def get_code_segments(): segments = [] for ea in idautils.Segments(): s = ida_segment.getseg(ea) if ida_segment.get_segm_class(s) == 'CODE': segments.append(s) return segments
def segm_added(self, s): self._send_event( SegmAddedEvent(ida_segment.get_segm_name(s), ida_segment.get_segm_class(s), s.start_ea, s.end_ea, s.orgbase, s.align, s.comb, s.perm, s.bitness, s.flags)) return 0
def _is_executable_seg(seg): """Returns `True` a segment's data is executable.""" if 0 != (seg.perm & ida_segment.SEGPERM_EXEC): return True seg_type = idc.get_segm_attr(seg.start_ea, idc.SEGATTR_TYPE) if seg_type in (idc.SEG_CODE, idc.SEG_XTRN): return True sclass = ida_segment.get_segm_class(seg) if sclass: return "CODE" in sclass or "XTRN" in sclass return False
def processSegments(): segments = list() for n in xrange(ida_segment.get_segm_qty()): seg = ida_segment.getnseg(n) if seg: segm = { 'name': ida_segment.get_segm_name(seg), 'start_ea': seg.start_ea, 'class': ida_segment.get_segm_class(seg) } segments.append(segm) return segments
def __process_segments(self): segments = list() for n in xrange(ida_segment.get_segm_qty()): seg = ida_segment.getnseg(n) if seg: segm = { 'name' : ida_segment.get_segm_name(seg), 'start_rva' : seg.start_ea - self._base, 'class' : ida_segment.get_segm_class(seg), 'selector' : seg.sel } segments.append(segm) return segments
def __process_segments(self): segments = list() for n in range(0, ida_segment.get_segm_qty()): seg = ida_segment.getnseg(n) if seg: segm = { 'align' : self.__describe_alignment(seg.align), 'bitness' : self.__describe_bitness(seg.bitness), 'name' : ida_segment.get_segm_name(seg), 'rva_start' : seg.start_ea - self._base, 'rva_end' : seg.end_ea - self._base, 'permission': self.__describe_permission(seg.perm), 'selector' : seg.sel, 'type' : ida_segment.get_segm_class(seg), } segments.append(segm) return segments
def xex_load_exports(li): global export_table_va export_table = HvImageExportTable() slen = ctypes.sizeof(export_table) bytes = ida_bytes.get_bytes(export_table_va, slen) fit = min(len(bytes), slen) ctypes.memmove(ctypes.addressof(export_table), bytes, fit) if export_table.Magic[0] != XEX_EXPORT_MAGIC_0 or export_table.Magic[ 1] != XEX_EXPORT_MAGIC_1 or export_table.Magic[ 2] != XEX_EXPORT_MAGIC_2: print("[+] Export table magic is invalid! (0x%X 0x%X 0x%X)" % (export_table.Magic[0], export_table.Magic[1], export_table.Magic[2])) return 0 print("[+] Loading module exports...") print(export_table) ordinal_addrs_va = export_table_va + slen for i in range(0, export_table.Count): func_ord = export_table.Base + i func_va = ida_bytes.get_dword(ordinal_addrs_va + (i * 4)) if func_va == 0: continue func_va = func_va + (export_table.ImageBaseAddress << 16) func_name = x360_imports.DoNameGen(idc.get_root_filename(), 0, func_ord) # Add to exports list & mark as func if inside a code section func_segmclass = ida_segment.get_segm_class( ida_segment.getseg(func_va)) idc.add_entry(func_ord, func_va, func_name, 1 if func_segmclass == "CODE" else 0) if func_segmclass == "CODE": idc.add_func(func_va) return 1
def segm_moved(self, from_ea, to_ea, size, changed_netmap): s = ida_segment.getseg(to_ea) sname = ida_segment.get_visible_segm_name(s) sclass = ida_segment.get_segm_class(s) self._get_notify("move_segm")(from_ea, to_ea, sname, sclass, changed_netmap)
def ev_moving_segm(self, s, to_ea, flags): sname = ida_segment.get_visible_segm_name(s) sclass = ida_segment.get_segm_class(s) return self._get_notify("moving_segm")(s.start_ea, sname, sclass, to_ea, flags)
def ev_creating_segm(self, s): sname = ida_segment.get_visible_segm_name(s) sclass = ida_segment.get_segm_class(s) return self._get_notify("creating_segm")(s.start_ea, sname, sclass)