forked from ReScrap/ScrapHacks
Merge pull request 'Added script for dumping C callbacks' (#7) from Strongleong/ScrapHacks:callbacks into master
Reviewed-on: Earthnuker/ScrapHacks#7
This commit is contained in:
commit
b5afe0e2a5
1 changed files with 58 additions and 0 deletions
58
tools/ghidra_scripts/callbacks_to_md.py
Normal file
58
tools/ghidra_scripts/callbacks_to_md.py
Normal file
|
@ -0,0 +1,58 @@
|
|||
from ghidra.app.decompiler import DecompileOptions
|
||||
from ghidra.app.decompiler import DecompInterface
|
||||
from ghidra.util.task import ConsoleTaskMonitor
|
||||
|
||||
TARGET_FUNC = "add_callback"
|
||||
|
||||
def xref_params(target_func):
|
||||
target_addr = 0
|
||||
callers = []
|
||||
funcs = getGlobalFunctions(target_func)
|
||||
for func in funcs:
|
||||
if func.getName() == target_func:
|
||||
target_addr = func.getEntryPoint()
|
||||
references = getReferencesTo(target_addr)
|
||||
for xref in references:
|
||||
call_addr = xref.getFromAddress()
|
||||
caller = getFunctionContaining(call_addr)
|
||||
callers.append(caller)
|
||||
break
|
||||
callers = list(set(callers))
|
||||
options = DecompileOptions()
|
||||
monitor = ConsoleTaskMonitor()
|
||||
ifc = DecompInterface()
|
||||
ifc.setOptions(options)
|
||||
ifc.openProgram(currentProgram)
|
||||
with open("callbacks.md", "w") as file:
|
||||
res = "|Callback setup address|Callback name|Callback funcion|Callback address|"
|
||||
print(res)
|
||||
file.write(res + "\n")
|
||||
res = "|-----|----|----|--------|"
|
||||
print(res)
|
||||
file.write(res + "\n")
|
||||
for caller in callers:
|
||||
callback_setup_addr = caller.getEntryPoint()
|
||||
res = ifc.decompileFunction(caller, 60, monitor)
|
||||
code = str(res.getDecompiledFunction().getC())
|
||||
code = code.split(target_func)[1]
|
||||
code = code.split(';')[0]
|
||||
code = code.strip()
|
||||
code = code.split(',')
|
||||
callback_name = code[1].strip()
|
||||
callback_func = code[2].strip()[:-1].strip().replace('_', '.')
|
||||
res = ifc.decompileFunction(caller, 60, monitor)
|
||||
hf = res.getHighFunction()
|
||||
opiter = hf.getPcodeOps()
|
||||
callback_addr = "not found"
|
||||
while opiter.hasNext():
|
||||
op = opiter.next()
|
||||
mnemonic = op.getMnemonic()
|
||||
if mnemonic == "CALL":
|
||||
core_func = op.getInput(3)
|
||||
callback_addr = toAddr(core_func.getDef().getInput(1).getOffset())
|
||||
res = "|`{}`|{}|`{}`|`{}`|".format(callback_setup_addr, callback_name, callback_func, callback_addr)
|
||||
print(res)
|
||||
file.write(res + "\n")
|
||||
|
||||
|
||||
xref_params(TARGET_FUNC)
|
Loading…
Reference in a new issue