https://github.com/apachecn-archive/mipsaudit
Science Score: 13.0%
This score indicates how likely this project is to be science-related based on various indicators:
-
○CITATION.cff file
-
✓codemeta.json file
Found codemeta.json file -
○.zenodo.json file
-
○DOI references
-
○Academic publication links
-
○Academic email domains
-
○Institutional organization owner
-
○JOSS paper metadata
-
○Scientific vocabulary similarity
Low similarity (1.0%) to scientific vocabulary
Last synced: 10 months ago
·
JSON representation
Repository
Basic Info
- Host: GitHub
- Owner: apachecn-archive
- Language: Python
- Default Branch: master
- Size: 233 KB
Statistics
- Stars: 0
- Watchers: 1
- Forks: 0
- Open Issues: 0
- Releases: 0
Created about 3 years ago
· Last pushed about 3 years ago
Metadata Files
Readme
Funding
README.md
IDAPython mipsAudit
简介
这是一个简单的IDAPython脚本。
进一步来说是MIPS静态汇编审计辅助脚本。
可能会有bug,欢迎大家完善。
功能
辅助脚本功能如下:
找到危险函数的调用处,并且高亮该行(也可以下断点,这个需要自己去源码看吧)
给参数赋值处加上注释
最后以表格的形式输出函数名,调用地址,参数,还有当前函数的缓冲区大小
大家双击addr那一列的地址,即可跳到对应的地址处


审计的危险函数如下
```
dangerous_functions = [
"strcpy",
"strcat",
"sprintf",
"read",
"getenv"
]
attention_function = [ "memcpy", "strncpy", "sscanf", "strncat", "snprintf", "vprintf", "printf" ]
commandexecutionfunction = [ "system", "execve", "popen", "unlink" ] ```
使用
File - Script file

选择mipsAudit.py

即可看到效果

双击地址即可跳到对应的代码处

Owner
- Name: ApacheCN 归档
- Login: apachecn-archive
- Kind: organization
- Email: wizard.z@qq.com
- Repositories: 180
- Profile: https://github.com/apachecn-archive
防止重要项目丢失而设立的归档