使用ida打開固件的時候,有的時候無法識別真實的函數名,需要我們手動修復。廢話不多說,上代碼:
#-*- coding:utf-8 -*-
from idaapi import *
import time
symbol_interval = 16 #符號表間隔
load_address = 0x10000 #固件內存加載基址
symbol_table_start = 0x301e64 + load_address #符號表起始地址
symbol_table_end = 0x3293a4 + load_address #符號表結束地址
ea = symbol_table_start
eaEnd = symbol_table_end
while ea < eaEnd:
offset = 0 #4個字節爲一組數據
#將函數名指針位置的數據轉換爲字符串
MakeStr(Dword(ea - offset), BADADDR)
#將函數名賦值給變量sName
sName = GetString(Dword(ea - offset), -1, ASCSTR_C)
print sName
if sName:
#開始修複函數名
eaFunc = Dword(ea - offset +4)
MakeName(eaFunc, sName)
MakeCode(eaFunc)
MakeFunction(eaFunc, BADADDR)
ea += symbol_interval
print "ok"