def dump_data_ascii(self, ctx, lines):
N = 128 # read by block of 128 bytes
ad = ctx.entry
s = self.binary.get_section(ad)
print(hex(ad))
s.print_header()
l = 0
ascii_str = []
ad_str = -1
while l < lines:
buf = s.read(ad, N)
if not buf:
break
i = 0
while i < len(buf):
if ad > s.end:
return
j = i
while j < len(buf):
c = buf[j]
if c not in BYTES_PRINTABLE_SET:
break
if ad_str == -1:
ad_str = ad
ascii_str.append(c)
j += 1
if c != 0 and j == len(buf):
ad += j - i
break
if c == 0 and len(ascii_str) >= 2:
if self.is_label(ad_str):
print(color_symbol(self.get_symbol(ad_str)))
print_no_end(color_addr(ad_str))
print_no_end(
color_string("\"" + "".join(map(get_char, ascii_str)) +
"\""))
print(", 0")
ad += j - i
i = j
else:
if self.is_label(ad):
print(color_symbol(self.get_symbol(ad)))
print_no_end(color_addr(ad))
print("0x%.2x " % buf[i])
ad += 1
i += 1
ad_str = -1
ascii_str = []
l += 1
if l >= lines:
return
def dump_data_ascii(self, ctx, lines):
N = 128 # read by block of 128 bytes
ad = ctx.entry
s = self.binary.get_section(ad)
print(hex(ad))
s.print_header()
l = 0
ascii_str = []
ad_str = -1
while l < lines:
buf = s.read(ad, N)
if not buf:
break
i = 0
while i < len(buf):
if ad > s.end:
return
j = i
while j < len(buf):
c = buf[j]
if c not in BYTES_PRINTABLE_SET:
break
if ad_str == -1:
ad_str = ad
ascii_str.append(c)
j += 1
if c != 0 and j == len(buf):
ad += j - i
break
if c == 0 and len(ascii_str) >= 2:
if self.is_label(ad_str):
print(color_symbol(self.get_symbol(ad_str)))
print_no_end(color_addr(ad_str))
print_no_end(color_string(
"\"" + "".join(map(get_char, ascii_str)) + "\""))
print(", 0")
ad += j - i
i = j
else:
if self.is_label(ad):
print(color_symbol(self.get_symbol(ad)))
print_no_end(color_addr(ad))
print("0x%.2x " % buf[i])
ad += 1
i += 1
ad_str = -1
ascii_str = []
l += 1
if l >= lines:
return
def dump_data_ascii(self, ctx, lines):
N = 128 # read by block of 128 bytes
addr = ctx.entry_addr
s_name, s_start, s_end = self.binary.get_section_meta(ctx.entry_addr)
self.print_section_meta(s_name, s_start, s_end)
l = 0
ascii_str = []
addr_str = -1
while l < lines:
buf = self.binary.section_stream_read(addr, N)
if not buf:
break
i = 0
while i < len(buf):
if addr > s_end:
return
j = i
while j < len(buf):
c = buf[j]
if c not in BYTES_PRINTABLE_SET:
break
if addr_str == -1:
addr_str = addr
ascii_str.append(c)
j += 1
if c != 0 and j == len(buf):
addr += j - i
break
if c == 0 and len(ascii_str) >= 2:
print_no_end(color_addr(addr_str))
print_no_end(
color_string("\"" + "".join(map(get_char, ascii_str)) +
"\""))
print(", 0")
addr += j - i
i = j
else:
print_no_end(color_addr(addr))
print("0x%.2x " % buf[i])
addr += 1
i += 1
addr_str = -1
ascii_str = []
l += 1
if l >= lines:
return
def dump_data_ascii(self, ctx, lines):
N = 128 # read by block of 128 bytes
addr = ctx.entry_addr
s_name, s_start, s_end = self.binary.get_section_meta(ctx.entry_addr)
self.print_section_meta(s_name, s_start, s_end)
l = 0
ascii_str = []
addr_str = -1
while l < lines:
buf = self.binary.section_stream_read(addr, N)
if not buf:
break
i = 0
while i < len(buf):
if addr >= s_end:
return
j = i
while j < len(buf):
c = buf[j]
if c not in BYTES_PRINTABLE_SET:
break
if addr_str == -1:
addr_str = addr
ascii_str.append(c)
j += 1
if c != 0 and j == len(buf):
addr += j - i
break
if c == 0 and len(ascii_str) >= 2:
print_no_end(color_addr(addr_str))
print_no_end(color_string(
"\"" + "".join(map(get_char, ascii_str)) + "\""))
print(", 0")
addr += j - i
i = j
else:
print_no_end(color_addr(addr))
print("0x%.2x " % buf[i])
addr += 1
i += 1
addr_str = -1
ascii_str = []
l += 1
if l >= lines:
return
def print_operand(self, i, num_op, hexa=False, show_deref=True):
def inv(n):
return n == X86_OP_INVALID
op = i.operands[num_op]
if op.type == X86_OP_IMM:
imm = op.value.imm
sec_name, is_data = self.binary.is_address(imm)
if sec_name is not None:
print_no_end(hex(imm))
if self.ctx.sectionsname:
print_no_end(" (" + color_section(sec_name) + ")")
if is_data:
s = self.binary.get_string(imm, self.ctx.max_data_size)
print_no_end(" " + color_string(s))
if imm in self.binary.reverse_symbols:
print_no_end(" ")
self.print_symbol(imm)
elif op.size == 1:
print_no_end(color_string("'%s'" % get_char(imm)))
elif hexa:
print_no_end(hex(imm))
else:
print_no_end(str(imm))
if imm > 0:
packed = struct.pack("<L", imm)
if set(packed).issubset(BYTES_PRINTABLE_SET):
print_no_end(color_string(" \""))
print_no_end(color_string("".join(map(chr, packed))))
print_no_end(color_string("\""))
return False
# returns True because capstone print immediate in hexa
# it will be printed in a comment, sometimes it better
# to have the value in hexa
return True
return False
elif op.type == X86_OP_REG:
print_no_end(i.reg_name(op.value.reg))
return False
elif op.type == X86_OP_FP:
print_no_end("%f" % op.value.fp)
return False
elif op.type == X86_OP_MEM:
mm = op.mem
if not inv(mm.base) and mm.disp != 0 \
and inv(mm.segment) and inv(mm.index):
if (mm.base == X86_REG_RBP or mm.base == X86_REG_EBP) and \
self.var_name_exists(i, num_op):
print_no_end(color_var(self.get_var_name(i, num_op)))
return True
elif mm.base == X86_REG_RIP or mm.base == X86_REG_EIP:
addr = i.address + i.size + mm.disp
print_no_end("*({0})".format(
self.binary.reverse_symbols.get(addr, hex(addr))))
return True
printed = False
if show_deref:
print_no_end("*(")
if not inv(mm.base):
print_no_end("%s" % i.reg_name(mm.base))
printed = True
elif not inv(mm.segment):
print_no_end("%s" % i.reg_name(mm.segment))
printed = True
if not inv(mm.index):
if printed:
print_no_end(" + ")
if mm.scale == 1:
print_no_end("%s" % i.reg_name(mm.index))
else:
print_no_end("(%s*%d)" % (i.reg_name(mm.index), mm.scale))
printed = True
if mm.disp != 0:
if mm.disp < 0:
if printed:
print_no_end(" - ")
print_no_end(-mm.disp)
else:
if printed:
print_no_end(" + ")
print_no_end(mm.disp)
else:
if mm.disp in self.binary.reverse_symbols:
print_no_end(hex(mm.disp) + " ")
self.print_symbol(mm.disp)
else:
print_no_end(hex(mm.disp))
if show_deref:
print_no_end(")")
return True
def dump_data(self, ctx, lines):
N = 128
addr = ctx.entry_addr
s_name, s_start, s_end = self.binary.get_section_meta(ctx.entry_addr)
self.print_section_meta(s_name, s_start, s_end)
addr_ascii_str = -1
ascii_str = []
l = 0
is_new_line = True
while l < lines:
buf = self.binary.section_stream_read(addr, N)
if not buf:
break
i = 0
while i < len(buf):
c = buf[i]
if c in BYTES_PRINTABLE_SET:
if addr_ascii_str == -1:
addr_ascii_str = addr
ascii_str.append(c)
addr += 1
i += 1
continue
stack_char = []
if addr_ascii_str != -1:
if c == 0 and len(ascii_str) >= 2:
if not is_new_line:
print()
l += 1
if l >= lines:
return
print_no_end(color_addr(addr_ascii_str))
print_no_end(color_string("\"" + "".join(map(get_char, ascii_str)) + "\""))
print(", 0")
is_new_line = True
l += 1
if l >= lines:
return
ascii_str = []
addr_ascii_str = -1
addr += 1
i += 1
continue
stack_char = ascii_str
i -= len(ascii_str)
addr -= len(ascii_str)
stack_char.append(c)
for c in stack_char:
if is_new_line:
print_no_end(color_addr(addr))
elif addr % 4 == 0 and addr != ctx.entry_addr:
print()
is_new_line = True
l += 1
if l >= lines:
return
print_no_end(color_addr(addr))
print_no_end("%.2x " % c)
addr += 1
i += 1
is_new_line = False
ascii_str = []
addr_ascii_str = -1
if not is_new_line:
print()
def print_operand(self, i, num_op, hexa=False, show_deref=True):
def inv(n):
return n == MIPS_OP_INVALID
op = i.operands[num_op]
if op.type == MIPS_OP_IMM:
imm = op.value.imm
sec_name, is_data = self.binary.is_address(imm)
if sec_name is not None:
modified = False
if self.ctx.sectionsname:
print_no_end("(" + color_section(sec_name) + ") ")
if imm in self.binary.reverse_symbols:
self.print_symbol(imm)
print_no_end(" ")
modified = True
if imm in self.ctx.labels:
print_label(imm, print_colon=False)
print_no_end(" ")
modified = True
if not modified:
print_no_end(hex(imm))
if is_data:
s = self.binary.get_string(imm, self.ctx.max_data_size)
if s != "\"\"":
print_no_end(" " + color_string(s))
return modified
elif hexa:
print_no_end(hex(imm))
else:
print_no_end(str(imm))
if imm > 0:
packed = struct.pack("<L", imm)
if set(packed).issubset(BYTES_PRINTABLE_SET):
print_no_end(color_string(" \""))
print_no_end(color_string("".join(map(chr, packed))))
print_no_end(color_string("\""))
return False
# returns True because capstone print immediate in hexa
# it will be printed in a comment, sometimes it's better
# to have the value in hexa
return True
return False
elif op.type == MIPS_OP_REG:
print_no_end("$")
print_no_end(i.reg_name(op.value.reg))
return False
elif op.type == MIPS_OP_MEM:
mm = op.mem
printed = False
if show_deref:
print_no_end("*(")
if not inv(mm.base):
print_no_end("$%s" % i.reg_name(mm.base))
printed = True
if mm.disp != 0:
sec_name, is_data = self.binary.is_address(mm.disp)
if sec_name is not None:
if printed:
print_no_end(" + ")
if mm.disp in self.binary.reverse_symbols:
self.print_symbol(mm.disp)
else:
print_no_end(hex(mm.disp))
else:
if printed:
if mm.disp < 0:
print_no_end(" - ")
print_no_end(-mm.disp)
else:
print_no_end(" + ")
print_no_end(mm.disp)
if show_deref:
print_no_end(")")
return True
def print_operand(self, i, num_op, hexa=False, show_deref=True):
def inv(n):
return n == ARM_OP_INVALID
op = i.operands[num_op]
if op.shift.type:
print_no_end("(")
if op.type == ARM_OP_IMM:
imm = op.value.imm
sec_name, is_data = self.binary.is_address(imm)
if sec_name is not None:
print_no_end(hex(imm))
if self.ctx.sectionsname:
print_no_end(" (" + color_section(sec_name) + ")")
if is_data:
s = self.binary.get_string(imm, self.ctx.max_data_size)
print_no_end(" " + color_string(s))
if imm in self.binary.reverse_symbols:
print_no_end(" ")
self.print_symbol(imm)
elif hexa:
print_no_end(hex(imm))
else:
print_no_end(str(imm))
if imm > 0:
packed = struct.pack("<L", imm)
if set(packed).issubset(BYTES_PRINTABLE_SET):
print_no_end(color_string(" \""))
print_no_end(color_string("".join(map(chr, packed))))
print_no_end(color_string("\""))
return False
# returns True because capstone print immediate in hexa
# it will be printed in a comment, sometimes it better
# to have the value in hexa
return True
return False
elif op.type == ARM_OP_REG:
if op.value.reg == ARM_REG_PC and i.reg_read(ARM_REG_PC):
print_no_end(hex(i.address))
else:
print_no_end(i.reg_name(op.value.reg))
if op.shift.type:
self.print_shift(i, op.shift)
return False
elif op.type == ARM_OP_FP:
print_no_end("%f" % op.value.fp)
if op.shift.type:
self.print_shift(i, op.shift)
return False
elif op.type == ARM_OP_MEM:
mm = op.mem
if not inv(mm.base) and mm.disp != 0 and inv(mm.index):
# if (mm.base == X86_REG_RBP or mm.base == X86_REG_EBP) and \
# self.var_name_exists(i, num_op):
# print_no_end(color_var(self.get_var_name(i, num_op)))
# return True
if mm.base == ARM_REG_PC:
addr = i.address + i.size + mm.disp
print_no_end("*({0})".format(
self.binary.reverse_symbols.get(addr, hex(addr))))
return True
printed = False
if show_deref:
print_no_end("*(")
if not inv(mm.base):
print_no_end("%s" % i.reg_name(mm.base))
printed = True
elif not inv(mm.segment):
print_no_end("%s" % i.reg_name(mm.segment))
printed = True
if not inv(mm.index):
if printed:
print_no_end(" + ")
if mm.scale == 1:
print_no_end("%s" % i.reg_name(mm.index))
else:
print_no_end("(%s*%d)" % (i.reg_name(mm.index), mm.scale))
if op.shift.type:
self.print_shift(i, op.shift)
printed = True
if mm.disp != 0:
if mm.disp < 0:
if printed:
print_no_end(" - ")
print_no_end(-mm.disp)
else:
if printed:
print_no_end(" + ")
print_no_end(mm.disp)
else:
if mm.disp in self.binary.reverse_symbols:
print_no_end(hex(mm.disp) + " ")
self.print_symbol(mm.disp)
else:
print_no_end(hex(mm.disp))
if show_deref:
print_no_end(")")
return True
def print_operand(self, i, num_op, hexa=False, show_deref=True):
def inv(n):
return n == MIPS_OP_INVALID
op = i.operands[num_op]
if op.type == MIPS_OP_IMM:
imm = op.value.imm
sec_name, is_data = self.binary.is_address(imm)
if sec_name is not None:
modified = False
if self.ctx.sectionsname:
print_no_end("(" + color_section(sec_name) + ") ")
if imm in self.binary.reverse_symbols:
self.print_symbol(imm)
print_no_end(" ")
modified = True
if imm in self.ctx.labels:
print_label(imm, print_colon=False)
print_no_end(" ")
modified = True
if not modified:
print_no_end(hex(imm))
if is_data:
s = self.binary.get_string(imm, self.ctx.max_data_size)
if s != "\"\"":
print_no_end(" " + color_string(s))
return modified
elif hexa:
print_no_end(hex(imm))
else:
print_no_end(str(imm))
if imm > 0:
packed = struct.pack("<L", imm)
if set(packed).issubset(BYTES_PRINTABLE_SET):
print_no_end(color_string(" \""))
print_no_end(color_string("".join(map(chr, packed))))
print_no_end(color_string("\""))
return False
# returns True because capstone print immediate in hexa
# it will be printed in a comment, sometimes it's better
# to have the value in hexa
return True
return False
elif op.type == MIPS_OP_REG:
print_no_end("$")
print_no_end(i.reg_name(op.value.reg))
return False
elif op.type == MIPS_OP_MEM:
mm = op.mem
printed = False
if show_deref:
print_no_end("*(")
if not inv(mm.base):
print_no_end("$%s" % i.reg_name(mm.base))
printed = True
if mm.disp != 0:
sec_name, is_data = self.binary.is_address(mm.disp)
if sec_name is not None:
if printed:
print_no_end(" + ")
if mm.disp in self.binary.reverse_symbols:
self.print_symbol(mm.disp)
else:
print_no_end(hex(mm.disp))
else:
if printed:
if mm.disp < 0:
print_no_end(" - ")
print_no_end(-mm.disp)
else:
print_no_end(" + ")
print_no_end(mm.disp)
if show_deref:
print_no_end(")")
return True
