shroom-ida-scripts/zapi_ida.py at main · jon-zu/shroom-ida-scripts · GitHub

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
from __future__ import annotations
from pathlib import Path

import ida_kernwin
import idc
import ida_typeinf
import ida_bytes


ZAPI_HEADER = Path(__file__).parent / "headers/zapi.h"
ZAPI_STRUCT_NAME = "_ZAPIProcAddress"


def get_by_name(name: str) -> int | None:
	addr = idc.get_name_ea_simple(name)
	if addr == idc.BADADDR:
		return None
	return addr


def main() -> None:
	zapi = get_by_name("ZAPI")
	if zapi is None:
		ida_kernwin.msg("[zapi_ida] ZAPI symbol not found\n")
		return
	with open(ZAPI_HEADER, "r") as f:
		header_content = f.read()
	ida_typeinf.idc_parse_types(header_content,  ida_typeinf.HTI_PAKDEF | ida_typeinf.HTI_DCL)
	tif = ida_typeinf.tinfo_t()
	if not tif.get_named_type(None, ZAPI_STRUCT_NAME):
		ida_kernwin.msg("[zapi_ida] Failed to get type info for _ZAPIProcAddress\n")
		return

    #print type id and size
	ida_kernwin.msg(f"[zapi_ida] _ZAPIProcAddress type id: {tif.get_tid()}, size: {tif.get_size()}\n")
	ida_bytes.del_items(zapi, ida_bytes.DELIT_SIMPLE, 0)
	ida_typeinf.apply_tinfo(zapi, tif, ida_typeinf.TINFO_DEFINITE)

if __name__ == "__main__":
	main()