def test_1(self): ctx = TritonContext() ctx.setArchitecture(ARCH.X86_64) ctx.setMode(MODE.ONLY_ON_TAINTED, False) self.assertEqual(ctx.isModeEnabled(MODE.ONLY_ON_TAINTED), False) inst = Instruction(b"\x48\x89\xc3") # mov rbx, rax self.assertTrue(ctx.processing(inst)) self.assertTrue(checkAstIntegrity(inst)) self.assertEqual(len(inst.getReadRegisters()), 1) self.assertEqual(len(inst.getWrittenRegisters()), 2) ctx.setMode(MODE.ONLY_ON_TAINTED, True) self.assertEqual(ctx.isModeEnabled(MODE.ONLY_ON_TAINTED), True) self.assertTrue(ctx.processing(inst)) self.assertTrue(checkAstIntegrity(inst)) self.assertEqual(len(inst.getSymbolicExpressions()), 0) self.assertEqual(len(inst.getReadRegisters()), 0) self.assertEqual(len(inst.getReadImmediates()), 0) self.assertEqual(len(inst.getWrittenRegisters()), 0) self.assertEqual(len(inst.getLoadAccess()), 0) self.assertEqual(len(inst.getStoreAccess()), 0)
def test_1(self): ctx = TritonContext() ctx.setArchitecture(ARCH.X86_64) ctx.enableMode(MODE.ONLY_ON_TAINTED, False) self.assertEqual(ctx.isModeEnabled(MODE.ONLY_ON_TAINTED), False) inst = Instruction("\x48\x89\xc3") # mov rbx, rax self.assertTrue(ctx.processing(inst)) self.assertTrue(checkAstIntegrity(inst)) self.assertEqual(len(inst.getReadRegisters()), 1) self.assertEqual(len(inst.getWrittenRegisters()), 2) ctx.enableMode(MODE.ONLY_ON_TAINTED, True) self.assertEqual(ctx.isModeEnabled(MODE.ONLY_ON_TAINTED), True) self.assertTrue(ctx.processing(inst)) self.assertTrue(checkAstIntegrity(inst)) self.assertEqual(len(inst.getSymbolicExpressions()), 0) self.assertEqual(len(inst.getReadRegisters()), 0) self.assertEqual(len(inst.getReadImmediates()), 0) self.assertEqual(len(inst.getWrittenRegisters()), 0) self.assertEqual(len(inst.getLoadAccess()), 0) self.assertEqual(len(inst.getStoreAccess()), 0)
def main(): code = [(0x1000, "\x83\xc4\x08"), (0x1003, "\x5b"), (0x1004, "\xc3")] ctxt = TritonContext() ctxt.setArchitecture(ARCH.X86) #load instructions for (addr, opcode) in code: inst = Instruction() inst.setOpcode(opcode) inst.setAddress(addr) if not ctxt.processing(inst): print "Fail an instruction" print inst expr = inst.getSymbolicExpressions()[0] print expr
def process(code): Triton = TritonContext() Triton.setArchitecture(ARCH.X86_64) for (addr, opcode) in code: # Build an instruction inst = Instruction() # Setup opcode inst.setOpcode(opcode) # Setup Address inst.setAddress(addr) # Process everything Triton.processing(inst) print(inst) for expr in inst.getSymbolicExpressions(): print('\t', expr) for k, v in list(Triton.getSymbolicRegisters().items()): if 'rax' in str(Triton.getRegister(k)): print(Triton.getRegister(k), v)
class TestInstruction(unittest.TestCase): """Testing the Instruction class.""" def setUp(self): """Define and process the instruction to test.""" self.Triton = TritonContext() self.Triton.setArchitecture(ARCH.X86_64) self.inst = Instruction() self.inst.setOpcode("\x48\x01\xd8") # add rax, rbx self.inst.setAddress(0x400000) self.Triton.setConcreteRegisterValue(self.Triton.registers.rax, 0x1122334455667788) self.Triton.setConcreteRegisterValue(self.Triton.registers.rbx, 0x8877665544332211) self.Triton.processing(self.inst) def test_address(self): """Check instruction current and next address.""" self.assertEqual(self.inst.getAddress(), 0x400000) self.assertEqual(self.inst.getNextAddress(), 0x400003) def test_memory(self): """Check memory access.""" self.assertListEqual(self.inst.getLoadAccess(), []) self.assertListEqual(self.inst.getStoreAccess(), []) self.assertFalse(self.inst.isMemoryWrite()) self.assertFalse(self.inst.isMemoryRead()) def test_registers(self): """Check register access.""" self.assertEqual(len(self.inst.getReadRegisters()), 2, "access RAX and RBX") self.assertEqual(len(self.inst.getWrittenRegisters()), 8, "write in RAX, RIP, AF, XF, OF, PF, SF and ZF") def test_taints(self): """Check taints attributes.""" self.assertFalse(self.inst.isTainted()) def test_prefix(self): """Check prefix data.""" self.assertFalse(self.inst.isPrefixed()) self.assertEqual(self.inst.getPrefix(), PREFIX.INVALID) def test_control_flow(self): """Check control flow flags.""" self.assertFalse(self.inst.isControlFlow(), "It is not a jmp, ret or call") self.assertFalse(self.inst.isBranch(), "It is not a jmp") def test_condition(self): """Check condition flags.""" self.assertFalse(self.inst.isConditionTaken()) def test_opcode(self): """Check opcode informations.""" self.assertEqual(self.inst.getOpcode(), "\x48\x01\xd8") self.assertEqual(self.inst.getType(), OPCODE.ADD) def test_thread(self): """Check threads information.""" self.assertEqual(self.inst.getThreadId(), 0) def test_operand(self): """Check operand information.""" self.assertEqual(len(self.inst.getOperands()), 2) self.assertEqual(self.inst.getOperands()[0].getName(), "rax") self.assertEqual(self.inst.getOperands()[1].getName(), "rbx") with self.assertRaises(Exception): self.inst.getOperands()[2] def test_symbolic(self): """Check symbolic information.""" self.assertEqual(len(self.inst.getSymbolicExpressions()), 8) def test_size(self): """Check size information.""" self.assertEqual(self.inst.getSize(), 3) def test_disassembly(self): """Check disassembly equivalent.""" self.assertEqual(self.inst.getDisassembly(), "add rax, rbx")
if __name__ == '__main__': Triton = TritonContext() Triton.setArchitecture(ARCH.X86_64) for (addr, opcode) in code: # Build an instruction inst = Instruction() # Setup opcode inst.setOpcode(opcode) # Setup Address inst.setAddress(addr) # Process everything Triton.processing(inst) # Display instruction print(inst) # Display symbolic expressions for expr in inst.getSymbolicExpressions(): print('\t', expr) print() sys.exit(0)
class TestInstruction(unittest.TestCase): """Testing the Instruction class.""" def setUp(self): """Define and process the instruction to test.""" self.Triton = TritonContext() self.Triton.setArchitecture(ARCH.X86_64) self.inst = Instruction() self.inst.setOpcode(b"\x48\x01\xd8") # add rax, rbx self.inst.setAddress(0x400000) self.Triton.setConcreteRegisterValue(self.Triton.registers.rax, 0x1122334455667788) self.Triton.setConcreteRegisterValue(self.Triton.registers.rbx, 0x8877665544332211) self.Triton.processing(self.inst) def test_address(self): """Check instruction current and next address.""" self.assertEqual(self.inst.getAddress(), 0x400000) self.assertEqual(self.inst.getNextAddress(), 0x400003) inst = Instruction() inst.setAddress(-1) self.assertEqual(inst.getAddress(), 0xffffffffffffffff) inst.setAddress(-2) self.assertEqual(inst.getAddress(), 0xfffffffffffffffe) inst.setAddress(-3) self.assertEqual(inst.getAddress(), 0xfffffffffffffffd) def test_memory(self): """Check memory access.""" self.assertListEqual(self.inst.getLoadAccess(), []) self.assertListEqual(self.inst.getStoreAccess(), []) self.assertFalse(self.inst.isMemoryWrite()) self.assertFalse(self.inst.isMemoryRead()) def test_registers(self): """Check register access.""" self.assertEqual(len(self.inst.getReadRegisters()), 2, "access RAX and RBX") self.assertEqual(len(self.inst.getWrittenRegisters()), 8, "write in RAX, RIP, AF, XF, OF, PF, SF and ZF") def test_taints(self): """Check taints attributes.""" self.assertFalse(self.inst.isTainted()) def test_prefix(self): """Check prefix data.""" self.assertFalse(self.inst.isPrefixed()) self.assertEqual(self.inst.getPrefix(), PREFIX.X86.INVALID) def test_control_flow(self): """Check control flow flags.""" self.assertFalse(self.inst.isControlFlow(), "It is not a jmp, ret or call") self.assertFalse(self.inst.isBranch(), "It is not a jmp") def test_condition(self): """Check condition flags.""" self.assertFalse(self.inst.isConditionTaken()) def test_opcode(self): """Check opcode informations.""" self.assertEqual(self.inst.getOpcode(), b"\x48\x01\xd8") self.assertEqual(self.inst.getType(), OPCODE.X86.ADD) def test_thread(self): """Check threads information.""" self.assertEqual(self.inst.getThreadId(), 0) def test_operand(self): """Check operand information.""" self.assertEqual(len(self.inst.getOperands()), 2) self.assertEqual(self.inst.getOperands()[0].getName(), "rax") self.assertEqual(self.inst.getOperands()[1].getName(), "rbx") with self.assertRaises(Exception): self.inst.getOperands()[2] def test_symbolic(self): """Check symbolic information.""" self.assertEqual(len(self.inst.getSymbolicExpressions()), 8) def test_size(self): """Check size information.""" self.assertEqual(self.inst.getSize(), 3) def test_disassembly(self): """Check disassembly equivalent.""" self.assertEqual(self.inst.getDisassembly(), "add rax, rbx")
if __name__ == '__main__': Triton = TritonContext() Triton.setArchitecture(ARCH.X86_64) for (addr, opcode) in code: # Build an instruction inst = Instruction() # Setup opcode inst.setOpcode(opcode) # Setup Address inst.setAddress(addr) # Process everything Triton.processing(inst) # Display instruction print inst # Display symbolic expressions for expr in inst.getSymbolicExpressions(): print '\t', expr print sys.exit(0)
class TestSymbolicExpression(unittest.TestCase): """Testing symbolic expression.""" def setUp(self): """Define the arch.""" self.ctx = TritonContext() self.ctx.setArchitecture(ARCH.X86_64) self.inst1 = Instruction("\x48\x31\xd8") # xor rax, rbx self.ctx.setConcreteRegisterValue(self.ctx.registers.al, 0x10) self.ctx.setConcreteRegisterValue(self.ctx.registers.bl, 0x55) self.inst2 = Instruction("\x48\x89\x03") # mov [rbx], rax self.ctx.processing(self.inst1) self.ctx.processing(self.inst2) self.expr1 = self.inst1.getSymbolicExpressions()[0] self.expr2 = self.inst2.getSymbolicExpressions()[8] def test_expressions(self): """Test expressions""" self.assertEqual(len(self.inst1.getSymbolicExpressions()), 7) def test_getAst(self): """Test getAst""" self.assertEqual(self.expr1.getAst().evaluate(), 0x45) def test_getComment(self): """Test getComment""" self.assertEqual(self.expr1.getComment(), "XOR operation") def test_getId(self): """Test getId""" self.assertEqual(self.expr1.getId(), 0) def test_getKind(self): """Test getKind""" self.assertEqual(self.expr1.getKind(), SYMEXPR.REG) self.assertEqual(self.expr2.getKind(), SYMEXPR.MEM) def test_getNewAst(self): """Test getNewAst""" self.assertTrue(self.expr1.getAst().equalTo(self.expr1.getNewAst())) def test_getOrigin(self): """Test getOrigin""" self.assertEqual(self.expr1.getOrigin().getId(), REG.X86_64.RAX) self.assertEqual(str(self.expr1.getOrigin()), "rax:64 bv[63..0]") self.assertEqual(str(self.expr2.getOrigin()), "[@0x55]:64 bv[63..0]") def test_isMemory(self): """Test isMemory""" self.assertFalse(self.expr1.isMemory()) def test_isRegister(self): """Test isRegister""" self.assertTrue(self.expr1.isRegister()) def test_isSymbolized(self): """Test isSymbolized""" self.assertFalse(self.expr1.isSymbolized()) def test_isTainted(self): """Test isTainted""" self.assertFalse(self.expr1.isTainted()) def test_setAst(self): """Test setAst""" self.expr1.setAst(self.ctx.getAstContext().bv(1, 64)) self.assertEqual(str(self.expr1.getAst()), "(_ bv1 64)") def test_setComment(self): """Test setComment""" self.expr1.setComment("test") self.assertEqual(self.expr1.getComment(), "test")