Python command-line functions for IDA (The Interactive Disassembler) to aid in finding identical symbols and their addresses across different builds of an executable
Import the plugin into IDA, e.g. by placing the folder portaddr into the subdirectory python in the IDA install
directory.
Import the package from the IDAPython command-line with
>>> import portaddr as paRun the functions from command-line.
The functions are useful, when porting a set of addresses from one build executable to another.
Find the symbol of a specific address in memory in executable A.
>>> pa.find.name(0x7A2F44)
Info(name='_printf', uid='_printf', addr='0x7A2F44', offset='8')(Using pa.find.encode instead, copies "_printf+8" into the clipboard for convenience)
Find the corresponding address in memory in executable B.
>>> pa.find.decode('_printf+8', clipboard=False)
_printf = 8007492; //0x7A2F44For a collection of addresses, the batch functions pa.find.batch_encode and pa.find.batch_decode are useful.
- IDA with the IDAPython plugin (Python 2.7.18), specifically the Python package
idaapi - pyperclip (1.8.2)