本文整理汇总了Python中unicorn.Uc方法的典型用法代码示例。如果您正苦于以下问题:Python unicorn.Uc方法的具体用法?Python unicorn.Uc怎么用?Python unicorn.Uc使用的例子?那么恭喜您, 这里精选的方法代码示例或许可以为您提供帮助。您也可以进一步了解该方法所在类unicorn的用法示例。
在下文中一共展示了unicorn.Uc方法的15个代码示例,这些例子默认根据受欢迎程度排序。您可以为喜欢或者感觉有用的代码点赞,您的评价将有助于系统推荐出更棒的Python代码示例。
示例1: __init__
# 需要导入模块: import unicorn [as 别名]
# 或者: from unicorn import Uc [as 别名]
def __init__(self, trace=True, sca_mode=False, local_vars={}):
super().__init__(trace, sca_mode)
self.emu = uc.Uc(uc.UC_ARCH_ARM, uc.UC_MODE_ARM)
self.disasm = cs.Cs(cs.CS_ARCH_ARM, cs.CS_MODE_ARM | cs.CS_MODE_THUMB)
self.disasm.detail = True
self.word_size = 4
self.endianness = "little"
self.page_size = self.emu.query(uc.UC_QUERY_PAGE_SIZE)
self.page_shift = self.page_size.bit_length() - 1
self.pc = uc.arm_const.UC_ARM_REG_PC
known_regs = [i[len('UC_ARM_REG_'):] for i in dir(uc.arm_const) if '_REG' in i]
self.reg_map = {r.lower(): getattr(uc.arm_const, 'UC_ARM_REG_'+r) for r in known_regs}
self.stubbed_functions = local_vars
self.setup(sca_mode)
self.reset_stack() 示例2: __init__
# 需要导入模块: import unicorn [as 别名]
# 或者: from unicorn import Uc [as 别名]
def __init__(self, trace=True, sca_mode=False, local_vars=[]):
super().__init__(trace, sca_mode)
self.emu = uc.Uc(uc.UC_ARCH_ARM64, uc.UC_MODE_ARM)
self.disasm = cs.Cs(cs.CS_ARCH_ARM64, cs.CS_MODE_ARM)
self.disasm.detail = True
self.word_size = 8
self.endianness = "little"
self.page_size = self.emu.query(uc.UC_QUERY_PAGE_SIZE)
self.page_shift = self.page_size.bit_length() - 1
self.pc = uc.arm64_const.UC_ARM64_REG_PC
known_regs = [i[len('UC_ARM64_REG_'):] for i in dir(uc.arm64_const) if '_REG' in i]
self.reg_map = {r.lower(): getattr(uc.arm64_const, 'UC_ARM64_REG_'+r) for r in known_regs}
self.stubbed_functions = local_vars
self.setup(sca_mode)
self.reset_stack() 示例3: __init__
# 需要导入模块: import unicorn [as 别名]
# 或者: from unicorn import Uc [as 别名]
def __init__(self, trace=True, sca_mode=False, local_vars={}):
super().__init__(trace, sca_mode)
self.emu = uc.Uc(uc.UC_ARCH_M68K, uc.UC_MODE_BIG_ENDIAN)
self.disasm = cs.Cs(cs.CS_ARCH_M68K, cs.CS_MODE_M68K_000)
self.disasm.detail = True
self.word_size = 4
self.endianness = "big"
self.page_size = self.emu.query(uc.UC_QUERY_PAGE_SIZE)
self.page_shift = self.page_size.bit_length() - 1
self.pc = uc.m68k_const.UC_M68K_REG_PC
known_regs = [i[len('UC_M68K_REG_'):] for i in dir(uc.m68k_const) if '_REG' in i]
self.reg_map = {r.lower(): getattr(uc.m68k_const, 'UC_M68K_REG_'+r) for r in known_regs}
self.stubbed_functions = local_vars
self.setup(sca_mode)
self.reset_stack() 示例4: __init__
# 需要导入模块: import unicorn [as 别名]
# 或者: from unicorn import Uc [as 别名]
def __init__(self, trace=True, sca_mode=False, local_vars={}):
super().__init__(trace, sca_mode)
self.emu = uc.Uc(uc.UC_ARCH_X86, uc.UC_MODE_64)
self.disasm = cs.Cs(cs.CS_ARCH_X86, cs.CS_MODE_64)
self.disasm.detail = True
self.word_size = 8
self.endianness = "little"
self.page_size = self.emu.query(uc.UC_QUERY_PAGE_SIZE)
self.page_shift = self.page_size.bit_length() - 1
self.pc = uc.x86_const.UC_X86_REG_RIP
# workaround for capstone 4
uc.x86_const.UC_X86_REG_RFLAGS = uc.x86_const.UC_X86_REG_EFLAGS
known_regs = [i[len('UC_X86_REG_'):] for i in dir(uc.x86_const) if '_REG' in i]
self.reg_map = {r.lower(): getattr(uc.x86_const, 'UC_X86_REG_'+r) for r in known_regs}
self.stubbed_functions = local_vars
self.setup(sca_mode)
self.reset_stack() 示例5: __init__
# 需要导入模块: import unicorn [as 别名]
# 或者: from unicorn import Uc [as 别名]
def __init__(self, trace=True, sca_mode=False, local_vars={}):
super().__init__(trace, sca_mode)
self.emu = uc.Uc(uc.UC_ARCH_ARM, uc.UC_MODE_THUMB | uc.UC_MODE_MCLASS)
self.disasm = cs.Cs(cs.CS_ARCH_ARM, cs.CS_MODE_THUMB | cs.CS_MODE_MCLASS)
self.disasm.detail = True
self.word_size = 4
self.endianness = "little"
self.page_size = self.emu.query(uc.UC_QUERY_PAGE_SIZE)
self.page_shift = self.page_size.bit_length() - 1
self.pc = uc.arm_const.UC_ARM_REG_PC
known_regs = [i[len('UC_ARM_REG_'):] for i in dir(uc.arm_const) if '_REG' in i]
self.reg_map = {r.lower(): getattr(uc.arm_const, 'UC_ARM_REG_'+r) for r in known_regs}
self.stubbed_functions = local_vars
self.setup(sca_mode)
self.reset_stack()
# Force mapping of those addresses so that
# exception returns can be caught in the base
# block hook rather than a code fetch hook
self.map_space(0xfffffff0, 0xffffffff)
self.emu.hook_add(uc.UC_HOOK_INTR, self.intr_hook) 示例6: place_input_skb
# 需要导入模块: import unicorn [as 别名]
# 或者: from unicorn import Uc [as 别名]
def place_input_skb(ucf: Unicorefuzz, uc: Uc, input: bytes) -> None:
"""
Places the input in memory and alters the input.
This is an example for sk_buff in openvsswitch
"""
if len(input) > 1500:
import os
os._exit(0) # too big!
# read input to the correct position at param rdx here:
rdx = uc.reg_read(UC_X86_REG_RDX)
rdi = uc.reg_read(UC_X86_REG_RDI)
ucf.map_page(uc, rdx) # ensure sk_buf is mapped
bufferPtr = struct.unpack("<Q", uc.mem_read(rdx + 0xD8, 8))[0]
ucf.map_page(uc, bufferPtr) # ensure the buffer is mapped
uc.mem_write(rdi, input) # insert afl input
uc.mem_write(rdx + 0xC4, b"\xdc\x05") # fix tail 示例7: renew
# 需要导入模块: import unicorn [as 别名]
# 或者: from unicorn import Uc [as 别名]
def renew(self):
ask_arch, ask_attrib = self.ira.arch.name, self.ira.attrib
cpucls = UcWrapCPU.available_cpus.get((ask_arch, ask_attrib), None)
if not cpucls:
raise ValueError("Unimplemented architecture (%s, %s)" % (ask_arch,
ask_attrib))
arch, mode = cpucls.uc_arch, cpucls.uc_mode
self.ask_arch = ask_arch
self.ask_attrib = ask_attrib
self.mu = unicorn.Uc(arch, mode)
self.vm = UcWrapVM(self.mu)
self.cpu = cpucls(self.mu) 示例8: __init__
# 需要导入模块: import unicorn [as 别名]
# 或者: from unicorn import Uc [as 别名]
def __init__(self, addr):
claripy.SimplificationAvoidanceAnnotation.__init__(self)
self.unicorn_start_addr = addr
#
# Because Unicorn leaks like crazy, we use one Uc object per thread...
# 示例9: hook_add
# 需要导入模块: import unicorn [as 别名]
# 或者: from unicorn import Uc [as 别名]
def hook_add(self, htype, callback, user_data=None, begin=1, end=0, arg1=0):
h = unicorn.Uc.hook_add(self, htype, callback, user_data=user_data, begin=begin, end=end, arg1=arg1)
#l.debug("Hook: %s,%s -> %s", htype, callback.__name__, h)
self.wrapped_hooks.add(h)
return h 示例10: hook_del
# 需要导入模块: import unicorn [as 别名]
# 或者: from unicorn import Uc [as 别名]
def hook_del(self, h):
#l.debug("Clearing hook %s", h)
h = unicorn.Uc.hook_del(self, h)
self.wrapped_hooks.discard(h)
return h 示例11: mem_map
# 需要导入模块: import unicorn [as 别名]
# 或者: from unicorn import Uc [as 别名]
def mem_map(self, addr, size, perms=7):
#l.debug("Mapping %d bytes at %#x", size, addr)
m = unicorn.Uc.mem_map(self, addr, size, perms=perms)
self.wrapped_mapped.add((addr, size))
return m 示例12: mem_reset
# 需要导入模块: import unicorn [as 别名]
# 或者: from unicorn import Uc [as 别名]
def mem_reset(self):
#l.debug("Resetting memory.")
for addr,size in self.wrapped_mapped:
#l.debug("Unmapping %d bytes at %#x", size, addr)
unicorn.Uc.mem_unmap(self, addr, size)
self.wrapped_mapped.clear() 示例13: hook_reset
# 需要导入模块: import unicorn [as 别名]
# 或者: from unicorn import Uc [as 别名]
def hook_reset(self):
#l.debug("Resetting hooks.")
for h in self.wrapped_hooks:
#l.debug("Clearing hook %s", h)
unicorn.Uc.hook_del(self, h)
self.wrapped_hooks.clear() 示例14: setup
# 需要导入模块: import unicorn [as 别名]
# 或者: from unicorn import Uc [as 别名]
def setup(self):
if self._is_mips32 and options.COPY_STATES not in self.state.options:
# we always re-create the thread-local UC object for MIPS32 even if COPY_STATES is disabled in state
# options. this is to avoid some weird bugs in unicorn (e.g., it reports stepping 1 step while in reality it
# did not step at all).
self.delete_uc()
self._setup_unicorn()
try:
self.set_regs()
except SimValueError:
# reset the state and re-raise
self.uc.reset()
raise
# tricky: using unicorn handle from unicorn.Uc object
self._uc_state = _UC_NATIVE.alloc(self.uc._uch, self.cache_key)
# set (cgc, for now) transmit syscall handler
if UNICORN_HANDLE_TRANSMIT_SYSCALL in self.state.options and self.state.has_plugin('cgc'):
if self.transmit_addr is None:
l.error("You haven't set the address for concrete transmits!!!!!!!!!!!")
self.transmit_addr = 0
_UC_NATIVE.set_transmit_sysno(self._uc_state, 2, self.transmit_addr)
# activate gdt page, which was written/mapped during set_regs
if self.gdt is not None:
_UC_NATIVE.activate(self._uc_state, self.gdt.addr, self.gdt.limit, None) 示例15: create_new_vm
# 需要导入模块: import unicorn [as 别名]
# 或者: from unicorn import Uc [as 别名]
def create_new_vm(self) -> None:
"""
Create a new VM, and sets up the hooks
"""
arch, mode, endian = get_arch_mode("unicorn", self.root.arch)
self.vm = unicorn.Uc(arch, mode | endian)
self.vm.hook_add(unicorn.UC_HOOK_BLOCK, self.hook_block)
self.vm.hook_add(unicorn.UC_HOOK_CODE, self.hook_code)
self.vm.hook_add(unicorn.UC_HOOK_INTR, self.hook_interrupt)
self.vm.hook_add(unicorn.UC_HOOK_MEM_WRITE, self.hook_mem_access)
self.vm.hook_add(unicorn.UC_HOOK_MEM_READ, self.hook_mem_access)
if is_x86(self.root.arch):
self.vm.hook_add(unicorn.UC_HOOK_INSN, self.hook_syscall, None, 1, 0, unicorn.x86_const.UC_X86_INS_SYSCALL)
return