-
-
Save thomasdullien/d4300df43bcd67bdd1b192716897fbad to your computer and use it in GitHub Desktop.
PDB Loading Plugin for binaryninja
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| import os | |
| import threading | |
| import pdbparse | |
| from pdbparse.pe import Sections | |
| from pdbparse.omap import Omap | |
| import binaryninja as bn | |
| def load_pdb_thread(bv): | |
| # PDB file is assumed to be named the same as the file opened and be | |
| # located in the same directory as the file. | |
| # TODO: Verifying the PDB matches the GUID in the binary is an | |
| # exercise left to the user. | |
| pdb_path = os.path.splitext(bv.file.filename)[0] + '.pdb' | |
| pdb = pdbparse.parse(pdb_path) | |
| try: | |
| sections = pdb.STREAM_SECT_HDR_ORIG.sections | |
| except AttributeError as e: | |
| sections = pdb.STREAM_SECT_HDR.sections | |
| gsyms = pdb.STREAM_GSYM | |
| for sym in gsyms.globals: | |
| try: | |
| if sym.symtype == 2: | |
| function_addr = (bv.start + | |
| sym.offset + | |
| sections[sym.segment-1].VirtualAddress) | |
| bv.add_function(function_addr) | |
| func = bv.get_function_at(function_addr) | |
| # Demangle and name the function | |
| if func: | |
| demangled_name = get_qualified_name(demangle_ms(Architecture["x86"], sym.name)[1]) | |
| log.log_info("Mangled: %s" % sym.name) | |
| log.log_info("Demangled: %s" % demangled_name) | |
| func.name = demangled_name | |
| except AttributeError: | |
| pass | |
| bv.update_analysis_and_wait() | |
| def load_pdb(bv): | |
| loader_thread = threading.Thread(target=load_pdb_thread, args=(bv,)) | |
| loader_thread.start() | |
| bn.PluginCommand.register( | |
| 'Load PDB', | |
| 'Load a PDB in the same directory as the binary.', | |
| load_pdb | |
| ) |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment