def getArchModules(default=ARCH_DEFAULT): ''' Retrieve a default array of arch modules ( where index 0 is also the "named" or "default" arch module. ''' import envi.archs.h8 as e_h8 import envi.archs.arm as e_arm import envi.archs.i386 as e_i386 import envi.archs.amd64 as e_amd64 import envi.archs.thumb16 as e_thumb16 import envi.archs.msp430 as e_msp430 archs = [ None, ] # These must be in ARCH_FOO order archs.append( e_i386.i386Module() ) archs.append( e_amd64.Amd64Module() ) archs.append( e_arm.ArmModule() ) archs.append( e_thumb16.Thumb16Module() ) archs.append( e_thumb16.Thumb2Module() ) archs.append( e_msp430.Msp430Module() ) archs.append( e_h8.H8Module() ) # Set the default module ( or None ) archs[ ARCH_DEFAULT ] = archs[ default >> 16 ] return archs
def getArchModules(default=ARCH_DEFAULT): ''' Retrieve a default array of arch modules ( where index 0 is also the "named" or "default" arch module. ''' import envi.archs.h8 as e_h8 import envi.archs.arm as e_arm import envi.archs.i386 as e_i386 import envi.archs.amd64 as e_amd64 import envi.archs.thumb16 as e_thumb16 import envi.archs.msp430 as e_msp430 archs = [None] # These must be in ARCH_FOO order archs.append(e_i386.i386Module()) archs.append(e_amd64.Amd64Module()) archs.append(e_arm.ArmModule()) archs.append(e_thumb16.Thumb16Module()) archs.append(e_thumb16.ThumbModule()) archs.append(e_msp430.Msp430Module()) archs.append(e_h8.H8Module()) # Set the default module ( or None ) archs[ARCH_DEFAULT] = archs[default >> 16] return archs
def getArchModule(name=None): """ return an Envi architecture module instance for the following architecture name. Current architectures include: i386 - Intel i386 amd64 - The new 64bit AMD spec. """ if name == None: name = getCurrentArch() # Some builds have x86 (py2.6) and some have other stuff... if name in ["i386","i486","i586","i686","x86"]: import envi.archs.i386 as e_i386 return e_i386.i386Module() elif name == "amd64": import envi.archs.amd64 as e_amd64 return e_amd64.Amd64Module() elif name == 'arm': import envi.archs.arm as e_arm return e_arm.ArmModule() else: raise ArchNotImplemented(name)
def __init__(self, archmod=None): # Set ourself up as an arch module *and* register context #i386Module.__init__(self) if archmod == None: archmod = i386Module() envi.Emulator.__init__(self, archmod=archmod) for i in xrange(6): self.setSegmentInfo(i, 0, 0xffffffff) i386RegisterContext.__init__(self) # Add our known calling conventions self.addCallingConvention('stdcall', stdcall) self.addCallingConvention('thiscall', thiscall) self.addCallingConvention('cdecl', cdecl) self.addCallingConvention('msfastcall', msfastcall) self.addCallingConvention('bfastcall', bfastcall)
def __init__(self, archmod=None): # Set ourself up as an arch module *and* register context #i386Module.__init__(self) if archmod == None: archmod = i386Module() envi.Emulator.__init__(self, archmod=archmod) self.initEmuOpt('i386:reponce',False,'Set to True to short circuit rep prefix') for i in xrange(6): self.setSegmentInfo(i, 0, 0xffffffff) i386RegisterContext.__init__(self) # Add our known calling conventions self.addCallingConvention('stdcall', stdcall) self.addCallingConvention('thiscall', thiscall) self.addCallingConvention('cdecl', cdecl) self.addCallingConvention('msfastcall', msfastcall) self.addCallingConvention('bfastcall', bfastcall)
def getArchModule(name=None): """ return an Envi architecture module instance for the following architecture name. Current architectures include: i386 - Intel i386 amd64 - The new 64bit AMD spec. """ if name == None: name = getCurrentArch() # Some builds have x86 (py2.6) and some have other stuff... if name in ["i386","i486","i586","i686","x86"]: import envi.archs.i386 as e_i386 return e_i386.i386Module() elif name == "amd64": import envi.archs.amd64 as e_amd64 return e_amd64.Amd64Module() elif name in ( 'arm', 'armv6l', 'armv7l' ): import envi.archs.arm as e_arm return e_arm.ArmModule() elif name in ( 'thumb', 'thumb16', 'thumb2' ): import envi.archs.thumb16 as e_thumb return e_thumb.Thumb16Module() elif name in ( 'msp430', ): import envi.archs.msp430 as e_msp430 return e_msp430.Msp430Module() elif name in ( 'h8', ): import envi.archs.h8 as e_h8 return e_h8.H8Module() else: raise ArchNotImplemented(name)
def getArchModule(name=None): """ return an Envi architecture module instance for the following architecture name. Current architectures include: i386 - Intel i386 amd64 - The new 64bit AMD spec. """ if name is None: name = getCurrentArch() # Some builds have x86 (py2.6) and some have other stuff... if name in ['i386', 'i486', 'i586', 'i686', 'x86']: import envi.archs.i386 as e_i386 return e_i386.i386Module() elif name in ('amd64', 'x86_64'): import envi.archs.amd64 as e_amd64 return e_amd64.Amd64Module() elif name in ('arm', 'armv6l', 'armv7l'): import envi.archs.arm as e_arm return e_arm.ArmModule() elif name in ('thumb', 'thumb16', 'thumb2'): import envi.archs.thumb16 as e_thumb return e_thumb.Thumb16Module() elif name in ('msp430', ): import envi.archs.msp430 as e_msp430 return e_msp430.Msp430Module() elif name in ('h8', ): import envi.archs.h8 as e_h8 return e_h8.H8Module() else: raise ArchNotImplemented(name)
def __init__(self): import envi.archs.i386 as e_i386 # FIXME just inherit one... self.arch = e_i386.i386Module() self.rctx = e_i386.i386RegisterContext()
#!/usr/bin/ipython -i import envi.memory as e_mem import envi.archs.i386 as x86 import envi.archs.i386.emu as x86emu from envi.archs.i386 import REG_EAX, REG_EBX, REG_ECX, REG_EDX, REG_ESI, REG_EDI, REG_EIP, REG_ESP, REG_EBP import sys, struct DEF_STACK_SIZE = 1024 * 1024 DEF_STACK_BASE = 0xc0000000 DEF_CODE_BASE = 0x8048100 a = x86.i386Module() def opnum(num): return a.makeOpcode(struct.pack("<L", num)) def disass(bytes): offset = 0 try: while True: op = a.makeOpcode(bytes, offset) nibble = bytes[offset:offset + len(op)] print "%8x\t%-20s\t%.20s" % (offset, nibble.encode('hex'), op) offset += len(op) except Exception, e: print "ERROR OCCURRED: %s" % repr(e) class SuccessfulRunException(Exception): pass