如何使用python在ida pro之外导入idautils

时间:2015-10-06 10:29:47

标签: python execute ida

IDApython在命令行中的IDA pro中运行正常。但是,当我使用import idautis编译python程序时,在正常编辑器中的IDA pro以外我得到错误:

“没有名为_idaapi'的模块

from idautils import *
from idaapi import *

ea = BeginEA()
for funcea in Functions(SegStart(ea), SegEnd(ea)):
    functionName = GetFunctionName(funcea)
    functionStart = paddAddr(hex(funcea)[2:])
    functionEnd = paddAddr(hex(FindFuncEnd(funcea))[2:])
   <REST OF THE CODE>

如何在IDA pro之外执行python代码?

1 个答案:

答案 0 :(得分:3)

您无法在IDA之外真正执行IDAPython脚本,但您可以这样做,以便IDA运行无声并且不显示其GUI。

在脚本中,您需要将stdout重定向到文件,例如:

import sys
import idaapi
import idc
import os

def stdout_to_file(output_file_name, output_dir=None):
    '''Set stdout to a file descriptor

    param: output_file_name: name of the file where standard output is written.
    param: output_dir: output directory for output file, default to script directory.

    Returns: output file descriptor, original stdout descriptor
    '''
    # obtain this script path and build output path
    if not output_dir:
        output_dir = os.path.dirname(os.path.realpath(__file__))

    output_file_path = os.path.join(output_dir, output_file_name)

    # save original stdout descriptor
    orig_stdout = sys.stdout

    # create output file
    f = file(output_file_path, "w")

    # set stdout to output file descriptor
    sys.stdout = f

    return f, orig_stdout

def main(args):
    # get original stdout and output file descriptor
    f, orig_stdout = stdout_to_file("output.txt")

    if idc.ARGV:
        for i, arg in enumerate(idc.ARGV):
            print "[*] arg[{}]: {}".format(i, arg)

    # call something from IDA (get the original input file name from IDB)
    print "[*] filename from IDB: {}".format(idaapi.get_root_filename())
    print("[*] done, exiting.")

    # restore stdout, close output file
    sys.stdout = orig_stdout 
    f.close()

    # exit IDA
    idc.Exit(0)

if __name__ == "__main__":
    main(sys.argv)

然后在命令行上,您可以调用IDAPython脚本(假设IDA在您的PATH中):

idaq.exe  -A -S"C:\tmp\test_script.py foo bar" "C:\tmp\mydatabase.idb"
  • -A用于运行IDA silent
  • -S用于脚本路径和脚本参数
  • 最后一个参数是idb路径(或使用-t生成临时idb)

查看IDA帮助文件,查看所有可用选项的完整列表。

输出,在output.txt文件中(IDB来自输入文件&#39; calc.exe&#39;):

[*] arg[0]: C:\tmp\test_script.py
[*] arg[1]: foo
[*] arg[2]: bar
[*] filename from IDB: calc.exe
[*] done, exiting.

您还可以查看标题为&#34; Running scripts from the command line with idascript&#34;

的hex ray博客
相关问题
最新问题