 |
miasm
Reverse engineering framework
|
|
miasm
Reverse engineering framework
|
Classes | |
| class | A |
| class | Anon |
| class | B |
| class | BitStruct |
| class | ContStruct |
| class | InStruct |
| class | MyStruct |
| class | MyStruct2 |
| class | OtherStruct |
| class | UnhealthyIdeas |
| class | UniStruct |
Variables | |
| loc_db = LocationDB() | |
| jitter = Machine("x86_32").jitter(loc_db, "python") | |
| int | addr = 0x1000 |
| int | size = 0x1000 |
| int | addr_str = 0x1100 |
| int | addr_str2 = 0x1200 |
| int | addr_str3 = 0x1300 |
| mstruct = MyStruct(jitter.vm, addr) | |
| Creation Use manual allocation with explicit addr for the first example. More... | |
| num | |
| Fields are read from the virtual memory. More... | |
| memval = struct.unpack("I", jitter.vm.get_mem(mstruct.get_addr(), 4))[0] | |
| my_heap = heap() | |
| Memset sets the whole structure. More... | |
| other = OtherStruct(jitter.vm) | |
| Setup for Ptr tests the addr field can now be omitted since allocator is set. More... | |
| foo | |
| val | |
| Basic usage. More... | |
| other2 = OtherStruct(jitter.vm) | |
| Deref assignment. More... | |
| deref | |
| alloc_addr | |
| Same stuff for Ptr to MemField. More... | |
| i | |
| memstr = Str().lval(jitter.vm, addr_str) | |
| Basic tests. More... | |
| memstr2 = Str().lval(jitter.vm, addr_str2) | |
| Other address, same value, same encoding. More... | |
| memstr3 = Str("utf16").lval(jitter.vm, addr_str3) | |
| Same value, other encoding. More... | |
| memarray = Array(Num("I")).lval(jitter.vm, alloc_addr) | |
| s = bytes(memarray) | |
| memsarray = Array(Num("I"), 10).lval(jitter.vm) | |
| Slice assignment. More... | |
| ms2 = MyStruct2(jitter.vm) | |
| s2 | |
| RawStruct. More... | |
| array2 = Array(Num("B"), 10).lval(jitter.vm) | |
| Field assignment (MemSizedArray) More... | |
| cont = ContStruct(jitter.vm) | |
| one | |
| bar | |
| last | |
| uni = UniStruct(jitter.vm) | |
| bit = BitStruct(jitter.vm) | |
| f1_1 | |
| f2_5 | |
| f3_8 | |
| flags_num | |
| int | p_size = Ptr("I", Void()).size |
| ideas = UnhealthyIdeas(jitter.vm) | |
| pself | |
| ppself | |
| pppself | |
| a = A(jitter.vm) | |
| b = B(jitter.vm) | |
| MemInt = Num("I").lval | |
| MemShort = Num("H").lval | |
| dword = MemInt(jitter.vm) | |
| MemPtrVoid = Ptr("I", Void()).lval | |
| p = MemPtrVoid(jitter.vm) | |
| anon = Anon(jitter.vm) | |
| b2 | |
| c1 | |
| c2 | |
| d | |
| arr_t = Array(Num("H")) | |
| test_types.a = A(jitter.vm) |
| int test_types.addr = 0x1000 |
| int test_types.addr_str = 0x1100 |
| int test_types.addr_str2 = 0x1200 |
| int test_types.addr_str3 = 0x1300 |
| test_types.alloc_addr |
| test_types.anon = Anon(jitter.vm) |
| test_types.b = B(jitter.vm) |
| test_types.b2 |
| test_types.bar |
| test_types.bit = BitStruct(jitter.vm) |
| test_types.c1 |
| test_types.c2 |
| test_types.cont = ContStruct(jitter.vm) |
| test_types.d |
| test_types.deref |
| test_types.dword = MemInt(jitter.vm) |
| test_types.f1_1 |
| test_types.f2_5 |
| test_types.f3_8 |
| test_types.flags_num |
| test_types.foo |
| test_types.i |
| test_types.ideas = UnhealthyIdeas(jitter.vm) |
| test_types.last |
| test_types.loc_db = LocationDB() |
| test_types.memarray = Array(Num("I")).lval(jitter.vm, alloc_addr) |
| test_types.MemInt = Num("I").lval |
| test_types.MemPtrVoid = Ptr("I", Void()).lval |
| test_types.MemShort = Num("H").lval |
| test_types.memval = struct.unpack("I", jitter.vm.get_mem(mstruct.get_addr(), 4))[0] |
| test_types.ms2 = MyStruct2(jitter.vm) |
Creation Use manual allocation with explicit addr for the first example.
| test_types.my_heap = heap() |
Memset sets the whole structure.
| test_types.num |
Fields are read from the virtual memory.
Field assignment modifies virtual memory
| test_types.one |
| test_types.other = OtherStruct(jitter.vm) |
Setup for Ptr tests the addr field can now be omitted since allocator is set.
| test_types.other2 = OtherStruct(jitter.vm) |
Deref assignment.
| test_types.p = MemPtrVoid(jitter.vm) |
| test_types.pppself |
| test_types.ppself |
| test_types.pself |
| test_types.s = bytes(memarray) |
| test_types.s2 |
RawStruct.
Array Basic checks
Subscript assignment
Field assignment (list)
| int test_types.size = 0x1000 |
| test_types.uni = UniStruct(jitter.vm) |
| test_types.val |
Basic usage.
Ptr(Str()) manipulations.
1.8.20