IDA Python 脚本（四）

常用的脚本

import idautils
import idaapi

# 解析为code
def make_code(start, end):
  for i in range((end - start) / 4):
    addr = start + (i * 4)
    idaapi.do_unknown_range(addr, 4, 0)
    idaapi.auto_make_code(addr)
  return


# 解析为function,相当于 P
def make_function(start, end):
  idc.MakeFunction(start, end)  
  return
  
# 查找调用addr的地方，并加断点
def addBreakpoint(addr):
  string_dt_init_ea = addr
  refs = XrefsTo(string_dt_init_ea)
  useful_ref = 0
  for ref in refs:
    useful_ref = ref.frm
    AddBpt(useful_ref)
    AddBpt(useful_ref + 0x4)

# 打印data的数据
def get_string(startAddr, endAddr):
    out = ""
    index = 1
    charStartAddr = startAddr
    res = ''
    line = 0
    while (startAddr < endAddr) :
        res += hex(Byte(startAddr)) + ','
        if line == 15:
            res += '\n'
            startAddr += 1
            line = 0
        else:
            line += 1
            startAddr += 1
    print (res)
    print ("end")

调用示例

start = 0xAF1C982C
end = start + 0x838c
print(hex(end))
#make_code(start, end)
make_function(start, end)
#addr = 0xAF1B854C
#addBreakpoint(addr)
#get_string(start, end)
``