computerality · January 18, 2014 23:34
diff --git a/gistfile1.py b/gistfile1.py
 #!/usr/bin/env python
 # Writing your own disassembler? Ain't nobody got time for that!
 # or just in case you don't have capstone
 # by Jay Little
 # Same license as lldb

 import argparse
 import re
 import subprocess
 import sys

 parser = argparse.ArgumentParser(description="test your bytes for great good and profit", add_help=True)

 # archs found in lldb/source/Core/ArchSpec.cpp
 arch_str = "your architecture. have confirmed thumbv7s i386 and x86_64 do things. something else might but who knows: arm, armv4, armv4t, armv5, armv5e, armv5t, armv6, armv7, armv7f, armv7k, armv7s, xscale, thumb, thumbv4t, thumbv5, thumbv5e, thumbv6, thumbv7, thumbv7f, thumbv7k, thumbv7s, ppc, ppc601, ppc602, ppc603, ppc603e, ppc603ev, ppc604, ppc604e, ppc620, ppc750, ppc7400, ppc7450, ppc970, ppc64, ppc970-64, sparc, sparcv9, i386, i486, i486sx, x86_64. You can also use systemArch, systemArch32, systemArch64 if you don't know what you are currently running on and want some bytes"

 parser.add_argument('-f', '--file', required=True, action='store', help='your file full of bytes', metavar='THEFILE')
 parser.add_argument('-a', '--arch', required=True, action='store', help=arch_str, metavar='YOURARCH')
 parser.add_argument('--loadaddr', required=False, action='store', help='where the bytes would be loaded')
 parser.add_argument('--lldb', required=False, action='store', help='The path to LLDB.framework, if you are bro who loves frameworks')
 parser.add_argument('--dump', required=False, action='store_true', default=False)

 args = parser.parse_args(sys.argv[1:])

 def AddLLDBToSysPathOnMacOSX():
 	def GetLLDBFrameworkPath():
 		lldb_path = subprocess.check_output(["xcrun", "-find", "lldb"])
 		re_result = re.match("(.*)/Developer/usr/bin/lldb", lldb_path)
 		if re_result == None:
 			return None
 		xcode_contents_path = re_result.group(1)
 		return xcode_contents_path + "/SharedFrameworks/LLDB.framework"

 	lldb_framework_path = GetLLDBFrameworkPath()

 	if lldb_framework_path == None:
 		print "Couldn't find LLDB.framework"
 		sys.exit(-1)

 	sys.path.append(lldb_framework_path + "/Resources/Python")

 if args.lldb == None:
 	AddLLDBToSysPathOnMacOSX()
 else:
 	sys.path.append(args.lldb + "/Resources/Python")

 import lldb

 debugger = lldb.SBDebugger.Create()

 if debugger.IsValid() == False:
 	print "Couldn't create an SBDebugger"
 	sys.exit(-1)

 target = debugger.CreateTargetWithFileAndArch(None, args.arch)

 if target.IsValid() == False:
 	print "Couldn't create an SBTarget for architecture " + args.arch
 	sys.exit(-1)

 #print dir(target)
 if args.loadaddr == None:
 	ea = 0
 else:
 	ea = int(args.loadaddr, 0)
 fake_address = lldb.SBAddress()
 #print dir(fake_address)
 fake_address.SetLoadAddress(ea, target)

 buf = open(args.file,'rb').read()

 #buf = ("\x6a\x31\x58\x99\xcd\x80\x89\xc3\x89\xc1\x6a\x46\x58\xcd\x80" +
 #		"\x31\xc0\x31\xdb\x31\xc9\x51\xb1\x06\x51\xb1\x01\x51\xb1\x02" +
 #		    "\x51\x89\xe1\xb3\x01\xb0\x66\xcd\x80\x89\xc2\x31\xc0\x31\xc9\x51\x51\x68")
 #'f0b503af2de9000ddcb06c4624f00704a5460490052002f035ff0024'.decode('hex')
 #buf = 'f0b503af2de9000ddcb06c4624f00704a5460490052002f035ff0024'.decode('hex')

 inst_list = target.GetInstructions(fake_address, buf)
 stream = lldb.SBStream()
 frame = lldb.SBFrame()
 frame.SetPC(fake_address.GetLoadAddress(target))
 for i in inst_list:
 	print '{:<50} # {}'.format(i, i.GetData(target))
	#!/usr/bin/env python
	# Writing your own disassembler? Ain't nobody got time for that!
	# or just in case you don't have capstone
	# by Jay Little
	# Same license as lldb

	import argparse
	import re
	import subprocess
	import sys

	parser = argparse.ArgumentParser(description="test your bytes for great good and profit", add_help=True)

	# archs found in lldb/source/Core/ArchSpec.cpp
	arch_str = "your architecture. have confirmed thumbv7s i386 and x86_64 do things. something else might but who knows: arm, armv4, armv4t, armv5, armv5e, armv5t, armv6, armv7, armv7f, armv7k, armv7s, xscale, thumb, thumbv4t, thumbv5, thumbv5e, thumbv6, thumbv7, thumbv7f, thumbv7k, thumbv7s, ppc, ppc601, ppc602, ppc603, ppc603e, ppc603ev, ppc604, ppc604e, ppc620, ppc750, ppc7400, ppc7450, ppc970, ppc64, ppc970-64, sparc, sparcv9, i386, i486, i486sx, x86_64. You can also use systemArch, systemArch32, systemArch64 if you don't know what you are currently running on and want some bytes"

	parser.add_argument('-f', '--file', required=True, action='store', help='your file full of bytes', metavar='THEFILE')
	parser.add_argument('-a', '--arch', required=True, action='store', help=arch_str, metavar='YOURARCH')
	parser.add_argument('--loadaddr', required=False, action='store', help='where the bytes would be loaded')
	parser.add_argument('--lldb', required=False, action='store', help='The path to LLDB.framework, if you are bro who loves frameworks')
	parser.add_argument('--dump', required=False, action='store_true', default=False)

	args = parser.parse_args(sys.argv[1:])

	def AddLLDBToSysPathOnMacOSX():
	def GetLLDBFrameworkPath():
	lldb_path = subprocess.check_output(["xcrun", "-find", "lldb"])
	re_result = re.match("(.*)/Developer/usr/bin/lldb", lldb_path)
	if re_result == None:
	return None
	xcode_contents_path = re_result.group(1)
	return xcode_contents_path + "/SharedFrameworks/LLDB.framework"

	lldb_framework_path = GetLLDBFrameworkPath()

	if lldb_framework_path == None:
	print "Couldn't find LLDB.framework"
	sys.exit(-1)

	sys.path.append(lldb_framework_path + "/Resources/Python")

	if args.lldb == None:
	AddLLDBToSysPathOnMacOSX()
	else:
	sys.path.append(args.lldb + "/Resources/Python")

	import lldb

	debugger = lldb.SBDebugger.Create()

	if debugger.IsValid() == False:
	print "Couldn't create an SBDebugger"
	sys.exit(-1)

	target = debugger.CreateTargetWithFileAndArch(None, args.arch)

	if target.IsValid() == False:
	print "Couldn't create an SBTarget for architecture " + args.arch
	sys.exit(-1)

	#print dir(target)
	if args.loadaddr == None:
	ea = 0
	else:
	ea = int(args.loadaddr, 0)
	fake_address = lldb.SBAddress()
	#print dir(fake_address)
	fake_address.SetLoadAddress(ea, target)

	buf = open(args.file,'rb').read()

	#buf = ("\x6a\x31\x58\x99\xcd\x80\x89\xc3\x89\xc1\x6a\x46\x58\xcd\x80" +
	# "\x31\xc0\x31\xdb\x31\xc9\x51\xb1\x06\x51\xb1\x01\x51\xb1\x02" +
	# "\x51\x89\xe1\xb3\x01\xb0\x66\xcd\x80\x89\xc2\x31\xc0\x31\xc9\x51\x51\x68")
	#'f0b503af2de9000ddcb06c4624f00704a5460490052002f035ff0024'.decode('hex')
	#buf = 'f0b503af2de9000ddcb06c4624f00704a5460490052002f035ff0024'.decode('hex')

	inst_list = target.GetInstructions(fake_address, buf)
	stream = lldb.SBStream()
	frame = lldb.SBFrame()
	frame.SetPC(fake_address.GetLoadAddress(target))
	for i in inst_list:
	print '{:<50} # {}'.format(i, i.GetData(target))