from time import sleep
from avatar2 import Avatar, ARMV7M, OpenOCDTarget, PandaTarget
avatar = Avatar(arch=ARMV7M, output_directory='/tmp/panda_rr')
avatar.load_plugin('orchestrator')
nucleo = avatar.add_target(OpenOCDTarget,
openocd_script='nucleo-l152re.cfg',
gdb_executable="arm-none-eabi-gdb",
gdb_port=1234)
panda = avatar.add_target(PandaTarget,
executable='panda/qemu-system-arm',
gdb_executable="arm-none-eabi-gdb",
gdb_port=1235)
rom = avatar.add_memory_range(0x08000000,
0x1000000,
'rom',
file='firmware.bin')
ram = avatar.add_memory_range(0x20000000, 0x14000, 'ram')
mmio = avatar.add_memory_range(0x40000000,
0x1000000,
'mmio',
forwarded=True,
forwarded_to=nucleo)
avatar.init_targets()
avatar.start_target = nucleo
from avatar2 import Avatar, ARMV7M, OpenOCDTarget
from IPython import embed
main_addr = 0xD270
avatar = Avatar(output_directory='/tmp/harvey', arch=ARMV7M)
avatar.load_plugin('assembler')
t = avatar.add_target(OpenOCDTarget,
openocd_script='plc.cfg',
gdb_executable='arm-none-eabi-gdb')
t.init()
t.set_breakpoint(main_addr)
t.cont()
t.wait()
t.inject_asm('b 0x2000250E', addr=0x20001E2E)
t.inject_asm('mov r5,0xfffffffc\n b 0x20001E30', addr=0x2000250E)
t.inject_asm('b 0x20002514', addr=0x20002338)
t.inject_asm('mov r5,0xfffffffd\n mov r4, r5 \n mov r5, 0\nb 0x2000233E',
addr=0x20002514)
t.cont()
embed()