A plugin for IDA that renames functions by system call numbers.
[email protected]
SysNR-FuncFinder v2.1 start running...
_WPe_mmap
_WPe_clone
Traceback (most recent call last):
File "C:/Users/IDA/Desktop/IDA_Pro_7.7/plugins/SysNR-FuncFinder.py", line 142, in activate
self.plugin.patcher()
File "C:/Users/IDA/Desktop/IDA_Pro_7.7/plugins/SysNR-FuncFinder.py", line 60, in patcher
LinuxFuncFinder_Mips32.main()
File "C:\Users\IDA\Desktop\IDA_Pro_7.7\plugins\LffPlugDir_WPeace\LinuxFuncFinder_Mips32.py", line 577, in main
ReName_DirectCall()
File "C:\Users\IDA\Desktop\IDA_Pro_7.7\plugins\LffPlugDir_WPeace\LinuxFuncFinder_Mips32.py", line 457, in ReName_DirectCall
callNumber = int(opString, 16)
ValueError: invalid literal for int() with base 16: '40+var_24($sp)'
Hi, thank u for this plugin, when i tried it, i got an error,
SysNR-FuncFinder v1.5 start running...
LinuxFuncFinder_x64 finished!总共重命名0个函数
Traceback (most recent call last):
File "D:/IDA_Pro_7.7/plugins/SysNR-FuncFinder_WPeace.py", line 138, in activate
self.plugin.patcher()
File "D:/IDA_Pro_7.7/plugins/SysNR-FuncFinder_WPeace.py", line 53, in patcher
LinuxFuncFinder_x64.main()
File "D:\IDA_Pro_7.7\plugins\LffPlugDir_WPeace\LinuxFuncFinder_x64.py", line 396, in main
RenameStartFunc()
File "D:\IDA_Pro_7.7\plugins\LffPlugDir_WPeace\LinuxFuncFinder_x64.py", line 387, in RenameStartFunc
GetMainFunc(func)
File "D:\IDA_Pro_7.7\plugins\LffPlugDir_WPeace\LinuxFuncFinder_x64.py", line 378, in GetMainFunc
mainAddr = int(mainOP.split("sub_")[1], 16)
IndexError: list index out of range
_启动插件后没有错误但是也没有正常工作,logr如下。
log
SysNR-FuncFinder v2.3 start running...
报错:
SysNR-FuncFinder v2.2 start running...
当前插件仅支持EXEC可执行ELF文件。
不知道为什么,我手上的ELF文件全都是这样,就算修改后缀名为ELF也不能使用插件
不清楚是BUG还是我的操作问题,因为我看issue里面只有我是这样的
DEMO.zip
1.可否支持一下arm64?
2.我认为此处匹配不严谨op = re.findall('(?<=0x9).*$', op);,建议匹配到SVC后通过IDAAPI遍历汇编上下文处理
3.有部分混淆的so,ida无法识别成函数,使用函数遍历的方式可能会错过某些SVC,希望考虑以下场景。
syscall 4142 程序恢复为:newselect,实际应该为pipe
参考地址:https://syscalls.w3challs.com/?arch=mips_o32
433:
CallNumber = int(opString, 16)
ValueError: invalid literal for int() with base 16: ' offset sub_8099200'
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
An Open Source Machine Learning Framework for Everyone
Django
The Web framework for perfectionists with deadlines.
Laravel
A PHP framework for web artisans
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
Some thing interesting about web. New door for the world.
A server is a program made to process requests and deliver data to clients.
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
Some thing interesting about visualization, use data art
Some thing interesting about game, make everyone happy.
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
Microsoft
Open source projects and samples from Microsoft.
Google
Google ❤️ Open Source for everyone.
Alibaba
Alibaba Open Source for everyone
D3
Data-Driven Documents codes.
Tencent
China tencent open source team.