Skip to content

Instantly share code, notes, and snippets.

View pgoodman's full-sized avatar
🦥

Peter Goodman pgoodman

🦥
360 followers · 260 following
View GitHub Profile
@pgoodman
pgoodman / Extract.cpp
Created February 27, 2019 23:20
static bool TryExtractCMEQ_ASIMDMISC_Z(InstData &inst, uint32_t bits) {
// bits
// & 10111111001111111111110000000000
// --------------------------------
// 00001110001000001001100000000000
if ((bits & 0xbf3ffc00U) != 0xe209800U) {
return false;
}
union {
uint32_t flat;
@pgoodman
pgoodman / transformations.py
Created October 3, 2018 16:49
Transform new LLVM IR into old LLVM IR
import logging
import os
import re
from subprocess import call
import sys
def _convert_data(data):
'''
'data' is a string of the 'disassembled' bitcode (could be
read in from file/stdin)
@pgoodman
pgoodman / ProgressBar.cpp
Created September 15, 2018 17:21
/*
* Copyright (c) 2018 Trail of Bits, Inc.
*/
#include "mcsema/Util/ProgressBar.h"
#include <algorithm>
#include <cinttypes>
#include <cmath>
#include <cstdio>
@pgoodman
pgoodman / arm64.md
Created December 4, 2017 18:03 — forked from george-hawkins/arm64.md
Running virtualized x86_64 and emulated arm64 Ubuntu cloud images using QEMU

QEMU arm64 cloud server emulation

This is basically a rehash of an original post on CNXSoft - all credit (particularly for the Virtio device arguments used below) belongs to the author of that piece.

Download the latest uefi1.img image. E.g. ubuntu-16.04-server-cloudimg-arm64-uefi1.img from https://cloud-images.ubuntu.com/releases/16.04/release/

Download the UEFI firmware image QEMU_EFI.fd from https://releases.linaro.org/components/kernel/uefi-linaro/latest/release/qemu64/

Determine your current username and get your current ssh public key:

@pgoodman
pgoodman / watchpoint.cpp
Last active August 29, 2015 14:10 — forked from jorendorff/watchpoint.cpp
// This source code comes from:
// http://stackoverflow.com/questions/8941711/is-is-possible-to-set-a-gdb-watchpoint-programatically
// with additional tricks from:
// https://code.google.com/p/google-breakpad/source/browse/trunk/src/client/linux/handler/exception_handler.cc?r=1361
#include <errno.h>
#include <signal.h>
#include <stddef.h>
#include <stdio.h>
#include <stdlib.h>
@pgoodman
pgoodman / Use
Created August 14, 2014 18:02
GDB commands for printing Granary's internal `arch::Instruction` structures as x86-like instructions.
(gdb) print-arch-instr &($12->instruction)
MOV_MEMv_GPRv [SLOT:0], R15
(gdb)
@pgoodman
pgoodman / whole_func.cc
Created August 1, 2014 15:58
/* Copyright 2014 Peter Goodman, all rights reserved. */
#include <granary/granary.h>
using namespace granary;
// Simple tool decoding all blocks in a function.
class WholeFunctionDecoder : public InstrumentationTool {
public:
virtual ~WholeFunctionDecoder(void) = default;
@pgoodman
pgoodman / watchpoints.cc
Created August 1, 2014 15:55
/* Copyright 2014 Peter Goodman, all rights reserved. */
#include <granary/granary.h>
using namespace granary;
// TODO(pag): Generic allocators (similar to with meta-data) but for allowing
// multiple tools to register descriptor info.
// TODO(pag): Eventually handle user space syscalls to avoid EFAULTs.
// TODO(pag): Eventually handle user space signals.
@pgoodman
pgoodman / .gdbinit
Created July 30, 2014 13:21
Trace logger in Granary+
# Print $arg1 instructions starting at address $arg0.
define pi
set $__rip = $arg0
set $__ni = $arg1
python None ; \
rip = str(gdb.parse_and_eval("$__rip")).lower() ; \
ni = str(gdb.parse_and_eval("$__ni")).lower() ; \
gdb.execute( \
"x/%si %s\n" % (ni, rip), \
from_tty=True, to_string=False) ;
@pgoodman
pgoodman / gist:4187056
Created December 2, 2012 05:15
Block execution until the callback to a function returns.
/// based off of: https://gist.github.com/1227319/957809d74d902a4d7fc44c44c946eeed38c1cd1b
/// Need to be running this code somewhere inside of a Fiber.
/// Block execution until a callback to some function is executed.
///
/// Args:
/// context: The object context of the function (which takes a
/// callback) that is being called.