本文整理匯總了Python中triton.Instruction.setAddress方法的典型用法代碼示例。如果您正苦於以下問題:Python Instruction.setAddress方法的具體用法?Python Instruction.setAddress怎麽用?Python Instruction.setAddress使用的例子?那麽, 這裏精選的方法代碼示例或許可以為您提供幫助。您也可以進一步了解該方法所在類triton.Instruction的用法示例。
在下文中一共展示了Instruction.setAddress方法的15個代碼示例,這些例子默認根據受歡迎程度排序。您可以為喜歡或者感覺有用的代碼點讚,您的評價將有助於係統推薦出更棒的Python代碼示例。
示例1: emulate
# 需要導入模塊: from triton import Instruction [as 別名]
# 或者: from triton.Instruction import setAddress [as 別名]
def emulate(pc):
count = 0
while pc:
# Fetch opcode
opcode = Triton.getConcreteMemoryAreaValue(pc, 16)
# Create the Triton instruction
instruction = Instruction()
instruction.setOpcode(opcode)
instruction.setAddress(pc)
# Process
Triton.processing(instruction)
count += 1
#print instruction
if instruction.getType() == OPCODE.HLT:
break
# Simulate routines
hookingHandler()
# Next
pc = Triton.getConcreteRegisterValue(Triton.registers.rip)
debug('Instruction executed: %d' %(count))
return示例2: emulate
# 需要導入模塊: from triton import Instruction [as 別名]
# 或者: from triton.Instruction import setAddress [as 別名]
def emulate(self, pc):
"""
Emulate every opcode from pc.
Process instruction until the end
"""
while pc:
# Fetch opcode
opcode = self.Triton.getConcreteMemoryAreaValue(pc, 16)
# Create the Triton instruction
instruction = Instruction()
instruction.setOpcode(opcode)
instruction.setAddress(pc)
# Process
ret = self.Triton.processing(instruction)
if instruction.getType() == OPCODE.HLT:
break
self.assertTrue(ret)
self.assertTrue(checkAstIntegrity(instruction))
# Simulate routines
self.hooking_handler()
# Next
pc = self.Triton.getConcreteRegisterValue(self.Triton.registers.rip)
return示例3: emulate
# 需要導入模塊: from triton import Instruction [as 別名]
# 或者: from triton.Instruction import setAddress [as 別名]
def emulate(pc):
print '[+] Starting emulation.'
while pc:
# Fetch opcode
opcode = Triton.getConcreteMemoryAreaValue(pc, 16)
# Create the Triton instruction
instruction = Instruction()
instruction.setOpcode(opcode)
instruction.setAddress(pc)
# Process
Triton.processing(instruction)
print instruction
if instruction.getType() == OPCODE.HLT:
break
# Simulate routines
hookingHandler()
# Next
pc = Triton.getConcreteRegisterValue(Triton.registers.rip)
print '[+] Emulation done.'
return示例4: emulate
# 需要導入模塊: from triton import Instruction [as 別名]
# 或者: from triton.Instruction import setAddress [as 別名]
def emulate(Triton, pc):
global variables
global goodBranches
print '[+] Starting emulation.'
while pc:
# Fetch opcode
opcode = Triton.getConcreteMemoryAreaValue(pc, 16)
# Create the Triton instruction
instruction = Instruction()
instruction.setOpcode(opcode)
instruction.setAddress(pc)
# Process
Triton.processing(instruction)
print instruction
# End of the CheckSolution() function
if pc == 0x4025E6:
break
if pc == 0x4025CC:
print '[+] Win'
break
if pc in goodBranches:
astCtxt = Triton.getAstContext()
# Slice expressions
rax = Triton.getSymbolicExpressionFromId(Triton.getSymbolicRegisterId(Triton.registers.rax))
eax = astCtxt.extract(31, 0, rax.getAst())
# Define constraint
cstr = astCtxt.land([
Triton.getPathConstraintsAst(),
astCtxt.equal(eax, astCtxt.bv(goodBranches[pc], 32))
])
print '[+] Asking for a model, please wait...'
model = Triton.getModel(cstr)
# Save new state
for k, v in model.items():
print '[+]', v
variables[k] = v.getValue()
# Go deeper
del goodBranches[pc]
# Restart emulation with a good input.
Triton = initialize()
# Next
pc = Triton.getConcreteRegisterValue(Triton.registers.rip)
print '[+] Emulation done.'
return示例5: test_emulate
# 需要導入模塊: from triton import Instruction [as 別名]
# 或者: from triton.Instruction import setAddress [as 別名]
def test_emulate(self, concretize=False):
"""Run a dumped simulation and check output registers."""
# Get dumped data
dump = os.path.join(os.path.dirname(__file__), "misc", "emu_1.dump")
with open(dump) as f:
regs, mems = eval(f.read())
# Load memory
for mem in mems:
start = mem['start']
if mem['memory'] is not None:
self.Triton.setConcreteMemoryAreaValue(start, bytearray(mem['memory']))
# self.Triton.setup registers
for reg_name in ("rax", "rbx", "rcx", "rdx", "rdi", "rsi", "rbp",
"rsp", "rip", "r8", "r9", "r10", "r11", "r12", "r13",
"r14", "eflags", "xmm0", "xmm1", "xmm2", "xmm3",
"xmm4", "xmm5", "xmm6", "xmm7", "xmm8", "xmm9",
"xmm10", "xmm11", "xmm12", "xmm13", "xmm14", "xmm15"):
self.Triton.setConcreteRegisterValue(self.Triton.getRegister(getattr(REG.X86_64, reg_name.upper())), regs[reg_name])
# run the code
pc = self.Triton.getConcreteRegisterValue(self.Triton.registers.rip)
while pc != 0x409A18:
opcode = self.Triton.getConcreteMemoryAreaValue(pc, 20)
instruction = Instruction()
instruction.setOpcode(opcode)
instruction.setAddress(pc)
# Check if triton doesn't supports this instruction
self.assertTrue(self.Triton.processing(instruction))
self.assertTrue(checkAstIntegrity(instruction))
pc = self.Triton.getConcreteRegisterValue(self.Triton.registers.rip)
if concretize:
self.Triton.concretizeAllMemory()
self.Triton.concretizeAllRegister()
rax = self.Triton.getConcreteRegisterValue(self.Triton.registers.rax)
rbx = self.Triton.getConcreteRegisterValue(self.Triton.registers.rbx)
rcx = self.Triton.getConcreteRegisterValue(self.Triton.registers.rcx)
rdx = self.Triton.getConcreteRegisterValue(self.Triton.registers.rdx)
rsi = self.Triton.getConcreteRegisterValue(self.Triton.registers.rsi)
self.assertEqual(rax, 0)
self.assertEqual(rbx, 0)
self.assertEqual(rcx, 0)
self.assertEqual(rdx, 0x4d2)
self.assertEqual(rsi, 0x3669000000000000)示例6: test_load_immediate_fs
# 需要導入模塊: from triton import Instruction [as 別名]
# 或者: from triton.Instruction import setAddress [as 別名]
def test_load_immediate_fs(self):
"""Check load from fs segment with immediate."""
setArchitecture(ARCH.X86_64)
inst = Instruction()
# mov eax, DWORD PTR fs:0xffffffffffffdf98
inst.setOpcodes("\x64\x8B\x04\x25\x98\xDF\xFF\xFF")
inst.setAddress(0x400000)
setConcreteRegisterValue(Register(REG.FS, 0x7fffda8ab700))
processing(inst)
self.assertTrue(inst.getLoadAccess())
load, _ = inst.getLoadAccess()[0]
self.assertEqual(load.getAddress(), 0x7fffda8a9698)
self.assertEqual(load.getBitSize(), 32)示例7: test_load_indirect_fs
# 需要導入模塊: from triton import Instruction [as 別名]
# 或者: from triton.Instruction import setAddress [as 別名]
def test_load_indirect_fs(self):
"""Check load from fs with indirect address."""
setArchitecture(ARCH.X86_64)
inst = Instruction()
# mov rax, QWORD PTR fs:[rax]
inst.setOpcodes("\x64\x48\x8B\x00")
inst.setAddress(0x400000)
setConcreteRegisterValue(Register(REG.FS, 0x7fffda8ab700))
setConcreteRegisterValue(Register(REG.RAX, 0xffffffffffffdf90))
processing(inst)
self.assertTrue(inst.getLoadAccess())
load, _ = inst.getLoadAccess()[0]
self.assertEqual(load.getAddress(), 0x7fffda8a9690)
self.assertEqual(load.getBitSize(), 64)示例8: run
# 需要導入模塊: from triton import Instruction [as 別名]
# 或者: from triton.Instruction import setAddress [as 別名]
def run(ip):
while ip in function:
# Build an instruction
inst = Instruction()
# Setup opcode
inst.setOpcode(function[ip])
# Setup Address
inst.setAddress(ip)
# Process everything
Triton.processing(inst)
# Display instruction
#print inst
# Next instruction
ip = Triton.getRegisterAst(Triton.registers.rip).evaluate()
return示例9: emulate
# 需要導入模塊: from triton import Instruction [as 別名]
# 或者: from triton.Instruction import setAddress [as 別名]
def emulate(self, pc):
"""
Emulate every opcode from pc.
* Process instruction until the end and search for constraint
resolution on cmp eax, 1 then self.Triton.set the new correct value and keep going.
"""
astCtxt = self.Triton.getAstContext()
while pc:
# Fetch opcode
opcode = self.Triton.getConcreteMemoryAreaValue(pc, 16)
# Create the Triton instruction
instruction = Instruction()
instruction.setOpcode(opcode)
instruction.setAddress(pc)
# Process
self.Triton.processing(instruction)
self.assertTrue(checkAstIntegrity(instruction))
# 40078B: cmp eax, 1
# eax must be equal to 1 at each round.
if instruction.getAddress() == 0x40078B:
# Slice expressions
rax = self.Triton.getSymbolicRegister(self.Triton.registers.rax)
eax = astCtxt.extract(31, 0, rax.getAst())
# Define constraint
cstr = astCtxt.land([self.Triton.getPathConstraintsAst(), astCtxt.equal(eax, astCtxt.bv(1, 32))])
model = self.Triton.getModel(cstr)
solution = str()
for k, v in model.items():
value = v.getValue()
solution += chr(value)
self.Triton.setConcreteVariableValue(self.Triton.getSymbolicVariableFromId(k), value)
# Next
pc = self.Triton.getConcreteRegisterValue(self.Triton.registers.rip)
return solution示例10: emulate
# 需要導入模塊: from triton import Instruction [as 別名]
# 或者: from triton.Instruction import setAddress [as 別名]
def emulate(pc):
astCtxt = Triton.getAstContext()
print '[+] Starting emulation.'
while pc:
# Fetch opcode
opcode = Triton.getConcreteMemoryAreaValue(pc, 16)
# Create the Triton instruction
instruction = Instruction()
instruction.setOpcode(opcode)
instruction.setAddress(pc)
# Process
Triton.processing(instruction)
print instruction
# 40078B: cmp eax, 1
# eax must be equal to 1 at each round.
if instruction.getAddress() == 0x40078B:
# Slice expressions
rax = Triton.getSymbolicRegister(Triton.registers.rax)
eax = astCtxt.extract(31, 0, rax.getAst())
# Define constraint
cstr = astCtxt.land([
Triton.getPathConstraintsAst(),
astCtxt.equal(eax, astCtxt.bv(1, 32))
])
print '[+] Asking for a model, please wait...'
model = Triton.getModel(cstr)
for k, v in model.items():
value = v.getValue()
Triton.setConcreteVariableValue(Triton.getSymbolicVariableFromId(k), value)
print '[+] Symbolic variable %02d = %02x (%c)' %(k, value, chr(value))
# Next
pc = Triton.getConcreteRegisterValue(Triton.registers.rip)
print '[+] Emulation done.'
return示例11: emulate
# 需要導入模塊: from triton import Instruction [as 別名]
# 或者: from triton.Instruction import setAddress [as 別名]
def emulate(self, pc):
"""
Emulate every opcodes from pc.
* Process instruction until the end and search for constraint
resolution on cmp eax, 1 then set the new correct value and keep going.
"""
while pc:
# Fetch opcodes
opcodes = getConcreteMemoryAreaValue(pc, 16)
# Create the Triton instruction
instruction = Instruction()
instruction.setOpcodes(opcodes)
instruction.setAddress(pc)
# Process
processing(instruction)
# 40078B: cmp eax, 1
# eax must be equal to 1 at each round.
if instruction.getAddress() == 0x40078B:
# Slice expressions
rax = getSymbolicExpressionFromId(getSymbolicRegisterId(REG.RAX))
eax = ast.extract(31, 0, rax.getAst())
# Define constraint
cstr = ast.assert_(ast.land(getPathConstraintsAst(), ast.equal(eax, ast.bv(1, 32))))
model = getModel(cstr)
solution = str()
for k, v in model.items():
value = v.getValue()
solution += chr(value)
getSymbolicVariableFromId(k).setConcreteValue(value)
# Next
pc = getConcreteRegisterValue(REG.RIP)
return solution示例12: run
# 需要導入模塊: from triton import Instruction [as 別名]
# 或者: from triton.Instruction import setAddress [as 別名]
def run(ip):
while ip in function:
# Build an instruction
inst = Instruction()
# Setup opcode
inst.setOpcode(function[ip])
# Setup Address
inst.setAddress(ip)
# Process everything
Triton.processing(inst)
# Display instruction
print 'Curr ip:', inst
# Next instruction
ip = Triton.buildSymbolicRegister(Triton.registers.rip).evaluate()
print 'Next ip:', hex(ip)
print
return示例13: TestInstruction
# 需要導入模塊: from triton import Instruction [as 別名]
# 或者: from triton.Instruction import setAddress [as 別名]
class TestInstruction(unittest.TestCase):
"""Testing the Instruction class."""
def setUp(self):
"""Define and process the instruction to test."""
self.Triton = TritonContext()
self.Triton.setArchitecture(ARCH.X86_64)
self.inst = Instruction()
self.inst.setOpcode("\x48\x01\xd8") # add rax, rbx
self.inst.setAddress(0x400000)
self.Triton.setConcreteRegisterValue(self.Triton.registers.rax, 0x1122334455667788)
self.Triton.setConcreteRegisterValue(self.Triton.registers.rbx, 0x8877665544332211)
self.Triton.processing(self.inst)
def test_address(self):
"""Check instruction current and next address."""
self.assertEqual(self.inst.getAddress(), 0x400000)
self.assertEqual(self.inst.getNextAddress(), 0x400003)
def test_memory(self):
"""Check memory access."""
self.assertListEqual(self.inst.getLoadAccess(), [])
self.assertListEqual(self.inst.getStoreAccess(), [])
self.assertFalse(self.inst.isMemoryWrite())
self.assertFalse(self.inst.isMemoryRead())
def test_registers(self):
"""Check register access."""
self.assertEqual(len(self.inst.getReadRegisters()), 2, "access RAX and RBX")
self.assertEqual(len(self.inst.getWrittenRegisters()), 8, "write in RAX, RIP, AF, XF, OF, PF, SF and ZF")
def test_taints(self):
"""Check taints attributes."""
self.assertFalse(self.inst.isTainted())
def test_prefix(self):
"""Check prefix data."""
self.assertFalse(self.inst.isPrefixed())
self.assertEqual(self.inst.getPrefix(), PREFIX.INVALID)
def test_control_flow(self):
"""Check control flow flags."""
self.assertFalse(self.inst.isControlFlow(), "It is not a jmp, ret or call")
self.assertFalse(self.inst.isBranch(), "It is not a jmp")
def test_condition(self):
"""Check condition flags."""
self.assertFalse(self.inst.isConditionTaken())
def test_opcode(self):
"""Check opcode informations."""
self.assertEqual(self.inst.getOpcode(), "\x48\x01\xd8")
self.assertEqual(self.inst.getType(), OPCODE.ADD)
def test_thread(self):
"""Check threads information."""
self.assertEqual(self.inst.getThreadId(), 0)
def test_operand(self):
"""Check operand information."""
self.assertEqual(len(self.inst.getOperands()), 2)
self.assertEqual(self.inst.getOperands()[0].getName(), "rax")
self.assertEqual(self.inst.getOperands()[1].getName(), "rbx")
with self.assertRaises(Exception):
self.inst.getOperands()[2]
def test_symbolic(self):
"""Check symbolic information."""
self.assertEqual(len(self.inst.getSymbolicExpressions()), 8)
def test_size(self):
"""Check size information."""
self.assertEqual(self.inst.getSize(), 3)
def test_disassembly(self):
"""Check disassembly equivalent."""
self.assertEqual(self.inst.getDisassembly(), "add rax, rbx")示例14: TritonContext
# 需要導入模塊: from triton import Instruction [as 別名]
# 或者: from triton.Instruction import setAddress [as 別名]
triton = TritonContext()
triton.setArchitecture(ARCH.X86_64)
triton.enableMode(MODE.ALIGNED_MEMORY, True)
triton.setConcreteRegisterValue(triton.registers.rsp, 0x7fffffff)
return triton
if __name__ == '__main__':
for i in range(10):
triton = initialize()
pc = 0x400080
while pc in function:
inst = Instruction()
inst.setOpcode(function[pc])
inst.setAddress(pc)
if before_processing(inst, triton):
sys.exit(0)
triton.processing(inst)
print(inst)
after_processing(inst, triton)
pc = triton.getRegisterAst(triton.registers.rip).evaluate()
print("pc: %16x" % (pc))
print("give up")
示例15: TritonContext
# 需要導入模塊: from triton import Instruction [as 別名]
# 或者: from triton.Instruction import setAddress [as 別名]
if __name__ == '__main__':
Triton = TritonContext()
#Set the arch
Triton.setArchitecture(ARCH.X86_64)
for (addr, opcode) in code:
# Build an instruction
inst = Instruction()
# Setup opcode
inst.setOpcode(opcode)
# Setup Address
inst.setAddress(addr)
# Process everything
Triton.processing(inst)
# Display instruction
print inst
print ' ---------------'
print ' Is memory read :', inst.isMemoryRead()
print ' Is memory write:', inst.isMemoryWrite()
print ' ---------------'
for op in inst.getOperands():
print ' Operand:', op
if op.getType() == OPERAND.MEM:
print ' - segment :', op.getSegmentRegister()
print ' - base :', op.getBaseRegister()