IDA6.8中可用的python片段

打印

Message("========================================\r\n");
Message("hello\r\n");
Message("中文\r\n");
Message("----------------------------------------\r\n");
print ("hello by print");
print ("中文");

# @filename test_ida_python.py
# ida python can't support chinese char

from idaapi import *
from idautils import *
from idc import *

def main():
Message("function : main \r\n");

# get cur addr
ea = get_screen_ea()
print("ea = 0x%x\r\n" % ea)

# list all segment
for seg in idautils.Segments():
print idc.SegName(seg),idc.SegStart(seg),idc.SegEnd(seg)

# get current object file
_path = GetInputFilePath()
print("_path = ", _path)

# list all functions
print("\r\n");
for func in idautils.Functions():
flags = idc.GetFunctionFlags(func)
if flags & FUNC_FAR:
print hex(func), "FUNC_FAR", idc.GetFunctionName(func)
else:
if flags & FUNC_LIB:
print hex(func), "FUNC_LIB", idc.GetFunctionName(func)
else:
print hex(func), idc.GetFunctionName(func)

# print a fun
print("====================\r\n");
Message("print a function\r\n")
print ea
dism_addr = list(idautils.FuncItems(ea))
print type(dism_addr)
print dism_addr
for line in dism_addr:
print hex(line),idc.GetDisasm(line)

# print function dasm by cur addr
print("==========fun==========\r\n");
start = idc.GetFunctionAttr(ea, FUNCATTR_START)
end = idc.GetFunctionAttr(ea, FUNCATTR_END)
cur_addr = start
while cur_addr < end:
print hex(cur_addr),idc.GetDisasm(cur_addr)
cur_addr = idc.NextHead(cur_addr,end)

if __name__ == "__main__":
main()

# @filename test_ida_python.py
# ida python can't support chinese char

# Message not take a \r\n
# print take a \r\n

from idaapi import *
from idautils import *
from idc import *

def fnTest1():
print("====================");
print("function : fnTest1");
print("====================");

# get cur addr
ea = get_screen_ea()
print("ea = 0x%x" % ea)

# only list call or jmp reg ins
for func in idautils.Functions():
flags = idc.GetFunctionFlags(func)
if flags & FUNC_LIB or flags & FUNC_THUNK:
continue
dism_addr = list(idautils.FuncItems(func))
print len(dism_addr)
for line in dism_addr:
m = idc.GetMnem(line)
if m == 'call' or m =='jmp':
op = idc.GetOpType(line,0)
if op == o_reg:
print "0x%x %s" % (line, idc.GetDisasm(line))

def fnTest2():
print("====================");
print("function : fnTest2");
print("====================");
ea = get_screen_ea()
iOpCodeType = idc.GetOpType(ea,0)
if (o_reg == iOpCodeType):
print("o_reg ", hex(ea), idc.GetDisasm(ea));
else:
print iOpCodeType, hex(ea), idc.GetDisasm(ea)

print "o_reg ", hex(ea), idc.GetDisasm(ea);
print iOpCodeType, hex(ea), idc.GetDisasm(ea)

# list a fun's refTo
def fnTest3():
fnObj = idc.LocByName("sub_401290")
print hex(fnObj),idc.GetDisasm(fnObj)
for addr in idautils.CodeRefsTo(fnObj,0):
print hex(addr), idc.GetDisasm(addr)

# list a fun's refFrom
def fnTest4():
fnObj = 0x401290
# fnObj = idc.LocByName("sub_401290")
print hex(fnObj), idc.GetDisasm(fnObj)
for addr in idautils.CodeRefsFrom(fnObj, 0):
print hex(addr),idc.GetDisasm(addr)

def main():
print("====================");
print("function : main");
print("====================");
fnTest4()

if __name__ == "__main__":
main()