-
Notifications
You must be signed in to change notification settings - Fork 3
/
OpcodeSequnce.py
42 lines (34 loc) · 1.23 KB
/
OpcodeSequnce.py
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
def disassemble_and_track(start_ea, end_ea):
# Initialize empty list to store instructions
instructions = []
# Iterate through each instruction within the block
ea = start_ea
while ea < end_ea:
# Get instruction information
mnem = idc.Mnem(ea)
op_str = idc.GetDisasm(ea)
operands = op_str.split(" ", 1)[1] if len(op_str.split(" ")) > 1 else ""
# Create instruction dictionary
instruction = {
"address": ea,
"mnemonic": mnem,
"operand": operands
}
# Simulate basic execution flow (limited capabilities)
if mnem == "jmp":
# Follow jump target (limited to direct jumps)
target = idc.GetOperandValue(ea, 0)
if target != BADADDR: # Check for valid target address
ea = target
else:
# Move to the next instruction
ea = idc.NextHead(ea)
instructions.append(instruction)
return instructions
# Example usage:
start_ea = 0x1000 # Replace with your desired start address
end_ea = 0x1050 # Replace with your desired end address
instructions = disassemble_and_track(start_ea, end_ea)
# Print extracted instructions
for instr in instructions:
print(f"Address: {hex(instr['address'])} - Mnemonic: {instr['mnemonic']} - Operand: {instr['operand']}")