Still34/resolve-address.py

## resolve-address.py
import ida_idaapi, ida_kernwin, ida_bytes, ida_name
import sys
import random
import re
if sys.version_info.major == 3:
    import tkinter as tk
    from tkinter import filedialog
else:
    import Tkinter, tkFileDialog


# Function to do the actual renaming of the dword
def rename_global_dword(addr, new_name):
    print('Old Name %s' % ida_name.get_name(addr))
    try:
        ida_name.set_name(addr, new_name, ida_name.SN_CHECK)
    except:
        ida_name.set_name(addr, new_name + "_" + str(addr), ida_name.SN_CHECK)
    print('New Name %s' % ida_name.get_name(addr))


def is_ascii(s):
    return all(ord(c) < 128 for c in s)


# Iterate through each line of the text file
if sys.version_info.major == 3:
    root = tk.Tk()
else:
    root = Tkinter.Tk()
root.withdraw()
file_path = tkFileDialog.askopenfilename()
keep_lib_prefix = ida_kernwin.ask_yn(1, "HIDECANCEL\nKeep library prefix?")
with open(file_path, 'r') as f:
    for line in f:
        # Get the address from the first column
        addr = line.split()[0]
        addr_hex = int(addr, 16)

        # Go to that memory location in the UI
        ida_kernwin.jumpto(addr_hex)

        # Get the Comment (DLL + Function Name) from the third column
        api_name = line.split()[3].strip()
        if not is_ascii(api_name):
            print('%s is contains non-ascii string, skipping...' % api_name)
            continue
        if not keep_lib_prefix:
            api_name = re.sub(r'^.*?\.', '', api_name)

        # Make sure the size at that location is a dword

        if ida_bytes.get_item_size(addr_hex) < 4:
            print('Making %i a dword' % addr_hex)
            ida_bytes.create_data(addr_hex, ida_bytes.FF_DWORD, 4,
                                  ida_idaapi.BADADDR)

        # Call our custom function to rename the dword
        rename_global_dword(addr_hex, api_name)
	import ida_idaapi, ida_kernwin, ida_bytes, ida_name
	import sys
	import random
	import re
	if sys.version_info.major == 3:
	import tkinter as tk
	from tkinter import filedialog
	else:
	import Tkinter, tkFileDialog


	# Function to do the actual renaming of the dword
	def rename_global_dword(addr, new_name):
	print('Old Name %s' % ida_name.get_name(addr))
	try:
	ida_name.set_name(addr, new_name, ida_name.SN_CHECK)
	except:
	ida_name.set_name(addr, new_name + "_" + str(addr), ida_name.SN_CHECK)
	print('New Name %s' % ida_name.get_name(addr))


	def is_ascii(s):
	return all(ord(c) < 128 for c in s)


	# Iterate through each line of the text file
	if sys.version_info.major == 3:
	root = tk.Tk()
	else:
	root = Tkinter.Tk()
	root.withdraw()
	file_path = tkFileDialog.askopenfilename()
	keep_lib_prefix = ida_kernwin.ask_yn(1, "HIDECANCEL\nKeep library prefix?")
	with open(file_path, 'r') as f:
	for line in f:
	# Get the address from the first column
	addr = line.split()[0]
	addr_hex = int(addr, 16)

	# Go to that memory location in the UI
	ida_kernwin.jumpto(addr_hex)

	# Get the Comment (DLL + Function Name) from the third column
	api_name = line.split()[3].strip()
	if not is_ascii(api_name):
	print('%s is contains non-ascii string, skipping...' % api_name)
	continue
	if not keep_lib_prefix:
	api_name = re.sub(r'^.*?\.', '', api_name)

	# Make sure the size at that location is a dword

	if ida_bytes.get_item_size(addr_hex) < 4:
	print('Making %i a dword' % addr_hex)
	ida_bytes.create_data(addr_hex, ida_bytes.FF_DWORD, 4,
	ida_idaapi.BADADDR)

	# Call our custom function to rename the dword
	rename_global_dword(addr_hex, api_name)