1. 模块列表
  2. 函数列表
  3. idc.SegStart()

Python idc 模块,SegStart() 实例源码

我们从Python开源项目中,提取了以下16个代码示例,用于说明如何使用idc.SegStart()

项目:IDAPPL    作者:yufengzjj    | 项目源码 | 文件源码 
def enum_segm(self):
        i = 0
        for ea in idautils.Segments():
            seg = idaapi.getseg(ea)
            SigmName = idc.SegName(ea)
            startA = idc.SegStart(ea)
            endA = idc.SegEnd(ea)
            className = idaapi.get_segm_class(seg)
            seg_radio = SegmRadio(SigmName, startA, endA, className)
            self.segm.append((SigmName, startA, endA, className))
            self.segm_vbox.addWidget(seg_radio)
            self.segm_vbox.addStretch(1)
            if i == 0:
                i = 1
                seg_radio.toggle()
        return self.segm_vbox
项目:dsc_fix    作者:deepinstinct    | 项目源码 | 文件源码 
def map_exports(exports, verbose=True):
    """ gets an array of [(vaddress, name),..] and writes it to db"""
    if verbose:
        print "[+] going for %d exports" % (len(exports))
    for addr, export_name in exports:
        print "[+] creating export", export_name
        # check that there are no existing segments in that address
        if idc.SegStart(addr) == idc.BADADDR:
            print "[+] creating seg: 0x%08X: %d" % (addr, 4)
            idc.AddSegEx(addr,
                         addr + 4, 0, 0,
                         idaapi.saRelPara, idaapi.scPub,
                         idc.ADDSEG_FILLGAP)
        elif verbose:
            print "[!] Skipping creation of existing segment.."
        # set it as execuable
        idc.SetSegmentAttr(addr, idc.SEGATTR_PERM, SEGPERM_EXEC)
        if verbose:
            print "[+] making name: %s" % (export_name)
        make_name(addr, export_name)
项目:idasec    作者:RobinDavid    | 项目源码 | 文件源码 
def create_call_map(self, ftype):
        assert_ida_available()
        import idc
        import idautils
        seg_mapping = {idc.SegName(x): (idc.SegStart(x), idc.SegEnd(x)) for x in idautils.Segments()}
        imports = seg_mapping[".idata"] if ftype == PE else seg_mapping['.plt']
        start, stop = seg_mapping[".text"]
        current = start
        while current <= stop:
            inst = current
            if idc.GetMnem(inst) in ["call", "jmp"]:
                value = idc.GetOperandValue(inst, 0)
                name = idc.GetOpnd(inst, 0)
                if imports[0] <= value <= imports[1]:
                    entry = self.config.call_map.add()
                    entry.address = inst
                    entry.name = name
            current = idc.NextHead(current, stop)
项目:bap-ida-python    作者:BinaryAnalysisPlatform    | 项目源码 | 文件源码 
def addresses():
    """Generate all mapped addresses."""
    for s in idautils.Segments():
        ea = idc.SegStart(s)
        while ea < idc.SegEnd(s):
            yield ea
            ea = idaapi.nextaddr(ea)
项目:bap-ida-python    作者:BinaryAnalysisPlatform    | 项目源码 | 文件源码 
def output_symbols(out):
    """Dump symbols."""
    try:
        from idaapi import get_func_name2 as get_func_name
        # Since get_func_name is deprecated (at least from IDA 6.9)
    except ImportError:
        from idaapi import get_func_name
        # Older versions of IDA don't have get_func_name2
        # so we just use the older name get_func_name

    def func_name_propagate_thunk(ea):
        current_name = get_func_name(ea)
        if current_name[0].isalpha():
            return current_name
        func = idaapi.get_func(ea)
        temp_ptr = idaapi.ea_pointer()
        ea_new = idaapi.BADADDR
        if func.flags & idaapi.FUNC_THUNK == idaapi.FUNC_THUNK:
            ea_new = idaapi.calc_thunk_func_target(func, temp_ptr.cast())
        if ea_new != idaapi.BADADDR:
            ea = ea_new
        propagated_name = get_func_name(ea) or ''  # Ensure it is not `None`
        if len(current_name) > len(propagated_name) > 0:
            return propagated_name
        else:
            return current_name
            # Fallback to non-propagated name for weird times that IDA gives
            #     a 0 length name, or finds a longer import name

    for ea in idautils.Segments():
        fs = idautils.Functions(idc.SegStart(ea), idc.SegEnd(ea))
        for f in fs:
            out.write('("%s" 0x%x 0x%x)\n' % (
                func_name_propagate_thunk(f),
                idc.GetFunctionAttr(f, idc.FUNCATTR_START),
                idc.GetFunctionAttr(f, idc.FUNCATTR_END)))
项目:viv-utils    作者:williballenthin    | 项目源码 | 文件源码 
def get_functions():
    '''
    enumerate the functions in the currently loaded module.

    Yields:
      int: address of the function.
    '''
    startea = idc.BeginEA()
    for fva in idautils.Functions(idc.SegStart(startea), idc.SegEnd(startea)):
        yield fva
项目:ropf    作者:kevinkoo001    | 项目源码 | 文件源码 
def seg_start(ea):
    """Returns the start of the segment that ea belongs in."""
    return idc.SegStart(ea)
项目:iddaa    作者:0xddaa    | 项目源码 | 文件源码 
def get_seg_range(seg):
    for s in idautils.Segments():
        if idc.SegName(s) == seg:
            start_ea = idc.SegStart(s)
            end_ea = idc.SegEnd(s)
    return start_ea, end_ea
项目:IDAPPL    作者:yufengzjj    | 项目源码 | 文件源码 
def setupUI(self):
        ea = idc.ScreenEA()
        seg = idaapi.getseg(ea)
        SigmName = idc.SegName(ea)
        startA = idc.SegStart(ea)
        endA = idc.SegEnd(ea)
        className = idaapi.get_segm_class(seg)
        self.setWindowTitle("Jumper--%s %s %s" % (hex(ea - startA).upper(), SigmName, className))

        self.groupBox.setLayout(self.enum_segm())

        search_hbox = QHBoxLayout()
        search_hbox.addWidget(QLabel("search"))
        search_hbox.addWidget(self.search_edit)

        offset_hbox = QHBoxLayout()
        offset_hbox.addWidget(QLabel("offset"))
        offset_hbox.addWidget(self.off_edit)

        self.scroll = QScrollArea()
        self.scroll.setWidgetResizable(True)  # Set to make the inner widget resize with scroll area
        self.scroll.setWidget(self.groupBox)

        globle_vbox = QVBoxLayout(self)
        globle_vbox.addWidget(self.scroll)
        globle_vbox.addLayout(search_hbox)
        globle_vbox.addLayout(offset_hbox)

        btn_layout =  QHBoxLayout()
        jump = QPushButton("jump")
        jump.clicked.connect(self.jump_click)
        get_offset = QPushButton("offset")
        get_offset.clicked.connect(self.get_cur_offset)
        btn_layout.addWidget(jump)
        btn_layout.addWidget(get_offset)
        globle_vbox.addLayout(btn_layout)

        self.search_edit.textChanged.connect(self.search_changed)
项目:IDAPPL    作者:yufengzjj    | 项目源码 | 文件源码 
def get_cur_offset(self):
        ea = idc.ScreenEA()
        seg = idaapi.getseg(ea)
        SigmName = idc.SegName(ea)
        startA = idc.SegStart(ea)
        self.off_edit.setText(hex(ea - startA).upper())
        self.search_edit.setText(SigmName)
项目:dsc_fix    作者:deepinstinct    | 项目源码 | 文件源码 
def map_segments(segments, dsc_file, verbose=True):
    for segaddr, segsize, segdata in segments:
        print "[+] creating seg: 0x%08X: %d" % (segaddr, segsize)
        # check that there are no existing segments in that address
        if idc.SegStart(segaddr) == idc.BADADDR:
            idc.AddSegEx(segaddr,
                         segaddr + segsize, 0, 0,
                         idaapi.saRelPara, idaapi.scPub,
                         idc.ADDSEG_FILLGAP)
            # set it as read-only
            idc.SetSegmentAttr(segaddr, idc.SEGATTR_PERM, SEGPERM_READ)
        else:
            print "[!] Skipping creation of existing segment.."

        # after mapping the segment, write the data to the db.
        try:
            for addr, size, macho_offset in segdata:
                dsc_file.seek(macho_offset)
                memcpy(addr, dsc_file.read(size))
                if verbose:
                    print "0x%X, 0x%06X, 0x%06X: %s" % (addr,
                                                        size,
                                                        macho_offset,
                                                        dsc_file.read(size))
        except Exception:
            print segdata
            raise
项目:functions-plus    作者:ax330d    | 项目源码 | 文件源码 
def get_list_of_functions(self):
        '''Get all functions list.'''

        seg_ea = idc.BeginEA()
        functions_list = {}
        for func_ea in idautils.Functions(idc.SegStart(seg_ea), idc.SegEnd(seg_ea)):
            function_name = self.maybe_demangle(idc.GetFunctionName(func_ea))
            functions_list[function_name] = func_ea
        return functions_list
项目:idsearch    作者:xorpd    | 项目源码 | 文件源码 
def iter_lines():
    """
    Iterate through all line addresses in the IDB
    Yields addresses of all lines.
    """
    for ea in idautils.Segments():
        seg_start = idc.SegStart(ea)
        seg_end = idc.SegEnd(ea)

        cur_addr = seg_start
        while (cur_addr < seg_end) and (cur_addr != idaapi.BADADDR):
            yield cur_addr
            cur_addr = idc.NextHead(cur_addr)
项目:idasec    作者:RobinDavid    | 项目源码 | 文件源码 
def update_mapping(self):
        pass
        self.fun_mapping = {idc.GetFunctionName(x): (idaapi.get_func(x).startEA, idaapi.get_func(x).endEA-1) for x in
                            idautils.Functions()}
        self.seg_mapping = {idc.SegName(x): (idc.SegStart(x), idc.SegEnd(x)) for x in idautils.Segments()}
项目:FRAPL    作者:FriedAppleTeam    | 项目源码 | 文件源码 
def GetNextModuleBase():
    global g_NextLibBase
    g_NextLibBase = FirstSeg()
    while SegStart(g_NextLibBase) != BADADDR:
        g_NextLibBase += kModuleAlignment
    fl_log("FridaLink: next module base = " + ("0x%012x" % g_NextLibBase) + "\n")
项目:FRAPL    作者:FriedAppleTeam    | 项目源码 | 文件源码 
def LoadModule(platform, name, path):
    global g_NextLibBase

    if platform is not None:
        os_type = platform[:3]
        if os_type == "iOS":
            # check if it is custom or system framework
            app_idx = path.find(".app")

            if app_idx >=0:
                # custom framework
                local_path = path[app_idx+4:]
                bin_path = os.path.dirname(get_input_file_path())
                path = bin_path + local_path
            else:
                # system framework
                os_ver = platform[4:]
                home = os.path.expanduser("~")
                path = home + "/Library/Developer/Xcode/iOS DeviceSupport/" + os_ver + "/Symbols" + path

            # check if framework exists
            if os.path.exists(path) == False:
                fl_log("FridaLink: invalid path [ " + path + " ]\n")
                return

    fl_log("FridaLink: loading module '" + name + "' from [ " + path + " ]\n")
    res = load_loader_module(None, "macho", str(path), False)
    if res != 0:
        Wait()

        seg = get_segm_by_name("HEADER").startEA
        set_segm_name(getseg(seg), name)
        Wait()
        fl_log("FridaLink: set first sector name for loaded module to '" + name + "'\n")

        if seg < g_AppBase:
            fl_log("FridaLink: move module '" + name + "' to " + ('0x%012x' % g_NextLibBase) + "\n")

            # Move back all segments before main one (usually for OSX modules)
            while seg < g_AppBase:
                fl_log(('  0x%012x' % SegStart(seg)) + " -> " + ('0x%012x' % (SegStart(seg) + g_NextLibBase)) + ": " + SegName(seg) + "\n")
                MoveSegm(SegStart(seg), SegStart(seg) + g_NextLibBase, 0)
                Wait()
                seg = FirstSeg()

            g_NextLibBase += kModuleAlignment
            fl_log("FridaLink: next module base = " + ("0x%012x" % g_NextLibBase) + "\n")