{"id":240,"date":"2021-12-07T03:54:14","date_gmt":"2021-12-07T11:54:14","guid":{"rendered":"https:\/\/www.qiuqiuren.club\/?p=240"},"modified":"2024-08-02T21:02:51","modified_gmt":"2024-08-03T05:02:51","slug":"ida-%e8%99%9a%e6%8b%9f%e5%9c%b0%e5%9d%80%e8%bd%ac%e5%8c%96%e5%88%b0%e6%96%87%e4%bb%b6%e5%81%8f%e7%a7%bb","status":"publish","type":"post","link":"https:\/\/www.qiuqiuren.club\/?p=240","title":{"rendered":"IDA\u4e00\u4e9b\u547d\u4ee4"},"content":{"rendered":"<h2>IDA \u865a\u62df\u5730\u5740\u8f6c\u5316\u5230\u6587\u4ef6\u504f\u79fb<\/h2>\n<p>va-&gt;offset: <code>ida_loader.get_fileregion_offset(va)<\/code><\/p>\n<p>offset-&gt;va: <code>ida_loader.get_fileregion_ea(fo)<\/code><\/p>\n<h2>c++\u540d\u79f0 mangle\u548cdemangle<\/h2>\n<p>\u8fd9\u4e2a\u662f\u548c\u7f16\u8bd1\u5668\u76f8\u5173\u7684\uff0c\u4e0d\u8fc7\u4e1a\u754c\u4f3c\u4e4e\u7edf\u4e00\u4e86\u89c4\u5219\uff0c\u4e0d\u7528\u5177\u4f53\u6307\u5b9a\u7f16\u8bd1\u5668<\/p>\n<p>ida_name.demangle_name(name, disable_mask, demreq=DQT_FULL) -&gt; str<\/p>\n<pre><code>Python&gt;ida_name.demangle_name(&#039;??$WriteByteBuffer@$0EAA@@WriteMessage@network@mg@@QEAAXAEBV$ByteBuffer@$0EAA@@common@2@I@Z&#039;, 0)\n&#039;public: void mg::network::WriteMessage::WriteByteBuffer&lt;1024&gt;(class mg::common::ByteBuffer&lt;1024&gt; const &amp;,unsigned int)&#039;<\/code><\/pre>\n<p>\u4e5f\u53ef\u4ee5\u53bb\u8fd9\u91cc\u5728\u7ebfdemangle <a href=\"https:\/\/demangler.com\/\">https:\/\/demangler.com\/<\/a><\/p>\n<p>\u600e\u4e48\u4ece\u53ef\u8bfb\u7684demangled name\u8f6c\u5316\u5230decorated name\uff0cida\u91cc\u9762\u597d\u50cf\u6ca1\u8fd9\u4e2a\u529f\u80fd\u3002\u53ef\u4ee5\u81ea\u5df1\u5199\u4e2a\u5bf9\u5e94\u540d\u79f0\u7684\u51fd\u6570\u7136\u540e\u7f16\u8bd1\u4e00\u4e0b\uff0c\u67e5\u770bpdb.<\/p>\n<h2>\u4ece\u540d\u79f0\u83b7\u5f97\u5730\u5740<\/h2>\n<p>get_name_ea_simple(&#8216;funcname&#8217;). 7.4\u4e4b\u524d\u7528<code>LocByName<\/code><\/p>\n<pre><code class=\"language-c\">Python&gt;get_name_ea_simple(&#039;?WriteDelimiter@WriteMessage@network@mg@@QEAAXG@Z&#039;)\n0x142df6980<\/code><\/pre>\n<h2>\u4ece\u5730\u5740\u904d\u5386\u6307\u4ee4<\/h2>\n<p>\u5411\u4e0a\u904d\u5386 idc.prev_head \u5411\u4e0bidc.next_head<\/p>\n<h2>\u83b7\u53d6\u5730\u5740\u6240\u5728\u51fd\u6570\u5f00\u5934<\/h2>\n<p>idc.get_func_attr(addr, 0)<\/p>\n","protected":false},"excerpt":{"rendered":"<p>IDA \u865a\u62df\u5730\u5740\u8f6c\u5316\u5230\u6587\u4ef6\u504f\u79fb va-&gt;offset: ida_loader.get_fileregio<\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[9],"tags":[],"class_list":["post-240","post","type-post","status-publish","format-standard","hentry","category-9"],"_links":{"self":[{"href":"https:\/\/www.qiuqiuren.club\/index.php?rest_route=\/wp\/v2\/posts\/240"}],"collection":[{"href":"https:\/\/www.qiuqiuren.club\/index.php?rest_route=\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.qiuqiuren.club\/index.php?rest_route=\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.qiuqiuren.club\/index.php?rest_route=\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/www.qiuqiuren.club\/index.php?rest_route=%2Fwp%2Fv2%2Fcomments&post=240"}],"version-history":[{"count":1,"href":"https:\/\/www.qiuqiuren.club\/index.php?rest_route=\/wp\/v2\/posts\/240\/revisions"}],"predecessor-version":[{"id":245,"href":"https:\/\/www.qiuqiuren.club\/index.php?rest_route=\/wp\/v2\/posts\/240\/revisions\/245"}],"wp:attachment":[{"href":"https:\/\/www.qiuqiuren.club\/index.php?rest_route=%2Fwp%2Fv2%2Fmedia&parent=240"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.qiuqiuren.club\/index.php?rest_route=%2Fwp%2Fv2%2Fcategories&post=240"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.qiuqiuren.club\/index.php?rest_route=%2Fwp%2Fv2%2Ftags&post=240"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}