forked from lunixbochs/patchkit
-
Notifications
You must be signed in to change notification settings - Fork 0
/
Copy pathexplore
executable file
·42 lines (34 loc) · 1.18 KB
/
explore
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
#!/usr/bin/env python
import binascii
import difflib
import itertools
import sys
from core.binary import Binary
from util import cfg
if __name__ == '__main__':
backtrack = False
if len(sys.argv) >= 2 and sys.argv[1] == '--backtrack':
sys.argv.pop(1)
backtrack = True
if len(sys.argv) != 2:
print 'Usage: %s [--backtrack] <binary>' % sys.argv[0]
sys.exit(1)
bina = sys.argv[1]
a = Binary(bina)
a.verbose = True
with a.collect() as pt:
pt.debug('[-======== Exploring Branches ========-]')
known = list(pt.funcs())
new_funcs, selfmod = cfg.explore(pt, known, backtrack=backtrack)
pt.debug('[*] Functions')
funcs = sorted(known + new_funcs, key=lambda x: x.addr)
for func in funcs:
pt.debug(' - 0x%x 0x%x' % (func.addr, func.addr + func.size))
pt.debug('')
for func in funcs:
pt.debug('[FUNC] 0x%x-0x%x' % (func.addr, func.addr + func.size))
pt.debug(dis=func.dis())
pt.debug('')
with pt.relopen('funcs', 'w') as f:
for func in funcs:
f.write('%08x %08x\n' % (func.addr, func.addr + func.size))