments
for n in range(idaapi.get_segm_qty()):
seg = idaapi.getnseg(n)
start_ea = seg.start_ea if hasattr(seg,
"start_ea") else seg.startEA
end_ea = seg.end_ea if hasattr(seg, "end_ea") else seg.endEA
size = end_ea - start_ea
# print "Start: %x, end: %x, size: %x" % (start, end, end-start)
# Only works with fixed IDAPython.
f.write(idaapi.get_many_bytes_ex(start_ea, size)[0])
sections.append((idaapi.get_segm_name(seg), start_ea, size,
current_offset, size))
current_offset += size
dump_log.debug(repr(sections))
return sections