-
Notifications
You must be signed in to change notification settings - Fork 847
/
arch.py
92 lines (67 loc) · 1.98 KB
/
arch.py
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
#!/usr/bin/env python
# -*- coding: utf-8 -*-
import struct
import sys
import gdb
from capstone import *
import pwndbg.events
import pwndbg.memoize
import pwndbg.regs
import pwndbg.typeinfo
current = 'i386'
qemu = current
ptrmask = 0xfffffffff
endian = 'little'
ptrsize = pwndbg.typeinfo.ptrsize
fmt = '=I'
native_endian = str(sys.byteorder)
def _get_arch():
not_exactly_arch = False
if pwndbg.proc.alive:
arch = gdb.newest_frame().architecture().name()
else:
arch = gdb.execute("show architecture", to_string=True).strip()
not_exactly_arch = True
# Below, we fix the fetched architecture
for match in ('x86-64', 'i386', 'aarch64', 'mips', 'powerpc', 'sparc'):
if match in arch:
return match
# Distinguish between Cortex-M and other ARM
if 'arm' in arch:
return 'armcm' if '-m' in arch else 'arm'
if not_exactly_arch:
raise RuntimeError("Could not deduce architecture from: %s" % arch)
return arch
@pwndbg.events.start
@pwndbg.events.stop
@pwndbg.events.new_objfile
def update():
m = sys.modules[__name__]
m.current = _get_arch()
m.ptrsize = pwndbg.typeinfo.ptrsize
m.ptrmask = (1 << 8*pwndbg.typeinfo.ptrsize)-1
if 'little' in gdb.execute('show endian', to_string=True).lower():
m.endian = 'little'
else:
m.endian = 'big'
m.fmt = {
(4, 'little'): '<I',
(4, 'big'): '>I',
(8, 'little'): '<Q',
(8, 'big'): '>Q',
}.get((m.ptrsize, m.endian))
# Attempt to detect the qemu-user binary name
if m.current == 'arm' and m.endian == 'big':
m.qemu = 'armeb'
elif m.current == 'mips' and m.endian == 'little':
m.qemu = 'mipsel'
else:
m.qemu = m.current
def pack(integer):
return struct.pack(fmt, integer & ptrmask)
def unpack(data):
return struct.unpack(fmt, data)[0]
def signed(integer):
return unpack(pack(integer), signed=True)
def unsigned(integer):
return unpack(pack(integer))