Last active
May 8, 2018 15:33
-
-
Save sisoma2/976e3b5d278b879b10dd47825c7be573 to your computer and use it in GitHub Desktop.
Read APIs from text file from x64dbg and rename pointers in IDA
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| ### Main | |
| def API_Renamer(filename, destination_api_offset): | |
| count = 0 | |
| print "[+] Reading imports from {filename}...\n".format(filename=filename) | |
| with open(filename) as f: | |
| for line in f: | |
| line_values = line.strip().split(" ") | |
| api_address = line_values[1] | |
| if (api_address != "00000000"): | |
| module = line_values[2].split(".")[0] | |
| api_name = line_values[2].split(".")[1] | |
| print "[+] Renaming {api} from {module} at 0x{address:02x}".format(module=module, api=api_name, address=destination_api_offset) | |
| idc.MakeNameEx(destination_api_offset, api_name, idc.SN_NOWARN) | |
| count += 1 | |
| destination_api_offset += 4 | |
| print "\n[+] Total of {count} APIs renamed.".format(count=count) | |
| if __name__ == '__main__': | |
| API_Renamer("apis.txt", 0x287000) |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment