Python idc.MakeName() Examples
The following are 6
code examples of idc.MakeName().
You can vote up the ones you like or vote down the ones you don't like,
and go to the original project or source file by following the links above each example.
You may also want to check out all available functions/classes of the module
idc
, or try the search function
.
.
Example #1
| Source File: loader.py From idawasm with Apache License 2.0 | 6 votes |
|
def load_globals_section(section, p):
'''
Specialized handler for the GLOBALS section to mark the initializer as code.
'''
ppayload = p + idawasm.common.offset_of(section.data, 'payload')
pglobals = ppayload + idawasm.common.offset_of(section.data.payload, 'globals')
pcur = pglobals
for i, body in enumerate(section.data.payload.globals):
gname = 'global_%X' % (i)
# we need a target that people can rename.
# so lets map `global_N` to the init expr field.
# this will look like:
#
# global_0 <---- named address we can reference
# global_0_init: <---- fake label line
# i32.const <---- init expression insns
# ret
pinit = pcur + idawasm.common.offset_of(body, 'init')
idc.MakeName(pinit, gname)
idc.ExtLinA(pinit, 0, gname + '_init:')
idc.MakeCode(pinit)
pcur += idawasm.common.size_of(body)
Example #2
| Source File: ida_ts.py From fcatalog_client with GNU General Public License v3.0 | 5 votes |
|
def _make_name(func_addr,func_name):
"""
Set the name of function at address func_addr to func_name.
This function is IDA write thread safe.
"""
logger.debug('_make_name {}, {}'.format(func_addr,func_name))
idc.MakeName(func_addr,func_name)
idc.Refresh()
Example #3
| Source File: ida_gef.py From GdbPlugins with GNU General Public License v3.0 | 5 votes |
|
def MakeName(self, address, name):
""" MakeName(int addr, string name]) => None
Set the location pointed by `address` with the name specified as argument.
Example: ida MakeName 0x4049de __entry_point
"""
addr = long(address, 16) if ishex(address) else long(address)
return idc.MakeName(addr, name)
Example #4
| Source File: find_get_proc_address.py From flare-ida with Apache License 2.0 | 5 votes |
|
def findGetProcAddress(cfunc):
class visitor(idaapi.ctree_visitor_t):
def __init__(self, cfunc):
idaapi.ctree_visitor_t.__init__(self, idaapi.CV_FAST)
self.cfunc = cfunc
def visit_expr(self, i):
if i.op == idaapi.cot_call:
# look for calls to GetProcAddress
if idc.Name(i.x.obj_ea) == "GetProcAddress":
# ASCSTR_C == 0
# Check to see if the second argument is a C string
if idc.GetStringType(i.a[1].obj_ea) == 0:
targetName = idc.GetString(i.a[1].obj_ea, -1, 0)
# Found function name
# Look for global assignment
parent = self.cfunc.body.find_parent_of(i)
if parent.op == idaapi.cot_cast:
# Ignore casts and look for the parent
parent = self.cfunc.body.find_parent_of(parent)
if parent.op == idaapi.cot_asg:
# We want to find the left hand side (x)
idc.MakeName(parent.cexpr.x.obj_ea, targetName + "_")
return 0
v = visitor(cfunc)
v.apply_to(cfunc.body, None)
Example #5
| Source File: vxhunter_ida.py From vxhunter with BSD 2-Clause "Simplified" License | 4 votes |
|
def fix_vxworks_idb(load_address, vx_version, symbol_table_start, symbol_table_end):
current_image_base = idaapi.get_imagebase()
symbol_interval = 16
if vx_version == 6:
symbol_interval = 20
symbol_table_start += load_address
symbol_table_end += load_address
ea = symbol_table_start
shift_address = load_address - current_image_base
while shift_address >= 0x70000000:
idaapi.rebase_program(0x70000000, 0x0008)
shift_address -= 0x70000000
idaapi.rebase_program(shift_address, 0x0008)
while ea < symbol_table_end:
# for VxWorks 6 unknown symbol format
if idc.Byte(ea + symbol_table_end - 2) == 3:
ea += symbol_interval
continue
offset = 4
if idaapi.IDA_SDK_VERSION >= 700:
idc.create_strlit(idc.Dword(ea + offset), idc.BADADDR)
else:
idc.MakeStr(idc.Dword(ea + offset), idc.BADADDR)
sName = idc.GetString(idc.Dword(ea + offset), -1, idc.ASCSTR_C)
print("Found %s in symbol table" % sName)
if sName:
sName_dst = idc.Dword(ea + offset + 4)
if vx_version == 6:
sName_type = idc.Dword(ea + offset + 12)
else:
sName_type = idc.Dword(ea + offset + 8)
idc.MakeName(sName_dst, sName)
if sName_type in need_create_function:
# flags = idc.GetFlags(ea)
print("Start fix Function %s at %s" % (sName, hex(sName_dst)))
idc.MakeCode(sName_dst) # might not need
idc.MakeFunction(sName_dst, idc.BADADDR)
ea += symbol_interval
print("Fix function by symbol table finish.")
print("Start IDA auto analysis, depending on the size of the firmware this might take a few minutes.")
idaapi.autoWait()
Example #6
| Source File: vxhunter_ida.py From vxhunter with BSD 2-Clause "Simplified" License | 4 votes |
|
def load_symbols(self, file_data, is_big_endian=True):
symbol_list = []
if is_big_endian:
unpack_format = '>I'
else:
unpack_format = '<I'
symbol_count = struct.unpack(unpack_format, file_data[4:8])[0]
print("symbol_count: %s" % symbol_count)
symbol_offset = 8
string_table_offset = 8 + 8 * symbol_count
print("string_table_offset: %s" % string_table_offset)
# get symbols
for i in range(symbol_count):
offset = i * 8
symbol_data = file_data[symbol_offset + offset:symbol_offset + offset + 8]
flag = ord(symbol_data[0])
string_offset = struct.unpack(unpack_format, '\x00' + symbol_data[1:4])[0]
string_offset += string_table_offset
print("string_offset: %s" % string_offset)
symbol_name = ""
while True:
if file_data[string_offset] != '\x00':
symbol_name += file_data[string_offset]
string_offset += 1
else:
break
print("symbol_name: %s" % symbol_name)
symbol_address = struct.unpack(unpack_format, symbol_data[-4:])[0]
symbol_list.append([flag, symbol_name, symbol_address])
# Find TP-Link device loading address with symbols
if "wrs_kernel_text_start" in symbol_name:
load_address = symbol_address
current_image_base = idaapi.get_imagebase()
shift_address = load_address - current_image_base
while shift_address >= 0x70000000:
idaapi.rebase_program(0x70000000, 0x0008)
shift_address -= 0x70000000
idaapi.rebase_program(shift_address, 0x0008)
# load symbols
for symbol_data in symbol_list:
flag, symbol_name, symbol_address = symbol_data
idc.MakeName(symbol_address, symbol_name)
if flag == 0x54:
if symbol_name:
print("Start fix Function %s at %s" % (symbol_name, hex(symbol_address)))
idc.MakeCode(symbol_address) # might not need
idc.MakeFunction(symbol_address, idc.BADADDR)
