about summary refs log tree commit diff stats
path: root/example/disasm
diff options
context:
space:
mode:
Diffstat (limited to 'example/disasm')
-rw-r--r--example/disasm/dis_binary.py29
-rw-r--r--example/disasm/dis_binary_ir.py35
-rw-r--r--example/disasm/dis_binary_ira.py37
-rw-r--r--example/disasm/dis_x86_string.py22
4 files changed, 123 insertions, 0 deletions
diff --git a/example/disasm/dis_binary.py b/example/disasm/dis_binary.py
new file mode 100644
index 00000000..3e12ca91
--- /dev/null
+++ b/example/disasm/dis_binary.py
@@ -0,0 +1,29 @@
+import sys
+from miasm2.analysis.binary import Container
+from miasm2.analysis.machine import Machine
+
+fdesc = open(sys.argv[1], 'rb')
+
+# The Container will provide a *bin_stream*, bytes source for the disasm engine
+# It will prodive a view from a PE or an ELF.
+cont = Container.from_stream(fdesc)
+
+# The Machine, instantiated with the detected architecture, will provide tools
+# (disassembler, etc.) to work with this architecture
+machine = Machine(cont.arch)
+
+# Instantiate a disassembler engine, using the previous bin_stream and its
+# associated location DB. The assembly listing will use the binary symbols
+mdis = machine.dis_engine(cont.bin_stream, loc_db=cont.loc_db)
+
+# Run a recursive traversal disassembling from the entry point
+# (do not follow sub functions by default)
+addr = cont.entry_point
+asmcfg = mdis.dis_multiblock(addr)
+
+# Display each basic blocks
+for block in asmcfg.blocks:
+    print block
+
+# Output control flow graph in a dot file
+open('bin_cfg.dot', 'w').write(asmcfg.dot())
diff --git a/example/disasm/dis_binary_ir.py b/example/disasm/dis_binary_ir.py
new file mode 100644
index 00000000..6d98d692
--- /dev/null
+++ b/example/disasm/dis_binary_ir.py
@@ -0,0 +1,35 @@
+import sys
+from miasm2.analysis.binary import Container
+from miasm2.analysis.machine import Machine
+
+#####################################
+# Common section from dis_binary.py #
+#####################################
+
+fdesc = open(sys.argv[1], 'rb')
+
+cont = Container.from_stream(fdesc)
+
+machine = Machine(cont.arch)
+
+mdis = machine.dis_engine(cont.bin_stream, loc_db=cont.loc_db)
+
+addr = cont.entry_point
+asmcfg = mdis.dis_multiblock(addr)
+
+#####################################
+#    End common section             #
+#####################################
+
+# Get an IR convertor
+ir_arch = machine.ir(mdis.loc_db)
+
+# Get the IR of the asmcfg
+ircfg = ir_arch.new_ircfg_from_asmcfg(asmcfg)
+
+# Display each IR basic blocks
+for irblock in ircfg.blocks.values():
+    print irblock
+
+# Output ir control flow graph in a dot file
+open('bin_ir_cfg.dot', 'w').write(ircfg.dot())
diff --git a/example/disasm/dis_binary_ira.py b/example/disasm/dis_binary_ira.py
new file mode 100644
index 00000000..c1bd5dc0
--- /dev/null
+++ b/example/disasm/dis_binary_ira.py
@@ -0,0 +1,37 @@
+import sys
+from miasm2.analysis.binary import Container
+from miasm2.analysis.machine import Machine
+
+#####################################
+# Common section from dis_binary.py #
+#####################################
+
+fdesc = open(sys.argv[1], 'rb')
+
+cont = Container.from_stream(fdesc)
+
+machine = Machine(cont.arch)
+
+mdis = machine.dis_engine(cont.bin_stream, loc_db=cont.loc_db)
+
+addr = cont.entry_point
+asmcfg = mdis.dis_multiblock(addr)
+
+#####################################
+#    End common section             #
+#####################################
+
+# Get an IRA convertor
+# The sub call are modelised by default operators
+# call_func_ret and call_func_stack
+ir_arch_analysis = machine.ira(mdis.loc_db)
+
+# Get the IR of the asmcfg
+ircfg_analysis = ir_arch_analysis.new_ircfg_from_asmcfg(asmcfg)
+
+# Display each IR basic blocks
+for irblock in ircfg_analysis.blocks.values():
+    print irblock
+
+# Output ir control flow graph in a dot file
+open('bin_ira_cfg.dot', 'w').write(ircfg_analysis.dot())
diff --git a/example/disasm/dis_x86_string.py b/example/disasm/dis_x86_string.py
new file mode 100644
index 00000000..8f919e4e
--- /dev/null
+++ b/example/disasm/dis_x86_string.py
@@ -0,0 +1,22 @@
+from miasm2.analysis.binary import Container
+from miasm2.analysis.machine import Machine
+
+# The Container will provide a *bin_stream*, bytes source for the disasm engine
+cont = Container.from_string("\x83\xf8\x10\x74\x07\x89\xc6\x0f\x47\xc3\xeb\x08\x89\xc8\xe8\x31\x33\x22\x11\x40\xc3")
+
+# Instantiate a x86 32 bit architecture
+machine = Machine("x86_32")
+
+# Instantiate a disassembler engine, using the previous bin_stream and its
+# associated location DB.
+mdis = machine.dis_engine(cont.bin_stream, loc_db=cont.loc_db)
+
+# Run a recursive traversal disassembling from address 0
+asmcfg = mdis.dis_multiblock(0)
+
+# Display each basic blocks
+for block in asmcfg.blocks:
+    print block
+
+# Output control flow graph in a dot file
+open('str_cfg.dot', 'w').write(asmcfg.dot())