I am working on the problem that extracts constant numbers and constant strings using IDApython.
It seems that I can use
idautil.Strings()
to extract constant strings. But how about constant numbers?
Could anyone give me some ideas? Thanks!
Asked
Active
Viewed 287 times
1
-
Constant numbers are often directly encoded into the assembler code. Therefore you have to walk through all the assembler code and check them for constants. – Robert Mar 05 '19 at 19:40
-
@Robert,thank you for replying. However, how can I distinguish 8 in the assembler code of "#define A 8" from that of "int b=8;" ? – vegdog Mar 06 '19 at 11:12
-
Why distinguish both cases 8 is 8, no matter where and how it is used. Anyway in IDA you will not find `#define A 8" `. – Robert Mar 06 '19 at 12:00
-
@Robert, yeah, hmmmm, I mean that "A" will be replaced as 8("mov esi, 8") and the assembler code of "int b=8;" may be looked like "mov dword [var_44h], 8". How can I know that 8 in "int b=8;" is not a constant number? Of course variable b's value can be any number. – vegdog Mar 06 '19 at 13:20
-
@Robert, Oh wait, do I mix the meaning of constant in C language and Assembly language? – vegdog Mar 06 '19 at 13:22
-
Yes. But you have neither C not assembly language in IDA, just the disassembled commands. – Robert Mar 06 '19 at 13:47
-
@Robert,Ok, thank you Robert, I think I should have a good look at the paper and find out what the meaning of "numeric constants" is. – vegdog Mar 06 '19 at 14:07