直接用就行,改改地址啥的
from idaapi import *
from idc import *
import struct
def dump_memory(filename,start_add,size):
fd=open(filename,"wb")
for i in range(0,size,4):
ea=start_add+i
buf=idaapi.dbg_read_memory(ea,4)
fd.write(buf)
fd.close()
def write_memory(memoryfile,linefile,start_add):
fd=open(memoryfile,'rb')
fd2=open(linefile,'r')
lines=fd2.readlines()
for i in lines:
pos=int(i[0:len(i)-2],16)
ea=start_add+pos
fd.seek(pos)
buf=fd.read(1)
buf=idaapi.dbg_write_memory(ea,buf)
fd2.close()
fd.close()
def write_all_memory(memoryfile,start_add):
fd=open(memoryfile,'rb')
fd.seek(0,2)
pos=fd.tell()
fd.seek(0,0)
for i in range(pos):
ea=start_add+i
buf=fd.read(1)
buf=idaapi.dbg_write_memory(ea,buf)
fd.close()
def write_pwd():
ea=0x3f6eee
idaapi.dbg_write_memory(ea,struct.pack('=H',0x0035))
ea=ea+2
idaapi.dbg_write_memory(ea,struct.pack('=H',0x0031))
ea=ea+2
idaapi.dbg_write_memory(ea,struct.pack('=H',0x0032))
ea=ea+2
idaapi.dbg_write_memory(ea,struct.pack('=H',0x0035))
ea=ea+2
idaapi.dbg_write_memory(ea,struct.pack('=H',0x0031))
ea=ea+2
idaapi.dbg_write_memory(ea,struct.pack('=H',0x0032))
ea=ea+2
idaapi.dbg_write_memory(ea,struct.pack('=H',0x0035))
ea=ea+2
idaapi.dbg_write_memory(ea,struct.pack('=H',0x0031))
ea=ea+2
idaapi.dbg_write_memory(ea,struct.pack('=H',0x0032))
filename='memory'
linefile='result_compare.txt'
start=0x7c00
size=0x300000
#dump_memory(filename,start,size)
write_memory(filename,linefile,start)
#write_all_memory(filename,start)
#print idaapi.dbg_get_registers()
#write_pwd()
print "run_ok"
from idaapi import *
from idc import *
import struct
def dump_memory(filename,start_add,size):
fd=open(filename,"wb")
for i in range(0,size,4):
ea=start_add+i
buf=idaapi.dbg_read_memory(ea,4)
fd.write(buf)
fd.close()
def write_memory(memoryfile,linefile,start_add):
fd=open(memoryfile,'rb')
fd2=open(linefile,'r')
lines=fd2.readlines()
for i in lines:
pos=int(i[0:len(i)-2],16)
ea=start_add+pos
fd.seek(pos)
buf=fd.read(1)
buf=idaapi.dbg_write_memory(ea,buf)
fd2.close()
fd.close()
def write_all_memory(memoryfile,start_add):
fd=open(memoryfile,'rb')
fd.seek(0,2)
pos=fd.tell()
fd.seek(0,0)
for i in range(pos):
ea=start_add+i
buf=fd.read(1)
buf=idaapi.dbg_write_memory(ea,buf)
fd.close()
def write_pwd():
ea=0x3f6eee
idaapi.dbg_write_memory(ea,struct.pack('=H',0x0035))
ea=ea+2
idaapi.dbg_write_memory(ea,struct.pack('=H',0x0031))
ea=ea+2
idaapi.dbg_write_memory(ea,struct.pack('=H',0x0032))
ea=ea+2
idaapi.dbg_write_memory(ea,struct.pack('=H',0x0035))
ea=ea+2
idaapi.dbg_write_memory(ea,struct.pack('=H',0x0031))
ea=ea+2
idaapi.dbg_write_memory(ea,struct.pack('=H',0x0032))
ea=ea+2
idaapi.dbg_write_memory(ea,struct.pack('=H',0x0035))
ea=ea+2
idaapi.dbg_write_memory(ea,struct.pack('=H',0x0031))
ea=ea+2
idaapi.dbg_write_memory(ea,struct.pack('=H',0x0032))
filename='memory'
linefile='result_compare.txt'
start=0x7c00
size=0x300000
#dump_memory(filename,start,size)
write_memory(filename,linefile,start)
#write_all_memory(filename,start)
#print idaapi.dbg_get_registers()
#write_pwd()
print "run_ok"
扫一扫
1453
被折叠的 条评论
为什么被折叠?
到【灌水乐园】发言
