def req_rln(self, hash): raddr = hash['raddr'] rs_debug("rln: 0x%x" % raddr) addr = self.rebase_local(raddr) if not addr: rs_log("could not rebase this address (0x%x)" % raddr) return sym = idaapi.get_func_name(addr) if sym: sym = self.demangle(sym) func = idaapi.get_func(addr) if not func: rs_log("could not find func for 0x%x" % addr) return lck = idaapi.lock_func(func) limits = ida_range.range_t() rs = ida_range.rangeset_t() if ida_funcs.get_func_ranges(rs, func) != ida_idaapi.BADADDR: limits.start_ea = rs.begin().start_ea limits.end_ea = rs.begin().end_ea if limits.start_ea != addr: if (addr > limits.start_ea): sym = "%s%s0x%x" % (sym, "+", addr - limits.start_ea) else: sym = "%s%s0x%x" % (sym, "-", limits.start_ea - addr) lck = None else: sym = idc.get_name(addr, ida_name.GN_VISIBLE) if sym: sym = self.demangle(sym) if sym: self.notice_broker('cmd', "\"cmd\":\"%s\"" % sym) rs_debug("resolved symbol: %s" % sym) else: rs_log("could not resolve symbol for address 0x%x" % addr)
def req_rln(self, hash): raddr, rbase, offset, base = hash['raddr'], hash['rbase'], hash[ 'offset'], hash['base'] rs_debug("rln: 0x%x - 0x%x - 0x%x - 0x%x" % (raddr, rbase, offset, base)) addr = self.rebase(rbase, raddr) if not addr: rs_log("could not rebase this address (0x%x)" % raddr) return sym = idaapi.get_func_name(addr) if sym: sym = self.demangle(sym) func = idaapi.get_func(addr) if not func: rs_log("could not find func for 0x%x" % addr) return lck = idaapi.lock_func(func) limits = idaapi.area_t() if idaapi.get_func_limits(func, limits): if limits.start_ea != addr: if (addr > limits.start_ea): sym = "%s%s0x%x" % (sym, "+", addr - limits.start_ea) else: sym = "%s%s0x%x" % (sym, "-", limits.start_ea - addr) lck = None else: sym = idc.get_name(addr, ida_name.GN_VISIBLE) if sym: sym = self.demangle(sym) if sym: self.notice_broker('cmd', "\"cmd\":\"%s\"" % sym) rs_debug("resolved symbol: %s" % sym) else: rs_log("could not resolve symbol for address 0x%x" % addr)
def req_rln(self, hash): raddr, rbase, offset, base = hash['raddr'], hash['rbase'], hash[ 'offset'], hash['base'] print("[*] 0x%x - 0x%x - 0x%x - 0x%x" % (raddr, rbase, offset, base)) addr = self.rebase(rbase, raddr) if not addr: print("[*] could not rebase this address (0x%x)" % raddr) return sym = idaapi.get_func_name(addr) if sym: sym = self.demangle(sym) func = idaapi.get_func(addr) if not func: print("[*] could not find func for 0x%x" % addr) return lck = idaapi.lock_func(func) limits = idaapi.area_t() if idaapi.get_func_limits(func, limits): if limits.startEA != addr: if (addr > limits.startEA): sym = "%s%s0x%x" % (sym, "+", addr - limits.startEA) else: sym = "%s%s0x%x" % (sym, "-", limits.startEA - addr) lck = None else: sym = idc.Name(addr) if sym: sym = self.demangle(sym) if sym: self.notice_broker("cmd", "\"cmd\":\"%s\"" % sym) print("[*] resolved symbol: %s" % sym) else: print("[*] could not resolve symbol for address 0x%x" % addr)
def req_rln(self, hash): raddr, rbase, offset, base = hash["raddr"], hash["rbase"], hash["offset"], hash["base"] print ("[*] 0x%x - 0x%x - 0x%x - 0x%x" % (raddr, rbase, offset, base)) addr = self.rebase(rbase, raddr) if not addr: print ("[*] could not rebase this address (0x%x)" % raddr) return sym = idaapi.get_func_name(addr) if sym: sym = self.demangle(sym) func = idaapi.get_func(addr) if not func: print ("[*] could not find func for 0x%x" % addr) return lck = idaapi.lock_func(func) limits = idaapi.area_t() if idaapi.get_func_limits(func, limits): if limits.startEA != addr: if addr > limits.startEA: sym = "%s%s0x%x" % (sym, "+", addr - limits.startEA) else: sym = "%s%s0x%x" % (sym, "-", limits.startEA - addr) lck = None else: sym = idc.Name(addr) if sym: sym = self.demangle(sym) if sym: self.notice_broker("cmd", '"cmd":"%s"' % sym) print ("[*] resolved symbol: %s" % sym) else: print ("[*] could not resolve symbol for address 0x%x" % addr)