def test_class():
address = 0x80001000
for (arch, mode, code, comment) in all_tests:
print("Platform: %s" % comment)
print("Code: %s " % to_hex(code))
print("Disasm:")
try:
md = Cs(arch, mode)
md.detail = True
for i in md.disasm(code, address):
print("0x%x:\t%s\t%s" % (i.address, i.mnemonic, i.op_str))
if i.pop > 0:
print("\tPop: %u" % i.pop)
if i.push > 0:
print("\tPush: %u" % i.push)
if i.fee > 0:
print("\tGas fee: %u" % i.fee)
if len(i.groups) > 0:
print("\tGroups: ", end=''),
for m in i.groups:
print("%s " % i.group_name(m), end=''),
print()
except CsError as e:
print("ERROR: %s" % e.__str__())
def test_class():
for (arch, mode, code, comment, syntax) in all_tests:
print('*' * 16)
print("Platform: %s" %comment)
print("Code: %s" % to_hex(code))
print("Disasm:")
try:
md = Cs(arch, mode)
if syntax != 0:
md.syntax = syntax
md.skipdata = True
# Default "data" instruction's name is ".byte". To rename it to "db", just uncomment
# the code below.
# md.skipdata_setup = ("db", None, None)
# NOTE: This example ignores SKIPDATA's callback (first None) & user_data (second None)
# To customize the SKIPDATA callback, uncomment the line below.
# md.skipdata_setup = (".db", CS_SKIPDATA_CALLBACK(testcb), None)
for insn in md.disasm(code, 0x1000):
#bytes = binascii.hexlify(insn.bytes)
#print("0x%x:\t%s\t%s\t// hex-code: %s" %(insn.address, insn.mnemonic, insn.op_str, bytes))
print("0x%x:\t%s\t%s" % (insn.address, insn.mnemonic, insn.op_str))
print("0x%x:" % (insn.address + insn.size))
print
except CsError as e:
print("ERROR: %s" % e)
def test_class():
for (arch, mode, code, comment, syntax) in all_tests:
print('*' * 16)
print("Platform: %s" %comment)
print("Code: %s" % to_hex(code))
print("Disasm:")
try:
md = Cs(arch, mode)
if syntax != 0:
md.syntax = syntax
md.skipdata = True
# Default "data" instruction's name is ".byte". To rename it to "db", just uncomment
# the code below.
# md.skipdata_setup = ("db", None, None)
# NOTE: This example ignores SKIPDATA's callback (first None) & user_data (second None)
# To customize the SKIPDATA callback, uncomment the line below.
# md.skipdata_setup = (".db", CS_SKIPDATA_CALLBACK(testcb), None)
for insn in md.disasm(code, 0x1000):
#bytes = binascii.hexlify(insn.bytes)
#print("0x%x:\t%s\t%s\t// hex-code: %s" %(insn.address, insn.mnemonic, insn.op_str, bytes))
print("0x%x:\t%s\t%s" % (insn.address, insn.mnemonic, insn.op_str))
print("0x%x:" % (insn.address + insn.size))
print
except CsError as e:
print("ERROR: %s" % e)
def test_cs_disasm_quick():
for (arch, mode, code, comment, syntax) in all_tests:
print('*' * 40)
print("Platform: %s" % comment)
print("Disasm:"),
print(to_hex(code))
for (addr, size, mnemonic, op_str) in cs_disasm_lite(arch, mode, code, 0x1000):
print("0x%x:\t%s\t%s" % (addr, mnemonic, op_str))
print()
def test_cs_disasm_quick():
for arch, mode, code, comment, syntax in all_tests:
print('*' * 40)
print("Platform: %s" % comment)
print("Disasm:"),
print(to_hex(code))
for insn in cs_disasm_quick(arch, mode, code, 0x1000):
print("0x%x:\t%s\t%s" % (insn.address, insn.mnemonic, insn.op_str))
print()
def test_cs_disasm_quick():
for (arch, mode, code, comment, syntax) in all_tests:
print('*' * 40)
print("Platform: %s" % comment)
print("Disasm:"),
print(to_hex(code))
for (addr, size, mnemonic, op_str) in cs_disasm_lite(arch, mode, code, 0x1000):
print("0x%x:\t%s\t%s" % (addr, mnemonic, op_str))
print()
def test_cs_disasm_quick():
for arch, mode, code, comment, syntax in all_tests:
print('*' * 40)
print("Platform: %s" % comment)
print("Disasm:"),
print(to_hex(code))
for insn in cs_disasm_quick(arch, mode, code, 0x1000):
print("0x%x:\t%s\t%s" % (insn.address, insn.mnemonic, insn.op_str))
print()
def main():
for (arch, mode, code, comment) in all_tests:
print("*" * 16)
print("Platform: %s" % comment)
print("Code: %s" % to_hex(code))
print("Disasm:")
try:
md = Cs(arch, mode)
md.detail = True
print_mips(md)
print_vmCode(md)
print_SecCode(md)
except CsError as e:
print("ERROR: %s" % e)
def test_class():
print("*" * 16)
print("Platform: %s" % "MOS65XX")
print("Code: %s" % to_hex(MOS65XX_CODE))
print("Disasm:")
try:
md = Cs(CS_ARCH_MOS65XX, 0)
md.detail = True
for insn in md.disasm(MOS65XX_CODE, 0x1000):
print_insn_detail(insn)
print()
print("0x%x:\n" % (insn.address + insn.size))
except CsError as e:
print("ERROR: %s" % e)
def test_class():
print("*" * 16)
print("Platform: %s" % "MOS65XX")
print("Code: %s" % to_hex(MOS65XX_CODE))
print("Disasm:")
try:
md = Cs(CS_ARCH_MOS65XX, 0)
md.detail = True
for insn in md.disasm(MOS65XX_CODE, 0x1000):
print_insn_detail(insn)
print()
print("0x%x:\n" % (insn.address + insn.size))
except CsError as e:
print("ERROR: %s" % e)
def test_class():
for (arch, mode, code, comment) in all_tests:
print("*" * 16)
print("Platform: %s" % comment)
print("Code: %s" % to_hex(code))
print("Disasm:")
try:
md = Cs(arch, mode)
md.detail = True
for insn in md.disasm(code, 0x1000):
print_insn_detail(insn)
print()
print("0x%x:\n" % (insn.address + insn.size))
except CsError as e:
print("ERROR: %s" % e)
def test_class():
for (arch, mode, code, comment) in all_tests:
print("*" * 16)
print("Platform: %s" % comment)
print("Code: %s" % to_hex(code))
print("Disasm:")
try:
md = Cs(arch, mode)
md.detail = True
for insn in md.disasm(code, 0x1000):
print_insn_detail(insn)
print ()
print("0x%x:\n" % (insn.address + insn.size))
except CsError as e:
print("ERROR: %s" %e)
def test_class():
for (arch, mode, code, comment, syntax) in all_tests:
print("*" * 16)
print("Platform: %s" % comment)
print("Code: %s" % to_hex(code))
print("Disasm:")
try:
md = Cs(arch, mode)
if syntax is not None:
md.syntax = syntax
md.detail = True
for insn in md.disasm(code, 0x1000):
print_insn_detail(insn)
print()
except CsError as e:
print("ERROR: %s" % e)
def test_class():
for (arch, mode, code, comment, syntax) in all_tests:
print("*" * 16)
print("Platform: %s" % comment)
print("Code: %s" % to_hex(code))
print("Disasm:")
try:
md = Cs(arch, mode)
if syntax:
md.syntax = syntax
md.detail = True
for insn in md.disasm(code, 0x1000):
print_insn_detail(insn)
print()
except CsError as e:
print("ERROR: %s" % e)
def test_class():
for (arch, mode, code, comment, syntax) in all_tests:
print('*' * 16)
print("Platform: %s" % comment)
print("Code: %s" % to_hex(code))
print("Disasm:")
try:
md = Cs(arch, mode)
if syntax is not None:
md.syntax = syntax
md.skipdata = True
# Default "data" instruction's name is ".byte". To rename it to "db", just use
# the code below.
md.skipdata_setup = ("db", None, None)
# NOTE: This example ignores SKIPDATA's callback (first None) & user_data (second None)
# Can also use dedicated setter
#md.skipdata_mnem = 'db'
# To customize the SKIPDATA callback, use the line below.
#md.skipdata_setup = (".db", testcb, None)
# Or use dedicated setter with custom parameter
#md.skipdata_callback = (testcb, 42)
# Or provide just a function
#md.skipdata_callback = testcb
# Note that reading this property will always return a tuple
#assert md.skipdata_callback == (testcb, None)
for insn in md.disasm(code, 0x1000):
#bytes = binascii.hexlify(insn.bytes)
#print("0x%x:\t%s\t%s\t// hex-code: %s" %(insn.address, insn.mnemonic, insn.op_str, bytes))
print("0x%x:\t%s\t%s" %
(insn.address, insn.mnemonic, insn.op_str))
print("0x%x:" % (insn.address + insn.size))
print
except CsError as e:
print("ERROR: %s" % e)
def test_class():
for (arch, mode, code, comment, syntax) in all_tests:
print('*' * 16)
print("Platform: %s" %comment)
print("Code: %s" % to_hex(code))
print("Disasm:")
try:
md = Cs(arch, mode)
if syntax is not None:
md.syntax = syntax
md.skipdata = True
# Default "data" instruction's name is ".byte". To rename it to "db", just use
# the code below.
md.skipdata_setup = ("db", None, None)
# NOTE: This example ignores SKIPDATA's callback (first None) & user_data (second None)
# Can also use dedicated setter
#md.skipdata_mnem = 'db'
# To customize the SKIPDATA callback, use the line below.
#md.skipdata_setup = (".db", testcb, None)
# Or use dedicated setter with custom parameter
#md.skipdata_callback = (testcb, 42)
# Or provide just a function
#md.skipdata_callback = testcb
# Note that reading this property will always return a tuple
#assert md.skipdata_callback == (testcb, None)
for insn in md.disasm(code, 0x1000):
#bytes = binascii.hexlify(insn.bytes)
#print("0x%x:\t%s\t%s\t// hex-code: %s" %(insn.address, insn.mnemonic, insn.op_str, bytes))
print("0x%x:\t%s\t%s" % (insn.address, insn.mnemonic, insn.op_str))
print("0x%x:" % (insn.address + insn.size))
print
except CsError as e:
print("ERROR: %s" % e)
def test_class():
CODE = X86_CODE64.decode("hex")
# f = open("X86_CODE64.txt", 'w')
# f.write(CODE)
# f.close()
all_tests = ((CS_ARCH_X86, CS_MODE_64, CODE, "X86 64 (Intel syntax)",
None), )
for (arch, mode, code, comment, syntax) in all_tests:
print("Code: %s" % to_hex(code))
try:
md = Cs(arch, mode)
md.detail = True
if syntax is not None:
md.syntax = syntax
for insn in md.disasm(code, 0x1000):
print_insn_detail(mode, insn)
except CsError as e:
print("ERROR: %s" % e)
def test_class():
address = 0x01000
for (arch, mode, code, comment) in all_tests:
print("*" * 16)
print("Platform: %s" % comment)
print("Code: %s " % to_hex(code))
print("Disasm:")
try:
md = Cs(arch, mode)
md.detail = True
last_address = 0
for insn in md.disasm(code, address):
last_address = insn.address + insn.size
print("0x%x:\t%s\t%s" % (insn.address, insn.mnemonic, insn.op_str))
print_insn_detail(insn)
print("0x%x:\n" % (last_address))
except CsError as e:
print("ERROR: %s" % e.__str__())
def test_class():
for (arch, mode, code, comment, syntax) in all_tests:
print('*' * 16)
print("Platform: %s" % comment)
print("Code: %s" % to_hex(code))
print("Disasm:")
try:
md = Cs(arch, mode)
if syntax is not None:
md.syntax = syntax
for (addr, size, mnemonic, op_str) in md.disasm_lite(code, 0x1000):
print("0x%x:\t%s\t%s" % (addr, mnemonic, op_str))
print("0x%x:" % (addr + size))
print()
except CsError as e:
print("ERROR: %s" % e)
def test_class():
CODE = X86_CODE64.decode("hex")
# f = open("X86_CODE64.txt", 'w')
# f.write(CODE)
# f.close()
all_tests = (
(CS_ARCH_X86, CS_MODE_64, CODE, "X86 64 (Intel syntax)", None),
)
for (arch, mode, code, comment, syntax) in all_tests:
print("Code: %s" % to_hex(code))
try:
md = Cs(arch, mode)
md.detail = True
if syntax is not None:
md.syntax = syntax
for insn in md.disasm(code, 0x1000):
print_insn_detail(mode, insn)
except CsError as e:
print("ERROR: %s" % e)
def test_class():
address = 0x01000
for (arch, mode, code, comment) in all_tests:
print("*" * 16)
print("Platform: %s" % comment)
print("Code: %s " % to_hex(code))
print("Disasm:")
try:
md = Cs(arch, mode)
md.detail = True
last_address = 0
for insn in md.disasm(code, address):
last_address = insn.address + insn.size
print("0x%x:\t%s\t%s" % (insn.address, insn.mnemonic, insn.op_str))
print_insn_detail(insn)
print("0x%x:\n" % (last_address))
except CsError as e:
print("ERROR: %s" % e.__str__())
def test_class():
for (arch, mode, code, comment, syntax) in all_tests:
print('*' * 16)
print("Platform: %s" % comment)
print("Code: %s" % to_hex(code))
print("Disasm:")
try:
md = Cs(arch, mode)
if syntax is not None:
md.syntax = syntax
for (addr, size, mnemonic, op_str) in md.disasm_lite(code, 0x1000):
print("0x%x:\t%s\t%s" % (addr, mnemonic, op_str))
print("0x%x:" % (addr + size))
print()
except CsError as e:
print("ERROR: %s" % e)
def test_class():
for arch, mode, code, comment, syntax in all_tests:
print('*' * 16)
print("Platform: %s" % comment)
print("Code: %s" % to_hex(code))
print("Disasm:")
try:
md = Cs(arch, mode)
if syntax != 0:
md.syntax = syntax
for insn in md.disasm(code, 0x1000):
# bytes = binascii.hexlify(insn.bytes)
# print("0x%x:\t%s\t%s\t// hex-code: %s" %(insn.address, insn.mnemonic, insn.op_str, bytes))
print("0x%x:\t%s\t%s" % (insn.address, insn.mnemonic, insn.op_str))
print("0x%x:" % (insn.address + insn.size))
print()
except CsError as e:
print("ERROR: %s" % e)
def test_class():
for arch, mode, code, comment, syntax in all_tests:
print('*' * 16)
print("Platform: %s" % comment)
print("Code: %s" % to_hex(code))
print("Disasm:")
try:
md = Cs(arch, mode)
if syntax != 0:
md.syntax = syntax
for insn in md.disasm(code, 0x1000):
# bytes = binascii.hexlify(insn.bytes)
# print("0x%x:\t%s\t%s\t// hex-code: %s" %(insn.address, insn.mnemonic, insn.op_str, bytes))
print("0x%x:\t%s\t%s" % (insn.address, insn.mnemonic, insn.op_str))
print("0x%x:" % (insn.address + insn.size))
print()
except CsError as e:
print("ERROR: %s" % e)
def test_class():
# X86_CODE64 = b"\x66\x2e\x0f\x1f\x84\x00\x00\x00\x00\x00"
#X86_CODE64 =\x41\x55\x41\x54"
# # X86_CODE16 = b"\x8d\x4c\x32\x08\x01\xd8\x81\xc6\x34\x12\x00\x00\x05\x23\x01\x00\x00\x36\x8b\x84\x91\x23\x01\x00\x00\x41\x8d\x84\x39\x89\x67\x00\x00\x8d\x87\x89\x67\x00\x00\xb4\xc6\x66\xe9\xb8\x00\x00\x00\x67\xff\xa0\x23\x01\x00\x00\x66\xe8\xcb\x00\x00\x00\x74\xfc"
# # X86_CODE32 = b"\x8d\x4c\x32\x08\x01\xd8\x81\xc6\x34\x12\x00\x00\x05\x23\x01\x00\x00\x36\x8b\x84\x91\x23\x01\x00\x00\x41\x8d\x84\x39\x89\x67\x00\x00\x8d\x87\x89\x67\x00\x00\xb4\xc6\xe9\xea\xbe\xad\xde\xff\xa0\x23\x01\x00\x00\xe8\xdf\xbe\xad\xde\x74\xff"
all_tests = [
# # (CS_ARCH_X86, CS_MODE_16, X86_CODE16, "X86 16bit (Intel syntax)", None),
# # (CS_ARCH_X86, CS_MODE_32, X86_CODE32, "X86 32 (AT&T syntax)", CS_OPT_SYNTAX_ATT),
# # (CS_ARCH_X86, CS_MODE_32, X86_CODE32, "X86 32 (Intel syntax)", None),
(CS_ARCH_X86, CS_MODE_64, b"\x48\x89\xe7", "X86 64 (Intel syntax)", None),
(CS_ARCH_X86, CS_MODE_64, b"\xe8\x00\x00\x0d\x78", "X86 64 (Intel syntax)", None),
(CS_ARCH_X86, CS_MODE_64, b"\x55", "X86 64 (Intel syntax)", None),
(CS_ARCH_X86, CS_MODE_64, b"\x48\x89\xe5", "X86 64 (Intel syntax)", None),
(CS_ARCH_X86, CS_MODE_64, b"\x41\x57", "X86 64 (Intel syntax)", None),
(CS_ARCH_X86, CS_MODE_64, b"\x41\x56", "X86 64 (Intel syntax)", None),
(CS_ARCH_X86, CS_MODE_64, b"\x41\x55", "X86 64 (Intel syntax)", None),
(CS_ARCH_X86, CS_MODE_64, b"\x41\x54", "X86 64 (Intel syntax)", None),
]
#all_tests=[]
#path="/media/william/000B4BAB0003D134/WSL/compress/capstone/X86_hello_padded"
#with open(path, 'r') as f:
# data=f.readlines()
# for inst in data:
# inst=inst.replace("0x","").replace('\n',"")
# # if(len(inst)%2!=0):
# # inst='0'+inst
# pattern = re.compile('.{2}')
# inst='|'.join(pattern.findall(inst))
# inst=list(inst.split('|'))
# for i,val in enumerate(inst):
# inst[i]=int(val,16)
# inst=bytes(inst)
# all_tests.append((CS_ARCH_X86, CS_MODE_64, inst, "X86 64 (Intel syntax)", None))
with open("data/_X86_legacy", "w") as fleg:
with open("data/_X86_prefix", "w") as fpre:
with open("data/_X86_opcode", "w") as fopc:
with open("data/_X86_modrm", "w") as fmod:
with open("data/_X86_sib", "w") as fsib:
# with open("data/_X86_dis", "w") as fdis:
# with open("data/_X86_imm", "w") as fimm:
with open("data/_X86_rest", "w") as frest:
for (arch, mode, code, comment, syntax) in all_tests:
print("*" * 16)
print("Platform: %s" % comment)
print("Code: %s" % to_hex(code))
print("Disasm:")
try:
md = Cs(arch, mode)
md.detail = True
if syntax is not None:
md.syntax = syntax
for insn in md.disasm(code, 0x1000):
print_insn_detail(mode, insn)
if(to_hex(code)[2:4]=="f3"):
insn.prefix[0]=0xf3
write_hex(fleg,insn.prefix,False)
if(insn.rex==0):
fpre.write('\n')
else:
fpre.write("%02x\n" % (insn.rex))
# write_hex(fpre,insn.rex)
write_hex(fopc,insn.opcode)
if(insn.modrm==0):
fmod.write('\n')
else:
fmod.write("%02x\n" % (insn.modrm))
# write_hex(fmod,insn.modrm)
if(insn.sib==0):
fsib.write('\n')
else:
fsib.write("%02x\n" % (insn.sib))
# write_hex(fsib,insn.sib)
# print ()
cur_insn='{}{}{}{}{}'.format(get_hex(insn.prefix,False),get_hex([insn.rex]),get_hex(insn.opcode),get_hex([insn.modrm]),get_hex([insn.sib]))
# while(cur_insn[0]=='0'):
# cur_insn=cur_insn[1:len(cur_insn)]
code_t=to_hex(code).replace(" ","").replace("0x","")
print(code_t)
rest=code_t[len(cur_insn):len(code_t)]
print(rest)
frest.write("%s\n" % rest)
print(cur_insn)
# print(to_hex(code).replace(" ","").replace("0x",""))
break
print ("0x%x:\n" % (insn.address + insn.size))
except CsError as e:
print("ERROR: %s" % e)
def test_class():
# X86_CODE64 = b"\x66\x2e\x0f\x1f\x84\x00\x00\x00\x00\x00"
# X86_CODE64 =b"\xf3\x48\xab"
# # X86_CODE16 = b"\x8d\x4c\x32\x08\x01\xd8\x81\xc6\x34\x12\x00\x00\x05\x23\x01\x00\x00\x36\x8b\x84\x91\x23\x01\x00\x00\x41\x8d\x84\x39\x89\x67\x00\x00\x8d\x87\x89\x67\x00\x00\xb4\xc6\x66\xe9\xb8\x00\x00\x00\x67\xff\xa0\x23\x01\x00\x00\x66\xe8\xcb\x00\x00\x00\x74\xfc"
# # X86_CODE32 = b"\x8d\x4c\x32\x08\x01\xd8\x81\xc6\x34\x12\x00\x00\x05\x23\x01\x00\x00\x36\x8b\x84\x91\x23\x01\x00\x00\x41\x8d\x84\x39\x89\x67\x00\x00\x8d\x87\x89\x67\x00\x00\xb4\xc6\xe9\xea\xbe\xad\xde\xff\xa0\x23\x01\x00\x00\xe8\xdf\xbe\xad\xde\x74\xff"
# all_tests = [
# # (CS_ARCH_X86, CS_MODE_16, X86_CODE16, "X86 16bit (Intel syntax)", None),
# # (CS_ARCH_X86, CS_MODE_32, X86_CODE32, "X86 32 (AT&T syntax)", CS_OPT_SYNTAX_ATT),
# # (CS_ARCH_X86, CS_MODE_32, X86_CODE32, "X86 32 (Intel syntax)", None),
# (CS_ARCH_X86, CS_MODE_64, X86_CODE64, "X86 64 (Intel syntax)", None),
# ]
all_tests = []
path = "X86_hello_padded"
out = "X86_newinsn"
with open(path, 'r') as f, open(out, "w") as outf:
data = f.readlines()
for inst in data:
inst = inst.replace("0x", "").replace('\n', "")
pattern = re.compile('.{2}')
inst = '|'.join(pattern.findall(inst))
inst = list(inst.split('|'))
for i, val in enumerate(inst):
inst[i] = int(val, 16)
inst = bytes(inst)
all_tests.append(
(CS_ARCH_X86, CS_MODE_64, inst, "X86 64 (Intel syntax)", None))
for (arch, mode, code, comment, syntax) in all_tests:
print("*" * 16)
print("Platform: %s" % comment)
print("Code: %s" % to_hex(code))
print("Disasm:")
try:
md = Cs(arch, mode)
md.detail = True
insnflag = [0, 0, 0, 0, 0, 0, 0]
if syntax is not None:
md.syntax = syntax
for insn in md.disasm(code, 0x1000):
print_insn_detail(mode, insn)
# Legancy Prefix
if (to_hex(code)[2:4] == "f3"):
insn.prefix[0] = 0xf3
prefixflag = [0, 0, 0, 0, 0, 0, 0]
stack = []
g1 = ["f0", "f2", "f3"] #0,1,2 binary
g2 = ["2e", "26", "3e", "26", "64", "65"]
g3 = ["66"]
g4 = ["67"]
for c in insn.prefix:
if (c != 0):
stack.append(c)
if (len(stack) > 0):
insnflag[0] = 1
while (len(stack) > 0):
str_str = "{:02x}".format(stack.pop()).rstrip()
if (str_str in g1):
i = g1.index(str_str.rstrip())
i = i + 1
prefixflag[0] = int(int2bin(i, 2)[0], 2)
prefixflag[1] = int(int2bin(i, 2)[1], 2)
elif (str_str in g2):
i = g2.index(str_str.rstrip())
i = i + 1
prefixflag[2] = int(int2bin(i, 3)[0], 2)
prefixflag[3] = int(int2bin(i, 3)[1], 2)
prefixflag[4] = int(int2bin(i, 3)[2], 2)
elif (str_str in g3):
i = g3.index(str_str.rstrip())
i = i + 1
prefixflag[5] = int(int2bin(i, 1), 2)
elif (str_str in g4):
i = g4.index(str_str.rstrip())
i = i + 1
prefixflag[6] = int(int2bin(i, 1), 2)
#REX prefix
if (insn.rex != 0):
insnflag[1] = 1
hex_rex = get_hex([insn.rex])
hex_rex = hex_rex[1] #40H-4FH只取第二字符
#opcode
opcode = get_hex(insn.opcode)
byte_opcode = int(len(opcode) / 2)
real_opcode = opcode[len(opcode) - 2:len(opcode)]
if (byte_opcode == 3 and opcode[0:3] == "0f38"):
byte_opcode = 4
insnflag[2] = int(int2bin(byte_opcode - 1, 2)[0], 2)
insnflag[3] = int(int2bin(byte_opcode - 1, 2)[1], 2)
#modr/m
if (insn.modrm != 0):
insnflag[4] = 1
#sib
if (insn.sib != 0):
insnflag[5] = 1
#rest=dist+imm
cur_insn = '{}{}{}{}{}'.format(get_hex(insn.prefix, False),
get_hex([insn.rex]),
get_hex(insn.opcode),
get_hex([insn.modrm]),
get_hex([insn.sib]))
code_t = to_hex(code).replace(" ", "").replace("0x", "")
rest = code_t[len(cur_insn):len(code_t)]
if (rest.strip() != ""):
insnflag[6] = 1
#新编码
newinsnflag = ""
for c in insnflag:
newinsnflag = newinsnflag + str(c)
newinsn = hex(int(newinsnflag, 2)).replace("0x", "")
if (insnflag[0] == "1"):
newprefixflag = ""
for c in prefixflag:
newprefixflag = newprefixflag + str(c)
newinsn = newinsn + hex(int(newprefixflag, 2)).replace(
"0x", "")
if (insnflag[1] == "1"):
newinsn = newinsn + hex_rex
newinsn = newinsn + real_opcode
if (insnflag[4] == "1"):
newinsn = newinsn + get_hex([insn.modrm])
if (insnflag[5] == "1"):
newinsn = newinsn + get_hex([insn.sib])
if (insnflag[6] == "1"):
newinsn = newinsn + hex(len(rest)).replace(
"0x", "") + rest #记录字符数可以免去换行符
outf.write(newinsn)
break
#print ("0x%x:\n" % (insn.address + insn.size))
except CsError as e:
print("ERROR: %s" % e)
def print_insn(md, code):
print("%s\t" % to_hex(code, False), end="")
for insn in md.disasm(code, 0x1000):
print("\t%s\t%s\n" % (insn.mnemonic, insn.op_str))
#!/usr/bin/env python
# Capstone Python bindings, by Nguyen Anh Quynnh <*****@*****.**>
from __future__ import print_function
from capstone import *
from xprint import to_hex
CODE = "\x60\x61\x50"
cs = Cs(CS_ARCH_EVM, 0)
cs.detail = True
print("Platform: EVM")
print("Code: %s" % to_hex(CODE))
print("Disasm:")
for i in cs.disasm(CODE, 0x80001000):
print("0x%x:\t%s\t%s" % (i.address, i.mnemonic, i.op_str))
if i.pop > 0:
print("\tPop: %u" % i.pop)
if i.push > 0:
print("\tPush: %u" % i.push)
if i.fee > 0:
print("\tGas fee: %u" % i.fee)
if len(i.groups) > 0:
print("\tGroups: ", end=''),
for m in i.groups:
print("%s " % i.group_name(m), end=''),
print()
#!/usr/bin/env python
# Capstone Python bindings, by Nguyen Anh Quynnh <*****@*****.**>
from __future__ import print_function
from capstone import *
from xprint import to_hex
CODE = "\x60\x61\x50"
cs = Cs(CS_ARCH_EVM, 0)
cs.detail = True
print("Platform: EVM")
print("Code: %s" %to_hex(CODE))
print("Disasm:")
for i in cs.disasm(CODE, 0x80001000):
print("0x%x:\t%s\t%s" %(i.address, i.mnemonic, i.op_str))
if i.pop > 0:
print("\tPop: %u" %i.pop)
if i.push > 0:
print("\tPush: %u" %i.push)
if i.fee > 0:
print("\tGas fee: %u" %i.fee)
if len(i.groups) > 0:
print("\tGroups: ", end=''),
for m in i.groups:
print("%s " % i.group_name(m), end=''),
print()
