Python idc 模块,MinEA() 实例源码

我们从Python开源项目中,提取了以下9个代码示例,用于说明如何使用idc.MinEA()

项目:dsc_fix    作者:deepinstinct    | 项目源码 | 文件源码
def get_bad_addresses(verbose=True):
    """ gets all the unmapped addressed from IDA's database """
    ret = []
    curEa = idc.MinEA()
    while True:
        if verbose:
            print "[+] getting more bad addresses 0x%08X" % (curEa)
        # the regex "(DC[DQ]| B.*) +0x" will retrieve the following:
        # 1. DCD 0x...
        # 2. DCQ 0x...
        # 3. B   0x.....
        # 4. BL  0x....
        curEa = get_next_bad_addr(curEa, "(DC[DQ]| B.*) +0x")
        if curEa == idc.BADADDR:
            break
        if verbose:
            print "[+] found bad address at 0x%08X" % (curEa)
        dcd = idc.GetDisasm(curEa)
        res = re.findall("0x\w{8,}", dcd)
        for r in res:
            ret.append(int(r, 16))
    if verbose:
        print "[+] found %d bad addresses" % len(ret)
    return ret
项目:PythonForWindows    作者:hakril    | 项目源码 | 文件源码
def reset():
        idc.MakeUnknown(idc.MinEA(), 0x1000, 0)
        for i in range(0x1000):
            idc.PatchByte(idc.MinEA() + i, 0)
项目:PythonForWindows    作者:hakril    | 项目源码 | 文件源码
def tst():
        reset()
        midap.here(idc.MinEA()).write(s.get_code())
        idc.MakeFunction(idc.MinEA())

    # tst()
项目:PythonForWindows    作者:hakril    | 项目源码 | 文件源码
def reset():
        idc.MakeUnknown(idc.MinEA(), 0x1000, 0)
        for i in range(0x1000):
            idc.PatchByte(idc.MinEA() + i, 0)
项目:PythonForWindows    作者:hakril    | 项目源码 | 文件源码
def tst():
        reset()
        midap.here(idc.MinEA()).write(s.get_code())
        idc.MakeFunction(idc.MinEA())
项目:polichombr    作者:ANSSI-FR    | 项目源码 | 文件源码
def renamed(self, *args):
            g_logger.debug("[IDB Hook] Something is renamed")
            ea, new_name, is_local_name = args
            if ea >= idc.MinEA() and ea <= idc.MaxEA():
                if is_local_name:
                    g_logger.warning("Local names are unimplemented")
                    pass
                else:
                    if not SkelUtils.name_blacklist(new_name):
                        self.skel_conn.push_name(ea, new_name)
            else:
                g_logger.warning("ea outside program...")

            return idaapi.IDP_Hooks.renamed(self, *args)
项目:idadiff    作者:0x00ach    | 项目源码 | 文件源码
def sample_source():
    global full_hash
    full_hash = ""
    c = 0
    for addr in idautils.Functions(idc.MinEA(),idc.MaxEA()):
        fname = idc.GetFunctionName(addr)
        full_hash += normalize_fname(fname)+":"+calc_hash(addr)+":"+shexst(addr)+"|"
        c = c+1
    if c > 1000:
        print "Too many subs. Plz run:"
        print "SRC SAMPLE : open('lame_ipc.txt','wb').write(full_hash)"
        print "DST SAMPLE : src_data = open('lame_ipc.txt','rb').read(full_hash)"
    else:
        print 'src_data = "' + full_hash + '"'
    return
项目:idadiff    作者:0x00ach    | 项目源码 | 文件源码
def sample_dest():
    global src_data
    if src_data is None:
        print "run the src_data = ... first"
        return
    src_hashes = {}
    for i in src_data.split("|"):
        z = i.split(":")
        if len(z) < 2:
            continue
        if src_hashes.has_key(z[1]):
            src_hashes[z[1]] = "baadf00d"
        else:
            src_hashes[z[1]] = z[0]
    dst_hashes = {}
    for addr in idautils.Functions(idc.MinEA(),idc.MaxEA()):
            fname = idc.GetFunctionName(addr)
            z = calc_hash(addr)
            if dst_hashes.has_key(z):
                dst_hashes[z] = "baadf00d"
            else:
                dst_hashes[z] = addr
    c = 0
    for tmp in dst_hashes:
        if dst_hashes[tmp] == "baadf00d":
            continue
        if src_hashes.has_key(tmp):
            if src_hashes[tmp] != "baadf00d":
                idc.MakeNameEx(dst_hashes[tmp],"SHARED_"+src_hashes[tmp], SN_NOWARN)
                c = c+1
    print "%d subs have been renamed" % (c)
    return
项目:dsc_fix    作者:deepinstinct    | 项目源码 | 文件源码
def main():
    if _IN_IDA:
        # # get dyld_shared_cache path from IDA's openFile dialog
        print "[+] Please choose the original dyld_shared_cache_arm64"
        dsc_path = idc.AskFile(0, "*.*", "dyld shared cache file")
    else:
        dsc_path = sys.argv[1]

    if not dsc_path or not os.path.exists(dsc_path):
        raise RuntimeError("Couldn't find the dyld shared cache file..")

    print "[+] about to parse %s.." % (dsc_path)
    dsc_file = open(dsc_path, "rb")
    adrfind = AddrFinder(dsc_file, cache_symbols=False)
    map_shared_bridges(dsc_file, adrfind)
    if _IN_IDA:
        addresses = sorted(set(get_bad_addresses()))
    else:
        addresses = sorted(set(eval(open("addrs.txt", "rb").read())))

    segments, exports = get_segments_and_exports_for_addresses(addresses, adrfind)
    # segments = join_neighbors(segments, threshold=0x1000)
    if _IN_IDA:
        map_segments(segments, dsc_file)
        map_exports(exports)
        idaapi.analyze_area(idc.MinEA(), idc.MaxEA())