Miasm2
 All Classes Namespaces Files Functions Variables Typedefs Properties Macros
Public Member Functions | Static Public Member Functions | Public Attributes | Static Public Attributes | Properties | List of all members
miasm2.analysis.sandbox.Sandbox_Win_x86_32 Class Reference
+ Inheritance diagram for miasm2.analysis.sandbox.Sandbox_Win_x86_32:
+ Collaboration diagram for miasm2.analysis.sandbox.Sandbox_Win_x86_32:

Public Member Functions

def __init__
 
def run
 
def parser
 
def update_parser
 
def update_parser
 

Static Public Member Functions

def code_sentinelle
 

Public Attributes

 fname
 
 options
 
 dbg
 
 gdb
 
 cmd
 
 machine
 
 jitter
 
 libs
 
 pe
 
 entry_point
 

Static Public Attributes

int STACK_SIZE = 0x10000
 
int STACK_BASE = 0x130000
 
list ALL_IMP_DLL
 

Properties

 classes = property(lambda x:x.__class__._classes_())
 

Detailed Description

Definition at line 355 of file sandbox.py.

Constructor & Destructor Documentation

def miasm2.analysis.sandbox.Sandbox_Win_x86_32.__init__ (   self,
  args,
  kwargs 
)

Definition at line 357 of file sandbox.py.

357 
358  def __init__(self, *args, **kwargs):
359  Sandbox.__init__(self, *args, **kwargs)
360 
361  # Pre-stack some arguments
362  self.jitter.push_uint32_t(2)
363  self.jitter.push_uint32_t(1)
364  self.jitter.push_uint32_t(0)
365  self.jitter.push_uint32_t(0x1337beef)
366 
367  # Set the runtime guard
368  self.jitter.add_breakpoint(0x1337beef, self.__class__.code_sentinelle)
369 
miasm2.analysis.sandbox.Sandbox_Win_x86_32.__init__
def __init__
Definition: sandbox.py:357

Member Function Documentation

def miasm2.analysis.sandbox.Sandbox.code_sentinelle (   jitter)
staticinherited

Definition at line 16 of file sandbox.py.

16 
17  def code_sentinelle(jitter):
18  jitter.run = False
19  return False
def miasm2.analysis.sandbox.Sandbox.parser (   cls,
  args,
  kwargs 
)
inherited 
Return instance of instance parser with expecting options.
Extra parameters are passed to parser initialisation.

Definition at line 65 of file sandbox.py.

65 
66  def parser(cls, *args, **kwargs):
67  """
68  Return instance of instance parser with expecting options.
69  Extra parameters are passed to parser initialisation.
70  """
71 
72  parser = ArgumentParser(*args, **kwargs)
73  parser.add_argument('-a', "--address",
74  help="Force entry point address", default=None)
75  parser.add_argument('-x', "--dumpall", action="store_true",
76  help="Load base dll")
77  parser.add_argument('-b', "--dumpblocs", action="store_true",
78  help="Log disasm blocks")
79  parser.add_argument('-z', "--singlestep", action="store_true",
80  help="Log single step")
81  parser.add_argument('-d', "--debugging", action="store_true",
82  help="Debug shell")
83  parser.add_argument('-g', "--gdbserver", type=int,
84  help="Listen on port @port")
85  parser.add_argument("-j", "--jitter",
86  help="Jitter engine. Possible values are: tcc (default), llvm, python",
87  default="tcc")
88  parser.add_argument('-q', "--quiet-function-calls", action="store_true",
89  help="Don't log function calls")
90 
91  for base_cls in cls._classes_():
92  base_cls.update_parser(parser)
93  return parser

+ Here is the caller graph for this function:

def miasm2.analysis.sandbox.Sandbox_Win_x86_32.run (   self,
  addr = None 
) 
If addr is not set, use entrypoint

Definition at line 370 of file sandbox.py.

370 
371  def run(self, addr = None):
372  """
373  If addr is not set, use entrypoint
374  """
375  if addr is None and self.options.address is None:
376  addr = self.entry_point
377  super(Sandbox_Win_x86_32, self).run(addr)
378 
miasm2.analysis.sandbox.OS_Win.entry_point
entry_point
Definition: sandbox.py:203
miasm2.analysis.sandbox.Sandbox_Win_x86_32.run
def run
Definition: sandbox.py:370
def miasm2.analysis.sandbox.OS_Win.update_parser (   cls,
  parser 
)
inherited

Definition at line 206 of file sandbox.py.

206 
207  def update_parser(cls, parser):
208  parser.add_argument('-o', "--loadhdr", action="store_true",
209  help="Load pe hdr")
210  parser.add_argument('-e', "--loadmainpe", action="store_true",
211  help="Load main pe")
212  parser.add_argument('-y', "--use-seh", action="store_true",
213  help="Use windows SEH")
214  parser.add_argument('-l', "--loadbasedll", action="store_true",
215  help="Load base dll (path './win_dll')")
216  parser.add_argument('-r', "--parse-resources",
217  action="store_true", help="Load resources")
218 
miasm2.analysis.sandbox.OS_Win.update_parser
def update_parser
Definition: sandbox.py:206
def miasm2.analysis.sandbox.Arch_x86.update_parser (   cls,
  parser 
)
inherited

Definition at line 287 of file sandbox.py.

287 
288  def update_parser(cls, parser):
289  parser.add_argument('-s', "--usesegm", action="store_true",
290  help="Use segments")
291 
miasm2.analysis.sandbox.Arch_x86.update_parser
def update_parser
Definition: sandbox.py:287

Member Data Documentation

list miasm2.analysis.sandbox.OS_Win.ALL_IMP_DLL
staticinherited
Initial value:
1 = ["ntdll.dll", "kernel32.dll", "user32.dll",
2  "ole32.dll", "urlmon.dll",
3  "ws2_32.dll", 'advapi32.dll', "psapi.dll",
4  ]

Definition at line 154 of file sandbox.py.

miasm2.analysis.sandbox.Sandbox.cmd
inherited

Definition at line 115 of file sandbox.py.

miasm2.analysis.sandbox.Sandbox.dbg
inherited

Definition at line 104 of file sandbox.py.

miasm2.analysis.sandbox.OS_Win.entry_point
inherited

Definition at line 203 of file sandbox.py.

miasm2.analysis.sandbox.Sandbox.fname
inherited

Definition at line 43 of file sandbox.py.

miasm2.analysis.sandbox.Sandbox.gdb
inherited

Definition at line 111 of file sandbox.py.

miasm2.analysis.sandbox.Arch.jitter
inherited

Definition at line 145 of file sandbox.py.

miasm2.analysis.sandbox.OS_Win.libs
inherited

Definition at line 169 of file sandbox.py.

miasm2.analysis.sandbox.Arch.machine
inherited

Definition at line 144 of file sandbox.py.

miasm2.analysis.sandbox.Sandbox.options
inherited

Definition at line 44 of file sandbox.py.

miasm2.analysis.sandbox.OS_Win.pe
inherited

Definition at line 185 of file sandbox.py.

int miasm2.analysis.sandbox.Arch_x86.STACK_BASE = 0x130000
staticinherited

Definition at line 269 of file sandbox.py.

int miasm2.analysis.sandbox.Arch_x86.STACK_SIZE = 0x10000
staticinherited

Definition at line 268 of file sandbox.py.

Property Documentation

miasm2.analysis.sandbox.Sandbox.classes = property(lambda x:x.__class__._classes_())
staticinherited

Definition at line 32 of file sandbox.py.

The documentation for this class was generated from the following file:
Generated by   doxygen 1.8.8