idapython中ni-si的等价物是什么?

2024-09-26 22:51:27 发布

您现在位置:Python中文网/ 问答频道 /正文
9568 3

我想制作一个简单的idapython脚本 它为某个特定的内存地址设置断点 然后继续使用一些规则过滤断点命中。。在

如果是gdb。我可以制作一个gdb脚本,比如

123678 0x458基点 c 如果~~~否则~~~ 镍 硅 ... c ... 在

我怎么能用idapython做这种事情呢? 提前谢谢你


Tags: 脚本规则事情断点gdbidapython基点内存地址
1条回答
网友
1楼 · 发布于 2024-09-26 22:51:27

您正在查找dbg_step_into和{}。IDAAPI与调试器无关,它的GUI允许您设置所使用的调试器(您可能已经知道,它支持GDB)。有关API文档,请参见here。类似地,相关的IDA操作被记录为hereidaapi.request_step_into)。在

Here是取自IDApython存储库的一个用例,在这里部分复制,以防链接过时:

# Original Author: Gergely Erdelyi <gergely.erdelyi@d-dome.net>
from idaapi import *

class MyDbgHook(DBG_Hooks):
    """ This class implements the various callbacks required.
    """

    def dbg_process_start(self, pid, tid, ea, name, base, size):
        print("Process started, pid=%d tid=%d name=%s" % (pid, tid, name))

    def dbg_process_exit(self, pid, tid, ea, code):
        print("Process exited pid=%d tid=%d ea=0x%x code=%d" % (pid, tid, ea, code))

    def dbg_library_unload(self, pid, tid, ea, info):
        print("Library unloaded: pid=%d tid=%d ea=0x%x info=%s" % (pid, tid, ea, info))
        return 0

    def dbg_process_attach(self, pid, tid, ea, name, base, size):
        print("Process attach pid=%d tid=%d ea=0x%x name=%s base=%x size=%x" % (pid, tid, ea, name, base, size))

    def dbg_process_detach(self, pid, tid, ea):
        print("Process detached, pid=%d tid=%d ea=0x%x" % (pid, tid, ea))
        return 0

    def dbg_library_load(self, pid, tid, ea, name, base, size):
        print "Library loaded: pid=%d tid=%d name=%s base=%x" % (pid, tid, name, base)

    def dbg_bpt(self, tid, ea):
        print "Break point at 0x%x pid=%d" % (ea, tid)
        # return values:
        #   -1 - to display a breakpoint warning dialog
        #        if the process is suspended.
        #    0 - to never display a breakpoint warning dialog.
        #    1 - to always display a breakpoint warning dialog.
        return 0

    def dbg_suspend_process(self):
        print "Process suspended"

    def dbg_exception(self, pid, tid, ea, exc_code, exc_can_cont, exc_ea, exc_info):
        print("Exception: pid=%d tid=%d ea=0x%x exc_code=0x%x can_continue=%d exc_ea=0x%x exc_info=%s" % (
            pid, tid, ea, exc_code & idaapi.BADADDR, exc_can_cont, exc_ea, exc_info))
        # return values:
        #   -1 - to display an exception warning dialog
        #        if the process is suspended.
        #   0  - to never display an exception warning dialog.
        #   1  - to always display an exception warning dialog.
        return 0

    def dbg_trace(self, tid, ea):
        print("Trace tid=%d ea=0x%x" % (tid, ea))
        # return values:
        #   1  - do not log this trace event;
        #   0  - log it
        return 0

    def dbg_step_into(self):
        print("Step into")
        self.dbg_step_over()

    def dbg_run_to(self, pid, tid=0, ea=0):
        print "Runto: tid=%d" % tid
        idaapi.continue_process()

    def dbg_step_over(self):
        eip = GetRegValue("EIP")
        print("0x%x %s" % (eip, GetDisasm(eip)))

        self.steps += 1
        if self.steps >= 5:
            request_exit_process()
        else:
            request_step_over()

# Remove an existing debug hook
try:
    if debughook:
        print("Removing previous hook ...")
        debughook.unhook()
except:
    pass

# Install the debug hook
debughook = MyDbgHook()
debughook.hook()
debughook.steps = 0

# Stop at the entry point
ep = GetLongPrm(INF_START_IP)
request_run_to(ep)

# Step one instruction
request_step_over()

# Start debugging
run_requests()

相关问题 更多 >

    编程相关推荐

    热门问题