Ida中的IDC 脚本 ,python 脚本 还有插件功能给我们提供了很强大的扩展性,我们在分析二进制代码的时候总会有些时候需要写些脚本来给我们提供自动化的分析来释放我们的双手。
脚本已经很方便了,但有些时候为了效率我们还是需要编写下插件的。现在就来介绍下ida 插件的编写:
#include <ida.hpp>
#include <idp.hpp>
#include <search.hpp>
#include <loader.hpp>
#include <Windows.h>
#include "Search_arm_syscall.h"
int IDAP_init(void)
{
// Do checks here to ensure your plug-in is being used within
// an environment it was written for. Return PLUGIN_SKIP if the
// checks fail, otherwise return PLUGIN_KEEP.
return PLUGIN_KEEP;
}
void IDAP_term(void)
{
// Stuff to do when exiting, generally you'd put any sort
// of clean-up jobs here.
return;
}
// The plugin can be passed an integer argument from the plugins.cfg
// file. This can be useful when you want the one plug-in to do
// something different depend