def handle_command(debugger, command, result, internal_dict): ''' Disassemble with colors! Terminal only ''' command_args = shlex.split(command, posix=False) target = ds.getTarget() parser = generate_option_parser() try: (options, args) = parser.parse_args(command_args) except: result.SetError(parser.usage) return if len(args) == 0: sym = ds.getFrame().GetSymbol() else: sym = ds.getTarget().ResolveLoadAddress(long(args[0], 16)).GetSymbol() instructions = sym.GetInstructions(target) output = ds.attrStr(sym.addr.module.file.basename + ', ' + sym.name, 'cyan') + '\n' counter = 0 if len(instructions) == 0: return startAddress = instructions.GetInstructionAtIndex( 0).GetAddress().GetLoadAddress(target) frame = ds.getFrame() for inst in instructions: line = ds.attrStr(str(counter).ljust(4), 'grey') counter += 1 offset = str(inst.addr.GetLoadAddress(target) - startAddress) branch = (ds.attrStr('*', 'yellow') if inst.is_branch else ' ') pc = ds.attrStr('-> ', 'grey') if frame.addr == inst.addr else ' ' loadaddr = ds.attrStr( hex(inst.addr.GetLoadAddress(target)) + (' <+' + offset + '>:').ljust(8), 'grey') mnemonic = ds.attrStr(inst.mnemonic.ljust(5), 'red') operands = ds.attrStr(inst.operands, 'bold') comments = ds.attrStr(inst.comment, 'green') if options.memory: tmp = ' '.join([ hex(i).replace('0x', '').zfill(2) for i in inst.GetData(lldb.target).uint8s ]) mem = ds.attrStr(tmp, 'cyan') else: mem = '' output += '{}{}{} {} {} {} {} {}\n'.format(pc, branch, line, loadaddr, mem, mnemonic, operands, comments) result.AppendMessage(output)
def handle_command(debugger, command, result, internal_dict): ''' Disassemble with colors! Terminal only ''' command_args = shlex.split(command, posix=False) target = ds.getTarget() parser = generate_option_parser() try: (options, args) = parser.parse_args(command_args) except: result.SetError(parser.usage) return output = '' if options.search_functions: query = options.search_functions symbol_context_list = target.FindGlobalFunctions( query, 0, lldb.eMatchTypeRegex) for symContext in symbol_context_list: output += generateAssemblyFromSymbol(symContext.symbol, options) elif len(args) == 0: sym = ds.getFrame().GetSymbol() output += generateAssemblyFromSymbol(sym, options) else: sym = ds.getTarget().ResolveLoadAddress(long(args[0], 16)).GetSymbol() output += generateAssemblyFromSymbol(sym, options) result.AppendMessage(output)
def generate_return_string(debugger, module_dict, options): return_string = '' for key in module_dict: count = len(module_dict[key]) if len(module_dict[key]) == 0: continue tmp = module_dict[key][0] if options.module_summary: return_string += str(count) + ' hits in: ' + key + '\n' continue return_string += '****************************************************\n' return_string += str(count) + ' hits in: ' + key + '\n' return_string += '****************************************************\n' for symbol_context in module_dict[key]: if options.global_var or options.global_var_noeval: name = symbol_context.symbol.name if options.global_var: frame = ds.getFrame() target = ds.getTarget() addr = hex( symbol_context.symbol.addr.GetLoadAddress(target)) val = frame.EvaluateExpression('*(void**)' + addr) name += '\n' + (val.description if val.description else '0x%010x' % val.unsigned) elif symbol_context.function.name is not None: name = symbol_context.function.name if options.mangled_name: mangledName = symbol_context.symbol.GetMangledName() name += ', ' + mangledName if mangledName else '[NONE]' elif symbol_context.symbol.name is not None: name = symbol_context.symbol.name if options.mangled_name: mangledName = symbol_context.symbol.GetMangledName() name += ', ' + mangledName if mangledName else '[NONE]' else: return_string += 'Can\'t find info for ' + str( symbol_context) + '\n\n' continue if options.load_address: str_addr = str( hex(symbol_context.GetSymbol().GetStartAddress(). GetLoadAddress(debugger.GetSelectedTarget()))) end_addr = str( hex(symbol_context.GetSymbol().GetEndAddress(). GetLoadAddress(debugger.GetSelectedTarget()))) return_string += '[' + str_addr + '-' + end_addr + '] ' + name else: return_string += name return_string += '\n\n' return return_string
def handle_command(debugger, command, result, internal_dict): ''' Disassemble with colors! Terminal only ''' command_args = shlex.split(command, posix=False) target = ds.getTarget() parser = generate_option_parser() try: (options, args) = parser.parse_args(command_args) except: result.SetError(parser.usage) return output = '' if options.search_functions: query = options.search_functions symbol_context_list = target.FindGlobalFunctions(query, 0, lldb.eMatchTypeRegex) for symContext in symbol_context_list: output += generateAssemblyFromSymbol(symContext.symbol, options) elif len(args) == 0: sym = ds.getFrame().GetSymbol() output += generateAssemblyFromSymbol(sym, options) elif args[0].startswith('0x'): sym = ds.getTarget().ResolveLoadAddress(long(args[0], 16)).GetSymbol() output += generateAssemblyFromSymbol(sym, options) elif args[0].isdigit(): sym = ds.getTarget().ResolveLoadAddress(long(args[0])).GetSymbol() output += generateAssemblyFromSymbol(sym, options) else: cleanCommand = ' '.join(args) symList = target.FindGlobalFunctions(cleanCommand, 0, lldb.eMatchTypeNormal) if symList.GetSize() == 0: result.SetError(ds.attrStr("Couldn't find any matches for \"{}\"".format(cleanCommand), 'red')) return sym = symList output += generateAssemblyFromSymbol(symList.GetContextAtIndex(0).symbol, options) result.AppendMessage(output)
def generateAssemblyFromSymbol(sym, options): target = ds.getTarget() instructions = sym.GetInstructions(target) output = ds.attrStr(str(sym.addr.module.file.basename) + ', ', 'cyan') + ds.attrStr(str(sym.name), 'yellow') + '\n' counter = 0 if len(instructions) == 0: return startAddress = instructions.GetInstructionAtIndex(0).GetAddress().GetLoadAddress(target) frame = ds.getFrame() branches = [] offsetSizeDict = {} grepSearch = False for inst in instructions: line = ds.attrStr(str(counter).ljust(4), 'grey') offset = str(inst.addr.GetLoadAddress(target) - startAddress) branch = (ds.attrStr('*', 'yellow') if inst.is_branch else ' ') pc = ds.attrStr('-> ', 'red') if frame.addr == inst.addr else ' ' loadaddr = ds.attrStr(hex(inst.addr.GetLoadAddress(target)) + (' <+' + offset + '>:').ljust(8), 'grey') mnemonic = ds.attrStr(inst.GetMnemonic(target).ljust(5), 'red') if len(inst.GetOperands(target).split(',')) > 1: ops = inst.GetOperands(target).split(',') operands = ds.attrStr(ops[0], 'bold') + ', ' + ds.attrStr(ops[1], 'yellow') else: operands = ds.attrStr(inst.GetOperands(target), 'bold') comments = ds.attrStr(inst.GetComment(target), 'cyan') if options.grep_functions: if re.search(options.grep_functions, comments): grepSearch = True # TODO x64 only, need arm64 if 'rip' in inst.GetOperands(target): nextInst = instructions[counter + 1] m = re.search(r"(?<=\[).*(?=\])", inst.GetOperands(target)) pcComment = '' if m and nextInst: nextPCAddr = hex(nextInst.addr.GetLoadAddress(target)) commentLoadAddr = eval(m.group(0).replace('rip', nextPCAddr)) addr = ds.getTarget().ResolveLoadAddress(commentLoadAddr) modName = generateDescriptionByAddress(addr) pcComment += ds.attrStr('; ' + modName, 'green') # interpreter.HandleCommand('image lookup -a ' + nextPCAddr, res) # # m = re.search('(?<=\().*(?=\s)', res.GetOutput()) # # if m: # # pcComment += ds.attrStr(' ' + m.group(0), 'green') # m = re.search('(?<=Summary\:\s).*$', res.GetOutput()) # if m: # pcComment += ds.attrStr(' sum:' + res.GetOutput(), 'blue') # res.Clear() else: pcComment = '' match = re.search('(?<=\<\+)[0-9]+(?=\>)', inst.GetComment(target)) offsetSizeDict[offset] = counter if options.show_branch and inst.is_branch and match: branches.append((counter, int(match.group(0)))) if options.memory: tmp = ' '.join([hex(i).replace('0x', '').zfill(2) for i in inst.GetData(lldb.target).uint8s]) mem = ds.attrStr(tmp, 'cyan') else: mem = '' formatter = '{}' if options.show_branch else '' output += '{}{}{} {}{} {} {} {} {} {}\n'.format(pc, branch, line, formatter, loadaddr, mem, mnemonic, operands, comments, pcComment) counter += 1 if options.show_branch: branchLines = generateBranchLines(branches, counter, offsetSizeDict) for i, line in enumerate(output.split('\n')): output += line.format(branchLines[i]) + '\n' if options.grep_functions: if grepSearch: return output else: return '' return output + '\n'