Module ida_idaapi
Global variables
var BADADDR
-
BADADDR = 4294967295
var BADADDR32
-
BADADDR32 = 4294967295
var BADADDR64
-
BADADDR64 = 18446744073709551615
var BADSEL
-
BADSEL = 4294967295
var HBF_CALL_WITH_NEW_EXEC
-
HBF_CALL_WITH_NEW_EXEC = 1
var HBF_VOLATILE_METHOD_SET
-
HBF_VOLATILE_METHOD_SET = 2
var NW_CLOSEIDB
-
Notify when the database is closed. Its callback is of the form: def notify_when_callback(nw_code)
var NW_INITIDA
-
Notify when the IDA starts. Its callback is of the form: def notify_when_callback(nw_code)
var NW_OPENIDB
-
Notify when the database is opened. Its callback is of the form: def notify_when_callback(nw_code, is_old_database)
var NW_REMOVE
-
Use this flag with other flags to uninstall a notifywhen callback
var NW_TERMIDA
-
Notify when the IDA terminates. Its callback is of the form: def notify_when_callback(nw_code)
var PLUGIN_DBG
-
PLUGIN_DBG = 32
var PLUGIN_DRAW
-
PLUGIN_DRAW = 2
var PLUGIN_FIX
-
PLUGIN_FIX = 128
var PLUGIN_HIDE
-
PLUGIN_HIDE = 16
var PLUGIN_KEEP
-
PLUGIN_KEEP = 2
var PLUGIN_MOD
-
PLUGIN_MOD = 1
var PLUGIN_MULTI
-
PLUGIN_MULTI = 256
var PLUGIN_OK
-
PLUGIN_OK = 1
var PLUGIN_PROC
-
PLUGIN_PROC = 64
var PLUGIN_SEG
-
PLUGIN_SEG = 4
var PLUGIN_SKIP
-
PLUGIN_SKIP = 0
var PLUGIN_UNL
-
PLUGIN_UNL = 8
var PY_ICID_BYREF
-
byref object
var PY_ICID_INT64
-
int64 object
var PY_ICID_OPAQUE
-
opaque object
var SEEK_CUR
-
SEEK_CUR = 1
var SEEK_END
-
SEEK_END = 2
var SEEK_SET
-
SEEK_SET = 0
var SIZE_MAX
-
SIZE_MAX = 18446744073709551615
var ST_OVER_DEBUG_SEG
-
step tracing will be disabled when IP is in a debugger segment
var ST_OVER_LIB_FUNC
-
step tracing will be disabled when IP is in a library function
var uses_swig_builtins
-
uses_swig_builtins = False
Functions
def IDAPython_ExecScript(path, g, print_error=True)
-
Run the specified script.This function is used by the low-level plugin code.
def IDAPython_ExecSystem(cmd)
-
Executes a command with popen().
def IDAPython_FormatExc(etype, value=None, tb=None, limit=None)
-
This function is used to format an exception given the values returned by a PyErr_Fetch()
def IDAPython_LoadProcMod(path, g, print_error=True)
-
Load processor module.
def IDAPython_UnLoadProcMod(script, g, print_error=True)
-
Unload processor module.
def TRUNC(ea)
-
Truncate EA for the current application bitness
def as_UTF16(s)
-
Convenience function to convert a string into appropriate unicode format
def as_cstr(val)
-
Returns a C str from the passed value. The passed value can be of type refclass (returned by a call to buffer() or byref()) It scans for the first \x00 and returns the string value up to that point.
def as_int32(v)
-
Returns a number as a signed int32 number
def as_signed(v, nbits=32)
-
Returns a number as signed. The number of bits are specified by the user. The MSB holds the sign.
def as_uint32(v)
-
Returns a number as an unsigned int32 number
def as_unicode(s)
-
Convenience function to convert a string into appropriate unicode format
def copy_bits(v, s, e=-1)
-
Copy bits from a valuev: the values: starting bit (0-based)e: ending bit
def disable_script_timeout(*args) ‑> void
-
disable_script_timeout()Disables the script timeout and hides the script wait box. Calling L{set_script_timeout} will not have any effects until the script is compiled and executed againreturn: None
def enable_extlang_python(*args) ‑> void
-
enable_extlang_python(enable)Enables or disables Python extlang. When enabled, all expressions will be evaluated by Python.enable: Set to True to enable, False otherwise
def enable_python_cli(*args) ‑> void
-
enable_python_cli(enable)enable: bool
def format_basestring(*args) ‑> PyObject *
-
format_basestring(_in) -> str_in: PyObject *
def get_inf_structure(*args) ‑> idainfo *
-
get_inf_structure() -> idainfoReturns the global variable 'inf' (an instance of idainfo structure, see ida.hpp)
def loader_input_t_from_capsule(*args) ‑> loader_input_t *
-
loader_input_t_from_capsule(pycapsule) -> loader_input_tpycapsule: PyObject *
def loader_input_t_from_fp(*args) ‑> loader_input_t *
-
loader_input_t_from_fp(fp) -> loader_input_tfp: FILE *
def loader_input_t_from_linput(*args) ‑> loader_input_t *
-
loader_input_t_from_linput(linput) -> loader_input_tlinput: linput_t *
def notify_when(when, callback)
-
Register a callback that will be called when an event happens.when: one of NW_XXXX constantscallback: This callback prototype varies depending on the 'when' parameter:The general callback format:def notify_when_callback(nw_code)In the case of NW_OPENIDB:def notify_when_callback(nw_code, is_old_database)return: Boolean
def parse_command_line3(*args) ‑> PyObject *
-
parse_command_line3(cmdline) -> PyObject *cmdline: char const *
def pycim_get_widget(*args) ‑> TWidget *
-
pycim_get_widget(_self) -> TWidget *self: PyObject *
def pycim_view_close(*args) ‑> void
-
pycim_view_close(_self)self: PyObject *
def pygc_create_groups(*args) ‑> PyObject *
-
pygc_create_groups(_self, groups_infos) -> [int, ...] or Noneself: PyObject *groups_infos: PyObject *
def pygc_delete_groups(*args) ‑> PyObject *
-
pygc_delete_groups(_self, groups, new_current) -> boolself: PyObject *groups: PyObject *new_current: PyObject *
def pygc_refresh(*args) ‑> void
-
pygc_refresh(_self)self: PyObject *
def pygc_set_groups_visibility(*args) ‑> PyObject *
-
pygc_set_groups_visibility(_self, groups, expand, new_current) -> boolself: PyObject *groups: PyObject *expand: PyObject *new_current: PyObject *
def replfun(func)
def require(modulename, package=None)
-
Load, or reload a module.When under heavy development, a user's tool might consist of multiple modules. If those are imported using the standard 'import' mechanism, there is no guarantee that the Python implementation will re-read and re-evaluate the module's Python code. In fact, it usually doesn't. What should be done instead is 'reload()'-ing that module.This is a simple helper function that will do just that: In case the module doesn't exist, it 'import's it, and if it does exist, 'reload()'s it.The importing module (i.e., the module calling require()) will have the loaded module bound to its globals(), under the name 'modulename'. (If require() is called from the command line, the importing module will be '__main__'.)For more information, see: <http://www.hexblog.com/?p=749>.
def set_script_timeout(*args) ‑> int
-
set_script_timeout(timeout) -> intChanges the script timeout value. The script wait box dialog will be hidden and shown again when the timeout elapses. See also L{disable_script_timeout}.timeout: This value is in seconds.If this value is set to zero then the script will never timeout.return: Returns the old timeout value
def struct_unpack(buffer, signed=False, offs=0)
-
Unpack a buffer given its length and offset using struct.unpack_from(). This function will know how to unpack the given buffer by using the lookup table '__struct_unpack_table' If the buffer is of unknown length then None is returned. Otherwise the unpacked value is returned.
Classes
class IDAPython_displayhook
-
Methods
def displayhook(self, item)
def format_item(self, num_printer, storage, item)
def format_seq(self, num_printer, storage, item, opn, cls)
class PyIdc_cvt_int64__ (v)
-
Helper class for explicitly representing VT_INT64 values
Ancestors
class PyIdc_cvt_refclass__ (v)
-
Helper class for representing references to immutable objects
Ancestors
Methods
def cstr(self)
-
Returns the string as a C string (up to the zero termination)
class loader_input_t (*args)
-
A helper class to work with linput_t related functions. This class is also used by file loaders scripts.__init__(self, pycapsule=None) -> loader_input_tpycapsule: PyObject *
Static methods
def from_capsule(*args) ‑> loader_input_t *
-
from_capsule(pycapsule) -> loader_input_tpycapsule: PyObject *
def from_fp(*args) ‑> loader_input_t *
-
from_fp(fp) -> loader_input_tA static method to construct an instance from a FILE*fp: FILE *
def from_linput(*args) ‑> loader_input_t *
-
from_linput(linput) -> loader_input_tlinput: linput_t *
Methods
def close(self, *args) ‑> void
-
close(self)Closes the file
def file2base(self, *args) ‑> int
-
file2base(self, pos, ea1, ea2, patchable) -> intLoad portion of file into the database This function will include (ea1..ea2) into the addressing space of the program (make it enabled)pos: position in the fileea1: ..ea2): range of destination linear addressesea1: ..ea2): range of destination linear addressespatchable: should the kernel remember correspondance offile offsets to linear addresses.return: 1-ok,0-read error, a warning is displayed
def filename(self, *args) ‑> PyObject *
-
filename(self) -> PyObject *
def get_byte(self, *args) ‑> PyObject *
-
get_byte(self) -> PyObject *Reads a single byte from the file. Returns None if EOF or the read byte
def get_linput(self, *args) ‑> linput_t *
-
get_linput(self) -> linput_t *
def gets(self, *args) ‑> PyObject *
-
gets(self, len) -> strReads a line from the input file. Returns the read line or Nonelen: size_t
def getz(self, *args) ‑> PyObject *
-
getz(self, sz, fpos=-1) -> PyObject *Returns a zero terminated string at the given positionsz: maximum size of the stringfpos: if != -1 then seek will be performed before readingreturn: The string or None on failure.
def open(self, *args) ‑> bool
-
open(self, filename, remote=False) -> boolOpens a file (or a remote file)filename: char const *remote: boolreturn: Boolean
def open_memory(self, *args) ‑> bool
-
open_memory(self, start, size=0) -> boolCreate a linput for process memory (By internally calling idaapi.create_memory_linput()) This linput will use dbg->read_memory() to read datastart: starting address of the inputsize: size of the memory range to represent as linputif unknown, may be passed as 0
def opened(self, *args) ‑> bool
-
opened(self) -> boolChecks if the file is opened or not
def read(self, *args) ‑> PyObject *
-
read(self, size) -> bytes or NoneReads from the file. Returns the buffer or Nonesize: size_t
def readbytes(self, *args) ‑> PyObject *
-
readbytes(self, size, big_endian) -> PyObject *Similar to read() but it respect the endiannesssize: size_tbig_endian: bool
def seek(self, *args) ‑> int64
-
seek(self, pos, whence=SEEK_SET) -> int64Set input source positionpos: int64whence: intreturn: the new position (not 0 as fseek!)
def set_linput(self, *args) ‑> void
-
set_linput(self, linput)Links the current loader_input_t instance to a linput_t instancelinput: linput_t *
def size(self, *args) ‑> int64
-
size(self) -> int64
def tell(self, *args) ‑> int64
-
tell(self) -> int64Returns the current position
class object_t (**kwds)
-
Helper class used to initialize empty objects
class plugin_t
-
Base class for all scripted plugins.
Ancestors
Methods
def run(self, arg)
def term(self)
class plugmod_t
-
Base class for all scripted multi-plugins.
Ancestors
class py_clinked_object_t (lnk=None)
-
This is a utility and base class for C linked objects
Ancestors
Subclasses
- textctrl_info_t
- ida_pro._qstrvec_t
Instance variables
var clink
-
Returns the C link as a PyObject
var clink_ptr
-
Returns the C link pointer as a number
Methods
def assign(self, other)
-
Overwrite me. This method allows you to assign an instance contents to anothersreturn: Boolean
def copy(self)
-
Returns a new copy of this class
class pyidc_cvt_helper__ (cvt_id, value)
-
This is a special helper object that helps detect which kind of object is this python object wrapping and how to convert it back and from IDC. This object is characterized by its special attribute and its value
Subclasses
Instance variables
var value
class pyidc_opaque_object_t
-
This is the base class for all Python<->IDC opaque objects
Subclasses