Python unicorn.UC_HOOK_MEM_WRITE Examples
The following are 5
code examples of unicorn.UC_HOOK_MEM_WRITE().
You can vote up the ones you like or vote down the ones you don't like,
and go to the original project or source file by following the links above each example.
You may also want to check out all available functions/classes of the module
unicorn
, or try the search function
.
.
Example #1
| Source File: rainbow.py From rainbow with GNU Lesser General Public License v3.0 | 6 votes |
|
def setup(self, sca_mode):
""" Sets up a stack and adds base hooks to the engine """
## Add a stack
self.map_space(*self.STACK)
## Add hooks
self.mem_unmapped_hook = self.emu.hook_add(uc.UC_HOOK_MEM_UNMAPPED, self.unmapped_hook)
self.block_hook = self.emu.hook_add(uc.UC_HOOK_BLOCK, self.block_handler)
if sca_mode:
if (self.sca_HD):
self.ct_hook = self.emu.hook_add(uc.UC_HOOK_CODE, self.sca_code_traceHD)
else:
self.ct_hook = self.emu.hook_add(uc.UC_HOOK_CODE, self.sca_code_trace)
self.tm_hook = self.emu.hook_add(
uc.UC_HOOK_MEM_READ | uc.UC_HOOK_MEM_WRITE, self.sca_trace_mem
)
else:
self.code_hook = self.emu.hook_add(uc.UC_HOOK_CODE, self.code_trace)
self.mem_access_hook = self.emu.hook_add( uc.UC_HOOK_MEM_READ | uc.UC_HOOK_MEM_WRITE, self.trace_mem)
Example #2
| Source File: unicorn_protocol.py From avatar2 with Apache License 2.0 | 6 votes |
|
def set_watchpoint(self, variable, write=True, read=False):
"""Insert a watchpoint.
This is currently NOT WORKING because of a bug in Unicorn.
See https://github.com/unicorn-engine/unicorn/issues/972 for further details.
:param variable: address to watch
:param write: whether to watch writes
:param read: whether to watch reads
:return: watchpoint number
"""
# TODO variable <-> addr
bkptno = len(self._breakpoints)
hooks = []
if write is True:
hooks.append(self.uc.hook_add(unicorn.UC_HOOK_MEM_WRITE, self._watchpoint_hook,
begin=variable, end=variable, user_data=bkptno))
if read is True:
hooks.append(self.uc.hook_add(unicorn.UC_HOOK_MEM_READ, self._watchpoint_hook,
begin=variable, end=variable, user_data=bkptno))
self._breakpoints.append(UnicornBreakpoint(hooks=hooks))
return bkptno
Example #3
| Source File: unicorn_trace.py From bootloader_instrumentation_suite with MIT License | 6 votes |
|
def setup_emulator(self):
# init register values
for r in self.machine.initregs:
regval = self.controller.get_reg_value(r, True)
regnum = self.machine.get_reg_id(r)
self.emu.reg_write(regnum, regval)
mappings = self.machine.get_mappings()
for m in mappings:
self.emu.mem_map(m.start, m.size, unicorn.UC_PROT_ALL)
bs = self.machine.read_memory(m.start, m.size)
self.emu.mem_write(m.start, bs)
self.emu.hook_add(unicorn.UC_HOOK_MEM_WRITE,
self.write_hook)
self.emu.hook_add(unicorn.UC_HOOK_CODE,
self.i_hook)
self.emu.hook_add(unicorn.UC_HOOK_MEM_READ_UNMAPPED |
unicorn.UC_HOOK_MEM_WRITE_UNMAPPED,
self.hook_mem_invalid)
self.machine.hook_syscall(self.emu, self.hook_syscall)
Example #4
| Source File: emulator.py From cemu with MIT License | 5 votes |
|
def create_new_vm(self) -> None:
"""
Create a new VM, and sets up the hooks
"""
arch, mode, endian = get_arch_mode("unicorn", self.root.arch)
self.vm = unicorn.Uc(arch, mode | endian)
self.vm.hook_add(unicorn.UC_HOOK_BLOCK, self.hook_block)
self.vm.hook_add(unicorn.UC_HOOK_CODE, self.hook_code)
self.vm.hook_add(unicorn.UC_HOOK_INTR, self.hook_interrupt)
self.vm.hook_add(unicorn.UC_HOOK_MEM_WRITE, self.hook_mem_access)
self.vm.hook_add(unicorn.UC_HOOK_MEM_READ, self.hook_mem_access)
if is_x86(self.root.arch):
self.vm.hook_add(unicorn.UC_HOOK_INSN, self.hook_syscall, None, 1, 0, unicorn.x86_const.UC_X86_INS_SYSCALL)
return
Example #5
| Source File: gdb_tools.py From bootloader_instrumentation_suite with MIT License | 4 votes |
|
def __init__(self, controller, r, stage):
# controller.gdb_print("creating longwrite break\n")
self.emptywrite = {'start': None,
'end': None,
'pc': None}
self.writeinfo = self.emptywrite
self.breakaddr = r['breakaddr']
self.contaddr = r['contaddr']
self.writeaddr = r['writeaddr']
self.thumb = r['thumb']
r2.gets(stage.elf, "s 0x%x" % self.writeaddr)
if self.thumb:
self.emu = unicorn.Uc(unicorn.UC_ARCH_ARM, unicorn.UC_MODE_THUMB)
r2.gets(stage.elf, "ahb 16")
r2.gets(stage.elf, "e asm.bits=16")
self.cs = capstone.Cs(capstone.CS_ARCH_ARM, capstone.CS_MODE_THUMB)
else:
self.emu = unicorn.Uc(unicorn.UC_ARCH_ARM, unicorn.UC_MODE_ARM)
r2.gets(stage.elf, "ahb 32")
r2.gets(stage.elf, "e asm.bits=32")
self.cs = capstone.Cs(capstone.CS_ARCH_ARM, capstone.CS_MODE_ARM)
r2.get(stage.elf, "pdj 1")
self.cs.detail = True
self.info = staticanalysis.LongWriteInfo(stage.elf, r['start'],
r['end'], self.thumb)
self.inss = []
self.regs = set()
self.bytes = b""
self.dst_addrs = []
self.write_size = r['writesize']
for i in self.info.bbs:
self.inss.append(i)
bs = i["bytes"].decode("hex")
self.bytes += b"%s" % bs
ci = next(self.cs.disasm(bs, i["offset"], 1))
if i["offset"] == self.writeaddr:
self.write_ins = ci
(read, write) = ci.regs_access()
for rs in (read, write):
self.regs.update([ci.reg_name(rn).encode('ascii') for rn in rs])
self.emu.mem_map(0, 0xFFFFFFFF + 1, unicorn.UC_PROT_ALL)
self.emu.mem_write(self.inss[0]["offset"], self.bytes)
self.emu.hook_add(unicorn.UC_HOOK_MEM_WRITE, self.write_hook)
self.spec = "*(0x%x)" % r['breakaddr']
TargetBreak.__init__(self, self.spec, controller, True, stage, r=r)
