def main() -> None: parser = argparse.ArgumentParser( description= 'Security Analysis tool for WebAssembly module and Blockchain Smart Contracts (BTC/ETH/NEO/EOS)' ) inputs = parser.add_argument_group('Input arguments') inputs.add_argument( '-r', '--raw', help='hex-encoded bytecode string ("ABcdeF09..." or "0xABcdeF09...")', metavar='BYTECODE') inputs.add_argument('-f', '--file', type=argparse.FileType('rb'), help='binary file (.wasm)', metavar='WASMMODULE') features = parser.add_argument_group('Features') features.add_argument('-d', '--disassemble', action='store_true', help='print text disassembly ') features.add_argument('-z', '--analyzer', action='store_true', help='print module information') features.add_argument('-y', '--analytic', action='store_true', help='print Functions instructions analytics') features.add_argument('-g', '--cfg', action='store_true', help='generate the control flow graph (CFG)') features.add_argument('-c', '--call', action='store_true', help='generate the call flow graph') features.add_argument('-s', '--ssa', action='store_true', help='generate the CFG with SSA representation') graph = parser.add_argument_group('Graph options') graph.add_argument('--simplify', action='store_true', help='generate a simplify CFG') graph.add_argument('--functions', action='store_true', help='create subgraph for each function') graph.add_argument( '--onlyfunc', type=str, nargs="*", default=[], help='only generate the CFG for this list of function name') #graph.add_argument('--visualize', # help='direcly open the CFG file') #graph.add_argument('--format', # choices=['pdf', 'png', 'dot'], # default='pdf', # help='direcly open the CFG file') args = parser.parse_args() octo_bytecode = None octo_analyzer = None octo_disasm = None octo_cfg = None # process input code if args.raw: octo_bytecode = args.raw elif args.file: octo_bytecode = args.file.read() # Disassembly if args.disassemble: from octopus.arch.wasm.disassembler import WasmDisassembler # TODO add other r_format support octo_disasm = WasmDisassembler() print(octo_disasm.disassemble_module(octo_bytecode, r_format='text')) if args.analyzer: from octopus.arch.wasm.analyzer import WasmModuleAnalyzer octo_analyzer = WasmModuleAnalyzer(octo_bytecode) print(octo_analyzer) # Control Flow Analysis & Call flow Analysis if args.cfg or args.call or args.analytic: from octopus.arch.wasm.cfg import WasmCFG from octopus.analysis.graph import CFGGraph octo_cfg = WasmCFG(octo_bytecode) if args.call: octo_cfg.visualize_call_flow() if args.analytic: octo_cfg.visualize_instrs_per_funcs() if args.cfg: octo_graph = CFGGraph(octo_cfg) if args.functions or args.onlyfunc: octo_graph.view_functions(only_func_name=args.onlyfunc, simplify=args.simplify, ssa=args.ssa) else: octo_graph.view(simplify=args.simplify, ssa=args.ssa) if args.ssa: from octopus.arch.wasm.emulator import WasmSSAEmulatorEngine emul = WasmSSAEmulatorEngine(octo_bytecode) # run the emulator for SSA if args.onlyfunc: emul.emulate_functions(args.onlyfunc) # try to emulate main by default else: emul.emulate_functions() # visualization of the cfg with SSA emul.cfg.visualize(ssa=True) if not args.disassemble and not args.ssa \ and not args.cfg and not args.call\ and not args.analyzer and not args.analytic: parser.print_help()
# # Title: Visualization of instructions count # per function and group # # Date: 08/08/18 # # Author: Patrick Ventuzelo - @Pat_Ventuzelo # from octopus.arch.wasm.cfg import WasmCFG # complete wasm module file_name = "examples/wasm/samples/hello_wasm_studio.wasm" # read file with open(file_name, 'rb') as f: raw = f.read() # create the cfg cfg = WasmCFG(raw) # visualization cfg.visualize_instrs_per_funcs()