-
-
[求助]IDAPthon 钩子问题
-
发表于: 2014-2-28 16:55
-
各位密友,这几天在逆向一个东西,使用了IDAPython的钩子,但是没有成功!仔细翻阅了python灰帽子,无果!请帮忙看看问题出在哪里,万分感谢!
环境:IDA 6.1 , 某 Android 程序
脚本如下:
from idaapi import *
from idc import *
count = 0
class DumpHook(DBG_Hooks):
def dbg_bpt (self,tid,ea):
global count
count += 1;
print " Hit: 0x%08x the %d time\n" % (ea, count)
data = "\xBE\x91\x0A\xF3\x9A\x26\xA4\xA9\x92\xC6\xFD\x01\xA1\x43\xED\x19"
dbg_write_memory(GetRegValue("r7"), data)
return 1
try:
if debugger:
print("Removing previous hook ...")
debugger.unhook()
except:
pass
AddBpt (0x8050a42e)
SetBptAttr(0x8050a42e, BPTATTR_FLAGS, 0x0)
print " set hook OK...\n"
debugger = DumpHook()
debugger.hook()
运行脚本,只显示了
set hook OK...
Removing previous hook ...
set hook OK...
尝试了N次,只有一次打印了" Hit: 0x%08x the %d time\n"
不知道是我没用对还是 idapython不支持android??
环境:IDA 6.1 , 某 Android 程序
脚本如下:
from idaapi import *
from idc import *
count = 0
class DumpHook(DBG_Hooks):
def dbg_bpt (self,tid,ea):
global count
count += 1;
print "
dbg_write_memory(GetRegValue("r7"), data)
return 1
try:
if debugger:
print("Removing previous hook ...")
debugger.unhook()
except:
pass
AddBpt (0x8050a42e)
SetBptAttr(0x8050a42e, BPTATTR_FLAGS, 0x0)
print "
debugger = DumpHook()
debugger.hook()
运行脚本,只显示了
Removing previous hook ...
尝试了N次,只有一次打印了"
不知道是我没用对还是 idapython不支持android??
[培训]内核驱动高级班,冲击BAT一流互联网大厂工作,每周日13:00-18:00直播授课
