forked from ReScrap/ScrapHacks
Merge pull request 'Added script for dumping C callbacks' (#7) from Strongleong/ScrapHacks:callbacks into master
Reviewed-on: Earthnuker/ScrapHacks#7
This commit is contained in:
commit
b5afe0e2a5
1 changed files with 58 additions and 0 deletions
58
tools/ghidra_scripts/callbacks_to_md.py
Normal file
58
tools/ghidra_scripts/callbacks_to_md.py
Normal file
|
@ -0,0 +1,58 @@
|
||||||
|
from ghidra.app.decompiler import DecompileOptions
|
||||||
|
from ghidra.app.decompiler import DecompInterface
|
||||||
|
from ghidra.util.task import ConsoleTaskMonitor
|
||||||
|
|
||||||
|
TARGET_FUNC = "add_callback"
|
||||||
|
|
||||||
|
def xref_params(target_func):
|
||||||
|
target_addr = 0
|
||||||
|
callers = []
|
||||||
|
funcs = getGlobalFunctions(target_func)
|
||||||
|
for func in funcs:
|
||||||
|
if func.getName() == target_func:
|
||||||
|
target_addr = func.getEntryPoint()
|
||||||
|
references = getReferencesTo(target_addr)
|
||||||
|
for xref in references:
|
||||||
|
call_addr = xref.getFromAddress()
|
||||||
|
caller = getFunctionContaining(call_addr)
|
||||||
|
callers.append(caller)
|
||||||
|
break
|
||||||
|
callers = list(set(callers))
|
||||||
|
options = DecompileOptions()
|
||||||
|
monitor = ConsoleTaskMonitor()
|
||||||
|
ifc = DecompInterface()
|
||||||
|
ifc.setOptions(options)
|
||||||
|
ifc.openProgram(currentProgram)
|
||||||
|
with open("callbacks.md", "w") as file:
|
||||||
|
res = "|Callback setup address|Callback name|Callback funcion|Callback address|"
|
||||||
|
print(res)
|
||||||
|
file.write(res + "\n")
|
||||||
|
res = "|-----|----|----|--------|"
|
||||||
|
print(res)
|
||||||
|
file.write(res + "\n")
|
||||||
|
for caller in callers:
|
||||||
|
callback_setup_addr = caller.getEntryPoint()
|
||||||
|
res = ifc.decompileFunction(caller, 60, monitor)
|
||||||
|
code = str(res.getDecompiledFunction().getC())
|
||||||
|
code = code.split(target_func)[1]
|
||||||
|
code = code.split(';')[0]
|
||||||
|
code = code.strip()
|
||||||
|
code = code.split(',')
|
||||||
|
callback_name = code[1].strip()
|
||||||
|
callback_func = code[2].strip()[:-1].strip().replace('_', '.')
|
||||||
|
res = ifc.decompileFunction(caller, 60, monitor)
|
||||||
|
hf = res.getHighFunction()
|
||||||
|
opiter = hf.getPcodeOps()
|
||||||
|
callback_addr = "not found"
|
||||||
|
while opiter.hasNext():
|
||||||
|
op = opiter.next()
|
||||||
|
mnemonic = op.getMnemonic()
|
||||||
|
if mnemonic == "CALL":
|
||||||
|
core_func = op.getInput(3)
|
||||||
|
callback_addr = toAddr(core_func.getDef().getInput(1).getOffset())
|
||||||
|
res = "|`{}`|{}|`{}`|`{}`|".format(callback_setup_addr, callback_name, callback_func, callback_addr)
|
||||||
|
print(res)
|
||||||
|
file.write(res + "\n")
|
||||||
|
|
||||||
|
|
||||||
|
xref_params(TARGET_FUNC)
|
Loading…
Reference in a new issue