Python capstone.CS_MODE_BIG_ENDIAN Examples

The following are 3 code examples of capstone.CS_MODE_BIG_ENDIAN(). You can vote up the ones you like or vote down the ones you don't like, and go to the original project or source file by following the links above each example. You may also want to check out all available functions/classes of the module capstone , or try the search function .
Example #1
Source File: disassembler.py    From rekall with GNU General Public License v2.0 6 votes vote down vote up 
def __init__(self, mode, **kwargs):
        super(Capstone, self).__init__(mode, **kwargs)

        if self.mode == "I386":
            self.cs = capstone.Cs(capstone.CS_ARCH_X86, capstone.CS_MODE_32)
        elif self.mode == "AMD64":
            self.cs = capstone.Cs(capstone.CS_ARCH_X86, capstone.CS_MODE_64)
        elif self.mode == "MIPS":
            self.cs = capstone.Cs(capstone.CS_ARCH_MIPS, capstone.CS_MODE_32 +
                                  capstone.CS_MODE_BIG_ENDIAN)
        # This is not really supported yet.
        elif self.mode == "ARM":
            self.cs = capstone.Cs(capstone.CS_ARCH_ARM, capstone.CS_MODE_ARM)
        else:
            raise NotImplementedError(
                "No disassembler available for this arch.")

        self.cs.detail = True
        self.cs.skipdata_setup = ("db", None, None)
        self.cs.skipdata = True
Example #2
Source File: __base__.py    From deen with Apache License 2.0 6 votes vote down vote up 
def __init__(self):
        super(AsmBase, self).__init__()
        # Initialize keystone and capstone as soon as an instance
        # of this plugin will be created.
        if not keystone:
            self.log.debug('Keystone is required for ' + self.__class__.__name__)
            return
        if not capstone:
            self.log.debug('Capstone is required for ' + self.__class__.__name__)
            return
        if getattr(self, 'args', None) and self.args and getattr(self.args, 'bigendian', None) \
                and self.args.bigendian:
            self.ks = keystone.Ks(self.keystone_arch,
                                  self.keystone_mode + keystone.KS_MODE_BIG_ENDIAN)
            self.cs = capstone.Cs(self.capstone_arch,
                                  capstone.CS_MODE_BIG_ENDIAN)
        else:
            self.ks = keystone.Ks(self.keystone_arch,
                                  self.keystone_mode + keystone.KS_MODE_LITTLE_ENDIAN)
            self.cs = capstone.Cs(self.capstone_arch,
                                  capstone.CS_MODE_LITTLE_ENDIAN)
Example #3
Source File: mips_rsp.py    From ios_mips_gdb with GNU Affero General Public License v3.0 6 votes vote down vote up 
def OnDisas(command):
    lex = command.rstrip().split(' ')

    regs =  DisplayRegistersMIPS(GdbCommand('g'))
    pc = hex2int(regs[reg_map_rev['pc']])
    
    for lexem in lex[1:]:
        if lexem != 'aslr':
            if not isValidDword(lexem):
                logger.error('Invalid address supplied')
                return
            pc = hex2int(lexem) 

    logger.debug('OnDisas PC = {}'.format(pc))
    buf = OnReadMem(int2hex(pc - 20 * 4), 40 * 4)
    md = cs.Cs(cs.CS_ARCH_MIPS, cs.CS_MODE_MIPS32 | cs.CS_MODE_BIG_ENDIAN)
    
    if len(lex) > 1:
        if lex[1] == 'aslr' and aslr_offset != None:
            pc -= aslr_offset

    for i in md.disasm(buf.decode('hex'), pc - 20 * 4):
        color = 'green' if i.address == pc else 'blue'
        print("0x%x:\t%s\t%s" %(i.address, colored(i.mnemonic, color), colored(i.op_str, color)))