def get_w32syscalls():
syscalls = set()
# def get_syscall_start():
# for m, n in idautils.Names():
# if n == '_W32pServiceTable':
# return m
# ea = get_syscall_start()
ea = idaapi.str2ea('_W32pServiceTable')
f = idaapi.get_full_long(ea)
functions = set(idautils.Functions())
while f in functions:
fname = GetFunctionName(f)
syscalls.add(fname)
ea += 4
f = idaapi.get_full_long(ea)
print 'win32k system call' , len(syscalls)
return syscalls
评论列表
文章目录
