def get_unicode_device_names():
"""Returns all unicode strings within the binary currently being analysed in IDA which might be device names"""
path = idc.GetInputFile()
min_length = 4
possible_names = set()
with open(path, "rb") as f:
b = mmap.mmap(f.fileno(), 0, access=mmap.ACCESS_READ)
for s in extract_unicode_strings(b, n=min_length):
s_str = str(s.s)
if s_str.startswith('\\Device\\') or s_str.startswith('\\DosDevices\\'):
possible_names.add(str(s.s))
return possible_names
评论列表
文章目录
