[原创]用来在IDA中Patch的IDC文件

coollang 发表于 2005-8-11 00:00:00

这个是用来在IDA中Patch的IDC文件，IDC是IDA的一种脚本语言，类似于C语言，系统提供了一些函数和变量，详细信息可以看IDA的帮助。
这个东西的原始作者是AlexSid，我做了一些修改，增加了注释，大家可以在此基础上发挥，增加Undo的功能等等。
使用也很简单，在IDA的文件-〉IDC文件，选择此IDC文件，然后选择VKP文件，制定基地址。就可以了。

#include

// 原始作者： AlexSid
// alexsid@mail.ru
// 修改：coollang

// v0.3b

//如果不想进行实际内容的修改,可以打开此注释,只输出调试信息
//#define DEBUG

#define PATCH_ALWAYS 0 // 1-YES 0-NO

//Flash映射的基地址
#define FF_OFFSET 0xA00000

static main() {

auto ea, ea1, pos, st, st2, f, st_addr, st_old, st_new, addr, b_old, b_new, no_olds, ff_offset;

st=AskFile(0,"*.vkp","选择VKP文件:");
Message("Patch file name: %s\n",st);
f=fopen(st,"r");
if (f==-1)
Message("File open error\n");
else{
ff_offset=FF_OFFSET;
ff_offset = AskAddr(FF_OFFSET, "请输入Flash映射的基地址:");
if(ff_offset == BADADDR)
   Message("无效地址!\n");
Message("Flash映射的基地址: 0x%06X\n",ff_offset);
// 从VKP文件中读出一行
while ((st=readstr(f))!=-1){
// 过滤注释
pos=strstr(st,";");
if (pos>-1){
st2=substr(st, 0, pos);
st=st2;
}
// 如果是系统参数
pos=strstr(st,"#");
if (pos>-1){
st2=substr(st, 0, pos);
st=st2;
}
// 滤去开头的空格
while (strstr(st," ")==0 && strlen(st)>0){
st2=substr(st,1,-1);
st=st2;
}
// 替换换行\t为空格
while ((pos=strstr(st,"\t"))>-1 && strlen(st)>0){
st_old=substr(st,0,pos);
st_new=substr(st,pos+1,-1);
st=st_old+" "+st_new;
}
// 无内容则继续
if (strlen(st)0){
st2=substr(st,1,-1);
st=st2;
}
// 取得原始内容
pos=strstr(st," ");
st_old=substr(st, 0, pos);
st2=substr(st, pos+1, -1);
st=st2;
while (strstr(st," ")==0 && strlen(st)>0){
st2=substr(st,1,-1);
st=st2;
}
// 取得覆盖内容
pos=strstr(st," ");
st2=substr(st,0,pos);
pos=strstr(st2,"\n");
st_new=substr(st2,0,pos);
no_olds=0;
if (strlen(st_new)==0){
no_olds=1;
st_new=st_old;
}
//如果存在原始信息且长度不相等则输出错误信息
if ((strlen(st_old)!=strlen(st_new)) && (no_olds==0)){
Message("Error! %d %d |%s| |%s|\n",strlen(st_old),strlen(st_new),st_old,st_new);
return;
}
// 如果存在原始信息则比较原始内容
while (strlen(st_old)>0){
b_old=0;
if (no_olds==0){
st=substr(st_old,0,2);
b_old=xtol(st);
st2=substr(st_old,2,-1);
st_old=st2;
}
st=substr(st_new,0,2);
b_new=xtol(st);
st2=substr(st_new,2,-1);
st_new=st2;

if (no_olds==0) Message("0x%6X: %02X %02X ", addr, b_old, b_new);
if (no_olds==1) Message("0x%6X: xx %02X ", addr, b_new);
Jump(addr);
if (Byte(addr)==b_new){
Message(" always patched\n");
addr=addr+1;
continue;
}
if ((Byte(addr)!=b_old) && (PATCH_ALWAYS==0) && (no_olds==0)){
// 如果没有原始信息
Message("Warning! old: %02X",Byte(addr));
// 用户选择
pos=AskYN(1,"新旧内容不符！\n是否继续Patch？");
if (pos==-1){
Message("\nStopped!\n");
return;
}
if (pos==1){
#ifndef DEBUG
PatchByte(addr,b_new);
#endif
Message(" Patched\n");}
if (pos==0){
Message(" Skipped\n");
}
} else {
#ifndef DEBUG
PatchByte(addr,b_new);
#endif
Message(" patched\n");
}

#ifndef DEBUG
MakeUnkn(addr,1);
#endif
addr=addr+1;

}

   }
   fclose(f);
}
}

lznoother 发表于 2005-8-11 00:01:00

第一个顶！收藏下，先去看看IDA帮助文件！
idc的脚本语言的确给人似曾相识的感觉，是不是基于C语言开发的？^-^~!

huajia 发表于 2005-8-11 00:02:00

好，成功，省了大力气了，谢谢！！！
能否在更改的地址自动加上注释？

coollang 发表于 2005-8-11 00:03:00

可以，参照我以前发过的解语言包的程序，那个就是在对应地方加注释。
我的想法是，可以把一个Patch里的注释直接放在IDA文件中的对应位置上。
我这算是抛砖引玉了，各种复杂的做法大家可以自己发挥！

KoncaCN 发表于 2005-8-11 00:04:00

刚才试过，已经够好用了。 ^_^

lishenglyx 发表于 2005-8-11 00:05:00

DING！
那么做补丁是不是就可以用C语言写了？

coollang 发表于 2005-8-11 00:06:00

以下是引用lishenglyx在2004-5-15 0:38:45的发言：
DING！
那么做补丁是不是就可以用C语言写了？

这个和补丁的语言无关，不过补丁确实可以用C语言写。
你可以用Tasking，把函数先声明一下，就可以在C语言里调用了，最后联合编译。
Tasking的破解版Mamaich曾经提供过一个，等有了Ftp我传上去！

Pinky 发表于 2005-8-11 00:07:00

咦，以前怎么没注意到这种Script语言，这就回去试试的说~
要谢谢狼大先~

btw：问一下，这种脚本在IDA中有提供调试的环境吗？

coollang 发表于 2005-8-11 00:08:00

还没发现调试环境，我一般都是通过输出信息来调试！

ZiHwA 发表于 2005-8-11 00:09:00

集成的东西，未提供调试。
IDA本来就是静态反编译：）

KoncaCN 发表于 2005-8-11 00:10:00

刚才用IDC文件导入一个文件，处理
27D500:FFFFFFFFFFFFFFFF DC4FD44E02002D32
等较短的还可以，
但处理：
4EDC70:FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF81FFFFFFFFFFFFFFFFFFFFFFF801FFFFFFFFFFFFFFFFFFFFFFC003FFFFFFFFFFFFFFFFFFFFFC0007FFFFFFFFFFFFFFFFFFFFE3F00FFFFFFFFFFFFFFFFFFFFFFFFC1FFFFFF8383FF0FFFFFFFFFFFE3FFFFFF0303FF0FFFFFFFFFFFE7FFFFFE0203010F8022203003EFFFFFFE0002010F0020031001DFFFFFFC00021F0F0C20031041FFFFFFF800423F0F1E218010E1FFFFFFF820C21F000C21C3F0E1FFFFFFF060C201000021C190E1FFFFFFE0E1C301008021E010E1FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF 000000000000000000000000077C0000000000000000000001F740000000000000000000000017402000000000000000000000174060000000000000000000601740A00000000000000000FAE017013FF000977001FFFE00827E0701201000D42000010000A2630701A41000F720000380008FC107032DD000B4200006C000A75D0701241000972001FFFE00825D070125D400000001860600B85D0701A01A00FFE001420A00804107032C1401001001201200BF5D070122A8024A880110220080410701245002E02801084200895D0701A8B0024E88012792009C4107034ED002112801400A00BE630701801002208801800600883E0701FFF001C07001FFFE00EBF00700000000000000000000000007000000000000000000000000070000000000000000000000000700000000000000000000000007000000000000000000000000070300000000000000000000000704877000000000003000C00007048EF80003000000CC00C000070319EC00050000F89400FC0807003FBE00092001051200C6FC0703FFAA001110018D6200828E0702E1C203A15000F88400BABC0703C0E002A1480104CC00BAA80703807002A12800F83000BAA00707003802A1280104000082A00706F81802A12800F801FFFFFF8702D81002A14801047A000000C702A9D003A15000F8840000006702D9D00011100104CC0FFFF06702F9D000092000F87C100010670201D00005000000042000186703FFF0000300000004400018670000000000000000049C07D867000000000000000004801C78670000000000000000049F301867000000000000000004802008670000000000000000049F600C670000000080300004948040046701CFF000C0300009249FC00667014FF807BCD601449480400667014FFC00831002A92480600E6701C140008310022004FFE00C6701414006BD56015FE47FF01C6701414001813000A01C001C78670141400181600020940007DC6707F3E0067DCE00209400000E6706363000018000303C1144E6670224100001000018641B6D106706B51000000000FFFC155500670495100117180000041145106706B51001B4A400494C1144E06744951001548800555400000077441630015724015D5E000000F743E3E0011418009493FFFFFFD7400000000000000001FFFFFF977C0000000000000000000001F700000000000000000000000007FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFDFFFDEFFFC07F843FFFFFFFFFFC0FF841FC1B7FB5BFFFEFAFB1FDFFF6B7FF407FB5BFFFE7272EFDFFF001FF5B7F843FFFEAAAAFC007F7FDFC1B7FFB7FFFEDADAFFDFFFC0FFF407F001FFFEFAFAFFC7FFDEFFF7BFFEF7FFFEFAFAFFD9FFC07FF60FF041FFFEFAFAEFDEFFDF7FF3BFFB5BFFFEFAFB1FDFFFDF7FCFBFFB5BFFFFFFFFFFDFFFC07FF807F843FFFFFFFFFFFFFFFFFFFFFFFFFFFF
等较长的就没有导入。

页: [1]

爱技术's Archiver

[原创]用来在IDA中Patch的IDC文件