接收函数起始地址参数验证地址格式后调用服务端 Function 类的 GetFunctionInfo 接口获取指定地址函数的详细信息。from IDAMoles import * if __name__ __main__: configConfig(address127.0.0.1,port8000) client BaseHttpClient(config) info_page Function(config) print(info_page.get_function_info(0x401000))输出JSON格式{ status: success, result: { function_info: { start_address: 4198400, start_address_hex: 0x401000, end_address: 4198672, end_address_hex: 0x401110, size: 272, size_hex: 0x110, frame_id: 21520, frame_id_hex: 0x5410, local_vars_size_bytes: 0, saved_regs_size_bytes: 4096, purged_args_size_bytes: 0, frame_ptr_delta: 44, sp_change_count: 4, reg_var_count: 0, reg_arg_count: 0, tail_count: 0, tail_owner: 21520, tail_owner_hex: 0x5410, tail_ref_count: 0, is_far_func: false, returns: true, sp_analyzed: false, need_prolog_analysis: false, name: _WinMain16 } }, timestamp: 23974296 }get_import_functions调用服务端 Function 类的 GetImportFunctions 接口获取程序中导入函数的列表信息。from IDAMoles import * if __name__ __main__: configConfig(address127.0.0.1,port8000) client BaseHttpClient(config) info_page Function(config) print(info_page.get_import_functions())输出JSON格式{ status: success, result: { import_modules: [ { module_index: 0, module_name: USER32, functions: [ { address: 4202552, address_hex: 0x402038, name: DefWindowProcW, ordinal: 0 }, { address: 4202556, address_hex: 0x40203C, name: BeginPaint, ordinal: 0 }, { address: 4202560, address_hex: 0x402040, name: DestroyWindow, ordinal: 0 } ] } ] }, timestamp: 24135515 }get_function_count调用服务端 Function 类的 GetFunctionCount 接口获取程序中函数的总数。from IDAMoles import * if __name__ __main__: configConfig(address127.0.0.1,port8000) client BaseHttpClient(config) info_page Function(config) print(info_page.get_function_count())输出JSON格式{ status: success, result: { total_functions: 73 }, timestamp: 24214328 }get_function_by_addr接收函数起始地址参数验证地址格式后调用服务端 Function 类的 GetFunctionByAddr 接口根据地址获取对应函数信息。from IDAMoles import * if __name__ __main__: configConfig(address127.0.0.1,port8000) client BaseHttpClient(config) info_page Function(config) print(info_page.get_function_by_addr(0x401000))输出JSON格式{ status: success, result: { function: { name: _WinMain16, start_address: 4198400, start_address_hex: 0x401000, end_address: 4198672, end_address_hex: 0x401110, is_entry: true, is_tail: false, bitness: 32, total_size: 272, visible: true, returns: true, flags: { raw_value: 4198672, FUNC_NORET: false, FUNC_FAR: false, FUNC_LIB: false, FUNC_STATICDEF: false, FUNC_FRAME: true, FUNC_THUNK: false, FUNC_SP_READY: false, FUNC_PROLOG_OK: true }, frame_info: { frame_netnode: 21520, local_vars_size: 0, saved_regs_size: 4096, args_size: 0, frame_delta: 44, color: 0 } } }, timestamp: 24295312 }get_function_by_name接收函数名称参数校验非空后调用服务端 Function 类的 GetFunctionByName 接口根据名称获取对应函数信息。from IDAMoles import * if __name__ __main__: configConfig(address127.0.0.1,port8000) client BaseHttpClient(config) info_page Function(config) print(info_page.get_function_by_name(_WinMain16))输出JSON格式{ status: success, result: { function: { index: 0, name: _WinMain16, start_address: 4198400, start_address_hex: 0x401000, end_address: 4198672, end_address_hex: 0x401110, is_entry: true, is_tail: false, bitness: 32, total_size: 272, visible: true, returns: true, flags: { raw_value: 4198672, FUNC_NORET: false, FUNC_FAR: false, FUNC_LIB: false, FUNC_STATICDEF: false, FUNC_FRAME: true, FUNC_THUNK: false, FUNC_SP_READY: false, FUNC_PROLOG_OK: true }, frame_info: { frame_netnode: 21520, local_vars_size: 0, saved_regs_size: 4096, args_size: 0, frame_delta: 44, color: 0 } } }, timestamp: 24542015 }find_function_by_name接收搜索关键词参数校验非空后调用服务端 Function 类的 FindFunctionByName 接口模糊搜索包含关键词的函数信息。from IDAMoles import * if __name__ __main__: configConfig(address127.0.0.1,port8000) client BaseHttpClient(config) info_page Function(config) print(info_page.find_function_by_name(WinMain))输出JSON格式{ status: success, result: { functions: [ { index: 0, name: _WinMain16, start_address: 4198400, start_address_hex: 0x401000, end_address: 4198672, end_address_hex: 0x0, is_entry: true, is_tail: false, bitness: 32, total_size: 272, visible: true, returns: true, flags: { raw_value: 4198672, FUNC_NORET: false, FUNC_FAR: false, FUNC_LIB: false, FUNC_STATICDEF: false, FUNC_FRAME: true, FUNC_THUNK: false, FUNC_SP_READY: false, FUNC_PROLOG_OK: true }, frame_info: { frame_netnode: 21520, local_vars_size: 0, saved_regs_size: 4096, args_size: 0, frame_delta: 44, color: 0 } }, { index: 54, name: _get_wide_winmain_command_line, start_address: 4202094, start_address_hex: 0x401E6E, end_address: 4202100, end_address_hex: 0x0, is_entry: true, is_tail: false, bitness: 32, total_size: 6, visible: false, returns: true, flags: { raw_value: 4202100, FUNC_NORET: false, FUNC_FAR: false, FUNC_LIB: true, FUNC_STATICDEF: false, FUNC_FRAME: true, FUNC_THUNK: false, FUNC_SP_READY: true, FUNC_PROLOG_OK: true }, frame_info: { frame_netnode: 21696, local_vars_size: 0, saved_regs_size: 7790, args_size: 0, frame_delta: 0, color: 0 } } ], match_count: 2 }, timestamp: 24607906 }