能力值:
( LV4,RANK:50 )
|
-
-
2 楼
IDA目录下python里面有源代码呀 ---> idaapi.py 这里也有 cb8K9s2c8@1M7s2y4Q4x3@1q4Q4x3V1k6Q4x3V1k6Y4K9i4c8Z5N6h3u0Q4x3X3g2U0L8$3#2Q4x3V1k6A6k6r3q4H3P5i4c8Z5L8$3&6Q4x3V1k6K6M7X3y4Q4x3V1k6Q4x3U0k6F1j5Y4y4H3i4K6y4n7 文档 aa1K9s2c8@1M7s2y4Q4x3@1q4Q4x3V1k6Q4x3V1k6%4N6%4N6Q4x3X3g2Z5k6i4S2Q4x3X3c8J5j5i4W2K6i4K6u0W2j5$3!0E0i4K6u0r3M7s2u0G2k6s2g2U0N6s2y4Q4x3V1k6A6k6r3q4Q4x3V1k6K6N6i4m8H3L8%4u0@1i4K6u0r3K9h3c8S2M7s2W2@1K9r3!0F1i4K6g2X3k6r3!0U0M7#2)9J5c8W2)9J5y4X3&6T1M7%4m8Q4x3@1t1`. ,左下角那个窗口所有函数都有,ctrl+F 搜下
比如: dbg_read_memory(py_ea, py_sz)
Reads from the debugee's memory at the specified ea
Returns: PyObject *
The read buffer (as a string)
Or None on failure |
能力值:
( LV2,RANK:10 )
|
-
-
3 楼
我并不是dbg_read_memory出问题了,是连dgb_bpt这个函数都进不去,就是说压根没有hook到断点,这是 exe,我想在0x403E65处下断,读eax,ebx的值组成一个字典,之后按照eax大小排序。所以这样子写这个脚本,immDbg里我已经实现了,在ida中这个脚本缺hook不到断点。
|
能力值:
( LV3,RANK:20 )
|
-
-
4 楼
有没有进去,去函数里打印一句话看看就知道了
from idaapi import *
chunks = {}
class DbgHook(DBG_Hooks):
def dbg_bpt(self, tid, ea):
global chunks
print ("[*] DbgHook OK ......\n")
chunks[0] = dbg_read_memory(GetRegValue("eip"), 10)
#chunks[GetRegValue("eax")] = dbg_read_memory(GetRegValue("ebx"), 20)
print (chunks)
#continue_process()
return 0
try:
if debugger:
debugger.unhook()
except Exception as e:
pass
AddBpt(0x00403360)
SetBptAttr(0x00403360, BPTATTR_FLAGS, BPT_ENABLED|BPT_BRK)
print ("[*] set hook OK ......\n")
debugger = DbgHook()
debugger.hook()
#request_start_process("C:\\Users\\administrator\\Desktop\\codemap.exe", "", "")
#run_requests()
|
|
|
|
