def guess_machine():
"Return an instance of Machine corresponding to the IDA guessed processor"
processor_name = GetLongPrm(INF_PROCNAME)
info = idaapi.get_inf_structure()
if info.is_64bit():
size = 64
elif info.is_32bit():
size = 32
else:
size = None
if processor_name == "metapc":
size2machine = {
64: "x86_64",
32: "x86_32",
None: "x86_16",
}
machine = Machine(size2machine[size])
elif processor_name == "ARM":
# TODO ARM/thumb
# hack for thumb: set armt = True in globals :/
# set bigendiant = True is bigendian
# Thumb, size, endian
info2machine = {
(True, 32, True): "armtb",
(True, 32, False): "armtl",
(False, 32, True): "armb",
(False, 32, False): "arml",
(False, 64, True): "aarch64b",
(False, 64, False): "aarch64l",
}
is_armt = globals().get('armt', False)
is_bigendian = info.is_be()
infos = (is_armt, size, is_bigendian)
if not infos in info2machine:
raise NotImplementedError('not fully functional')
machine = Machine(info2machine[infos])
from miasm2.analysis.disasm_cb import guess_funcs, guess_multi_cb
from miasm2.analysis.disasm_cb import arm_guess_subcall, arm_guess_jump_table
guess_funcs.append(arm_guess_subcall)
guess_funcs.append(arm_guess_jump_table)
elif processor_name == "msp430":
machine = Machine("msp430")
elif processor_name == "mipsl":
machine = Machine("mips32l")
elif processor_name == "mipsb":
machine = Machine("mips32b")
elif processor_name == "PPC":
machine = Machine("ppc32b")
else:
print repr(processor_name)
raise NotImplementedError('not fully functional')
return machine
def guess_machine():
"Return an instance of Machine corresponding to the IDA guessed processor"
processor_name = GetLongPrm(INF_PROCNAME)
info = idaapi.get_inf_structure()
if info.is_64bit():
size = 64
elif info.is_32bit():
size = 32
else:
size = None
if processor_name == "metapc":
size2machine = {
64: "x86_64",
32: "x86_32",
None: "x86_16",
}
machine = Machine(size2machine[size])
elif processor_name == "ARM":
# TODO ARM/thumb
# hack for thumb: set armt = True in globals :/
# set bigendiant = True is bigendian
# Thumb, size, endian
info2machine = {(True, 32, True): "armtb",
(True, 32, False): "armtl",
(False, 32, True): "armb",
(False, 32, False): "arml",
(False, 64, True): "aarch64b",
(False, 64, False): "aarch64l",
}
is_armt = globals().get('armt', False)
is_bigendian = info.is_be()
infos = (is_armt, size, is_bigendian)
if not infos in info2machine:
raise NotImplementedError('not fully functional')
machine = Machine(info2machine[infos])
from miasm2.analysis.disasm_cb import guess_funcs, guess_multi_cb
from miasm2.analysis.disasm_cb import arm_guess_subcall, arm_guess_jump_table
guess_funcs.append(arm_guess_subcall)
guess_funcs.append(arm_guess_jump_table)
elif processor_name == "msp430":
machine = Machine("msp430")
elif processor_name == "mipsl":
machine = Machine("mips32l")
elif processor_name == "mipsb":
machine = Machine("mips32b")
elif processor_name == "PPC":
machine = Machine("ppc32b")
else:
print repr(processor_name)
raise NotImplementedError('not fully functional')
return machine
def guess_machine():
"Return an instance of Machine corresponding to the IDA guessed processor"
processor_name = GetLongPrm(INF_PROCNAME)
max_size = GetLongPrm(INF_START_SP)
size = max_size_to_size(max_size)
if processor_name == "metapc":
# HACK: check 32/64 using INF_START_SP
if max_size == 0x80: # TODO XXX check
machine = Machine("x86_16")
elif size == 32:
machine = Machine("x86_32")
elif size == 64:
machine = Machine("x86_64")
else:
raise ValueError('cannot guess 32/64 bit! (%x)' % max_size)
elif processor_name == "ARM":
# TODO ARM/thumb
# hack for thumb: set armt = True in globals :/
# set bigendiant = True is bigendian
# Thumb, size, endian
info2machine = {
(True, 32, True): "armtb",
(True, 32, False): "armtl",
(False, 32, True): "armb",
(False, 32, False): "arml",
(False, 64, True): "aarch64b",
(False, 64, False): "aarch64l",
}
is_armt = globals().get('armt', False)
is_bigendian = globals().get('bigendian', False)
infos = (is_armt, size, is_bigendian)
if not infos in info2machine:
raise NotImplementedError('not fully functional')
machine = Machine(info2machine[infos])
from miasm2.analysis.disasm_cb import guess_funcs, guess_multi_cb
from miasm2.analysis.disasm_cb import arm_guess_subcall, arm_guess_jump_table
guess_funcs.append(arm_guess_subcall)
guess_funcs.append(arm_guess_jump_table)
elif processor_name == "msp430":
machine = Machine("msp430")
elif processor_name == "mipsl":
machine = Machine("mipsl")
elif processor_name == "mipsb":
machine = Machine("mipsb")
else:
print repr(processor_name)
raise NotImplementedError('not fully functional')
return machine
def guess_machine():
"Return an instance of Machine corresponding to the IDA guessed processor"
processor_name = GetLongPrm(INF_PROCNAME)
max_size = GetLongPrm(INF_START_SP)
size = max_size_to_size(max_size)
if processor_name == "metapc":
# HACK: check 32/64 using INF_START_SP
if max_size == 0x80: # TODO XXX check
machine = Machine("x86_16")
elif size == 32:
machine = Machine("x86_32")
elif size == 64:
machine = Machine("x86_64")
else:
raise ValueError('cannot guess 32/64 bit! (%x)' % max_size)
elif processor_name == "ARM":
# TODO ARM/thumb
# hack for thumb: set armt = True in globals :/
# set bigendiant = True is bigendian
# Thumb, size, endian
info2machine = {(True, 32, True): "armtb",
(True, 32, False): "armtl",
(False, 32, True): "armb",
(False, 32, False): "arml",
(False, 64, True): "aarch64b",
(False, 64, False): "aarch64l",
}
is_armt = globals().get('armt', False)
is_bigendian = globals().get('bigendian', False)
infos = (is_armt, size, is_bigendian)
if not infos in info2machine:
raise NotImplementedError('not fully functional')
machine = Machine(info2machine[infos])
from miasm2.analysis.disasm_cb import guess_funcs, guess_multi_cb
from miasm2.analysis.disasm_cb import arm_guess_subcall, arm_guess_jump_table
guess_funcs.append(arm_guess_subcall)
guess_funcs.append(arm_guess_jump_table)
elif processor_name == "msp430":
machine = Machine("msp430")
elif processor_name == "mipsl":
machine = Machine("mips32l")
elif processor_name == "mipsb":
machine = Machine("mips32b")
else:
print repr(processor_name)
raise NotImplementedError('not fully functional')
return machine
def guess_machine():
"Return an instance of Machine corresponding to the IDA guessed processor"
processor_name = GetLongPrm(INF_PROCNAME)
if processor_name == "metapc":
# HACK: check 32/64 using INF_START_SP
max_size = GetLongPrm(INF_START_SP)
if max_size == 0x80: # TODO XXX check
machine = Machine("x86_16")
elif max_size == 0xFFFFFFFF:
machine = Machine("x86_32")
elif max_size == 0xFFFFFFFFFFFFFFFF:
machine = Machine("x86_64")
else:
raise ValueError('cannot guess 32/64 bit! (%x)' % max_size)
elif processor_name == "ARM":
# TODO ARM/thumb
# hack for thumb: set armt = True in globals :/
# set bigendiant = True is bigendian
is_armt = globals().get('armt', False)
is_bigendian = globals().get('bigendian', False)
if is_armt:
if is_bigendian:
machine = Machine("armtb")
else:
machine = Machine("armtl")
else:
if is_bigendian:
machine = Machine("armb")
else:
machine = Machine("arml")
from miasm2.analysis.disasm_cb import guess_funcs, guess_multi_cb
from miasm2.analysis.disasm_cb import arm_guess_subcall, arm_guess_jump_table
guess_funcs.append(arm_guess_subcall)
guess_funcs.append(arm_guess_jump_table)
elif processor_name == "msp430":
machine = Machine("msp430")
elif processor_name == "mipsl":
machine = Machine("mipsl")
elif processor_name == "mipsb":
machine = Machine("mipsb")
else:
print repr(processor_name)
raise NotImplementedError('not fully functional')
return machine
def guess_machine():
"Return an instance of Machine corresponding to the IDA guessed processor"
processor_name = GetLongPrm(INF_PROCNAME)
if processor_name == "metapc":
# HACK: check 32/64 using INF_START_SP
max_size = GetLongPrm(INF_START_SP)
if max_size == 0x80: # TODO XXX check
machine = Machine("x86_16")
elif max_size == 0xFFFFFFFF:
machine = Machine("x86_32")
elif max_size == 0xFFFFFFFFFFFFFFFF:
machine = Machine("x86_64")
else:
raise ValueError('cannot guess 32/64 bit! (%x)' % max_size)
elif processor_name == "ARM":
# TODO ARM/thumb
# hack for thumb: set armt = True in globals :/
# set bigendiant = True is bigendian
is_armt = globals().get('armt', False)
is_bigendian = globals().get('bigendian', False)
if is_armt:
if is_bigendian:
machine = Machine("armtb")
else:
machine = Machine("armtl")
else:
if is_bigendian:
machine = Machine("armb")
else:
machine = Machine("arml")
from miasm2.analysis.disasm_cb import guess_funcs, guess_multi_cb
from miasm2.analysis.disasm_cb import arm_guess_subcall, arm_guess_jump_table
guess_funcs.append(arm_guess_subcall)
guess_funcs.append(arm_guess_jump_table)
elif processor_name == "msp430":
machine = Machine("msp430")
elif processor_name == "mipsl":
machine = Machine("mipsl")
elif processor_name == "mipsb":
machine = Machine("mipsb")
else:
print repr(processor_name)
raise NotImplementedError('not fully functional')
return machine
else:
raise ValueError('cannot guess 32/64 bit! (%x)' % max_size)
elif processor_name == "ARM":
# TODO ARM/thumb
# hack for thumb: place armt = True in globals :/
is_armt = globals().get('armt', False)
if is_armt:
from miasm2.arch.arm.disasm import dis_armt as dis_engine
from miasm2.arch.arm.ira import ir_a_armt as ira
else:
from miasm2.arch.arm.disasm import dis_arm as dis_engine
from miasm2.arch.arm.ira import ir_a_arm as ira
from miasm2.analysis.disasm_cb import arm_guess_subcall, arm_guess_jump_table
guess_funcs.append(arm_guess_subcall)
guess_funcs.append(arm_guess_jump_table)
elif processor_name == "msp430":
# TODO ARM/thumb
from miasm2.arch.msp430.disasm import dis_msp430 as dis_engine
from miasm2.arch.msp430.ira import ir_a_msp430 as ira
elif processor_name == "mipsl":
from miasm2.arch.mips32.disasm import dis_mips32l as dis_engine
from miasm2.arch.mips32.ira import ir_a_mips32 as ira
elif processor_name == "mipsb":
from miasm2.arch.mips32.disasm import dis_mips32b as dis_engine
from miasm2.arch.mips32.ira import ir_a_mips32 as ira
else:
print repr(processor_name)
# set bigendiant = True is bigendian
is_armt = globals().get('armt', False)
is_bigendian = globals().get('bigendian', False)
if is_armt:
if is_bigendian:
machine = Machine("armtb")
else:
machine = Machine("armtl")
else:
if is_bigendian:
machine = Machine("armb")
else:
machine = Machine("arml")
from miasm2.analysis.disasm_cb import arm_guess_subcall, arm_guess_jump_table
guess_funcs.append(arm_guess_subcall)
guess_funcs.append(arm_guess_jump_table)
elif processor_name == "msp430":
machine = Machine("msp430")
elif processor_name == "mipsl":
machine = Machine("mipsl")
elif processor_name == "mipsb":
machine = Machine("mipsb")
else:
print repr(processor_name)
raise NotImplementedError('not fully functional')
mn, dis_engine, ira = machine.mn, machine.dis_engine, machine.ira
print "Arch", dis_engine