def get_memory_map():
api.Listmemory()
t = api.pluginvalue_to_t_table(api.Plugingetvalue(api.VAL_MEMORY))
rv = rpc.GetMemoryMapResult()
for i in xrange(t.data.n):
mi = rv.memories.add()
m = api.void_to_t_memory(api.Getsortedbyselection(t.data, i))
module = api.Findmodule(m.base)
module_name = ("'%s'" % module.name) if module else ''
mi.access = m.access
mi.base = m.base
mi.name = str(module_name)
mi.size = m.size
return rv
import ollyapi as oa
from os import path
t = oa.pluginvalue_to_t_table(oa.Plugingetvalue(oa.VAL_MODULES))
for i in xrange(t.data.n):
m = oa.void_to_t_module(oa.Getsortedbyselection(t.data, i))
print '%s : <%08X, %08X>' % (path.basename(m.path), m.base, m.size)
mi = {
'path': m.path,
'name': path.splitext(path.basename(m.path))[0],
'base': m.base,
'size': m.size
}
externals = list()
for off in xrange(m.codesize):
name = bytearray(oa.TEXTLEN)
if oa.Findname(m.codebase + off, oa.NM_EXPORT, name):
externals.append({'ea': m.codebase + off, 'name': str(name.replace('\x00', ''))})
mi['apis'] = externals
print mi
del t
import ollyapi as oa
symb = bytearray(2048)
comment = bytearray(oa.TEXTLEN)
n = oa.Decodeaddress(0x34114c, 0, oa.ADC_SYMBOL | oa.ADC_ENTRY, symb, 2048, comment)
print 'n: %s, symb: %s, comment: %s' % (n, symb.replace('\x00', ''), comment.replace('\x00', ''))
import ollyutils
print ollyutils.analyze_external_refs(0x34114c, 0x341150, 1)