Skip to content

geohot/eda-3

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

87 Commits
cores
cores
 
 
edadb
edadb
 
 
flask
flask
 
 
isdf
isdf
 
 
tmp
tmp
 
 
www
www
 
 
.gitignore
.gitignore
 
 
BUGS
BUGS
 
 
CMakeLists.txt
CMakeLists.txt
 
 
README
README
 
 
go.sh
go.sh
 
 

Repository files navigation

This is EDA3, the fourth EDA

New Instructions:
* Install python packages I'm too lazy to enumerate
* Run ./go.sh
* Visit http://localhost:5000/
* Use xvi to upload file

Coming Soon:
* Use 0xFFFFFFFF as global tag storage
* Support mode switching with spacebar in IDA
* Support a,c,d hotkeys

flask/ -- the new backend storage and webserver in python
  eda.py -- the main server
edadb/ -- the backend storage system for raw ram
  byte.* -- the Byte class
  memory.* -- the Memory class
www/ -- the directory root(ish) of apache
  css/ -- base css files
  edadb/ -- PHP endpoints to access the EDAdb
  flat/ -- flat viewer
  ida/ -- nice graph viewer webapp
  isdf/ -- instruction set entry system
  js/ -- common javascript files
    base.js -- basic functions that should be a part of core javascript(not EDA specific)
    db.js -- the better client side edadb, actually classish
    dbmanager.js -- the client side version of the edadb
    jquery-1.6.1.min.js -- jquery
  static/ -- static analyzer
  viewtest/ -- testing for the new view system
  xvi/ -- xvi32 hex editor webapp

Requirements:
* PHP and a webserver
* Thrift
* gtest for C++ testing
* Boost for db saving and loading
* graphviz(dot) for graph layout
* v8 for MMIO exec
* node for elfloading from tests

Build instructions:
* create a build dir outside the eda-3 dir and cmake eda-3/edadb
* do make in build dir and ./edadb
* symlink the www directory to http://yourcomp/eda/
* visit http://yourcomp/eda/ and pick a tool :)

Philosophy:
Functional first, then fast(don't prematurely optimise)
Not invented here is an antipattern, use third party code
It only supports Chrome, because Chrome is the best browser ever
EDA solves the halting problem
Registers are just memory, ex 0xEDA00000 = R0, 0xEDA00004 = R1, ...
A CPU takes in a state and outputs the delta to the next state
Each instruction is a changelist
Each run of an instruction is a commit

Design:
All state is held in the EDAdb.
The EDAdb has a one byte entry for each address in a 64-bit memory space.
Each byte has a complete history of it's value and a set of tags
These tags hold everything about the byte

Implemented tags:
* len -- number of bytes that go with this one, forming a word, ex "1", "2", "4"
* endian -- the endianness of that word, ex "little", "big"
* iset -- the instruction set of the word, if it's an instruction, ex "arm", "x86", "thumb"
* comment -- comment on this byte
* parsed -- the parsed instruction, ex "\t{\o{ADD}}\l{0xEDA0001C}, \l{0xEDA00034}, #\i{8}"
  * \t{...} - left instructionish region
  * \o{...} - opcode ex \o{ADD}
  * \c{...} - condition ex \c{NE}
  * \f{...} - flag ex \f{S}
  * \l{addr} - location(these are registers) ex \l{0xEDA0001C}
  * \i{num} - immed
* flow -- JSON array of places outside the normal flow this can go, ex "['O3A40']"
  * Oxxxx - optional, green line in IDA
  * Axxxx - always, blue line in IDA
  * Cxxxx - call, doesn't interupt basic block
  * Xxxxx - xref, doesn't interupt basic block
  * R - return
* scope -- start address of function this is in
* function -- list of addresses in function 3A30:50 is format

Global tags(0xFFFFFFFF):
* range_start
* range_length
* endian

Considering tags:
* compiled -- the javascript code that actually runs the instruction, can call instruction set locals
* mmio -- javascript to run when this is read or written
* type -- the type

About

eda-3 from many years ago

Resources

Readme
Activity

Stars

14 stars

Watchers

4 watching

Forks

3 forks
Report repository

Releases

No releases published

Packages

No packages published

Languages