本文整理匯總了Python中capstone.CS_ARCH_X86屬性的典型用法代碼示例。如果您正苦於以下問題:Python capstone.CS_ARCH_X86屬性的具體用法?Python capstone.CS_ARCH_X86怎麽用?Python capstone.CS_ARCH_X86使用的例子?那麽, 這裏精選的屬性代碼示例或許可以為您提供幫助。您也可以進一步了解該屬性所在類capstone的用法示例。
在下文中一共展示了capstone.CS_ARCH_X86屬性的9個代碼示例,這些例子默認根據受歡迎程度排序。您可以為喜歡或者感覺有用的代碼點讚,您的評價將有助於係統推薦出更棒的Python代碼示例。
示例1: init_disassembler_engine
# 需要導入模塊: import capstone [as 別名]
# 或者: from capstone import CS_ARCH_X86 [as 別名]
def init_disassembler_engine(self):
# init state for disasambler
# set capstone, lexer, asmline
arch, mode = self.plugin.hintDisasm()
self.disasm_engine = capstone.Cs(arch, mode)
self.disasm_engine.detail = True
if arch == capstone.CS_ARCH_X86:
Lexer = X86_Lexer()
if arch == capstone.CS_ARCH_ARM and mode in [capstone.CS_MODE_ARM, capstone.CS_MODE_THUMB]:
Lexer = ARM_Lexer()
if arch == capstone.CS_ARCH_ARM64:
Lexer = ARM64_Lexer()
# todo: ASM_ARM_Line?
self.ASMLine = ASMx86Line
Lexer.build()
self.lexer = Lexer.lexer() 示例2: _reg_name
# 需要導入模塊: import capstone [as 別名]
# 或者: from capstone import CS_ARCH_X86 [as 別名]
def _reg_name(self, reg_id: int):
"""
Translates a register ID from the disassembler object into the
register name based on manticore's alias in the register file
:param reg_id: Register ID
"""
# XXX: Support other architectures.
if (
(self.cpu.arch == CS_ARCH_ARM64 and reg_id >= ARM64_REG_ENDING)
or (self.cpu.arch == CS_ARCH_X86 and reg_id >= X86_REG_ENDING)
or (self.cpu.arch == CS_ARCH_ARM and reg_id >= ARM_REG_ENDING)
):
logger.warning("Trying to get register name for a non-register")
return None
cs_reg_name = self.cpu.instruction.reg_name(reg_id)
if cs_reg_name is None or cs_reg_name.lower() == "(invalid)":
return None
return self.cpu._regfile._alias(cs_reg_name.upper()) 示例3: _import_dependencies
# 需要導入模塊: import capstone [as 別名]
# 或者: from capstone import CS_ARCH_X86 [as 別名]
def _import_dependencies(self):
# Load the Capstone bindings.
global capstone
if capstone is None:
import capstone
# Load the constants for the requested architecture.
self.__constants = {
win32.ARCH_I386:
(capstone.CS_ARCH_X86, capstone.CS_MODE_32),
win32.ARCH_AMD64:
(capstone.CS_ARCH_X86, capstone.CS_MODE_64),
win32.ARCH_THUMB:
(capstone.CS_ARCH_ARM, capstone.CS_MODE_THUMB),
win32.ARCH_ARM:
(capstone.CS_ARCH_ARM, capstone.CS_MODE_ARM),
win32.ARCH_ARM64:
(capstone.CS_ARCH_ARM64, capstone.CS_MODE_ARM),
}
# Test for the bug in early versions of Capstone.
# If found, warn the user about it.
try:
self.__bug = not isinstance(
capstone.cs_disasm_quick(
capstone.CS_ARCH_X86, capstone.CS_MODE_32, "\x90", 1)[0],
capstone.capstone.CsInsn)
except AttributeError:
self.__bug = False
if self.__bug:
warnings.warn(
"This version of the Capstone bindings is unstable,"
" please upgrade to a newer one!",
RuntimeWarning, stacklevel=4) 示例4: __init__
# 需要導入模塊: import capstone [as 別名]
# 或者: from capstone import CS_ARCH_X86 [as 別名]
def __init__(self, arch = None):
super(CapstoneEngine, self).__init__(arch)
# Load the constants for the requested architecture.
self.__constants = {
win32.ARCH_I386:
(capstone.CS_ARCH_X86, capstone.CS_MODE_32),
win32.ARCH_AMD64:
(capstone.CS_ARCH_X86, capstone.CS_MODE_64),
win32.ARCH_THUMB:
(capstone.CS_ARCH_ARM, capstone.CS_MODE_THUMB),
win32.ARCH_ARM:
(capstone.CS_ARCH_ARM, capstone.CS_MODE_ARM),
win32.ARCH_ARM64:
(capstone.CS_ARCH_ARM64, capstone.CS_MODE_ARM),
}
# Test for the bug in early versions of Capstone.
# If found, warn the user about it.
try:
self.__bug = not isinstance(
list(capstone.cs_disasm_quick(
capstone.CS_ARCH_X86, capstone.CS_MODE_32, "\x90", 1
))[0],
capstone.capstone.CsInsn
)
except AttributeError:
self.__bug = False
if self.__bug:
warnings.warn(
"This version of the Capstone bindings is unstable,"
" please upgrade to a newer one!",
RuntimeWarning, stacklevel=4) 示例5: __init__
# 需要導入模塊: import capstone [as 別名]
# 或者: from capstone import CS_ARCH_X86 [as 別名]
def __init__(self, sample):
self.sample = sample
self.clients = []
self.emulator_event = threading.Event()
self.single_instruction = False
self.breakpoints = set()
self.mem_breakpoints = []
self.data_lock = threading.Lock()
self.single_instruction = False
self.apicall_handler = None
self.log_mem_read = False
self.log_mem_write = False
self.log_instr = False
self.log_apicalls = False
self.sections_read = {}
self.sections_written = {}
self.write_targets = []
self.sections_executed = {}
self.apicall_counter = {}
self.start = 0
self.uc = None
self.HOOK_ADDR = 0
self.STACK_ADDR = 0
self.STACK_SIZE = 0
self.PEB_BASE = 0
self.TEB_BASE = 0
self.disassembler = Cs(CS_ARCH_X86, CS_MODE_32)
self.disassembler.detail = True
self.init_uc() 示例6: _initCapstone
# 需要導入模塊: import capstone [as 別名]
# 或者: from capstone import CS_ARCH_X86 [as 別名]
def _initCapstone(self):
self.capstone = Cs(CS_ARCH_X86, CS_MODE_64) if self.disassembly.binary_info.bitness == 64 else Cs(CS_ARCH_X86, CS_MODE_32) 示例7: init
# 需要導入模塊: import capstone [as 別名]
# 或者: from capstone import CS_ARCH_X86 [as 別名]
def init(self, disassembly):
if disassembly.binary_info.code_areas:
self._code_areas = disassembly.binary_info.code_areas
self.disassembly = disassembly
self.lang_analyzer = LanguageAnalyzer(disassembly)
self.disassembly.language = self.lang_analyzer.identify()
self.bitness = disassembly.binary_info.bitness
self.capstone = Cs(CS_ARCH_X86, CS_MODE_32)
if self.bitness == 64:
self.capstone = Cs(CS_ARCH_X86, CS_MODE_64)
self.locateCandidates()
self.disassembly.identified_alignment = self.identified_alignment
self._buildQueue() 示例8: _initCapstone
# 需要導入模塊: import capstone [as 別名]
# 或者: from capstone import CS_ARCH_X86 [as 別名]
def _initCapstone(self):
self.capstone = Cs(CS_ARCH_X86, CS_MODE_32)
if self.bitness == 64:
self.capstone = Cs(CS_ARCH_X86, CS_MODE_64) 示例9: __init__
# 需要導入模塊: import capstone [as 別名]
# 或者: from capstone import CS_ARCH_X86 [as 別名]
def __init__(self):
try:
Cmd.__init__(self)
self.allow_cli_args = False
self.register_cmdfinalization_hook(self.finalize_hook)
builtins.print = self.shell_print
self.histfile = ".unpacker_history"
self.clear_queue = False
self.sample = None
self.disassembler = Cs(CS_ARCH_X86, CS_MODE_32)
self.disassembler.detail = True
parser = argparse.ArgumentParser(
prog='unipacker',
description='Automatic and platform-independent unpacker for Windows binaries based on emulation')
parser.add_argument('samples', metavar='sample', type=file_or_dir, nargs='*',
help='The path to a sample (or directory containing samples) you want unpacked')
parser.add_argument('-d', '--dest', nargs='?', default='.',
help='The destination directory for unpacked binaries')
parser.add_argument('-p', '--partition-by-packer', action='store_true',
help='Group the unpacked files by packer')
parser.add_argument('-i', '--interactive', action='store_true',
help='Open the chosen sample(s) in the un{i}packer shell')
parser.add_argument('--version', action='store_true', help='Show version information and exit')
args = parser.parse_args()
if args.version:
print_version_and_exit()
if args.samples:
samples = []
for s in args.samples:
if os.path.exists(s):
samples.extend(Sample.get_samples(s, interactive=args.interactive))
else:
print(f"Path does not exist: {s}")
if args.interactive:
while True:
self.sample_loop(samples)
self.shell_event.wait()
samples = None
else:
IOHandler(samples, args.dest, args.partition_by_packer)
else:
while True:
self.sample_loop()
self.shell_event.wait()
except (EOFError, KeyboardInterrupt):
with open(f"{os.path.dirname(unipacker.__file__)}/fortunes") as f:
fortunes = f.read().splitlines()
print(f"\n{Fore.LIGHTRED_EX}{choice(fortunes)}{Fore.RESET}\n")
sys.exit(0)