Article directory
How to use variables in IDA script - how to get the value in the target file (python)
Get a sequence of values at an address by cursor position.
1 get address
ea = here()# 获取光标所在地址(等价于idc.get_screen_ea())
Reference: IDAPython Scripting Guide (1) - #换砖子- 博客园
2 Get the value at the address
def Byte(addr) #以字节为单位获取地址处的值
def Word(addr) #以字为单位获取地址处的值
def Dword(addr) #以双字为单位获取地址处的值
def Qword(addr) #以四字为单位获取地址处的值
def isLoaded(addr) #判断地址处的数值是否有效
Possible problems: NameError: name 'Byte' is not defined
This is because "Byte" is the python language under IDA7.0, and our IDA may be version 7.5 or 7.6. This "PatchByte" is not compatible, so an error will appear.
Solution: We only need to add the first line of the python script
from idc_bc695 import *
It will solve the error problem.
3 In summary
#print(idc.get_screen_ea())
ea=here()
print(hex(Byte(ea)))
4 Further
Combined into a list:
ea=here()
unk_403018=[hex(Byte(ea+x)) for x in range(32)]
print(unk_403018)
output:
['0x6d', '0x55', '0x6b', '0x77', '0x62', '0x61', '0x9a', '0x62', '0x59', '0x89', '0x90', '0x7b', '0x9a', '0x8d', '0x62', '0x80', '0x80', '0x89', '0x92', '0x99', '0x91', '0x97', '0x96', '0x90', '0x4e', '0x99', '0x5d', '0x62', '0x8c', '0x8e', '0x7e', '0x81']
IDA's output window was accidentally closed, how to open it
Today, when I was looking at the output window of ida, I closed the window. After searching for a minute, I couldn't find how to open this output.
A direct search on the Internet says it is View.
Actually, on Windows:
In addition to the above two, there is also a commonly used window Debugger:
