def main(argv):
if len(argv) != 2:
print '%s <hex>' % argv[0]
return 1
xed = pyxed.Decoder()
xed.set_mode(pyxed.XED_MACHINE_MODE_LEGACY_32, pyxed.XED_ADDRESS_WIDTH_32b)
xed.itext = binascii.unhexlify(argv[1])
xed.runtime_address = 0x10001000
while True:
inst = xed.decode()
if inst is None:
break
print '| %s' % inst.dump_intel_format()
# Iterate through all the operands of the current instruction.
for i in range(inst.get_noperands()):
op = inst.get_operand(i)
# If the operand is a register, check if it's modified by the
# current instruction.
if op.is_register():
reg_name = get_reg_name(inst.get_reg(op.get_name()))
if op.is_read_and_written():
print '\_ %-16s RW' % reg_name
elif op.is_written_only():
print '\_ %-16s W' % reg_name
return 0
def __init__(self, project_dir):
# Load project created by "sex.sh".
self.loader = sex_loader.SexLoader(project_dir)
# Build list of executable and data sections.
self._loaded_sections = []
self._executable_sections = []
self._data_sections = []
for section in self.loader.sections:
if 'l' in section.flags:
self._loaded_sections.append(section)
if 'x' in section.flags:
self._executable_sections.append(section)
elif 'r' in section.flags:
self._data_sections.append(section)
# Determine the CPU of the target executable.
if self.loader.arch == 'i386':
self.cpu = cpu.CPU(cpu.X86_MODE_PROTECTED_32BIT)
elif self.loader.arch == 'x86_64':
self.cpu = cpu.CPU(cpu.X86_MODE_PROTECTED_64BIT)
# Initialize `pyxed' based decoder object.
self.decoder = pyxed.Decoder()
if self.cpu.mode == cpu.X86_MODE_REAL:
self.decoder.set_mode(pyxed.XED_MACHINE_MODE_LEGACY_16,
pyxed.XED_ADDRESS_WIDTH_16b)
elif self.cpu.mode == cpu.X86_MODE_PROTECTED_32BIT:
self.decoder.set_mode(pyxed.XED_MACHINE_MODE_LEGACY_32,
pyxed.XED_ADDRESS_WIDTH_32b)
elif self.cpu.mode == cpu.X86_MODE_PROTECTED_64BIT:
self.decoder.set_mode(pyxed.XED_MACHINE_MODE_LONG_64,
pyxed.XED_ADDRESS_WIDTH_64b)
# Initialize list of instructions.
self._instructions = []
# Map of instructions (`instruction.Instruction' objects) to their cross
# references (`xrefs.XRefs' objects).
self._xrefs = {}
# Initialize set of basic block leaders.
self._leaders = set()
# Set of tuples holding address/size pairs pointing to data sections.
# Kinda like the basic block leaders set, but for data accesses instead
# of code.
self._data_leaders = set()
# Initialize dictionary of basic blocks. Maps basic block start address
# to `BasicBlock' instance.
self.basic_blocks = {}
# Initialize set of function entry points.
self.functions = set()
# Initialize CFG.
self.cfg = simple_graph.SimpleGraph()
def main(argv):
if len(argv) != 2:
print('%s <hex>' % argv[0])
return 1
xed = pyxed.Decoder()
xed.set_mode(pyxed.XED_MACHINE_MODE_LEGACY_32, pyxed.XED_ADDRESS_WIDTH_32b)
xed.itext = binascii.unhexlify(argv[1])
xed.runtime_address = 0x10001000
while True:
inst = xed.decode()
if inst is None:
break
print(inst.get_iform(), inst.get_iform_str())
return 0
def main(argv):
if len(argv) != 2:
print '%s <hex>' % argv[0]
return 1
xed = pyxed.Decoder()
xed.set_mode(pyxed.XED_MACHINE_MODE_LEGACY_32, pyxed.XED_ADDRESS_WIDTH_32b)
xed.itext = binascii.unhexlify(argv[1])
xed.runtime_address = 0x10001000
while True:
inst = xed.decode()
if inst is None:
break
print '%s' % inst.dump_intel_format()
print 'Read: %s' % rflags_to_str(inst.get_rflags_read())
print 'Undefined: %s' % rflags_to_str(inst.get_rflags_undefined())
print 'Written: %s' % rflags_to_str(inst.get_rflags_written())
print '-'
return 0
def xed32():
xed = pyxed.Decoder()
xed.set_mode(pyxed.XED_MACHINE_MODE_LEGACY_32, pyxed.XED_ADDRESS_WIDTH_32b)
return xed
def xed64():
xed = pyxed.Decoder()
xed.set_mode(pyxed.XED_MACHINE_MODE_LONG_64, pyxed.XED_ADDRESS_WIDTH_64b)
return xed