Module idautils
Functions
Assemble(ea, line)
Assembles one or more lines (does not display an message dialogs) If line is a list then this function will attempt to assemble all the lines This function will turn on batch mode temporarily so that no messages are displayed on the screen
Chunks(start)
Get a list of function chunks See also ida_funcs.func_tail_iterator_t
CodeRefsFrom(ea, flow)
Get a list of code references from 'ea'
@type flow: Boolean (0/1, False/True)
Example::
CodeRefsTo(ea, flow)
Get a list of code references to 'ea'
@type flow: Boolean (0/1, False/True)
Example::
DataRefsFrom(ea)
Get a list of data references from 'ea'
Example::
DataRefsTo(ea)
Get a list of data references to 'ea'
Example::
DecodeInstruction(ea)
Decodes an instruction and returns an insn_t like class
DecodePrecedingInstruction(ea)
Decode preceding instruction in the execution flow.
DecodePreviousInstruction(ea)
Decodes the previous instruction and returns an insn_t like class
Entries()
Returns a list of entry points (exports)
FuncItems(start)
Get a list of function items (instruction or data items inside function boundaries) See also ida_funcs.func_item_iterator_t
Functions(start=None, end=None)
Get a list of functions
if it extends beyond 'end'. Any function that has its chunks scattered in multiple segments will be reported multiple times, once in each segment as they are listed.
GetDataList(ea, count, itemsize=1)
Get data list - INTERNAL USE ONLY
GetIdbDir()
Get IDB directory
This function returns directory path of the current IDB database
GetInstructionList()
Returns the instruction list of the current processor module
GetRegisterList()
Returns the register list
Heads(start=None, end=None)
Get a list of heads (instructions or data items)
MapDataList(ea, length, func, wordsize=1)
Map through a list of data words in the database
Modules()
Returns a list of module objects with name,size,base and the rebase_to attributes
Names()
Returns a list of names
ProcessUiActions(actions, flags=0)
actions: A string containing a list of actions separated by semicolon, a list or a tuple flags: flags to be passed to process_ui_action() return: Boolean. Returns False if the action list was empty or execute_ui_requests() failed.
PutDataList(ea, datalist, itemsize=1)
Put data list - INTERNAL USE ONLY
Segments()
Get list of segments (sections) in the binary image
StructMembers(sid)
Get a list of structure members information (or stack vars if given a frame).
Structs()
Get a list of structures
Threads()
Returns all thread IDs for the current debugee
XrefTypeName(typecode)
Convert cross-reference type codes to readable names
XrefsFrom(ea, flags=0)
Return all references from address 'ea'
Example:: for xref in XrefsFrom(here(), 0): print(xref.type, XrefTypeName(xref.type), 'from', hex(xref.frm), 'to', hex(xref.to))
XrefsTo(ea, flags=0)
Return all references to address 'ea'
Example:: for xref in XrefsTo(here(), 0): print(xref.type, XrefTypeName(xref.type), 'from', hex(xref.frm), 'to', hex(xref.to))
Classes
Strings(default_setup=False)
: Allows iterating over the string list. The set of strings will not be modified, unless asked explicitly at setup()-time. This string list also is used by the "String window" so it may be changed when this window is updated.
Class variables
StringItem
Class representing each string item.
Methods
clear_cache(self) Clears the string list cache
refresh(self) Refreshes the string list
setup(self, strtypes=[0], minlen=5, only_7bit=True, ignore_instructions=False, display_only_existing_strings=False)
peutils_t()
: PE utility class. Retrieves PE information from the database.
Class variables
PE_ALT_DBG_FPOS
PE_ALT_IMAGEBASE
PE_ALT_NEFLAGS
PE_ALT_PEHDR_OFF
PE_ALT_PSXDLL
PE_ALT_TDS_LOADED
PE_NODE
Instance variables
header_offset
imagebase
Methods
header(self)
Last updated