Python源码示例:idaapi.is_debugger_on()
示例1
def prepare_debug_ui(self):
if idaapi.is_debugger_on():
idaapi.warning("[%s] the debugger is currently running" % PLUGNAME)
return
wd = WaitDialog()
idaapi.msg("[%s] waiting...\n" % (PLUGNAME))
wd.thread.start()
wd.exec_()
target_pid = wd.get_target_pid()
if target_pid != -1:
ida_dbg.attach_process(target_pid,-1)
ida_dbg.wait_for_next_event(ida_dbg.WFNE_SUSP, -1)
ida_dbg.continue_process()
else:
idaapi.msg("[%s] exit waiting\n" % (PLUGNAME))
示例2
def is_active(self):
return idaapi.is_debugger_on() and idaapi.dbg_can_query()
#-------------------------------------
示例3
def main():
if not idaapi.is_debugger_on():
idc.Warning("Please run the process first!")
return
if idaapi.get_process_state() != -1:
idc.Warning("Please suspend the debugger first!")
return
# only avail from IdaPython r232
if hasattr(idaapi, "NearestName"):
# get all debug names
dn = idaapi.get_debug_names(idaapi.cvar.inf.minEA, idaapi.cvar.inf.maxEA)
# initiate a nearest name search (using debug names)
nn = idaapi.NearestName(dn)
else:
nn = None
ret, callstack = CallStackWalk(nn)
if ret:
title = "Call stack walker (thread %X)" % (GetCurrentThreadId())
idaapi.close_chooser(title)
c = CallStackWalkChoose(callstack, title)
c.choose()
else:
idc.Warning("Failed to walk the stack:" + callstack)
# -----------------------------------------------------------------------
示例4
def __call__(self):
target_pid = -1
if idaapi.is_debugger_on():
idaapi.msg("[%s] the debugger is currently running\n" % PLUGNAME)
return -1
if not self.times%5:
idaapi.msg("[%s] waiting for the process (%ds left)...\n" % \
(PLUGNAME, self.times))
filename = ida_nalt.get_root_filename()
pis = ida_idd.procinfo_vec_t()
ida_dbg.get_processes(pis)
for proc in pis:
proc_name = proc.name.split(" ")[1]
idx = proc_name.rfind("/")
if idx != -1:
proc_name = proc_name[idx+1:]
if filename == proc_name:
target_pid = proc.pid
break
if target_pid != -1:
idaapi.msg("[%s] found. start debug (PID: %d)\n" % (PLUGNAME, target_pid))
ida_dbg.attach_process(target_pid, -1)
ida_dbg.wait_for_next_event(ida_dbg.WFNE_SUSP, -1)
ida_dbg.continue_process()
return -1
self.times -= 1
return -1 if self.times == 0 else self.interval
示例5
def run(self, arg=0):
try:
if "ELF" not in idaapi.get_file_type_name():
raise Exception("Executable must be ELF fomat")
if not idaapi.is_debugger_on() or not is_process_suspended():
raise Exception("The debugger must be active and suspended before using this plugin")
f = plugin_gui.HeapPluginForm()
f.Show()
except Exception as e:
idaapi.warning("[%s] %s" % (PLUGNAME, str(e)))
示例6
def getImportTableData(self):
"""
Update rt_import_table with current import table data.
"""
def imp_cb(ea, name, ord):
"""
Import enumeration callback function. used by idaapi.enum_import_names .
"""
tmpImports.append([self.current_module_name, ea, name, ord])
return True
tmpImports = [] # Contains static import table data (w\o real function addresses)
imp_num = idaapi.get_import_module_qty() # Number of imported modules
for i in xrange(0, imp_num):
self.current_module_name = idaapi.get_import_module_name(i).lower()
idaapi.enum_import_names(i, imp_cb)
# Get runtime function addresses and store in self.rt_import_table
if not idaapi.is_debugger_on():
raise RuntimeError("Debugger is not currently active.")
for module_name, ea, name, ord in tmpImports:
func_real_adrs = get_adrs_mem(ea)
self.rt_import_table[func_real_adrs] = (module_name, ea, name, ord)
