本帖最后由 风吹屁屁凉 于 2022-4-27 17:19 编辑
Finger
Finger, a tool for recognizing function symbol.
Overview
Finger is a function symbol recognition engine for binary programs developed by Alibaba Cloud · Cloud Security Technology Lab, which aims to help security researchers identify unknown library functions in a given binary file.
Finger provides two ways to access core APIs of Finger function symbol recognition engine.
Running environment
Now, Finger support python 2.7 and python 3, and requires IDA version >= 7.0.
Finger python SDK
The python version must be the same as your IDAPython version.
pip install finger_sdk
After installing finger python SDK, you can check out the finger/exampls/recognize.py for more information.
Finger IDA Plugin
Copy plugin/finger_plugin.py to your IDA_PATH/plugins path.
upload function
The Finger IDA plugin supports single function, selected function, and all functions recognition. You can recognize function symbols in the menu bar, disassembly window, and function window.
Use Finger IDA plugin in the menu bar:
Use Finger IDA plugin in the disassembly window:
Use Finger IDA plugin in the function window:
function symbol presentation
The successfully recognized function symbols will be highlighted in the disassembly window and function window.
https://sec-lab.aliyun.com/2021/10/15/Finger%EF%BC%9A%E4%B8%80%E6%AC%BE%E5%87%BD%E6%95%B0%E7%AC%A6%E5%8F%B7%E8%AF%86%E5%88%AB%E7%A5%9E%E5%99%A8/
https://github.com/aliyunav/Finger/ |