Difference between revisions of "IOS/Syscall IDAPython"
< IOS
Jump to navigation
Jump to search
| Line 1: | Line 1: | ||
| − | + | <source lang="python"> | |
| − | == | + | from idc import * |
| − | === | + | from idautils import * |
| − | + | ||
| − | + | a = 0 | |
| + | |||
| + | base = LocByName("syscall_base") | ||
| + | |||
| + | while 1: | ||
| + | a = FindBinary(a, SEARCH_DOWN, "E6 ? ? ? E1 2F FF 1E") | ||
| + | if a == BADADDR: | ||
| + | break | ||
| + | |||
| + | syscall_nr = (Dword(a) & 0x00FFFFE0) >> 5 | ||
| + | syscall_addr = Dword(base + syscall_nr * 4) &~1 | ||
| + | MakeDword(a) | ||
| + | MakeCode(a + 4) | ||
| + | |||
| + | name = NameEx(BADADDR, syscall_addr) | ||
| + | if name == "": | ||
| + | name = "sc_%d" % syscall_nr | ||
| + | segname = SegName(a) | ||
| + | if segname == "": | ||
| + | segname = "%08x" % SegStart(a) | ||
| + | |||
| + | MakeNameEx(a, "j_%s_%s" % (name, segname), 0) | ||
| + | AddCodeXref(a, syscall_addr, XREF_USER) | ||
| + | MakeRptCmt(a, name) | ||
| + | |||
| + | a += 4 | ||
| + | </source> | ||
Revision as of 18:45, 5 March 2009
from idc import *
from idautils import *
a = 0
base = LocByName("syscall_base")
while 1:
a = FindBinary(a, SEARCH_DOWN, "E6 ? ? ? E1 2F FF 1E")
if a == BADADDR:
break
syscall_nr = (Dword(a) & 0x00FFFFE0) >> 5
syscall_addr = Dword(base + syscall_nr * 4) &~1
MakeDword(a)
MakeCode(a + 4)
name = NameEx(BADADDR, syscall_addr)
if name == "":
name = "sc_%d" % syscall_nr
segname = SegName(a)
if segname == "":
segname = "%08x" % SegStart(a)
MakeNameEx(a, "j_%s_%s" % (name, segname), 0)
AddCodeXref(a, syscall_addr, XREF_USER)
MakeRptCmt(a, name)
a += 4