Notepad-Core-RE/analysis_script.py at main · coders908/Notepad-Core-RE · GitHub

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
# @category Analysis.coders
# @author coders
# Automated labeling for Notepad.exe RE project

from ghidra.program.model.symbol import SourceType

def run():
    # Mapping identified addresses to human-readable labels
    labels = {
        0x140001f88: "coders_Security_Entropy_Init",
        0x140008554: "coders_TextBuffer_Struct",
        0x1400117d0: "coders_Main_WndProc",
        0x140008678: "coders_BOM_Detection_Logic"
    }

    program = getCurrentProgram()
    symbolTable = program.getSymbolTable()

    for addr_val, name in labels.items():
        address = toAddr(addr_val)
        symbolTable.createLabel(address, name, SourceType.USER_DEFINED)
        setPreComment(address, "Labeled by coders during deep-dive analysis.")
        print("[+] Applied label: {} at {}".format(name, address))

if __name__ == "__main__":
    run()