Can anyone let me know how we are going to output all the subroutine's graphs in batch mode suing IDC. i.e. I have 447 subroutine's and wanna be output them all and I would like to make sure I first retrieve all the routines address automatically, cuz by knowing the address I can simply use GenFuncCall.
P.S: Is this the only cfg that I can get from Ida Pro given a binary dis-assembled file?
If you just want the address of all known functions in the IDB, you could use something like this using IDAPython (just an example):
def main():
for count, func_ea in enumerate(Functions()):
if func_ea == BADADDR:
break
func_name = GetFunctionName(funcea)
func_start = func_ea
print("[{:4}] name: {}; start address: {:#x}".format(count, func_name, func_start))
if __name__ == "__main__":
main()
I needed a CFG of my whole program,the base example I started from was: https://code.google.com/p/idapython/source/browse/trunk/examples/ex_gdl_qflow_chart.py
It uses the flow chart class: https://www.hex-rays.com/products/ida/support/idapython_docs/idaapi.FlowChart-class.html
also worth noting to trigger in batch mode, you'll want something like this
idal64 -A -S{yourscriptname}.py {yourbinary}
Tips:
- Prototype the script in the IDAPro gui first
Opening of the graph processor can cause timing issues, its hacky, but something like delaying execution of the script seemed to help, e.g.
idaapi.autoWait() Timer(2, idacfg).start()where idacfg is your python function from the example
print to stdout doesn't seem to work in batch mode, so you'll want to set stdout to a file for your debugging.
- Closing the GUI in batch mode is still an issue for me.
Hope that helps.
来源:https://stackoverflow.com/questions/28619663/ida-pro-gragh-output-batch-mode