func doit(path string) error {
f, e := pe.Open(path)
check(e)
ws, e := workspace.New(workspace.ARCH_X86, workspace.MODE_32)
check(e)
loader, e := peloader.New(path, f)
check(e)
m, e := loader.Load(ws)
check(e)
e = ws.Disassemble(m.EntryPoint, 0x30, os.Stdout)
check(e)
emu, e := ws.GetEmulator()
check(e)
emu.SetInstructionPointer(m.EntryPoint)
log.Printf("emudbg: start: 0x%x", emu.GetInstructionPointer())
e = doloop(emu)
check(e)
return nil
}
func doit(path string) error {
logrus.SetLevel(logrus.DebugLevel)
f, e := pe.Open(path)
check(e)
persis, e := config.MakeDefaultPersistence()
check(e)
ws, e := W.New(W.ARCH_X86, W.MODE_32, persis)
check(e)
loader, e := peloader.New(path, f)
check(e)
_, e = loader.Load(ws)
check(e)
check(config.RegisterDefaultAnalyzers(ws))
ws.AnalyzeAll()
return nil
}
func doit(path string, fva AS.VA) error {
runtime.LockOSThread()
logrus.SetLevel(logrus.DebugLevel)
exe, e := pe.Open(path)
check(e)
persis, e := config.MakeDefaultPersistence()
check(e)
ws, e := W.New(W.ARCH_X86, W.MODE_32, persis)
check(e)
dis, e := ws.GetDisassembler()
check(e)
loader, e := peloader.New(path, exe)
check(e)
_, e = loader.Load(ws)
check(e)
check(config.RegisterDefaultAnalyzers(ws))
check(ws.MakeFunction(fva))
f, e := ws.Artifacts.GetFunction(fva)
check(e)
fmt.Printf("digraph asm {\n")
fmt.Printf(" node [shape=plain, style=\"rounded\", fontname=\"courier\"]\n")
var exploreBBs func(bb *artifacts.BasicBlock) error
exploreBBs = func(bb *artifacts.BasicBlock) error {
fmt.Printf("bb_%s [label=<\n", bb.Start)
fmt.Printf("<TABLE BORDER='1' CELLBORDER='0'>\n")
insns, e := bb.GetInstructions(dis, ws)
check(e)
for _, insn := range insns {
d, e := ws.MemRead(AS.VA(insn.Address), uint64(insn.Size))
check(e)
// format each of those as hex
var bytesPrefix []string
for _, b := range d {
bytesPrefix = append(bytesPrefix, fmt.Sprintf("%02X", b))
}
prefix := strings.Join(bytesPrefix, " ")
fmt.Printf(" <TR>\n")
fmt.Printf(" <TD ALIGN=\"LEFT\">\n")
fmt.Printf(" %s\n", AS.VA(insn.Address))
fmt.Printf(" </TD>\n")
fmt.Printf(" <TD ALIGN=\"LEFT\">\n")
fmt.Printf(" %s\n", prefix)
fmt.Printf(" </TD>\n")
fmt.Printf(" <TD ALIGN=\"LEFT\">\n")
fmt.Printf(" %s\n", insn.Mnemonic)
fmt.Printf(" </TD>\n")
fmt.Printf(" <TD ALIGN=\"LEFT\">\n")
fmt.Printf(" %s\n", insn.OpStr)
fmt.Printf(" </TD>\n")
fmt.Printf(" </TR>\n")
}
fmt.Printf("</TABLE>\n")
fmt.Printf(">];\n")
nextBBs, e := bb.GetNextBasicBlocks()
check(e)
for _, nextBB := range nextBBs {
exploreBBs(nextBB)
}
for _, nextBB := range nextBBs {
fmt.Printf("bb_%s -> bb_%s;\n", bb.Start, nextBB.Start)
}
return nil
}
firstBB, e := f.GetFirstBasicBlock()
check(e)
exploreBBs(firstBB)
defer fmt.Printf("}")
runtime.UnlockOSThread()
return nil
}