def dump(self, ctx, lines): from capstone import CS_OP_IMM ARCH = self.load_arch_module() ARCH_UTILS = ARCH.utils ARCH_OUTPUT = ARCH.output s_name, s_start, s_end = self.binary.get_section_meta(ctx.addr) self.print_section_meta(s_name, s_start, s_end) # WARNING: this assume that on every architectures the jump # address is the last operand (operands[-1]) # set jumps color i = self.lazy_disasm(ctx.addr, s_start) l = 0 while i is not None and l < lines: if ARCH_UTILS.is_jump(i) and i.operands[-1].type == CS_OP_IMM: pick_color(i.operands[-1].value.imm) i = self.lazy_disasm(i.address + i.size, s_start) l += 1 # Here we have loaded all instructions we want to print if self.binary.type == T_BIN_PE: self.binary.pe_reverse_stripped_symbols(self) o = ARCH_OUTPUT.Output(ctx) # dump i = self.lazy_disasm(ctx.addr, s_start) l = 0 while i is not None and l < lines: o.print_inst(i) i = self.lazy_disasm(i.address + i.size, s_start) l += 1
def dump(self, ctx, lines): from capstone import CS_OP_IMM ARCH = self.load_arch_module() ARCH_UTILS = ARCH.utils ARCH_OUTPUT = ARCH.output s_start = self.binary.get_section_start(ctx.addr) # set jumps color i = self.lazy_disasm(ctx.addr, s_start) l = 0 while i is not None and l < lines: if ARCH_UTILS.is_jump(i) and i.operands[0].type == CS_OP_IMM: pick_color(i.operands[0].value.imm) i = self.lazy_disasm(i.address + i.size, s_start) l += 1 # Here we have loaded all instructions we want to print if self.binary.type == T_BIN_PE: self.binary.pe_reverse_stripped_symbols(self) o = ARCH_OUTPUT.Output(ctx) # dump i = self.lazy_disasm(ctx.addr, s_start) l = 0 while i is not None and l < lines: o.print_inst(i, 0) i = self.lazy_disasm(i.address + i.size, s_start) l += 1
def assign_colors(ctx, ast): if isinstance(ast, Ast_Branch): for n in ast.nodes: if isinstance(n, list): if is_uncond_jump( n[0]) and n[0].operands[0].type == MIPS_OP_IMM: nxt = ctx.gph.link_out[n[0].address][BRANCH_NEXT] pick_color(nxt) else: # ast assign_colors(ctx, n) elif isinstance(ast, Ast_IfGoto) or isinstance(ast, Ast_Goto): pick_color(ast.addr_jump) elif isinstance(ast, Ast_Ifelse): assign_colors(ctx, ast.br_next_jump) assign_colors(ctx, ast.br_next) elif isinstance(ast, Ast_Loop): assign_colors(ctx, ast.branch) if ast.epilog != None: assign_colors(ctx, ast.epilog) elif isinstance(ast, Ast_If_cond): assign_colors(ctx, ast.br)
def assign_colors(self): for n in self.nodes: if type(n) == list: if is_uncond_jump(n[0]): nxt = gph.link_out[n[0].address][BRANCH_NEXT] pick_color(nxt) else: n.assign_colors()
def dump_asm(self, ctx, lines): from capstone import CS_OP_IMM ARCH = self.load_arch_module() ARCH_UTILS = ARCH.utils ARCH_OUTPUT = ARCH.output s = self.binary.get_section(ctx.entry_addr) s.print_header() # WARNING: this assume that on every architectures the jump # address is the last operand (operands[-1]) # set jumps color ad = ctx.entry_addr l = 0 while l < lines and ad <= s.end: i = self.lazy_disasm(ad, s.start) if i is None: ad += 1 else: if ARCH_UTILS.is_jump(i) and i.operands[-1].type == CS_OP_IMM: pick_color(i.operands[-1].value.imm) ad += i.size l += 1 # Here we have loaded all instructions we want to print if self.binary.type == T_BIN_PE: self.binary.pe_reverse_stripped_symbols(self) o = ARCH_OUTPUT.Output(ctx) o._new_line() # dump ad = ctx.entry_addr l = 0 if ad in self.binary.reverse_symbols: o._symbol(ad) o._new_line() while l < lines and ad <= s.end: i = self.lazy_disasm(ad, s.start) if i is None: ad += 1 o._bad(ad) else: o._asm_inst(i) ad += i.size l += 1 # empty line o.lines.pop(-1) o.token_lines.pop(-1) return o
def dump_asm(self, ctx, lines): from capstone import CS_OP_IMM ARCH = self.load_arch_module() ARCH_UTILS = ARCH.utils ARCH_OUTPUT = ARCH.output s_name, s_start, s_end = self.binary.get_section_meta(ctx.entry_addr) self.print_section_meta(s_name, s_start, s_end) # WARNING: this assume that on every architectures the jump # address is the last operand (operands[-1]) # set jumps color ad = ctx.entry_addr l = 0 while l < lines and ad < s_end: i = self.lazy_disasm(ad, s_start) if i is None: ad += 1 else: if ARCH_UTILS.is_jump(i) and i.operands[-1].type == CS_OP_IMM: pick_color(i.operands[-1].value.imm) ad += i.size l += 1 # Here we have loaded all instructions we want to print if self.binary.type == T_BIN_PE: self.binary.pe_reverse_stripped_symbols(self) o = ARCH_OUTPUT.Output(ctx) # dump ad = ctx.entry_addr l = 0 while l < lines and ad < s_end: i = self.lazy_disasm(ad, s_start) if i is None: ad += 1 o.print_bad(ad) else: o.print_inst(i) ad += i.size l += 1
def assign_colors(ctx, ast): if isinstance(ast, Ast_Branch): for n in ast.nodes: if isinstance(n, list): if is_uncond_jump(n[0]) and n[0].operands[0].type == X86_OP_IMM: nxt = ctx.gph.link_out[n[0].address][BRANCH_NEXT] pick_color(nxt) else: # ast assign_colors(ctx, n) elif isinstance(ast, Ast_IfGoto) or isinstance(ast, Ast_Goto): pick_color(ast.addr_jump) elif isinstance(ast, Ast_Ifelse): assign_colors(ctx, ast.br_next_jump) assign_colors(ctx, ast.br_next) elif isinstance(ast, Ast_Loop): assign_colors(ctx, ast.branch)
def dump(self, addr, lines): i_init = index(self.code_idx, addr) end = min(len(self.code_idx), i_init + lines) # set jumps color i = i_init while i < end: inst = self.code[self.code_idx[i]] if is_jump(inst) and inst.operands[0].type == X86_OP_IMM: pick_color(inst.operands[0].value.imm) i += 1 i = i_init while i < end: inst = self.code[self.code_idx[i]] if inst.address in self.binary.reverse_symbols: print_symbol(inst.address) print() print_inst(inst, 0) i += 1
def assign_colors(self): pick_color(self.addr_jump)