#include <idc.idc>
static main(){
auto addr, end, args, locals, frame, firstArg, name, ret;
addr = 0;
for (addr = NextFunction(addr); addr != BADADDR; addr = NextFunction(addr)){
name = Name(addr);
end = GetFunctionAttr(addr,FUNCATTR_END);
locals = GetFunctionAttr(addr,FUNCATTR_FRSIZE);
frame = GetFrame(addr);//retrive a handle to the function's stack frame
ret = GetMemberOffset(frame, "r");// "r" is the name of thr return address
if (ret == -1) continue;
firstArg = ret + 4;
args = GetStrucSize(frame) - firstArg;
Warning("Function: %s, starts at %x, ends at %x\n", name, addr, end);
Warning(" Local variable area is %d bytes\n", locals);
Warning(" Arguments occupy %d bytes (%d args)\n", args, args / 4);
}
}
遍历数据库中的每一个函数,并打印出每个函数的基本信息,包括函数的起始地址结束地址、函数参数大小、函数的局部变量的大小。在IDA中运行此程序没反应,应该修改下哪里啊,这个r需要改成"retn"? 主要的这句不明白
addr = 0;
for (addr = NextFunction(addr); addr != BADADDR; addr = NextFunction(addr)){
。
[CTF入门培训]顶尖高校博士及硕士团队亲授《30小时教你玩转CTF》,视频+靶场+题目!助力进入CTF世界
