#!/usr/bin/env python2
## -*- coding: utf-8 -*-
import sys
import triton
import pintool
post_call_to_check_license = 0x4007bf # the instruction after check_license() returns I.E. mov DWORD PTR [rbp-0x1c],eax
target = 0x4007cd # main's call to printf(License check passed\n")
Triton = pintool.getTritonContext()
def symbolize_inputs(tid):
rsi = pintool.getCurrentRegisterValue(Triton.registers.rsi) # argv
addr = pintool.getCurrentMemoryValue(rsi + (triton.CPUSIZE.QWORD),
triton.CPUSIZE.QWORD) # argv[1]
# symbolize each character in argv[1], i.e the serial (including the terminating NULL)
c = None
s = ''
while c != 0:
c = pintool.getCurrentMemoryValue(addr)
s += chr(c)
Triton.setConcreteMemoryValue(addr, c)
Triton.convertMemoryToSymbolicVariable(
triton.MemoryAccess(addr, triton.CPUSIZE.BYTE)).setComment(
'argv[1][%d]' % (len(s) - 1))
addr += 1
print 'Symbolized argv[1]: %s' % (s)
# $ ./triton ./src/testers/qemu-test-x86_64.py ./src/samples/ir_test_suite/qemu-test-x86_64
from triton import ARCH, SYMEXPR, OPCODE
import pintool as Pintool
# Get the Triton context over the pintool
Triton = Pintool.getTritonContext()
def sbefore(instruction):
Triton.concretizeAllMemory()
Triton.concretizeAllRegister()
return
def cafter(instruction):
ofIgnored = [
OPCODE.RCL,
OPCODE.RCR,
OPCODE.ROL,
OPCODE.ROR,
OPCODE.SAR,
OPCODE.SHL,
OPCODE.SHLD,
OPCODE.SHR,
OPCODE.SHRD,
]
bad = list()
regs = Triton.getParentRegisters()
# Note: Display the list of unsuported semantics
from __future__ import print_function
from operator import itemgetter
from triton import ARCH
from pintool import getTritonContext, startAnalysisFromEntry, runProgram, insertCall, INSERT_POINT
unsuportedSemantics = dict()
Triton = getTritonContext()
def cbefore(instruction):
if len(instruction.getSymbolicExpressions()) == 0:
mnemonic = instruction.getDisassembly().split(' ')[0]
if mnemonic in unsuportedSemantics:
unsuportedSemantics[mnemonic] += 1
else:
print(instruction)
unsuportedSemantics.update({mnemonic: 1})
return
def cafter(instruction):
Triton.reset()
return
def cfini():
l = list(unsuportedSemantics.items())
# Note: Display the list of unsuported semantics
from operator import itemgetter
from triton import ARCH
from pintool import getTritonContext, startAnalysisFromEntry, runProgram, insertCall, INSERT_POINT
unsuportedSemantics = dict()
Triton = getTritonContext()
def cbefore(instruction):
if len(instruction.getSymbolicExpressions()) == 0:
mnemonic = instruction.getDisassembly().split(' ')[0]
if mnemonic in unsuportedSemantics:
unsuportedSemantics[mnemonic] += 1
else:
print instruction
unsuportedSemantics.update({mnemonic: 1})
return
def cafter(instruction):
Triton.resetEngines()
return
def cfini():
l = unsuportedSemantics.items()
