-
Notifications
You must be signed in to change notification settings - Fork 0
/
find_mclib.py
120 lines (117 loc) · 3.32 KB
/
find_mclib.py
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
Api_list = {
0x80000000:'mcLib_init',
# tlApi
0:'tlApiNOP',
1:'tlApiGetVersion',
2:'tlApiGetMobicoreVersion',
3:'tlApiGetPlatformInfo',
4:'tlApiExit',
5:'tlApiLogvPrintf',
6:'tlApiWaitNotification',
7:'tlApiNotify',
8:'tlApi_callDriver',
9:'tlApiWrapObjectExt',
10:'tlApiUnwrapObjectExt',
11:'tlApiGetSuid',
12:'tlApiSecSPICmd',
13:'tlApiCrAbort',
14:'tlApiRandomGenerateData',
15:'tlApiGenerateKeyPair',
16:'tlApiCipherInitWithData',
17:'tlApiCipherUpdate',
18:'tlApiCipherDoFinal',
19:'tlApiSignatureInitWithData',
20:'tlApiSignatureUpdate',
21:'tlApiSignatureSign',
22:'tlApiSignatureVerify',
23:'tpiApiMessageDigestInitWithData',
24:'tlApiMessageDigestUpdate',
25:'tlApiMessageDigestDoFinal',
26:'tlApiGetVirtMemType',
27:'tlApiDeriveKey',
28:'tlApiMalloc',
29:'tlApiRealloc',
30:'tlApiFree',
43:'tlApiGetIDs',
83:'tlApiRandomGenerateData_wrap',
84:'tlApiCrash',
85:'tlApiEndorse',
86:'tlApiTuiGetScreenInfo',
87:'tlApiTuiOpenSession',
88:'tlApiTuiCloseSession',
89:'tlApiTuiSetImage',
90:'tlApiTuiGetTouchEvent',
91:'tlApiTuiGetTouchEventsLoop',
92:'tlApiDrmProcessContent',
93:'tlApiDrmOpenSession',
94:'tlApiDrmCloseSession',
95:'tlApiDrmCheckLink',
96:'tlApiDeriveKey_wrapper',
97:'tlApiUnwrapObjectExt_wrapper',
98:'tlApiGetSecureTimestamp',
# drApi
0x1000+0:'drApiGetVersion',
0x1000+1:'drApiExit',
0x1000+2:'drApiMapPhys',
0x1000+3:'drApiUnmap',
0x1000+4:'drApiMapPhysPage4KBWithHardware',
0x1000+5:'drApiMapClient',
0x1000+6:'drApiMapClientAndParams',
0x1000+7:'drApiAddrTranslateAndCheck',
0x1000+8:'drApiGetTaskid',
0x1000+9:'drApiTaskidGetThreadid',
0x1000+10:'drApiGetLocalThreadId',
0x1000+11:'drApiStartThread',
0x1000+12:'drApiStopThread',
0x1000+13:'drApiResumeThread',
0x1000+14:'drApiThreadSleep',
0x1000+15:'drApiSetThreadPriority',
0x1000+16:'drApiIntrAttach',
0x1000+17:'drApiIntrDetach',
0x1000+18:'drApiWaitForIntr',
0x1000+19:'drApiTriggerIntr',
0x1000+20:'drApiIpcWaitForMessage',
0x1000+21:'drApiIpcCallToIPCH',
0x1000+22:'drApiIpcSignal',
0x1000+23:'drApiIpcSigWait',
0x1000+24:'drApiNotify',
0x1000+25:'drApiSystemCtrl',
0x1000+27:'drApiVirt2Phys',
0x1000+28:'drApiCacheDataClean',
0x1000+29:'drApiCacheDataCleanAndInvalidate',
0x1000+30:'drApiNotifyClient',
0x1000+31:'drApiThreadExRegs',
0x1000+32:'drApiInstallFc',
0x1000+33:'drApiIpcUnknownMessage',
0x1000+34:'drApiIpcUnknownException',
0x1000+35:'drApiGetPhysMemType',
0x1000+36:'drApiGetClientRootAndSpId',
0x1000+37:'drApiCacheDataCleanRange',
0x1000+38:'drApiCacheDataCleanAndInvalidateRange',
0x1000+39:'drApiMapPhys64',
0x1000+40:'drApiMapPhys64_2',
0x1000+41:'drApiVirt2Phys64',
0x1000+42:'drApiGetPhysMemType64',
0x1000+43:'drApiUpdateNotificationThread',
0x1000+44:'drApiRestartThread',
0x1000+45:'drApiGetSecureTimestamp',
0x1000+46:'drApiFastCall',
0x1000+47:'drApiGetClientUuid',
0x1000+49:'drApiMapVirtBuf',
0x1000+50:'drApiUnmapPhys2',
0x1000+51:'drApiMapPhys2',
0x1000+52:'drApiUnmapVirtBuf2',
}
mcLibStubs = []
for stub_ref in bv.get_code_refs(0x108c):
mcLibStubs.append(bv.get_functions_containing(stub_ref.address)[0].get_basic_block_at(stub_ref.address))
for stub_bb in mcLibStubs:
for dis in stub_bb.disassembly_text:
tokens = dis.tokens
if tokens[0].text == 'bx' or tokens[0].text == 'blx':
func_num = stub_bb.function.get_reg_value_at(dis.address, 'r0').value
if Api_list.has_key(func_num):
stub_bb.function.name = Api_list[func_num]
else:
print stub_bb
continue