def getArchModules(default=ARCH_DEFAULT):
'''
Retrieve a default array of arch modules ( where index 0 is
also the "named" or "default" arch module.
'''
import envi.archs.h8 as e_h8
import envi.archs.arm as e_arm
import envi.archs.i386 as e_i386
import envi.archs.amd64 as e_amd64
import envi.archs.thumb16 as e_thumb16
import envi.archs.msp430 as e_msp430
archs = [ None, ]
# These must be in ARCH_FOO order
archs.append( e_i386.i386Module() )
archs.append( e_amd64.Amd64Module() )
archs.append( e_arm.ArmModule() )
archs.append( e_thumb16.Thumb16Module() )
archs.append( e_thumb16.Thumb2Module() )
archs.append( e_msp430.Msp430Module() )
archs.append( e_h8.H8Module() )
# Set the default module ( or None )
archs[ ARCH_DEFAULT ] = archs[ default >> 16 ]
return archs
def getArchModules(default=ARCH_DEFAULT):
'''
Retrieve a default array of arch modules ( where index 0 is
also the "named" or "default" arch module.
'''
import envi.archs.h8 as e_h8
import envi.archs.arm as e_arm
import envi.archs.i386 as e_i386
import envi.archs.amd64 as e_amd64
import envi.archs.thumb16 as e_thumb16
import envi.archs.msp430 as e_msp430
archs = [None]
# These must be in ARCH_FOO order
archs.append(e_i386.i386Module())
archs.append(e_amd64.Amd64Module())
archs.append(e_arm.ArmModule())
archs.append(e_thumb16.Thumb16Module())
archs.append(e_thumb16.ThumbModule())
archs.append(e_msp430.Msp430Module())
archs.append(e_h8.H8Module())
# Set the default module ( or None )
archs[ARCH_DEFAULT] = archs[default >> 16]
return archs
def getArchModule(name=None):
"""
return an Envi architecture module instance for the following
architecture name.
Current architectures include:
i386 - Intel i386
amd64 - The new 64bit AMD spec.
"""
if name == None:
name = getCurrentArch()
# Some builds have x86 (py2.6) and some have other stuff...
if name in ["i386","i486","i586","i686","x86"]:
import envi.archs.i386 as e_i386
return e_i386.i386Module()
elif name == "amd64":
import envi.archs.amd64 as e_amd64
return e_amd64.Amd64Module()
elif name == 'arm':
import envi.archs.arm as e_arm
return e_arm.ArmModule()
else:
raise ArchNotImplemented(name)
def getArchModule(name=None):
"""
return an Envi architecture module instance for the following
architecture name.
Current architectures include:
i386 - Intel i386
amd64 - The new 64bit AMD spec.
"""
if name == None:
name = getCurrentArch()
# Some builds have x86 (py2.6) and some have other stuff...
if name in ["i386","i486","i586","i686","x86"]:
import envi.archs.i386 as e_i386
return e_i386.i386Module()
elif name == "amd64":
import envi.archs.amd64 as e_amd64
return e_amd64.Amd64Module()
elif name == 'arm':
import envi.archs.arm as e_arm
return e_arm.ArmModule()
else:
raise ArchNotImplemented(name)
def __init__(self, archmod=None):
# Set ourself up as an arch module *and* register context
#i386Module.__init__(self)
if archmod == None:
archmod = i386Module()
envi.Emulator.__init__(self, archmod=archmod)
for i in xrange(6):
self.setSegmentInfo(i, 0, 0xffffffff)
i386RegisterContext.__init__(self)
# Add our known calling conventions
self.addCallingConvention('stdcall', stdcall)
self.addCallingConvention('thiscall', thiscall)
self.addCallingConvention('cdecl', cdecl)
self.addCallingConvention('msfastcall', msfastcall)
self.addCallingConvention('bfastcall', bfastcall)
def __init__(self, archmod=None):
# Set ourself up as an arch module *and* register context
#i386Module.__init__(self)
if archmod == None:
archmod = i386Module()
envi.Emulator.__init__(self, archmod=archmod)
for i in xrange(6):
self.setSegmentInfo(i, 0, 0xffffffff)
i386RegisterContext.__init__(self)
# Add our known calling conventions
self.addCallingConvention('stdcall', stdcall)
self.addCallingConvention('thiscall', thiscall)
self.addCallingConvention('cdecl', cdecl)
self.addCallingConvention('msfastcall', msfastcall)
self.addCallingConvention('bfastcall', bfastcall)
def __init__(self, archmod=None):
# Set ourself up as an arch module *and* register context
#i386Module.__init__(self)
if archmod == None:
archmod = i386Module()
envi.Emulator.__init__(self, archmod=archmod)
self.initEmuOpt('i386:reponce',False,'Set to True to short circuit rep prefix')
for i in xrange(6):
self.setSegmentInfo(i, 0, 0xffffffff)
i386RegisterContext.__init__(self)
# Add our known calling conventions
self.addCallingConvention('stdcall', stdcall)
self.addCallingConvention('thiscall', thiscall)
self.addCallingConvention('cdecl', cdecl)
self.addCallingConvention('msfastcall', msfastcall)
self.addCallingConvention('bfastcall', bfastcall)
def __init__(self, archmod=None):
# Set ourself up as an arch module *and* register context
#i386Module.__init__(self)
if archmod == None:
archmod = i386Module()
envi.Emulator.__init__(self, archmod=archmod)
self.initEmuOpt('i386:reponce',False,'Set to True to short circuit rep prefix')
for i in xrange(6):
self.setSegmentInfo(i, 0, 0xffffffff)
i386RegisterContext.__init__(self)
# Add our known calling conventions
self.addCallingConvention('stdcall', stdcall)
self.addCallingConvention('thiscall', thiscall)
self.addCallingConvention('cdecl', cdecl)
self.addCallingConvention('msfastcall', msfastcall)
self.addCallingConvention('bfastcall', bfastcall)
def getArchModule(name=None):
"""
return an Envi architecture module instance for the following
architecture name.
Current architectures include:
i386 - Intel i386
amd64 - The new 64bit AMD spec.
"""
if name == None:
name = getCurrentArch()
# Some builds have x86 (py2.6) and some have other stuff...
if name in ["i386","i486","i586","i686","x86"]:
import envi.archs.i386 as e_i386
return e_i386.i386Module()
elif name == "amd64":
import envi.archs.amd64 as e_amd64
return e_amd64.Amd64Module()
elif name in ( 'arm', 'armv6l', 'armv7l' ):
import envi.archs.arm as e_arm
return e_arm.ArmModule()
elif name in ( 'thumb', 'thumb16', 'thumb2' ):
import envi.archs.thumb16 as e_thumb
return e_thumb.Thumb16Module()
elif name in ( 'msp430', ):
import envi.archs.msp430 as e_msp430
return e_msp430.Msp430Module()
elif name in ( 'h8', ):
import envi.archs.h8 as e_h8
return e_h8.H8Module()
else:
raise ArchNotImplemented(name)
def getArchModule(name=None):
"""
return an Envi architecture module instance for the following
architecture name.
Current architectures include:
i386 - Intel i386
amd64 - The new 64bit AMD spec.
"""
if name is None:
name = getCurrentArch()
# Some builds have x86 (py2.6) and some have other stuff...
if name in ['i386', 'i486', 'i586', 'i686', 'x86']:
import envi.archs.i386 as e_i386
return e_i386.i386Module()
elif name in ('amd64', 'x86_64'):
import envi.archs.amd64 as e_amd64
return e_amd64.Amd64Module()
elif name in ('arm', 'armv6l', 'armv7l'):
import envi.archs.arm as e_arm
return e_arm.ArmModule()
elif name in ('thumb', 'thumb16', 'thumb2'):
import envi.archs.thumb16 as e_thumb
return e_thumb.Thumb16Module()
elif name in ('msp430', ):
import envi.archs.msp430 as e_msp430
return e_msp430.Msp430Module()
elif name in ('h8', ):
import envi.archs.h8 as e_h8
return e_h8.H8Module()
else:
raise ArchNotImplemented(name)
def __init__(self):
import envi.archs.i386 as e_i386
# FIXME just inherit one...
self.arch = e_i386.i386Module()
self.rctx = e_i386.i386RegisterContext()
#!/usr/bin/ipython -i
import envi.memory as e_mem
import envi.archs.i386 as x86
import envi.archs.i386.emu as x86emu
from envi.archs.i386 import REG_EAX, REG_EBX, REG_ECX, REG_EDX, REG_ESI, REG_EDI, REG_EIP, REG_ESP, REG_EBP
import sys, struct
DEF_STACK_SIZE = 1024 * 1024
DEF_STACK_BASE = 0xc0000000
DEF_CODE_BASE = 0x8048100
a = x86.i386Module()
def opnum(num):
return a.makeOpcode(struct.pack("<L", num))
def disass(bytes):
offset = 0
try:
while True:
op = a.makeOpcode(bytes, offset)
nibble = bytes[offset:offset + len(op)]
print "%8x\t%-20s\t%.20s" % (offset, nibble.encode('hex'), op)
offset += len(op)
except Exception, e:
print "ERROR OCCURRED: %s" % repr(e)
class SuccessfulRunException(Exception):
pass
