📄 bulkbpt.cpp
字号:
#include <ida.hpp>
#include <idp.hpp>
#include <loader.hpp>
#include <dbg.hpp>
ea_t start_ea = 0;
ea_t end_ea = 0;
int idaapi trace_handler(void *udata, int dbg_event_id, va_list va)
{
regval_t esp, eip;
get_reg_val("esp", &esp);
get_reg_val("eip", &eip);
if (dbg_event_id == dbg_trace) {
if (eip.ival > start_ea && eip.ival < end_ea)
msg("ESP = %a (%a)\n", esp.ival, eip.ival);
}
return 0;
}
int IDAP_init(void)
{
hook_to_notification_point(HT_DBG, trace_handler, NULL);
return PLUGIN_KEEP;
}
void IDAP_term(void)
{
unhook_from_notification_point(HT_DBG, trace_handler, NULL);
return;
}
void IDAP_run(int arg)
{
askaddr(&start_ea, "Start Address:");
askaddr(&end_ea, "End Address:");
request_run_to(inf.startIP);
request_enable_step_trace();
run_requests();
}
// These are actually pointless because we'll be overriding them
// in plugins.cfg
char IDAP_comment[] = "Snap Tracer";
char IDAP_help[] = "Allow tracing only between user specified addresses\n";
char IDAP_name[] = "Snap Tracer";
char IDAP_hotkey[] = "Alt-I";
plugin_t PLUGIN =
{
IDP_INTERFACE_VERSION,
0,
IDAP_init,
IDAP_term,
IDAP_run,
IDAP_comment,
IDAP_help,
IDAP_name,
IDAP_hotkey
};
⌨️ 快捷键说明
复制代码
Ctrl + C
搜索代码
Ctrl + F
全屏模式
F11
切换主题
Ctrl + Shift + D
显示快捷键
?
增大字号
Ctrl + =
减小字号
Ctrl + -