IDA label enums - use to label hashes in an dynamic import address table

label_enums.py

#############################################################
##
## Highlight enum data and call label_enums()
##
## Each enum address will be named after the enum value it contains
## This can be used to create an IAT struct
##
###############################################################


def enum_to_string(ea, enum_name):
    enum_id = idc.get_enum(enum_name)
    if enum_id == idc.BADADDR:
        return None 
    enum_value = ida_bytes.get_dword(ea)
    eid = idc.get_enum_member(enum_id, enum_value, 0, 0)
    if eid == idc.BADADDR:
        return None 
    e_str = idc.get_enum_member_name(eid)
    return e_str



def label_enums():
    start = idc.read_selection_start()
    end = idc.read_selection_end()
    if idaapi.BADADDR in (start, end):
        ea = idc.here()
        start = idaapi.get_item_head(ea)
        end = idaapi.get_item_end(ea)
    # Loop through selection and guess types
    ea = start
    types = []
    while ea <= end:
        type_name = idc.guess_type(ea)
        if type_name != None:
            types.append(type_name)
        ea += 4
    # Choose enum based on most common type
    top_type = max(set(types), key = types.count)
    # Check if it's a valid enum
    enum_id = idc.get_enum(top_type)
    if enum_id == idc.BADADDR:
        print("Bad enum found: %s" % top_type)
        return 
    # Loop through selection and label according to enum
    ea = start
    while ea <= end:
        enum_member_name = enum_to_string(ea, top_type)
        if enum_member_name != None:
            idc.set_name(ea, "ptr_"+enum_member_name, idc.SN_CHECK)
        ea += 4
    return