Python idc.set_name() Examples
The following are 27
code examples of idc.set_name().
You can vote up the ones you like or vote down the ones you don't like,
and go to the original project or source file by following the links above each example.
You may also want to check out all available functions/classes of the module
idc
, or try the search function
.
.
Example #1
| Source File: idaxml.py From GhIDA with Apache License 2.0 | 6 votes |
|
def import_symbol(self, symbol):
"""
Adds a symbol name at the specified address.
Args:
symbol: SYMBOL XML element.
Contains symbol name and address. Optionally includes
type and mangled symbol.
"""
if self.options.Symbols.checked == False:
return
addr = self.get_address(symbol, ADDRESS)
name = self.get_attribute(symbol, NAME)
if self.has_attribute(symbol, MANGLED):
name = self.get_attribute(symbol, MANGLED)
flag = idc.SN_NOWARN
if self.has_attribute(symbol, TYPE):
typ = self.get_attribute(symbol, TYPE)
if typ == 'local':
flag |= idc.SN_LOCAL
idc.set_name(addr, name, flag)
self.update_counter(SYMBOL)
Example #2
| Source File: jayutils.py From flare-ida with Apache License 2.0 | 6 votes |
|
def makeNameHard_ida7(ea, name):
'''Keeps trying to name the given ea until it works, adding the optional _%d suffix'''
count = 0
ret = idc.set_name(ea, name, idc.SN_PUBLIC|idc.SN_NOWARN)
m = HARD_NAME_RE.match(name)
if m is not None:
#already a name in <name>_<count> format
name, count = m.group(1,2)
count = int(count)
if ret == 0:
while (count < 100) and (ret == 0):
newName = '%s_%d' % (name, count)
ret = idc.set_name(ea, newName, idc.SN_PUBLIC|idc.SN_NOWARN)
count += 1
########################################
Example #3
| Source File: as3.py From ActionScript3 with GNU General Public License v3.0 | 6 votes |
|
def parse_metadata(self):
start = Reader.pos
idc.set_name(Reader.pos, "cpool_metadata")
count = Reader.get_array_count()
for i in xrange(count):
name = Reader.read_encoded_u32()
item_count = Reader.get_array_count()
items = []
for j in xrange(item_count):
key = Reader.read_encoded_u32()
value = Reader.read_encoded_u32()
items.append({"key": key, "value": value})
self.abc_metadata.append({"name": name, "items": items})
create_byte(start, Reader.pos - start)
Example #4
| Source File: as3.py From ActionScript3 with GNU General Public License v3.0 | 6 votes |
|
def parse_strings(self):
idc.set_name(Reader.pos, "cpool_strings")
count = Reader.get_array_count()
for i in xrange(1, count, 1):
size = Reader.read_encoded_u32()
start = Reader.pos
string = ""
for i in xrange(size):
string += chr(Reader.read_byte())
self.abc_strings.append(string)
create_strlit(start, size, idc.STRTYPE_C)
Example #5
| Source File: ida_import.py From bnida with MIT License | 6 votes |
|
def import_names(names, sections):
"""
Import symbol names
:param names: Dict containing symbol info
:param sections: Dict containing section info
"""
for addr, name in names.items():
addr = adjust_addr(sections, int(addr))
if addr is None:
continue
name = sanitize_name(name)
if idc.get_name_ea_simple(name) == idaapi.BADADDR:
idc.set_name(addr, name)
Example #6
| Source File: ps4_module.py From ps4_module_loader with GNU General Public License v3.0 | 6 votes |
|
def resolve(self, address, nids, symbol):
# Resolve the NID...
idc.set_cmt(self.VALUE, 'NID: ' + symbol, False)
function = nids.get(symbol[:11], symbol)
#print('Function: %s | number: %s' % (function, idaapi.get_func_num(self.VALUE)))
if idaapi.get_func_num(self.VALUE) > 0:
idc.del_func(self.VALUE)
if self.VALUE > 0:
idc.add_func(self.VALUE)
idc.add_entry(self.VALUE, self.VALUE, function, True)
idc.set_name(self.VALUE, function, SN_NOCHECK | SN_NOWARN | SN_FORCE)
idc.set_cmt(address, '%s | %s' % (function, self.info()), False)
# PROGRAM START
# Open File Dialog...
Example #7
| Source File: analyser.py From UEFI_RETool with MIT License | 6 votes |
|
def _find_est(self, gvar, start, end):
RAX = 0
BS_OFFSET = 0x60
EFI_SYSTEM_TABLE = 'EFI_SYSTEM_TABLE *'
if self.arch == 'x86':
BS_OFFSET = 0x3c
ea = start
while (ea < end):
if ((idc.print_insn_mnem(ea) == 'mov')
and (idc.get_operand_value(ea, 0) == RAX)
and (idc.get_operand_value(ea, 1) == BS_OFFSET)):
if idc.SetType(gvar, EFI_SYSTEM_TABLE):
idc.set_name(gvar, 'gSt_{addr:#x}'.format(addr=gvar))
return True
ea = idc.next_head(ea)
return False
Example #8
| Source File: analyser.py From UEFI_RETool with MIT License | 6 votes |
|
def make_names(self):
"""make names in idb"""
EFI_GUID = 'EFI_GUID *'
EFI_GUID_ID = idc.get_struc_id('EFI_GUID')
self.get_boot_services()
self.get_protocols()
self.get_prot_names()
data = self.Protocols['all']
empty = True
for element in data:
try:
idc.SetType(element['address'], EFI_GUID)
self.apply_struct(element['address'], 16, EFI_GUID_ID)
name = '{prot_name}_{addr:#x}'.format(prot_name=element['protocol_name'], addr=element['address'])
idc.set_name(element['address'], name)
empty = False
print('[ {ea} ] {name}'.format(
ea='{addr:#010x}'.format(addr=element['address']),
name=name))
except:
continue
if empty:
print(' * list is empty')
Example #9
| Source File: line.py From Sark with MIT License | 5 votes |
|
def name(self, value):
idc.set_name(self.ea, value)
Example #10
| Source File: ida_api.py From Karta with MIT License | 5 votes |
|
def renameFunction(self, ea, name):
"""Rename the function at the specified address, using the supplied name.
Args:
ea (int): effective address of the wanted function
name (str): new name for the function
"""
idc.set_name(ea, name, idc.SN_CHECK)
# Overridden base function
Example #11
| Source File: mykutils.py From flare-ida with Apache License 2.0 | 5 votes |
|
def makename_safe(va, nm, max_tries=10):
"""Attempt to name @va as @nm appending numbers up to @max_tries.
Appends _0, _1, etc. until successful or bails after the specified number
of tries.
Args:
va (numbers.Integral): Virtual address to name.
nm (str): Name to apply
max_tries (numbers.Integral): Number of times to retry naming while
appending successive increasing number suffices
Returns:
True if successful else False
"""
if not all([va, nm]):
raise ValueError('makename_safe requires both va and nm args')
successful = False
tryname = nm
for i in range(max_tries):
if idc.set_name(va, tryname, idc.SN_NOWARN):
successful = True
break
tryname = '%s_%d' % (nm, i)
if not successful:
logger.error('Looped %d times and failed to name %s as %s(_N)' %
(max_tries, phex(va), nm))
return successful
Example #12
| Source File: as3.py From ActionScript3 with GNU General Public License v3.0 | 5 votes |
|
def analyze_code(self, is_new_file):
for i in xrange(len(self.abc.methods)):
if self.abc.methods[i]["body"] is not None:
code_pos = self.abc.methods[i]["body"]["pos"]
code_length = self.abc.methods[i]["body"]["length"]
reference = self.abc.methods[i]["refid"]
if (is_new_file):
print("%X - %X - %s" % (code_pos, code_length, reference))
auto_make_proc(code_pos)
if (reference != ""):
idc.set_name(code_pos, self.fix_bad_name(reference), SN_NOCHECK)
for exception in self.abc.methods[i]["body"]["exceptions"]:
exception_from = code_pos + exception["from"]
exception_to = code_pos + exception["to"]
exception_target = code_pos + exception["target"]
if (is_new_file):
auto_make_code(exception_target)
set_dummy_name(exception_from, exception_target)
self.exceptions.append({"from": exception_from, "to": exception_to,
"target": exception_target, "type": exception["type"],
"name": exception["name"]})
Example #13
| Source File: as3.py From ActionScript3 with GNU General Public License v3.0 | 5 votes |
|
def parse_scripts(self):
start = Reader.pos
idc.set_name(Reader.pos, "cpool_scripts")
count = Reader.get_array_count()
for i in xrange(count):
init = Reader.read_encoded_u32()
traits = self.parse_traits()
self.abc_scripts.append({"sinit": init, "traits": traits})
create_byte(start, Reader.pos - start)
Example #14
| Source File: util.py From mcsema with Apache License 2.0 | 5 votes |
|
def set_symbol_name(ea, name): global _FORCED_NAMES flags = idaapi.SN_PUBLIC | idaapi.SN_NOCHECK | idaapi.SN_NON_AUTO | idaapi.SN_NOWARN _FORCED_NAMES[ea] = name idc.set_name(ea, name, flags) # Tries to get the name of a symbol.
Example #15
| Source File: as3.py From ActionScript3 with GNU General Public License v3.0 | 5 votes |
|
def parse_namespaces(self):
start = Reader.pos
idc.set_name(Reader.pos, "cpool_namespaces")
self.abc_namespaces.append({"kind": 0, "name": 0})
count = Reader.get_array_count()
for i in xrange(1, count, 1):
kind = Reader.read_byte()
name = Reader.read_encoded_u32()
self.abc_namespaces.append({"kind": kind, "name": name})
create_byte(start, Reader.pos - start)
Example #16
| Source File: as3.py From ActionScript3 with GNU General Public License v3.0 | 5 votes |
|
def parse_doubles(self):
start = Reader.pos
idc.set_name(Reader.pos, "cpool_doubles")
count = Reader.get_array_count()
for i in xrange(1, count, 1):
self.abc_doubles.append(idc.get_qword(Reader.pos))
Reader.pos += 8
create_byte(start, Reader.pos - start)
Example #17
| Source File: as3.py From ActionScript3 with GNU General Public License v3.0 | 5 votes |
|
def parse_uintegers(self):
start = Reader.pos
idc.set_name(Reader.pos, "cpool_uints")
count = Reader.get_array_count()
for i in xrange(1, count, 1):
self.abc_uints.append(Reader.read_encoded_u32())
create_byte(start, Reader.pos - start)
Example #18
| Source File: as3.py From ActionScript3 with GNU General Public License v3.0 | 5 votes |
|
def parse_integers(self):
start = Reader.pos
idc.set_name(Reader.pos, "cpool_ints")
count = Reader.get_array_count()
for i in xrange(1, count, 1):
self.abc_ints.append(Reader.read_encoded_u32())
create_byte(start, Reader.pos - start)
Example #19
| Source File: IdaProxy.py From apiscout with BSD 2-Clause "Simplified" License | 5 votes |
|
def MakeName(self, ea, name):
if idaapi.IDA_SDK_VERSION < 700:
return idc.MakeNameEx(ea, name, 256)
else:
return idc.set_name(ea, name, 256)
Example #20
| Source File: ps4_module.py From ps4_module_loader with GNU General Public License v3.0 | 5 votes |
|
def process(self, nids, symbols):
if self.INFO > Relocation.R_X86_64_ORBIS_GOTPCREL_LOAD:
self.INDEX = self.INFO >> 32
self.INFO &= 0xFF
# Symbol Value + AddEnd (S + A)
if self.type() == 'R_X86_64_64':
self.INDEX += self.ADDEND
if self.type() != 'R_X86_64_DTPMOD64':
symbol = next(value for key, value in enumerate(symbols) if key + 2 == self.INDEX)[1]
# String (Offset) == Base + AddEnd (B + A)
if self.type() == 'R_X86_64_RELATIVE':
idaapi.put_qword(self.OFFSET, self.ADDEND)
idaapi.create_data(self.OFFSET, FF_QWORD, 0x8, BADNODE)
# TLS Object
elif self.type() in ['R_X86_64_DTPMOD64', 'R_X86_64_DTPOFF64']:
idc.set_name(self.OFFSET, 'tls_access_struct', SN_NOCHECK | SN_NOWARN | SN_FORCE)
# Object
else:
# Resolve the NID...
idc.set_cmt(self.OFFSET, 'NID: ' + symbol, False)
object = nids.get(symbol[:11], symbol)
# Rename the Object...
idc.set_name(self.OFFSET, object, SN_NOCHECK | SN_NOWARN | SN_FORCE)
idaapi.create_data(self.OFFSET, FF_QWORD, 0x8, BADNODE)
return self.type()
Example #21
| Source File: as3.py From ActionScript3 with GNU General Public License v3.0 | 4 votes |
|
def parse_multinames(self):
start = Reader.pos
idc.set_name(Reader.pos, "cpool_multinames")
self.abc_multinames.append({})
count = Reader.get_array_count()
for i in xrange(1, count, 1):
kind = Reader.read_byte()
if (kind == ConstKind.CONSTANT_Qname or kind == ConstKind.CONSTANT_QnameA):
ns = Reader.read_encoded_u32()
name = Reader.read_encoded_u32()
self.abc_multinames.append({"kind": kind, "name": name, "value": ns})
elif (kind == ConstKind.CONSTANT_RTQname or kind == ConstKind.CONSTANT_RTQnameA):
name = Reader.read_encoded_u32()
self.abc_multinames.append({"kind": kind, "name": name})
elif (kind == ConstKind.CONSTANT_RTQnameL or kind == ConstKind.CONSTANT_RTQnameLA):
self.abc_multinames.append({"kind": kind})
elif (kind == ConstKind.CONSTANT_Multiname or kind == ConstKind.CONSTANT_MultinameA):
name = Reader.read_encoded_u32()
ns_set = Reader.read_encoded_u32()
self.abc_multinames.append({"kind": kind, "name": name, "value": ns_set})
elif (kind == ConstKind.CONSTANT_MultinameL or kind == ConstKind.CONSTANT_MultinameLA):
ns_set = Reader.read_encoded_u32()
self.abc_multinames.append({"kind": kind, "value": ns_set})
elif (kind == ConstKind.CONSTANT_TypeName):
name = Reader.read_encoded_u32()
param_count = Reader.get_array_count()
params = []
for j in xrange(param_count):
params.append(Reader.read_encoded_u32())
self.abc_multinames.append({"kind": kind, "name": name, "value": params})
else:
raise Exception("parse_multinames: unknown kind")
create_byte(start, Reader.pos - start)
Example #22
| Source File: as3.py From ActionScript3 with GNU General Public License v3.0 | 4 votes |
|
def parse_methods(self):
start = Reader.pos
idc.set_name(Reader.pos, "cpool_methods")
count = Reader.get_array_count()
for i in xrange(count):
pos = Reader.pos
param_count = Reader.read_encoded_u32()
return_type = Reader.read_encoded_u32()
params = []
for j in xrange(param_count):
params.append(Reader.read_encoded_u32())
name = Reader.read_encoded_u32()
flags = Reader.read_byte()
options = []
if ((flags & MethodFlags.HAS_OPTIONAL) != 0):
option_count = Reader.get_array_count()
for j in xrange(option_count):
value = Reader.read_encoded_u32()
kind = Reader.read_byte()
options.append({"kind": kind, "value": value})
param_names = []
if ((flags & MethodFlags.HAS_PARAM_NAMES) != 0):
for j in xrange(param_count):
param_names.append(Reader.read_encoded_u32())
self.abc_methods.append({"paramtypes": params, "returntype": return_type, "name": name,
"flags": flags, "options": options, "paramnames": param_names,
"pos": pos, "id": i})
create_byte(start, Reader.pos - start)
Example #23
| Source File: as3.py From ActionScript3 with GNU General Public License v3.0 | 4 votes |
|
def parse_classes(self):
start = Reader.pos
idc.set_name(Reader.pos, "cpool_classes")
count = Reader.get_array_count()
# read instances
for i in xrange(count):
name = Reader.read_encoded_u32()
super_name = Reader.read_encoded_u32()
flags = Reader.read_byte()
protected_ns = 0
if ((flags & InstanceFlags.CONSTANT_ClassProtectedNs) != 0):
protected_ns = Reader.read_encoded_u32()
interface_count = Reader.get_array_count()
interfaces = []
for j in xrange(interface_count):
interface = Reader.read_encoded_u32()
interfaces.append(interface)
interface_init = Reader.read_encoded_u32()
interface_traits = self.parse_traits()
self.abc_instances.append({"name": name, "supername": super_name, "flags": flags,
"protectedns": protected_ns, "interfaces": interfaces,
"iinit": interface_init, "itraits": interface_traits})
# read classes
for i in xrange(count):
class_init = Reader.read_encoded_u32()
class_traits = self.parse_traits()
self.abc_instances[i]["cinit"] = class_init
self.abc_instances[i]["ctraits"] = class_traits
create_byte(start, Reader.pos - start)
Example #24
| Source File: analyser.py From UEFI_RETool with MIT License | 4 votes |
|
def get_data_guids(self):
"""rename GUIDs in idb"""
EFI_GUID = 'EFI_GUID *'
EFI_GUID_ID = idc.get_struc_id('EFI_GUID')
segments = ['.text', '.data']
for segment in segments:
seg_start, seg_end = 0, 0
for seg in idautils.Segments():
if idc.get_segm_name(seg) == segment:
seg_start = idc.get_segm_start(seg)
seg_end = idc.get_segm_end(seg)
break
ea = seg_start
while (ea <= seg_end - 15):
prot_name = ''
if idc.get_name(ea, ida_name.GN_VISIBLE).find('unk_') != -1:
find = False
cur_guid = []
cur_guid.append(idc.get_wide_dword(ea))
cur_guid.append(idc.get_wide_word(ea + 4))
cur_guid.append(idc.get_wide_word(ea + 6))
for addr in range(ea + 8, ea + 16, 1):
cur_guid.append(idc.get_wide_byte(addr))
if cur_guid == [0] * 11:
ea += 1
continue
for guid_place in [
'ami_guids', 'asrock_guids', 'dell_guids',
'edk_guids', 'edk2_guids', 'lenovo_guids'
]:
for name in self.Protocols[guid_place]:
if self.Protocols[guid_place][name] == cur_guid:
prot_name = '{}_{:#x}'.format(name, ea)
record = {
'address': ea,
'service': 'unknown',
'guid': cur_guid,
'protocol_name': name,
'protocol_place': guid_place
}
find = True
break
if find:
break
if find and (idc.get_name(ea, ida_name.GN_VISIBLE) !=
prot_name):
idc.SetType(ea, EFI_GUID)
self.apply_struct(ea, 16, EFI_GUID_ID)
idc.set_name(ea, prot_name)
self.Protocols['data'].append(record)
ea += 1
Example #25
| Source File: as3.py From ActionScript3 with GNU General Public License v3.0 | 4 votes |
|
def create_strings_segment(self):
buf = ""
addr = self.find_last_address() + 1
for key in self.namespace_sets:
self.namespace_sets[key] = addr + len(buf)
buf += key.replace('"', "")[1:-1] + "\x00"
for key in self.namespaces:
ns_set = "[%s]" % key
if (ns_set in self.namespace_sets):
self.namespaces[key] = self.namespace_sets[ns_set]
continue
self.namespaces[key] = addr + len(buf)
buf += key.replace('"', "") + "\x00"
for key in self.names:
self.names[key] = addr + len(buf)
buf += key.replace('"', "") + "\x00"
add_segm(0, addr, addr + len(buf), "STRINGS", None)
patch_bytes(addr, buf)
idc.del_items(addr, idc.DELIT_SIMPLE, len(buf))
for key in self.namespaces:
name = key[:-1].split("(")[1][1:-1]
if (name == ""):
name = "_"
idc.set_name(self.namespaces[key], name, SN_NOCHECK | SN_NOWARN | SN_FORCE)
for key in self.names:
idc.set_name(self.names[key], key, SN_NOCHECK | SN_NOWARN | SN_FORCE)
Example #26
| Source File: ps4_module.py From ps4_module_loader with GNU General Public License v3.0 | 4 votes |
|
def resolve(self, alphabet, nids, symbols, libraries):
if self.INFO > Relocation.R_X86_64_ORBIS_GOTPCREL_LOAD:
self.INDEX = self.INFO >> 32
self.INFO &= 0xFF
symbol = next(value for key, value in enumerate(symbols) if key + 2 == self.INDEX)[1]
# Library
try:
lid1 = alphabet[symbol[12:13]]
# [base64]#
if symbol[13:14] == '#':
library = libraries[lid1]
# [base64][base64]#
elif symbol[14:15] == '#':
lid2 = alphabet[symbol[13:14]]
library = libraries[lid1 + lid2]
else:
raise
# Not a NID
except:
library = ''
# Function Name (Offset) == Symbol Value + AddEnd (S + A)
# Library Name (Offset) == Symbol Value (S)
real = idc.get_qword(self.OFFSET)
idc.add_func(real)
# Hacky way to determine if this is the real function...
real -= 0x6 if idc.print_insn_mnem(real) == 'push' else 0x0
# Resolve the NID...
idc.set_cmt(real, 'NID: ' + symbol, False)
function = nids.get(symbol[:11], symbol)
# Rename the Jump Function...
idc.set_name(self.OFFSET, '__imp_' + function, SN_NOCHECK | SN_NOWARN | SN_FORCE)
# Rename the Real Function...
idc.set_name(real, function, SN_NOCHECK | SN_NOWARN | SN_FORCE)
try:
import_node = idaapi.netnode(library, 0, True)
import_node.supset(ea2node(real), function)
# Requires customized loader.i / ida_loader.py(d)
idaapi.import_module(library, None, import_node.index(), None, 'linux')
except:
pass
return self.type()
Example #27
| Source File: analyser.py From UEFI_RETool with MIT License | 4 votes |
|
def set_types(self):
"""
handle (EFI_BOOT_SERVICES *) type
and (EFI_SYSTEM_TABLE *) for x64 images
"""
RAX = 0
O_REG = 1
O_MEM = 2
EFI_BOOT_SERVICES = 'EFI_BOOT_SERVICES *'
EFI_SYSTEM_TABLE = 'EFI_SYSTEM_TABLE *'
empty = True
for service in self.gBServices:
for address in self.gBServices[service]:
ea = address
num_of_attempts = 10
for _ in range(num_of_attempts):
ea = idc.prev_head(ea)
if (idc.print_insn_mnem(ea) == 'mov'
and idc.get_operand_type(ea, 1) == O_MEM):
if (idc.get_operand_type(ea, 0) == O_REG
and idc.get_operand_value(ea, 0) == RAX):
gvar = idc.get_operand_value(ea, 1)
gvar_type = idc.get_type(gvar)
# if (EFI_SYSTEM_TABLE *)
if ((gvar_type != 'EFI_SYSTEM_TABLE *')
and (idc.print_operand(
address, 0).find('rax') == 1)):
if self._find_est(gvar, ea, address):
# yapf: disable
print('[ {0} ] Type ({type}) successfully applied'.format(
'{addr:#010x}'.format(addr=gvar),
type=EFI_SYSTEM_TABLE))
empty = False
break
# otherwise it (EFI_BOOT_SERVICES *)
if (gvar_type != 'EFI_BOOT_SERVICES *'
and gvar_type != 'EFI_SYSTEM_TABLE *'):
if idc.SetType(gvar, EFI_BOOT_SERVICES):
empty = False
idc.set_name(
gvar,
'gBs_{addr:#x}'.format(addr=gvar))
# yapf: disable
print('[ {0} ] Type ({type}) successfully applied'.format(
'{addr:#010x}'.format(addr=gvar),
type=EFI_BOOT_SERVICES))
break
if empty:
print(' * list is empty')
