issuhub.com

Reverse Engineering for Beginners

(avery) #1

CHAPTER 86. ORACLE RDBMS: .SYM-FILES CHAPTER 86. ORACLE RDBMS: .SYM-FILES


// load symbol addresses array

d1=(uint32_t*)malloc (array_size_in_bytes);

assert (d1);

assert (read (h, d1, array_size_in_bytes)==array_size_in_bytes);

// load string offsets array

d2=(uint32_t*)malloc (array_size_in_bytes);

assert (d2);

assert (read (h, d2, array_size_in_bytes)==array_size_in_bytes);

// calculate strings block size

remain=file_len-(8+4)-(cnt*8);

// load strings block

assert (d3=(char*)malloc (remain));

assert (read (h, d3, remain)==remain);

printf ("#include <idc.idc>\n\n");

printf ("static main() {\n");

for (i=0; i<cnt; i++)

printf ("\tMakeName(0x%08X, \"%s\");\n", offset + d1[i], &d3[d2[i]]);

printf ("}\n");

close (h);
free (d1); free (d2); free (d3);
};


Here is an example of its work:


#include <idc.idc>


static main() {
MakeName(0x60351000, "_ax_reg");
MakeName(0x60351080, "_ax_unreg");
MakeName(0x603510F0, "_loaddll");
MakeName(0x60351150, "_wtcsrin0");
MakeName(0x60351160, "_wtcsrin");
MakeName(0x603511C0, "_wtcsrfre");
MakeName(0x603511D0, "_wtclkm");
MakeName(0x60351370, "_wtcstu");
...
}


The example files were used in this example are here:beginners.re.

Free download pdf
Get our desktop app
Company
Features
Documentation
Resources
© ISSUHUB. 2024. All rights reserved.