Exemple #1
0
def disassemble(codeblock):
    '''Disassembles string into a list of instruction tuples'''
    result = []
    code = iter(codeblock)
    try:
        while True:
            result.append( consume(code) )

    except StopIteration:
        pass

    return result
Exemple #2
0
def disassemble(codeblock):
    '''Disassembles string into a list of instruction tuples'''
    result = []
    code = iter(codeblock)
    try:
        while True:
            result.append(consume(code))

    except StopIteration:
        pass

    return result
Exemple #3
0
 def checklist():
     for n in list:
         code = ''.join([chr(int(x,16)) for x in n.split(' ')])
         insn = decoder.consume(code)
         checkinsn()
     return
Exemple #4
0
            print repr(code)
            print repr(insn)
            raise ValueError
        return
    def checklist():
        for n in list:
            code = ''.join([chr(int(x,16)) for x in n.split(' ')])
            insn = decoder.consume(code)
            checkinsn()
        return

    if False:
        code = "55 89 e5 83 ec 08 a1 48 26 05 08 85 c0 74 12 b8 00 00 00 00 85 c0 74 09 c7 04 24 48 26 05 08 ff d0 c9 c3"
        code = ''.join([chr(int(x,16)) for x in code.split(' ')])

        print decoder.consume('\xff\x15\xe0\x11\xde\x77')
    #    import optable
    #    opcode = '\xff'
    #    lookup = optable.Lookup(opcode)
    #    print optable.HasImmediate(lookup)

    #    mov edi, [esp+10]
    #    mov [esp], ebx

    if False:
        code = '8b 7c 24 10| 89 1c 24| 90 90 90 90'.replace('|','')
        code = ''.join([chr(int(x,16)) for x in code.split(' ')])

        x = iter(code)
        print repr(''.join(decoder.consume(x)))
Exemple #5
0
''' lol, i really really wasn't expecting this to turn into a serious disassembler...  '''

import optable,decoder,modrm

# XXX: figure out how to add these explicit imports to the doc output
#      for this module. (without having to use __all__)

from decoder import isprefix,consume,decodeInteger,encodeInteger
lookup = optable.Lookup

# equivalent to decoder.consume(iter(string)) ->
#     (prefix, opcode, modrm, sib, disp, immediate)
decode = lambda string: consume(iter(string))

def extractmodrm(instruction):
    '''Return the (Mod, Reg, r/m) components of an instruction'''
    modrm = getModrm(instruction)
    return decoder.extractmodrm( decodeInteger(modrm) )

def extractsib(instruction):
    '''Returns (scale,index,base) of an instruction'''
    sib = getSib(instruction)
    return decoder.extractsib( decodeInteger(sib) )

def disassemble(codeblock):
    '''Disassembles string into a list of instruction tuples'''
    result = []
    code = iter(codeblock)
    try:
        while True:
            result.append( consume(code) )
Exemple #6
0
 def checklist():
     for n in list:
         code = ''.join([chr(int(x, 16)) for x in n.split(' ')])
         insn = decoder.consume(code)
         checkinsn()
     return
Exemple #7
0
            print(repr(insn))
            raise ValueError
        return

    def checklist():
        for n in list:
            code = ''.join([chr(int(x, 16)) for x in n.split(' ')])
            insn = decoder.consume(code)
            checkinsn()
        return

    if False:
        code = "55 89 e5 83 ec 08 a1 48 26 05 08 85 c0 74 12 b8 00 00 00 00 85 c0 74 09 c7 04 24 48 26 05 08 ff d0 c9 c3"
        code = ''.join([chr(int(x, 16)) for x in code.split(' ')])

        print(decoder.consume(b'\xff\x15\xe0\x11\xde\x77'))
    #    import optable
    #    opcode = b'\xff'
    #    lookup = optable.Lookup(opcode)
    #    print(optable.HasImmediate(lookup))

    #    mov edi, [esp+10]
    #    mov [esp], ebx

    if False:
        code = '8b 7c 24 10| 89 1c 24| 90 90 90 90'.replace('|', '')
        code = ''.join([chr(int(x, 16)) for x in code.split(' ')])

        x = iter(code)
        print(repr(''.join(decoder.consume(x))))
Exemple #8
0
            raise NotImplementedError("arithmetic instruction references esp, but is not yet implemented")
        pass

    if sib:
        scale,index,base = sib.decode(insn)
        if base == 4:
            raise NotImplementedError("read from esp")
        pass
    return 0

if __name__ == '__main__':
    import stack,decoder
    from stack import getDelta

    if False:
        insn = decoder.consume(b'\x6a\xfe')
        print(getDelta(insn))

    if False:
        insn = decoder.consume( [chr(int(x,16)) for x in b'68 88 EA 31 02'.split(b' ')])
        print(getDelta(insn))

    if False:
        # shouldn't work due to lack of sib
        insn = decoder.consume( [chr(int(x,16)) for x in b'64 A1 00 00 00 00'.split(b' ')])
        print(getDelta(insn) == 0)

    if False:
        insn = decoder.consume(b'\x53')
        print(getDelta(insn))
Exemple #9
0
''' lol, i really really wasn't expecting this to turn into a serious disassembler...  '''

import optable, decoder, modrm

# XXX: figure out how to add these explicit imports to the doc output
#      for this module. (without having to use __all__)

from decoder import isprefix, consume, decodeInteger, encodeInteger
lookup = optable.Lookup

# equivalent to decoder.consume(iter(string)) ->
#     (prefix, opcode, modrm, sib, disp, immediate)
decode = lambda string: consume(iter(string))


def extractmodrm(instruction):
    '''Return the (Mod, Reg, r/m) components of an instruction'''
    modrm = getModrm(instruction)
    return decoder.extractmodrm(decodeInteger(modrm))


def extractsib(instruction):
    '''Returns (scale,index,base) of an instruction'''
    sib = getSib(instruction)
    return decoder.extractsib(decodeInteger(sib))


def disassemble(codeblock):
    '''Disassembles string into a list of instruction tuples'''
    result = []
    code = iter(codeblock)
Exemple #10
0
            raise NotImplementedError("arithmetic instruction references esp, but is not yet implemented")
        pass

    if sib:
        scale,index,base = sib.decode(insn)
        if base == 4:
            raise NotImplementedError("read from esp")
        pass
    return 0

if __name__ == '__main__':
    import stack,decoder
    from stack import getDelta

    if False:
        insn = decoder.consume('\x6a\xfe')
        print getDelta(insn)

    if False:
        insn = decoder.consume( [chr(int(x,16)) for x in '68 88 EA 31 02'.split(' ')])
        print getDelta(insn)

    if False:
        # shouldn't work due to lack of sib
        insn = decoder.consume( [chr(int(x,16)) for x in '64 A1 00 00 00 00'.split(' ')])
        print getDelta(insn) == 0

    if False:
        insn = decoder.consume('\x53')
        print getDelta(insn)