|
|
|
|
@ -33,13 +33,14 @@ last_arch = None
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
CapstoneArch = {
|
|
|
|
|
'arm': Cs(CS_ARCH_ARM, CS_MODE_ARM),
|
|
|
|
|
'aarch64': Cs(CS_ARCH_ARM64, CS_MODE_ARM),
|
|
|
|
|
'i386': Cs(CS_ARCH_X86, CS_MODE_32),
|
|
|
|
|
'x86-64': Cs(CS_ARCH_X86, CS_MODE_64),
|
|
|
|
|
'powerpc': Cs(CS_ARCH_PPC, CS_MODE_32),
|
|
|
|
|
'mips': Cs(CS_ARCH_MIPS, CS_MODE_32),
|
|
|
|
|
'sparc': Cs(CS_ARCH_SPARC, 0),
|
|
|
|
|
('arm', 'little'): Cs(CS_ARCH_ARM, CS_MODE_ARM),
|
|
|
|
|
('aarch64', 'little'): Cs(CS_ARCH_ARM64, CS_MODE_ARM),
|
|
|
|
|
('i386', 'little'): Cs(CS_ARCH_X86, CS_MODE_32),
|
|
|
|
|
('x86-64', 'little'): Cs(CS_ARCH_X86, CS_MODE_64),
|
|
|
|
|
('powerpc', 'little'): Cs(CS_ARCH_PPC, CS_MODE_32),
|
|
|
|
|
('mips', 'little'): Cs(CS_ARCH_MIPS, CS_MODE_32),
|
|
|
|
|
('mips', 'big'): Cs(CS_ARCH_MIPS, CS_MODE_32 | CS_MODE_BIG_ENDIAN),
|
|
|
|
|
('sparc', 'little'): Cs(CS_ARCH_SPARC, 0),
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
for cs in CapstoneArch.values():
|
|
|
|
|
@ -59,11 +60,14 @@ backward_cache = collections.defaultdict(lambda: 0)
|
|
|
|
|
|
|
|
|
|
def get_disassembler(pc):
|
|
|
|
|
arch = pwndbg.arch.current
|
|
|
|
|
d = CapstoneArch[arch]
|
|
|
|
|
endian = pwndbg.arch.endian
|
|
|
|
|
d = CapstoneArch[(arch, endian)]
|
|
|
|
|
|
|
|
|
|
if arch in ('arm', 'aarch64'):
|
|
|
|
|
d.mode = {0:CS_MODE_ARM,0x20:CS_MODE_THUMB}[pwndbg.regs.cpsr & 0x20]
|
|
|
|
|
else:
|
|
|
|
|
d.mode = {4:CS_MODE_32, 8:CS_MODE_64}[pwndbg.arch.ptrsize]
|
|
|
|
|
|
|
|
|
|
return d
|
|
|
|
|
|
|
|
|
|
@pwndbg.memoize.reset_on_cont
|
|
|
|
|
|
Zach Riggle
9 years ago