Skip to content

Instantly share code, notes, and snippets.

@alexander-hanel

alexander-hanel/enum_add.py

Last active December 7, 2022 00:27
Show Gist options
  • Save alexander-hanel/769f5fc6d95cf05cfcfe2e33380e21ad to your computer and use it in GitHub Desktop.
Save alexander-hanel/769f5fc6d95cf05cfcfe2e33380e21ad to your computer and use it in GitHub Desktop.
Download ZIP
idapython add enum example
Raw
enum_add.py
id = add_enum(-1, "neutrino_cmds", idaapi.decflag())
idc.add_enum_member(id, "CMD_LOADER", 0X69CDCD5D, -1)
idc.add_enum_member(id, "CMD_CMD", 0x796cd5b4, -1)
idc.add_enum_member(id, "CMD_RATE", 0xae839a18, -1
@alexander-hanel
Copy link
Author

alexander-hanel commented Nov 16, 2020
edited 

id = idc.add_enum(-1, "modpipe_cmds", idaapi.hex_flag())
idc.add_enum_member(id, "CMD_EXIT", 1, -1)
idc.add_enum_member(id, "CMD_UPDATE_C2", 5, -1)
idc.add_enum_member(id, "CMD_INJECT_EXECUTE_MODULE", 0x0A, -1)
idc.add_enum_member(id, "CMD_INJECT_EXECUTE_MODULE_PS", 0x0B, -1)
idc.add_enum_member(id, "CMD_INJECT_EXECUTE_MODULE_PS_WRITE", 0x0C, -1)
idc.add_enum_member(id, "CMD_NAMED_PIPE_RESPONSE_C2", 0x0D, -1)
idc.add_enum_member(id, "CMD_UNINSTALL", 0x0E, -1)

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment