miasm
Reverse engineering framework
Variables
shellcode Namespace Reference

Variables

 parser = ArgumentParser("Multi-arch (32 bits) assembler")
 
 help
 
 action
 
 nargs
 
 args = parser.parse_args()
 
 machine = Machine(args.architecture)
 
 attrib = machine.dis_engine.attrib
 
 size = int(attrib)
 
 reg_and_id = dict(machine.mn.regs.all_regs_ids_byname)
 
 base_expr = machine.base_expr
 
 dst_interval = None
 
 pe = pe_init.PE(wsize=size)
 
 s_text = pe.SHList.add_section(name="text", addr=0x1000, rawsize=0x1000)
 
 s_iat = pe.SHList.add_section(name="iat", rawsize=0x100)
 
list new_dll
 
 s_myimp = pe.SHList.add_section(name="myimp", rawsize=len(pe.DirImport))
 
 AddressOfEntryPoint
 
 addr_main = pe.rva2virt(s_text.addr)
 
 virt = pe.virt
 
 output = pe
 
 st = StrPatchwork()
 
 source = fstream.read()
 
 loc_db = LocationDB()
 
 asmcfg = parse_asm.parse_txt(machine.mn, attrib, source, loc_db)
 
 patches
 
 loc_start = loc_db.get_or_create_name_location(args.encrypt[0])
 
 loc_stop = loc_db.get_or_create_name_location(args.encrypt[1])
 
 ad_start = loc_db.get_location_offset(loc_start)
 
 ad_stop = loc_db.get_location_offset(loc_stop)
 

Variable Documentation

◆ action

shellcode.action

◆ ad_start

shellcode.ad_start = loc_db.get_location_offset(loc_start)

◆ ad_stop

shellcode.ad_stop = loc_db.get_location_offset(loc_stop)

◆ addr_main

int shellcode.addr_main = pe.rva2virt(s_text.addr)

◆ AddressOfEntryPoint

shellcode.AddressOfEntryPoint

◆ args

shellcode.args = parser.parse_args()

◆ asmcfg

shellcode.asmcfg = parse_asm.parse_txt(machine.mn, attrib, source, loc_db)

◆ attrib

shellcode.attrib = machine.dis_engine.attrib

◆ base_expr

shellcode.base_expr = machine.base_expr

◆ dst_interval

shellcode.dst_interval = None

◆ help

shellcode.help

◆ loc_db

shellcode.loc_db = LocationDB()

◆ loc_start

shellcode.loc_start = loc_db.get_or_create_name_location(args.encrypt[0])

◆ loc_stop

shellcode.loc_stop = loc_db.get_or_create_name_location(args.encrypt[1])

◆ machine

shellcode.machine = Machine(args.architecture)

◆ nargs

shellcode.nargs

◆ new_dll

list shellcode.new_dll
Initial value:
1 = [
2  (
3  {
4  "name": "USER32.dll",
5  "firstthunk": s_iat.addr
6  },
7  [
8  "MessageBoxA"
9  ]
10  )
11  ]

◆ output

shellcode.output = pe

◆ parser

shellcode.parser = ArgumentParser("Multi-arch (32 bits) assembler")

◆ patches

shellcode.patches
Initial value:
1 = asmblock.asm_resolve_final(
2  machine.mn,
3  asmcfg,
4  dst_interval
5 )

◆ pe

shellcode.pe = pe_init.PE(wsize=size)

◆ reg_and_id

shellcode.reg_and_id = dict(machine.mn.regs.all_regs_ids_byname)

◆ s_iat

shellcode.s_iat = pe.SHList.add_section(name="iat", rawsize=0x100)

◆ s_myimp

shellcode.s_myimp = pe.SHList.add_section(name="myimp", rawsize=len(pe.DirImport))

◆ s_text

shellcode.s_text = pe.SHList.add_section(name="text", addr=0x1000, rawsize=0x1000)

◆ size

int shellcode.size = int(attrib)

◆ source

shellcode.source = fstream.read()

◆ st

shellcode.st = StrPatchwork()

◆ virt

shellcode.virt = pe.virt