-
-
Save masagrator/f21a0bb7b882b509c34beba7d2258b5d to your computer and use it in GitHub Desktop.
ghidra script for read script.py from Il2CppDumper - confirmed working with 5.1.0
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # -*- coding: utf-8 -*- | |
| import ghidra.program.model.symbol.SourceType | |
| import re | |
| functionManager = currentProgram.getFunctionManager() | |
| #minAddress = currentProgram.getMinAddress() | |
| baseAddress = currentProgram.getImageBase() | |
| USER_DEFINED = ghidra.program.model.symbol.SourceType.USER_DEFINED | |
| index = 1 | |
| def _convert_arg_addr(arg): | |
| return baseAddress.add(int(arg, 0)) | |
| def _convert_arg_string(arg): | |
| if arg.startswith('r'): | |
| return arg[2:-1] # remove prefix 'r' and quote | |
| return arg[1:-1] # remove quote | |
| def do_idc_set_cmt(arg1, arg2): | |
| addr = _convert_arg_addr(arg1) | |
| text = _convert_arg_string(arg2) | |
| setEOLComment(addr, text) | |
| def do_SetName(arg1, arg2): | |
| addr = _convert_arg_addr(arg1) | |
| name = _convert_arg_string(arg2) | |
| createLabel(addr, name, True, USER_DEFINED) | |
| def do_SetString(arg1, arg2): | |
| addr = _convert_arg_addr(arg1) | |
| text = _convert_arg_string(arg2) | |
| global index | |
| name = "StringLiteral_" + str(index); | |
| createLabel(addr, name, True, USER_DEFINED) | |
| setEOLComment(addr, text) | |
| index += 1 | |
| def do_MakeFunction(arg1, arg2): | |
| addr = _convert_arg_addr(arg1) | |
| addr2 = _convert_arg_addr(arg2) | |
| body = createAddressSet() | |
| body.addRange(addr, addr2.subtract(1)) | |
| func = functionManager.getFunctionAt(addr) | |
| if func is None: | |
| try: | |
| #func = functionManager.createFunction(None, addr, body, USER_DEFINED) | |
| # many of MakeFunction body range is wrong. just use function entry point and let ghidra find the boundary | |
| func = createFunction(addr, None) | |
| except: | |
| pass | |
| else: | |
| oldBody = func.getBody() | |
| if not oldBody.hasSameAddresses(body): | |
| # no update body range info. info from dump script.py might be wrong | |
| #print('Function {} has different body address range'.format(func.getName(True))) | |
| pass | |
| f = askFile("script.py from Il2cppdumper", "Open") | |
| for line in file(f.absolutePath): | |
| match = re.search(r"^([\w+\.]+)\((\w+),\s*(.*)\)$", line) | |
| if match: | |
| name, arg1, arg2 = match.groups() | |
| res = globals()['do_'+name.replace('.', '_')](arg1, arg2.replace(' ', '-')) |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment