Ida pro gragh output batch mode

Can anyone let me know how we are going to output all the subroutine's graphs in batch mode suing IDC. i.e. I have 447 subroutine's and wanna be output them all and I would like to make sure I first retrieve all the routines address automatically, cuz by knowing the address I can simply use GenFuncCall. P.S: Is this the only cfg that I can get from Ida Pro given a binary dis-assembled file?

标签： ida gdlib disassembly

2条回答

Ridiculous、

2楼-- · 2019-01-29 01:39

I needed a CFG of my whole program,the base example I started from was: https://code.google.com/p/idapython/source/browse/trunk/examples/ex_gdl_qflow_chart.py

It uses the flow chart class: https://www.hex-rays.com/products/ida/support/idapython_docs/idaapi.FlowChart-class.html

also worth noting to trigger in batch mode, you'll want something like this

idal64 -A -S{yourscriptname}.py {yourbinary}

Tips:

Prototype the script in the IDAPro gui first
Opening of the graph processor can cause timing issues, its hacky, but something like delaying execution of the script seemed to help, e.g.

idaapi.autoWait() Timer(2, idacfg).start()

where idacfg is your python function from the example
print to stdout doesn't seem to work in batch mode, so you'll want to set stdout to a file for your debugging.
Closing the GUI in batch mode is still an issue for me.

Hope that helps.

0人赞添加讨论(0) 举报

该账号已被封号

3楼-- · 2019-01-29 01:47

If you just want the address of all known functions in the IDB, you could use something like this using IDAPython (just an example):

def main():
    for count, func_ea in enumerate(Functions()):
        if func_ea == BADADDR:
            break
        func_name = GetFunctionName(funcea)
        func_start = func_ea

        print("[{:4}] name: {}; start address: {:#x}".format(count, func_name, func_start))

if __name__ == "__main__":
    main()

0人赞添加讨论(0) 举报

Ida pro gragh output batch mode

采纳回答

编辑标签

举报内容

检举类型

检举原因

检举说明(必填)

打开微信“扫一扫”，打开网页后点击屏幕右上角分享按钮

付费偷看金额在0.1-10元之间