forked from 1111joe1111/ida_ea
-
Notifications
You must be signed in to change notification settings - Fork 0
/
api_funcs.py
144 lines (90 loc) · 2.74 KB
/
api_funcs.py
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
from idaapi import *
from idc import *
from idautils import *
def add_bp(addr, flags=9, type=4, size=0):
add_bpt(addr,size,type)
bp = bpt_t()
get_bpt(addr, bp)
bp.flags = flags
bp.type = type
bp.size = size
update_bpt(bp)
return bp
def get_bp(addr, ret_flags=True):
bp = bpt_t()
get_bpt(addr,bp)
return bp.flags if ret_flags else bp
def set_trace(start, end):
add_bp(start,104)
add_bp(end, 72)
def runDebugger(file, args=None):
if not args:
StartDebugger(file,file, file[:max(file.rfind("/"), file.rfind("\\"))])
else:
StartDebugger(file," ".join([file] + args), file[:max(file.rfind("/"), file.rfind("\\"))])
def get_rg(reg):
get_reg_val(reg, reg_mem)
return reg_mem.ival
def set_rg(reg, val):
reg_mem.ival = val
set_reg_val(reg, reg_mem)
def set_grp_flags(name, flag, type=4, size=0):
a = bpt_vec_t()
get_grp_bpts(a, name)
for bp in a:
add_bp(bp.ea, flag, type, size)
def add_grp(name, l, flags=9, type=4, size=0):
for i in l:
set_bpt_group(add_bp(i, flags, type, size), name)
def disas(start,end):
result = []
i = start
while i < end:
result.append((i,GetDisasm(i)))
i += ItemSize(i)
return result
def find_ins(ins, addr, limit=1000):
for x in range(limit):
addr += ItemSize(addr)
if ins in GetDisasm(addr):
break
else:
addr = 0
return addr
def brk_write(start, end, name="brk_read"):
for addr, i in disas(start, end):
target = i.split(",")[0]
if "[" in target:
set_bpt_group(add_bp(addr), name)
def brk_read(start, end, name="brk_read"):
for addr, i in disas(start, end):
target = i.split(",")
if len(target) > 1:
if "[" in target[1]:
set_bpt_group(add_bp(addr), name)
def traceFunc(filter ="", type= 10):
for func in Functions(0, 0xffffffff):
name = GetFunctionName(func)
if filter in name.lower():
print name
add_bp(func, type)
def traceSeg(filter =""):
global hooked
if not hooked:
p_hooks.hook()
for addr in Segments():
name = SegName(addr)
end = SegEnd(addr)
if filter in name.lower():
print name
add_bp(addr, 10, end - addr)
def rd_int(addr=None, reg=None, size=4):
addr = get_rg(reg) if reg else addr
a = dbg_read_memory(addr, size)
return int("".join(reversed(list(a))).encode("HEX"), 16) if a else 0
def nop(ea):
for x in range(ItemSize(ea)):
patch_byte(ea + x, 0x90)
regs = ["RIP", "RAX", "RBX", "RCX", "RDX", "RSI", "RDI", "RSP", "RBP",
"R8", "R9", "R10", "R11", "R12", "R13", "R14", "R15"]
reg_mem = regval_t()