예제 #1
0
def get_funcs_arg0(ctx, ira, lbl_head):
    g_dep = DependencyGraph(ira, follow_call=False)
    element = ira.arch.regs.RSI

    for irb, index in find_call(ira):
        line = irb.lines[index]
        print 'Analysing references from:', hex(line.offset), line
        g_list = g_dep.get(irb.label, set([element]), index, set([lbl_head]))
        for dep in g_list:
            emul_result = dep.emul(ctx)
            value = emul_result[element]
            yield value
예제 #2
0
def get_funcs_arg0(ctx, ira, lbl_head):
    """Compute DependencyGraph on the func @lbl_head"""
    g_dep = DependencyGraph(ira, follow_call=False)
    element = ira.arch.regs.RSI

    for irb, index in find_call(ira):
        instr = irb.irs[index].instr
        print 'Analysing references from:', hex(instr.offset), instr
        g_list = g_dep.get(irb.label, set([element]), index, set([lbl_head]))
        for dep in g_list:
            emul_result = dep.emul(ctx)
            value = emul_result[element]
            yield value
예제 #3
0
ir_arch = machine.ira(mdis.symbol_pool)

# Disassemble the targeted function
blocks = mdis.dis_multibloc(int(args.func_addr, 16))

# Generate IR
for block in blocks:
    ir_arch.add_bloc(block)

# Build the IRA Graph
ir_arch.gen_graph()

# Get the instance
dg = DependencyGraph(ir_arch,
                     implicit=args.implicit,
                     apply_simp=not (args.do_not_simplify),
                     follow_mem=not (args.unfollow_mem),
                     follow_call=not (args.unfollow_call))

# Build information
target_addr = int(args.target_addr, 16)
current_block = list(ir_arch.getby_offset(target_addr))[0]
line_nb = 0
for line_nb, line in enumerate(current_block.lines):
    if line.offset == target_addr:
        break

# Enumerate solutions
for sol_nb, sol in enumerate(
        dg.get(current_block.label, elements, line_nb, set())):
    fname = "sol_%d.dot" % sol_nb
예제 #4
0
파일: depgraph.py 프로젝트: whb224117/miasm
 def depgraph(self):
     value = self.cMethod.value
     return DependencyGraph(self.ira,
                            implicit=value & 4,
                            follow_mem=value & 1,
                            follow_call=value & 2)
예제 #5
0
    (g2_ira, g2_input, [g2_output1]),
    (g3_ira, g3_input, [g3_output1, g3_output2]),
    (g4_ira, g4_input, [g4_output1]),
    (g5_ira, g5_input, [g5_output1]),
    (g6_ira, g6_input, [g6_output1]),
    (g7_ira, g7_input, [g7_output1]),
    (g8_ira, g8_input, [g8_output1, g8_output2]),
    (g8_ira, g9_input, [g9_output1, g9_output2]),
    (g10_ira, g10_input, [g10_output1]),
]):
    # Extract test elements
    print "[+] Test", i + 1
    g_ira, (depnodes, heads), g_test_list = test
    open("graph_%02d.dot" % (i + 1), "w").write(g_ira.g.dot())
    # Test classes
    for g_dep in [DependencyGraph(g_ira), DependencyGraph_NoMemory(g_ira)]:
        print " - Class %s" % g_dep.__class__.__name__

        ## Test public APIs
        for api_i, g_list in enumerate([
                g_dep.get_fromDepNodes(depnodes, heads),
                g_dep.get(
                    list(depnodes)[0].label,
                    [depnode.element for depnode in depnodes],
                    list(depnodes)[0].line_nb, heads)
        ]):
            print " - - API %s" % ("get_fromDepNodes" if api_i == 0 else "get")

            ### Expand result iterator
            g_list = list(g_list)
            ### Dump outputs graphs for debug means
예제 #6
0
                                (G16_IRA, G16_INPUT),
                                (G17_IRA, G17_INPUT),
                                ]):

    # Extract test elements
    print "[+] Test", test_nb + 1
    g_ira, (depnodes, heads) = test

    open("graph_%02d.dot" % (test_nb + 1), "w").write(g_ira.graph.dot())
    open("graph_%02d.dot" % (test_nb + 1), "w").write(bloc2graph(g_ira))

    # Different options
    suffix_key_list = ["", "_nosimp", "_nomem", "_nocall",
                       "_implicit"]
    # Test classes
    for g_ind, g_dep in enumerate([DependencyGraph(g_ira),
                                   DependencyGraph(g_ira, apply_simp=False),
                                   DependencyGraph(g_ira, follow_mem=False),
                                   DependencyGraph(g_ira, follow_mem=False,
                                                   follow_call=False),
                                   # DependencyGraph(g_ira, implicit=True),
                                   ]):
        # if g_ind == 4:
        # TODO: Implicit specifications
        #    continue
        print " - Class %s - %s" % (g_dep.__class__.__name__,
                                    suffix_key_list[g_ind])
        # Select the correct result key
        mode_suffix = suffix_key_list[g_ind]
        graph_test_key = "graph" + mode_suffix
예제 #7
0
파일: depgraph.py 프로젝트: luwangg/miasm
                          (g3_ira, g3_input, [g3_output1, g3_output2]),
                          (g4_ira, g4_input, [g4_output1]),
                          (g5_ira, g5_input, [g5_output1]),
                          (g6_ira, g6_input, [g6_output1]),
                          (g7_ira, g7_input, [g7_output1]),
                          (g8_ira, g8_input, [g8_output1, g8_output2]),
                          (g8_ira, g9_input, [g9_output1, g9_output2]),
                          (g10_ira, g10_input, [g10_output1]),
                          (g11_ira, g11_input, [g11_output1]),
                      ]):
    # Extract test elements
    print "[+] Test", i+1
    g_ira, (depnodes, heads), g_test_list = test
    open("graph_%02d.dot" % (i+1), "w").write(g_ira.g.dot())
    # Test classes
    for g_dep in [DependencyGraph(g_ira),
                  DependencyGraph_NoMemory(g_ira)]:
        print " - Class %s" % g_dep.__class__.__name__

        ## Test public APIs
        for api_i, g_list in enumerate([g_dep.get_fromDepNodes(depnodes, heads),
                                        g_dep.get(list(depnodes)[0].label,
                                                  [depnode.element for
                                                   depnode in depnodes],
                                                  list(depnodes)[0].line_nb,
                                                  heads)]):
            print " - - API %s" % ("get_fromDepNodes" if api_i == 0 else "get")

            ### Expand result iterator
            g_list = list(g_list)
            ### Dump outputs graphs for debug means
예제 #8
0
        # StdCall example
        for i in xrange(4):
            e_mem = ExprMem(
                ExprId("ESP_init", 32) + ExprInt(4 * (i + 1), 32), 32)
            init_ctx[e_mem] = ExprId("arg%d" % i, 32)

# Disassemble the targeted function
asmcfg = mdis.dis_multiblock(int(args.func_addr, 0))

# Generate IR
ircfg = ir_arch.new_ircfg_from_asmcfg(asmcfg)

# Get the instance
dg = DependencyGraph(ircfg,
                     implicit=args.implicit,
                     apply_simp=not args.do_not_simplify,
                     follow_mem=not args.unfollow_mem,
                     follow_call=not args.unfollow_call)

# Build information
target_addr = int(args.target_addr, 0)
current_block = list(ircfg.getby_offset(target_addr))[0]
assignblk_index = 0
for assignblk_index, assignblk in enumerate(current_block):
    if assignblk.instr.offset == target_addr:
        break

# Enumerate solutions
json_solutions = []
for sol_nb, sol in enumerate(
        dg.get(current_block.loc_key, elements, assignblk_index, set())):
예제 #9
0
파일: depgraph.py 프로젝트: cd3l3on/miasm
    (g4_ira, g4_input, [g4_output1]),
    (g5_ira, g5_input, [g5_output1]),
    (g6_ira, g6_input, [g6_output1]),
    (g7_ira, g7_input, [g7_output1]),
    (g8_ira, g8_input, [g8_output1, g8_output2]),
    (g8_ira, g9_input, [g9_output1, g9_output2]),
    (g10_ira, g10_input, [g10_output1]),
    (g11_ira, g11_input, [g11_output1]),
]):
    # Extract test elements
    print "[+] Test", i + 1
    g_ira, (depnodes, heads), g_test_list = test
    open("graph_%02d.dot" % (i + 1), "w").write(g_ira.g.dot())
    # Test classes
    for g_dep in [
            DependencyGraph(g_ira),
            DependencyGraph(g_ira, apply_simp=False),
            DependencyGraph(g_ira, follow_mem=False),
            DependencyGraph(g_ira, follow_mem=False, follow_call=False)
    ]:
        print " - Class %s" % g_dep.__class__.__name__

        ## Test public APIs
        for api_i, g_list in enumerate([
                g_dep.get_fromDepNodes(depnodes, heads),
                g_dep.get(
                    list(depnodes)[0].label,
                    [depnode.element for depnode in depnodes],
                    list(depnodes)[0].line_nb, heads)
        ]):
            print " - - API %s" % ("get_fromDepNodes" if api_i == 0 else "get")