常用的脚本
import idautils
import idaapi
# 解析为code
def make_code(start, end):
for i in range((end - start) / 4):
addr = start + (i * 4)
idaapi.do_unknown_range(addr, 4, 0)
idaapi.auto_make_code(addr)
return
# 解析为function,相当于 P
def make_function(start, end):
idc.MakeFunction(start, end)
return
# 查找调用addr的地方,并加断点
def addBreakpoint(addr):
string_dt_init_ea = addr
refs = XrefsTo(string_dt_init_ea)
useful_ref = 0
for ref in refs:
useful_ref = ref.frm
AddBpt(useful_ref)
AddBpt(useful_ref + 0x4)
# 打印data的数据
def get_string(startAddr, endAddr):
out = ""
index = 1
charStartAddr = startAddr
res = ''
line = 0
while (startAddr < endAddr) :
res += hex(Byte(startAddr)) + ','
if line == 15:
res += '\n'
startAddr += 1
line = 0
else:
line += 1
startAddr += 1
print (res)
print ("end")
调用示例
start = 0xAF1C982C
end = start + 0x838c
print(hex(end))
#make_code(start, end)
make_function(start, end)
#addr = 0xAF1B854C
#addBreakpoint(addr)
#get_string(start, end)
``
网友评论