Skip to content
This repository

HTTPS clone URL

Subversion checkout URL

You can clone with HTTPS or Subversion.

Download ZIP

Disassemble eip #8

Closed
cperdana opened this Issue May 23, 2012 · 6 comments

2 participants

Muhammad Hafiz Angelo Dell'Aera
Muhammad Hafiz

With current pylibemu, Is it possible to disassemble eip (to assembly)?

Angelo Dell'Aera
Owner
buffer commented May 23, 2012

Currently not but if you're interested in such stuff I will take a look at libemu source code and wrap what you need.

Muhammad Hafiz

Currently I use external tools to disassemble. But it would be appropriated to use libemu for that.
Hint from common:
1)CPU_DEBUG_FLAG_SET(cpu,instruction_string);
2)cpu->instr_string is yours

unfortunately I cant comprehend :)

Muhammad Hafiz

Hi,
Hope you can add this method to class Emulator

def get_instruction(self):
    return emu_cpu_get(self._emu).instr_string

emu.cpu_debugflag_set(1) must be called first followed by emu.cpu_parse() before calling get_instruction().

Angelo Dell'Aera buffer referenced this issue from a commit July 05, 2012
Angelo Dell'Aera Disassemble current instruction
	Issue #8: Disassemble EIP (solved)
d0b61a1
Angelo Dell'Aera
Owner
buffer commented July 05, 2012

Just committed a patch which does what you need.

The method is called cpu_get_current_instruction and can be called safely because it handles setting the debug flag and CPU parsing by itself. Please check if it works correctly for you too.

PS Sorry for the delay I added this method...

Muhammad Hafiz
Angelo Dell'Aera buffer closed this July 09, 2012
Muhammad Hafiz

hi,
After experimenting with the cpu_get_current_instruction(), I would prefer a plain method, just return cpu->instr_string.
The debug flag and parsing should be call manually by the coder him self, as the code in sctestmain.c

I need this flexibility, because in my implementation, I will call cpu_parse() explicitly before call cpu_get_current_instruction().

Hope you dont mind.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Something went wrong with that request. Please try again.