반응형
Segments 이름 및 주소 리턴
import idc_bc695 as idc_695
for seg in Segments():
print(idc_695.SegName(seg))
print(hex(seg))
특정 주소의 함수 이름 리턴
import idc_bc695 as idc_695
ea = here()
print(idc_695.GetFunctionName(ea))
특정 함수의 Code Reference 주소 및 컬러 설정
import idc_bc695 as idc_695
fun_name = "_fopen"
fun_addr = idc_695.LocByName(fun_name)
for addr in CodeRefsTo(fun_addr, 0):
print(hex(addr), GetDisasm(addr)) // address, command
idc_695.SetColor(addr, CIC_ITEM, 0x00FFFF) // Set Color BGR
Frida Code Snippet
import idc_bc695 as idc_695
import clipboard
createBase = 0
def c_frida():
global createBase
code = ""
if(createBase==0):
createBase = 1
fileName = get_input_file_path().split("\\")[-1]
code += '''var base = Module.findBaseAddress("{fileName}")
'''.replace("{fileName}",fileName)
funName = idc_695.GetFunctionName(here())
funaddr = hex(idc_695.LocByName(funName))
relative_path = hex(int(funaddr,16)-0x100000000)
code += '''var sub1 = base.add({relative_path})
Interceptor.attach(sub1,{
onEnter:function(args){
console.log("{relative_path} IN")
}onLeave:function(retval){
console.log("{relative_path} Retrun : "+retval)
}
})'''.replace("{relative_path}",relative_path)
clipboard.copy(code)
Reference
https://www.hex-rays.com/products/ida/support/idapython_docs/
https://www.hex-rays.com/products/ida/support/idapython_docs/
www.hex-rays.com
'Study > Python' 카테고리의 다른 글
| [Windows] Sublimetext input() Not Working (0) | 2022.04.15 |
|---|---|
| [Python3] Extract String from File in Directory (0) | 2022.03.18 |
| [Python3] Tcp Socket Proxy tool (0) | 2022.03.10 |
| [Python] resolve "failed to create process." issue (0) | 2021.11.05 |
| [Django] FileUpload 설정 (0) | 2021.09.20 |
댓글