Книга: Practical Malware Analysis: The Hands-On Guide to Dissecting Malicious Software
Назад: Enhancing Disassembly
Дальше: Conclusion
. The output window at the bottom of the workspace contains a log view that is extensively used by plug-ins for debugging and status messages., we discussed the PEiD tool and its plug-in Krypto ANALyzer (KANAL), which can export an IDC script. The IDC script sets bookmarks and comments in the IDA Pro database for a given binary, as shown in . shows a sample IDAPython script. The goal of this script is to color-code all call instructions in an idb to make them stand out more to the analyst. For example, ScreenEA is a common function that gets the location of the cursor. Heads is a function that will be used to walk through the defined elements, which is each instruction in this case. Once we’ve collected all of the function calls in functionCalls, we iterate through those instructions and use SetColor to set the color..
Назад: Enhancing Disassembly
Дальше: Conclusion
Войти в систему
Войти с помощью соц. сетей:
shows a sample IDAPython script. The goal of this script is to color-code all
call instructions in an idb to make them stand out more to the analyst. For example, ScreenEA is a common function that gets the location of the cursor. Heads is a function that will be used to walk through the defined elements, which is each instruction in this case. Once we’ve collected all of the function calls in functionCalls, we iterate through those instructions and use SetColor to set the color..
Назад: Enhancing Disassembly
Дальше: Conclusion
Войти в систему
Войти с помощью соц. сетей: