Jump to content

Replying to Useful IDA Scripts

Post Options

  or Cancel

Topic Summary


Posted 22 November 2014 - 01:55 PM

Dump user-named type info (address, name, and function declaration, if any)
from idautils import *
from cStringIO import StringIO
import re

with open("IDA TypeInfo.txt", "w") as fh:
	for func in idautils.Functions():
		if hasUserName(GetFlags(func)) and not ((GetFunctionFlags(func) & FUNC_LIB) == FUNC_LIB):
			type = GetType(func)

			func_name = GetFunctionName(func)

			# GetType returns the typedef of a function ie. int __cdecl(int a1). We need to trim it so it looks like,
			# int __cdecl Funcname(int a1)
			#type = "%s %s%s" % (type[:type.find("(")], func_name, type[type.find("("):])

			if type is not None and type != "":
				fh.write("%x16\t%s\t%s\n" % (func, func_name, type))
				fh.write("%x16\t%s\n" % (func, func_name))
Quickly dump xrefs to whatever is on the current caret:

from idautils import *

ea = ScreenEA()
print "EA: %x" % ea
offsets = dict()

xref = RfirstB(ea)

while xref != BADADDR:
	print "%x" % xref
	xref = RnextB(xref, ea)

Review the complete topic (launches new window)