def disassembly(args, opts):
"""
Displays the disassembly for a file
Syntax: disassembly <oid> [--slice=<beg>:<end>]
"""
args, invalid = api.valid_oids(args)
args = api.expand_oids(args)
if not args:
if current_file:
args = [current_file]
else:
raise ShellSyntaxError("Must provide an oid")
start = stop = 0
height = default_height
if "slice" in opts:
start, stop = get_slice(opts)
if "height" in opts:
try:
width = int(opts["height"])
except ValueError:
raise ShellSyntaxError("Invalid height")
mod_opts = {}
if "module" in opts:
mod_opts["module"] = opts["module"]
for oid in args:
disasm = api.get_field("disassembly", [oid], "insns", mod_opts)
#comments = api.get_field("disassembly", [oid], "comments", mod_opts)
functions = api.retrieve("function_extract", oid)
if not functions:
print " No functions found for %s %s" % (name(oid), oid)
continue
fbreaks = get_fbreaks(functions)
system_calls = api.get_field("map_calls", oid, "system_calls")
internal_functions = api.get_field("map_calls", oid, "internal_functions")
function_calls = dict()
if system_calls is None:
print " System calls could not be determined for %s %s" % (name(oid), oid)
else:
function_calls.update(system_calls.items())
if internal_functions is None:
print " Internal functions could not be determined for %s %s" % (name(oid), oid)
else:
function_calls.update(internal_functions.items())
if disasm:
print " Disassembly for %s %s" % (name(oid), oid)
print " -------------------------------------"
print_disassembly(oid, disasm, function_calls, fbreaks, start, stop, height)
print " -------------------------------------"
else:
print " %s could not be disassembled." % name(oid)
def hex_view(args, opts):
"""
Print the hex values of a file and the disassebmly
Syntax: hex_print %<oid> --slice=<start>:<stop> --width=<int> --height=<int> --less
[--module=[linear_disassembler]]
"""
args, invalid = api.valid_oids(args)
args = api.expand_oids(args)
if not args:
if current_file:
args = [current_file]
else:
raise ShellSyntaxError("Must provide an oid or use re_init to set file.")
oid = args[0]
labels = []
new_args = []
mod_opts = {}
if "module" in opts:
mod_opts["module"] = opts["module"]
if "interactive" in opts:
mod_opts["interactive"] = opts["interactive"]
disassm = api.get_field("disassembly", [oid], "insns", mod_opts)
comments = api.get_field("disassembly", [oid], "comments", mod_opts)
if comments:
labels.append(comments)
start = stop = 0
width = default_width
height = default_height
if "slice" in opts:
start, stop = get_slice(opts)
if "width" in opts:
try:
width = int(opts["width"])
except ValueError:
raise ShellSyntaxError("Invalid width")
if "height" in opts:
try:
height = int(opts["height"])
except ValueError:
raise ShellSyntaxError("Invalid height")
less = False
if "less" in opts:
less = True
heatoid = None
if "heatmap" in opts:
heatoid, invalid = api.valid_oids([opts["heatmap"]])
for arg in args: # First separate lables from other items
if isinstance(arg, dict) and "data" not in arg:
labels.append(arg)
else:
new_args.append(arg)
for arg in new_args:
src = api.source(arg)
if isinstance(arg, dict) and "data" in arg: # arg is the output of 'run files <oid>'
print_hex_string(arg["data"], labels, disassm, heatoid, start, stop, width, height, less)
elif isinstance(arg, str) and src and api.exists(src, arg): # oid was passed
data = api.get_field(src, arg, "data")
print_hex_string(data, labels, disassm, heatoid, start, stop, width, height, less)
elif isinstance(arg, str):
print_hex_string(arg, labels, disassm, heatoid, start, stop, width, height, less)
else:
print " - Can't print arg %s" % arg