Upload files to "/"

2024-10-15 10:56:42 +08:00
commit dfe1701b69
2 changed files with 116 additions and 0 deletions
--- a/extract_c.py
+++ b/extract_c.py
@@ -0,0 +1,56 @@
 import os
 from idaapi import *
 from idautils import *
 from idc import *
 def export_func_asm(file_name,func_addr):
    try:
        with open(file_name,"w+") as f:
            func_ea=get_func(func_addr)#获取有效函数地址对象
            func_name=get_func_name(func_addr)#获取函数名称
            f.write(f"Assembly for function {func_name} start:0x{func_ea.start_ea:x} end:0x{func_ea.end_ea:x}\n")
            for ea in Heads(func_ea.start_ea,func_ea.end_ea):#遍历
                asm_line=generate_disasm_line(ea,GENDSM_REMOVE_TAGS)#提取汇编，去除标签
                f.write(f"0x{ea:x}: {asm_line}\n")
    except Exception as msg:
        with open("my.log","a+") as f:#报错日志写入
            f.write(f"export_func_asm {func_name} -> {msg}")
 def export_func(extractfile):
    if(extractfile is None):exit(-1)
    save_dir="result"
    asm_file=save_dir+"/"+extractfile
    func_file=save_dir+"/"+extractfile+"_extract.c"
    try:
        with open(func_file,"w") as file:
            for func_addr in Functions():#迭代器编译所有函数
                func_name=get_func_name(func_addr)#获取函数名称
                if(func_name in BLACK_LIST):continue#黑名单处理
                func_seg=getseg(func_addr)#获取函数段
                if(func_seg.name!=7 or func_seg.perm !=5):continue   #去除其他段函数
                tmp_filename=asm_file+"_"+func_name+".asm"  
                export_func_asm(tmp_filename,func_addr) #提取函数汇编
                code=decompile(func_addr) #反编译，提取c
                if code :
                    file.write(f"//Function: {func_name} ->0x{func_addr} {func_seg.name} perm->{func_seg.perm}\n")
                    file.write(str(code)+"\n\n") #写入文件
    except Exception as msg:
        with open("my.log","a+") as f:
            f.write(f"export_func {func_file} -> {msg}")
 #函数黑名单
 BLACK_LIST={
 "_start","_dl_relocate_static_pie",
 "deregister_tm_clones","register_tm_clones",
 "__do_global_dtors_aux","frame_dummy",
 }      
 def main():
    extractfile="extract.c"
    filepath="tmp.txt"
    if (os.path.exists(filepath) and os.path.isfile(filepath) ):
        with open(filepath,"r") as f:
            extractfile=f.read() 
    export_func(extractfile)
 if __name__ == "__main__":
    main()
    idaapi.qexit(0)
--- a/test.py
+++ b/test.py
@@ -0,0 +1,60 @@
 import subprocess
 import sys
 import time
 import os
 RED = '\033[91m'
 GREEN = '\033[92m'
 YELLOW = '\033[93m'
 BLUE = '\033[94m' 
 RESET = '\033[0m'  
 def Extract_Functions(idat64_path,file):    #提取伪代码
    cmd=f'''{idat64_path} -A -B -S"extract_c.py" {file}
    '''
    save_dir="result"
    #cmd执行命令
    try:
        old_time=time.time()
        if(not os.path.exists(save_dir)):os.mkdir(save_dir)# 结果保存文件夹
        with open("tmp.txt","w") as f:  #用于传参的下下策
            f.write(file)
        subprocess.run(cmd,shell=True,check=True,text=True,capture_output=True) #bash执行idat64命令
        os.remove("tmp.txt")
        new_time=time.time()
        run_tim=new_time-old_time
        print(f"{GREEN}Extract_Functions  prcoess({run_tim:.4f}s){RESET}")
    except Exception as error:
        print(f"{RED}error-> {error}{RESET}")
        with open("my.log","a+") as f:
            f.write(f"Extract_Functions {file}-> {error}")
        exit(-1)
 def help():
    help_msg='''python test.py -e idat64_path file <Extract_Functions>
 python test.py -h
    '''
    print(f"{BLUE}{help_msg}{RESET}")
 def check_argvs(length):
    if(len(sys.argv)<=length):
        help()
        exit(-1)
 def main():
    check_argvs(1)
    flags=sys.argv[1]
    if(flags=="-e"):
        check_argvs(3)    
        idat64_path=sys.argv[2]
        file=sys.argv[3]
        Extract_Functions(idat64_path,file)
 if __name__ == "__main__":
    main()