fav_num_text = e.get_symbol_text('_ZN6Person14favoriteNumberEv') fav_num_inst = disass.disassemble_x64(fav_num_text) # slices, indexing print fav_num_inst[0] print type(fav_num_inst[0:5]) print len(fav_num_inst) print fav_num_inst[-1] # various mnemonics, instruction class, category inst = fav_num_inst[0] inst.get_mnemonic() inst.get_mnemonic_intel() inst.get_mnemonic_att() inst.get_iclass() inst.get_category() # get bb starting from given offset, objdump will report 0x40081c bb = disass.get_basic_block(e, 0x81c) print "BB length", len(bb) # iteration over a list of instructions for inst in bb: print inst, len(inst.get_bytes()), disass.bytes_to_string(inst.get_bytes()) # these bytes are sometimes corrupted for an uknown reason # get a list of bb's starting at given offsets bbs = disass.get_basic_blocks(e, [0x81c, 0x97a, 0x902, 0x832]) assert(isinstance(bbs, list)) assert(isinstance(bbs[0], xed.inst_list_t))
import xed import disass from fun_list import get_text text = get_text("/home/paszoste/cp/testG4Box") inst_list = disass.disassemble_x64(text) # il1 = inst_list[:5] # il2 = inst_list[5:10] for inst in inst_list: print inst print "unsigned imm:", inst.get_unsigned_immediate() print "signed imm:", inst.get_signed_immediate() print "number of operands:", inst.get_number_of_operands() for idx in xrange(0, inst.get_number_of_operands()): print inst.get_operand_length(idx) print "branch displacement: ", inst.get_branch_displacement() print "bytes:", disass.bytes_to_string(inst.get_bytes()) print "" # if xed.terminates_bb(inst): # print ">>",\ # inst.get_mnemonic_intel(),\ # xed.xed_operand_values_get_branch_displacement_int32(xed.xed_decoded_inst_operands_const(inst)) # else: # print inst.get_mnemonic_intel()