Python idc.get_func_name() Examples
The following are 7
code examples of idc.get_func_name().
You can vote up the ones you like or vote down the ones you don't like,
and go to the original project or source file by following the links above each example.
You may also want to check out all available functions/classes of the module
idc
, or try the search function
.
.
Example #1
| Source File: util.py From mcsema with Apache License 2.0 | 6 votes |
|
def get_symbol_name(from_ea, ea=None, allow_dummy=False):
if ea is None:
ea = from_ea
global _FORCED_NAMES
if ea in _FORCED_NAMES:
return _FORCED_NAMES[ea]
flags = idc.get_full_flags(ea)
if not allow_dummy and idaapi.has_dummy_name(flags):
return ""
name = ""
try:
name = name or idc.get_name(ea, 0) #calc_gtn_flags(from_ea, ea))
except:
pass
try:
name = name or idc.get_func_name(ea)
except:
pass
return name
Example #2
| Source File: yara_fn.py From idawilli with Apache License 2.0 | 5 votes |
|
def format_rules(fva, rules):
'''
given the address of a function, and the byte signatures for basic blocks in
the function, format a complete YARA rule that matches all of the
basic block signatures.
'''
name = idc.get_func_name(fva)
# some characters aren't valid for YARA rule names
safe_name = name
BAD_CHARS = '@ /\\!@#$%^&*()[]{};:\'",./<>?'
for c in BAD_CHARS:
safe_name = safe_name.replace(c, '')
md5 = idautils.GetInputFileMD5().hex()
ret = []
ret.append(f'rule a_{md5}_{safe_name}')
ret.append(' meta:')
ret.append(f' sample_md5 = "{md5}"')
ret.append(f' function_address = "0x{fva}"')
ret.append(f' function_name = "{name}"')
ret.append(' strings:')
for rule in rules:
formatted_rule = ' '.join(rule.masked_bytes)
ret.append(f' {rule.name} = {{{formatted_rule}}}')
ret.append(' condition:')
ret.append(' all of them')
ret.append('}')
return '\n'.join(ret)
Example #3
| Source File: exp.py From run_idat with GNU General Public License v3.0 | 5 votes |
|
def get_all_func():
num = 0
content = []
for func in idautils.Functions():
seg_perm = idc.get_segm_attr(func,SEGATTR_PERM) # 段属性
if(5 !=seg_perm):
continue
seg_name = idc.get_segm_name(func) # 段名
if(".plt" == seg_name):
continue
func_name = idc.get_func_name(func) # 函数名
func_flags = hex(idc.get_func_attr(func,FUNCATTR_FLAGS))# 函数信息
func_head = hex(idc.get_func_attr(func,FUNCATTR_START)) # 函数头
func_end = hex(idc.get_func_attr(func,FUNCATTR_END)) # 函数尾
l = []
l.append(num)
l.append(seg_name)
l.append(seg_perm)
l.append(func_name)
l.append(func_flags)
l.append(func_head)
l.append(func_end)
content.append(l)
num += 1
#print(l)
return content
# 程序入口
Example #4
| Source File: get_cfg.py From mcsema with Apache License 2.0 | 5 votes |
|
def is_start_of_function(ea):
"""Returns `True` if `ea` is the start of a function."""
if not is_code(ea):
return False
# originally name = idc.GetTrueName(ea) or idc.get_func_name(ea)
# removed since ida 7.4 not supported
name = idc.get_func_name(ea)
return ea == idc.get_name_ea_simple(name)
Example #5
| Source File: Main.py From Virtuailor with GNU General Public License v3.0 | 5 votes |
|
def get_all_functions():
for func in idautils.Functions():
print(hex(func), idc.get_func_name(func))
Example #6
| Source File: Main.py From Virtuailor with GNU General Public License v3.0 | 5 votes |
|
def get_xref_code_to_func(func_addr):
a = idautils.XrefsTo(func_addr, 1)
addr = {}
for xref in a:
frm = xref.frm # ea in func
start = idc.get_func_attr(frm, idc.FUNCATTR_START) # to_xref func addr
func_name = idc.get_func_name(start) # to_xref func name
addr[func_name] = [xref.iscode, start]
return addr
Example #7
| Source File: functions_plus.py From functions-plus with MIT License | 5 votes |
|
def get_list_of_functions(self):
'''
Gets all functions list.
'''
functions_list = {}
seg_ea = idc.get_segm_by_sel(idc.SEG_NORM)
for func_ea in idautils.Functions(idc.get_segm_start(seg_ea),
idc.get_segm_end(seg_ea)):
function_name = idc.get_func_name(func_ea)
functions_list[function_name] = func_ea
return functions_list
