Last active
May 13, 2025 00:47
-
-
Save NWPlayer123/ed24b3671d0290ca8a3a13d735cfd33e to your computer and use it in GitHub Desktop.
IDAPython script to create strings the way I like, just do W at the base of a string, only tested on IDA7
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # Press W, creates string there, creates align/word, renames to a non-conflicting name | |
| import idaapi, idc, inspect | |
| from io import BytesIO | |
| def get_selected_bytes(): | |
| #BOOL multiple, start, end | |
| selected = idaapi.read_selection() | |
| curr_ea = idc.get_screen_ea() | |
| return [selected, curr_ea] | |
| def getstr(f): | |
| ret = b"";char = f.read(1) | |
| while char != b"\x00": | |
| ret += char | |
| char = f.read(1) | |
| return ret | |
| def do_clean(): | |
| selected, curr_ea = get_selected_bytes() | |
| if selected[0] == True: #selected range | |
| curr_ea = selected[1] | |
| while curr_ea < selected[2]: | |
| if curr_ea % 4: #align | |
| curr_ea += (4 - (curr_ea % 4)) | |
| #if a string is bigger than 512 bytes we're in trouble | |
| f = BytesIO(idc.get_bytes(curr_ea, 512)) | |
| string = getstr(f) | |
| idc.create_strlit(curr_ea, curr_ea + len(string)) | |
| set_name(curr_ea, "str_%08X" % curr_ea) | |
| curr_ea += len(string) | |
| align = 0 | |
| if curr_ea % 4: | |
| create_align(curr_ea, (4 - (curr_ea % 4)), 2) | |
| curr_ea += (4 - (curr_ea % 4)) | |
| else: | |
| create_dword(curr_ea) | |
| curr_ea += 4 | |
| else: #just do it once | |
| if curr_ea % 4: #align | |
| curr_ea += (4 - (curr_ea % 4)) | |
| #if a string is bigger than 512 bytes we're in trouble | |
| f = BytesIO(idc.get_bytes(curr_ea, 512)) | |
| string = getstr(f) | |
| idc.create_strlit(curr_ea, curr_ea + len(string)) | |
| set_name(curr_ea, "str_%08X" % curr_ea) | |
| curr_ea += len(string) | |
| align = 0 | |
| if curr_ea % 4: | |
| create_align(curr_ea, (4 - (curr_ea % 4)), 2) | |
| curr_ea += (4 - (curr_ea % 4)) | |
| else: | |
| create_dword(curr_ea) | |
| curr_ea += 4 | |
| def load_hotkeys(): | |
| # https://gist.github.com/bNull/6003874 | |
| ENABLED_HOTKEYS = [("W", do_clean)] | |
| for func in ENABLED_HOTKEYS: | |
| func_name = inspect.getmembers(func[1])[-1][1] | |
| if idaapi.add_hotkey(func[0], func[1]): | |
| print "[+] Bound %s to %s" % (func_name, func[0]) | |
| else: | |
| print "[-] Error: Unable to bind %s to %s" % (func_name, func[0]) | |
| load_hotkeys() |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment