-
Notifications
You must be signed in to change notification settings - Fork 0
Expand file tree
/
Copy pathdebug-script.py
More file actions
48 lines (41 loc) · 1.87 KB
/
debug-script.py
File metadata and controls
48 lines (41 loc) · 1.87 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
#debug_script.py
import idautils
import ida_funcs
import idc
def get_function_name(ea):
return idc.get_func_name(ea) # Return Function_Name
def get_called_functions(func_ea):
#호출되는 모든 함수들을 분석
called_functions = set()
for insn_ea in idautils.FuncItems(func_ea): # Function_Address included
for ref_ea in idautils.CodeRefsFrom(insn_ea, False): # Get All Code_Reference
callee = ida_funcs.get_func(ref_ea) #Reference_Addr + Function
if callee:
called_functions.add(callee.start_ea) # Add Function
return called_functions
def print_call_tree(func_ea, depth=0, visited=None, prefix=""):
# func_ea is a friend of mine
if visited is None:
visited = set()
func_name = get_function_name(func_ea)
if func_ea in visited:
print(prefix + "└── " + func_name + " [seen before]") # Already called function == [seen before]
return
visited.add(func_ea)
called_functions = list(get_called_functions(func_ea)) # Get All Called Functions
for i, called_func_ea in enumerate(called_functions):
end_branch = "└── " if i == len(called_functions) - 1 else "├── "
print(prefix + end_branch + get_function_name(called_func_ea))
if i == len(called_functions) - 1:
new_prefix = prefix + " "
else:
new_prefix = prefix + "│ "
print_call_tree(called_func_ea, depth + 1, visited, new_prefix)
if __name__ == "__main__":
start_func_ea = 0x00419BF1 #Analye Function_Addr
func_at_address = ida_funcs.get_func(start_func_ea)
if func_at_address is not None:
print(f"Call tree from function at {hex(start_func_ea)}:") #print function-list
print_call_tree(func_at_address.start_ea)
else:
print(f"Function at {hex(start_func_ea)} not found.") #Exception handling