crabstone 4.0.0 → 4.0.2
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/README.md +22 -7
- data/lib/crabstone/arch.rb +1 -1
- data/lib/crabstone/arch/register.rb +3 -5
- data/lib/crabstone/cs_version.rb +11 -3
- data/lib/crabstone/disassembler.rb +3 -9
- data/lib/crabstone/instruction.rb +14 -19
- data/lib/crabstone/version.rb +1 -1
- metadata +19 -18
checksums.yaml
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
---
|
|
2
2
|
SHA256:
|
|
3
|
-
metadata.gz:
|
|
4
|
-
data.tar.gz:
|
|
3
|
+
metadata.gz: 564490cdd38cff5e73eaa7f63fef9f19e27a58d543574de8755da50e63386405
|
|
4
|
+
data.tar.gz: 0edfc299b230a22c16a0adc5d3d7b3c2387fc6a623deade64a823386efa54eb7
|
|
5
5
|
SHA512:
|
|
6
|
-
metadata.gz:
|
|
7
|
-
data.tar.gz:
|
|
6
|
+
metadata.gz: a68f0c7bb08c664288d682c547aa1b4eecad2d21db754df5ce17e402b86c09d551e2956c0490c987af8b2fac34f05f3d4bcb300736080231b032523353c3b1fd
|
|
7
|
+
data.tar.gz: 91b153b4e6f7e134d4055cc18896ea0c1401dcd2f93bd9cbecfe5e52963cde49aa3af1c349e128089202c3ec5c940a520057bbd93f8ba5105e6cbafe7c58e813
|
data/README.md
CHANGED
|
@@ -1,7 +1,13 @@
|
|
|
1
|
+
[](https://badge.fury.io/rb/crabstone)
|
|
2
|
+
[](https://travis-ci.org/david942j/crabstone)
|
|
3
|
+
[](https://codeclimate.com/github/david942j/crabstone)
|
|
4
|
+
[](https://codeclimate.com/github/david942j/crabstone/coverage)
|
|
5
|
+
[](https://opensource.org/licenses/BSD-3-Clause)
|
|
6
|
+
|
|
1
7
|
crabstone
|
|
2
8
|
====
|
|
3
9
|
|
|
4
|
-
Current library support: 4
|
|
10
|
+
Current library support: Capstone 3 \& 4
|
|
5
11
|
----
|
|
6
12
|
|
|
7
13
|
( FROM THE CAPSTONE README )
|
|
@@ -12,22 +18,31 @@ disasm engine for binary analysis and reversing in the security community.
|
|
|
12
18
|
Created by Nguyen Anh Quynh, then developed and maintained by a small community,
|
|
13
19
|
Capstone offers some unparalleled features:
|
|
14
20
|
|
|
15
|
-
- Support multiple hardware architectures: ARM, ARM64 (
|
|
21
|
+
- Support multiple hardware architectures: ARM, ARM64 (ARMv8), Ethereum VM, M68K,
|
|
22
|
+
Mips, MOS65XX, PPC, Sparc, SystemZ, TMS320C64X, M680X, XCore and X86 (including X86_64).
|
|
16
23
|
|
|
17
24
|
- Having clean/simple/lightweight/intuitive architecture-neutral API.
|
|
18
25
|
|
|
19
26
|
- Provide details on disassembled instruction (called “decomposer” by others).
|
|
20
27
|
|
|
21
28
|
- Provide semantics of the disassembled instruction, such as list of implicit
|
|
22
|
-
|
|
29
|
+
registers read & written.
|
|
23
30
|
|
|
24
|
-
- Implemented in pure C language, with lightweight
|
|
25
|
-
|
|
31
|
+
- Implemented in pure C language, with lightweight bindings for D, Clojure, F#,
|
|
32
|
+
Common Lisp, Visual Basic, PHP, PowerShell, Emacs, Haskell, Perl, Python,
|
|
33
|
+
Ruby, C#, NodeJS, Java, GO, C++, OCaml, Lua, Rust, Delphi, Free Pascal & Vala
|
|
34
|
+
ready either in main code, or provided externally by the community.
|
|
26
35
|
|
|
27
|
-
- Native support for
|
|
36
|
+
- Native support for all popular platforms: Windows, Mac OSX, iOS, Android,
|
|
37
|
+
Linux, \*BSD, Solaris, etc.
|
|
28
38
|
|
|
29
39
|
- Thread-safe by design.
|
|
30
40
|
|
|
41
|
+
- Special support for embedding into firmware or OS kernel.
|
|
42
|
+
|
|
43
|
+
- High performance & suitable for malware analysis (capable of handling various
|
|
44
|
+
X86 malware tricks).
|
|
45
|
+
|
|
31
46
|
- Distributed under the open source BSD license.
|
|
32
47
|
|
|
33
48
|
To install:
|
|
@@ -80,7 +95,7 @@ If you feel like chipping in, especially with better tests or examples, or (plea
|
|
|
80
95
|
|
|
81
96
|
|
|
82
97
|
Library Author: Nguyen Anh Quynh
|
|
83
|
-
Binding Authors: Nguyen Anh Quynh, Tan Sheng Di, Ben Nagy
|
|
98
|
+
Binding Authors: Nguyen Anh Quynh, Tan Sheng Di, Ben Nagy, david942j
|
|
84
99
|
License: BSD style - details in the LICENSE file
|
|
85
100
|
(c) 2013 COSEINC. All Rights Reserved.
|
|
86
101
|
|
data/lib/crabstone/arch.rb
CHANGED
|
@@ -4,7 +4,7 @@ require 'crabstone/constants'
|
|
|
4
4
|
require 'crabstone/cs_version'
|
|
5
5
|
|
|
6
6
|
# require all files under 'crabstone/arch/<cs_major_version>'
|
|
7
|
-
Dir.glob(File.join(__dir__, 'arch', Crabstone.cs_major_version.to_s, '*.rb')).each do |f|
|
|
7
|
+
Dir.glob(File.join(__dir__, 'arch', Crabstone.cs_major_version.to_s, '*.rb')).sort.each do |f|
|
|
8
8
|
require f
|
|
9
9
|
end
|
|
10
10
|
|
|
@@ -8,11 +8,9 @@ module Crabstone
|
|
|
8
8
|
# @param [Integer, String, Symbol] reg
|
|
9
9
|
# @return [Integer]
|
|
10
10
|
def register(reg)
|
|
11
|
-
if
|
|
12
|
-
|
|
13
|
-
|
|
14
|
-
dict[reg.to_s.upcase] || invalid
|
|
15
|
-
end
|
|
11
|
+
return reg if value?(reg)
|
|
12
|
+
|
|
13
|
+
dict[reg.to_s.upcase] || invalid
|
|
16
14
|
end
|
|
17
15
|
|
|
18
16
|
private
|
data/lib/crabstone/cs_version.rb
CHANGED
|
@@ -2,6 +2,7 @@
|
|
|
2
2
|
|
|
3
3
|
require 'ffi'
|
|
4
4
|
|
|
5
|
+
require 'crabstone/constants'
|
|
5
6
|
require 'crabstone/version'
|
|
6
7
|
|
|
7
8
|
module Crabstone
|
|
@@ -25,18 +26,25 @@ module Crabstone
|
|
|
25
26
|
# @return [Integer]
|
|
26
27
|
# Returns the major version of Capstone.
|
|
27
28
|
def cs_major_version
|
|
28
|
-
|
|
29
|
+
cs_version.first
|
|
30
|
+
end
|
|
31
|
+
|
|
32
|
+
# @return [(Integer, Integer)]
|
|
33
|
+
def cs_version
|
|
34
|
+
return @cs_version if defined?(@cs_version)
|
|
29
35
|
|
|
30
36
|
maj = FFI::MemoryPointer.new(:int)
|
|
31
37
|
min = FFI::MemoryPointer.new(:int)
|
|
32
38
|
Binding.cs_version(maj, min)
|
|
33
|
-
@
|
|
39
|
+
@cs_version = [maj.read_int, min.read_int]
|
|
34
40
|
end
|
|
35
41
|
|
|
36
42
|
# Checks the cs_major is less or equal to Crabstone::VERSION.
|
|
37
43
|
def version_compatitable!
|
|
38
44
|
@version_compatitable ||=
|
|
39
|
-
cs_major_version <= Crabstone::
|
|
45
|
+
cs_major_version <= Crabstone::BINDING_MAJ && cs_major_version >= 3
|
|
46
|
+
maj, min = cs_version
|
|
47
|
+
raise "FATAL: Crabstone v#{VERSION} doesn't support binding Capstone v#{maj}.#{min}" unless @version_compatitable
|
|
40
48
|
end
|
|
41
49
|
|
|
42
50
|
# @private
|
|
@@ -3,9 +3,9 @@
|
|
|
3
3
|
require 'ffi'
|
|
4
4
|
|
|
5
5
|
require 'crabstone/binding'
|
|
6
|
+
require 'crabstone/cs_version'
|
|
6
7
|
require 'crabstone/error'
|
|
7
8
|
require 'crabstone/instruction'
|
|
8
|
-
require 'crabstone/version'
|
|
9
9
|
|
|
10
10
|
module Crabstone
|
|
11
11
|
class Disassembler
|
|
@@ -28,9 +28,6 @@ module Crabstone
|
|
|
28
28
|
attr_reader :arch, :mode, :csh, :syntax, :decomposer
|
|
29
29
|
|
|
30
30
|
def initialize(arch, mode)
|
|
31
|
-
maj, min = version
|
|
32
|
-
raise "FATAL: Crabstone v#{VERSION} doesn't support binding Capstone v#{maj}.#{min}" if maj > BINDING_MAJ
|
|
33
|
-
|
|
34
31
|
@arch = arch
|
|
35
32
|
@mode = mode
|
|
36
33
|
@p_csh = FFI::MemoryPointer.new(:ulong_long)
|
|
@@ -61,10 +58,7 @@ module Crabstone
|
|
|
61
58
|
end
|
|
62
59
|
|
|
63
60
|
def version
|
|
64
|
-
|
|
65
|
-
min = FFI::MemoryPointer.new(:int)
|
|
66
|
-
Binding.cs_version(maj, min)
|
|
67
|
-
[maj.read_int, min.read_int]
|
|
61
|
+
Crabstone.cs_version
|
|
68
62
|
end
|
|
69
63
|
|
|
70
64
|
def diet?
|
|
@@ -147,7 +141,7 @@ module Crabstone
|
|
|
147
141
|
end
|
|
148
142
|
|
|
149
143
|
def safe
|
|
150
|
-
yield.tap { |res| Crabstone.raise_errno(res) unless res.zero? }
|
|
144
|
+
yield.tap { |res| Crabstone::Error.raise_errno!(res) unless res.zero? }
|
|
151
145
|
end
|
|
152
146
|
end
|
|
153
147
|
end
|
|
@@ -122,26 +122,21 @@ module Crabstone
|
|
|
122
122
|
# members that have special handling for detail mode or diet mode are
|
|
123
123
|
# handled above. The rest is dynamically dispatched below.
|
|
124
124
|
def method_missing(meth, *args)
|
|
125
|
-
|
|
126
|
-
|
|
127
|
-
|
|
128
|
-
else
|
|
129
|
-
|
|
130
|
-
|
|
131
|
-
|
|
132
|
-
|
|
133
|
-
|
|
134
|
-
)
|
|
135
|
-
end
|
|
136
|
-
# Dispatch to the architecture specific Instruction ( in arch/ )
|
|
137
|
-
if @arch_insn.respond_to?(meth)
|
|
138
|
-
@arch_insn.__send__(meth, *args)
|
|
139
|
-
elsif @arch_insn.members.include?(meth)
|
|
140
|
-
@arch_insn[meth]
|
|
141
|
-
else
|
|
142
|
-
super
|
|
143
|
-
end
|
|
125
|
+
# Dispatch to toplevel Instruction class ( this file )
|
|
126
|
+
return raw_insn[meth] if raw_insn.members.include?(meth)
|
|
127
|
+
|
|
128
|
+
# Nothing else is available without details.
|
|
129
|
+
unless detailed?
|
|
130
|
+
raise(
|
|
131
|
+
NoMethodError,
|
|
132
|
+
"Either CS_DETAIL is off, or #{self.class} doesn't implement #{meth}"
|
|
133
|
+
)
|
|
144
134
|
end
|
|
135
|
+
# Dispatch to the architecture specific Instruction ( in arch/ )
|
|
136
|
+
return @arch_insn.__send__(meth, *args) if @arch_insn.respond_to?(meth)
|
|
137
|
+
return @arch_insn[meth] if @arch_insn.members.include?(meth)
|
|
138
|
+
|
|
139
|
+
super
|
|
145
140
|
end
|
|
146
141
|
|
|
147
142
|
def respond_to_missing?(meth, include_private = true)
|
data/lib/crabstone/version.rb
CHANGED
metadata
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
|
2
2
|
name: crabstone
|
|
3
3
|
version: !ruby/object:Gem::Version
|
|
4
|
-
version: 4.0.
|
|
4
|
+
version: 4.0.2
|
|
5
5
|
platform: ruby
|
|
6
6
|
authors:
|
|
7
7
|
- Ben Nagy
|
|
@@ -9,7 +9,7 @@ authors:
|
|
|
9
9
|
autorequire:
|
|
10
10
|
bindir: bin
|
|
11
11
|
cert_chain: []
|
|
12
|
-
date:
|
|
12
|
+
date: 2020-05-22 00:00:00.000000000 Z
|
|
13
13
|
dependencies:
|
|
14
14
|
- !ruby/object:Gem::Dependency
|
|
15
15
|
name: ffi
|
|
@@ -31,56 +31,56 @@ dependencies:
|
|
|
31
31
|
requirements:
|
|
32
32
|
- - "~>"
|
|
33
33
|
- !ruby/object:Gem::Version
|
|
34
|
-
version: '
|
|
34
|
+
version: '13'
|
|
35
35
|
type: :development
|
|
36
36
|
prerelease: false
|
|
37
37
|
version_requirements: !ruby/object:Gem::Requirement
|
|
38
38
|
requirements:
|
|
39
39
|
- - "~>"
|
|
40
40
|
- !ruby/object:Gem::Version
|
|
41
|
-
version: '
|
|
41
|
+
version: '13'
|
|
42
42
|
- !ruby/object:Gem::Dependency
|
|
43
43
|
name: rspec
|
|
44
44
|
requirement: !ruby/object:Gem::Requirement
|
|
45
45
|
requirements:
|
|
46
46
|
- - "~>"
|
|
47
47
|
- !ruby/object:Gem::Version
|
|
48
|
-
version: '3.
|
|
48
|
+
version: '3.9'
|
|
49
49
|
type: :development
|
|
50
50
|
prerelease: false
|
|
51
51
|
version_requirements: !ruby/object:Gem::Requirement
|
|
52
52
|
requirements:
|
|
53
53
|
- - "~>"
|
|
54
54
|
- !ruby/object:Gem::Version
|
|
55
|
-
version: '3.
|
|
55
|
+
version: '3.9'
|
|
56
56
|
- !ruby/object:Gem::Dependency
|
|
57
57
|
name: rubocop
|
|
58
58
|
requirement: !ruby/object:Gem::Requirement
|
|
59
59
|
requirements:
|
|
60
60
|
- - "~>"
|
|
61
61
|
- !ruby/object:Gem::Version
|
|
62
|
-
version: '0.
|
|
62
|
+
version: '0.84'
|
|
63
63
|
type: :development
|
|
64
64
|
prerelease: false
|
|
65
65
|
version_requirements: !ruby/object:Gem::Requirement
|
|
66
66
|
requirements:
|
|
67
67
|
- - "~>"
|
|
68
68
|
- !ruby/object:Gem::Version
|
|
69
|
-
version: '0.
|
|
69
|
+
version: '0.84'
|
|
70
70
|
- !ruby/object:Gem::Dependency
|
|
71
71
|
name: simplecov
|
|
72
72
|
requirement: !ruby/object:Gem::Requirement
|
|
73
73
|
requirements:
|
|
74
74
|
- - "~>"
|
|
75
75
|
- !ruby/object:Gem::Version
|
|
76
|
-
version: '0.
|
|
76
|
+
version: '0.18'
|
|
77
77
|
type: :development
|
|
78
78
|
prerelease: false
|
|
79
79
|
version_requirements: !ruby/object:Gem::Requirement
|
|
80
80
|
requirements:
|
|
81
81
|
- - "~>"
|
|
82
82
|
- !ruby/object:Gem::Version
|
|
83
|
-
version: '0.
|
|
83
|
+
version: '0.18'
|
|
84
84
|
- !ruby/object:Gem::Dependency
|
|
85
85
|
name: versionomy
|
|
86
86
|
requirement: !ruby/object:Gem::Requirement
|
|
@@ -95,13 +95,9 @@ dependencies:
|
|
|
95
95
|
- - "~>"
|
|
96
96
|
- !ruby/object:Gem::Version
|
|
97
97
|
version: '0.5'
|
|
98
|
-
description: |2
|
|
99
|
-
|
|
98
|
+
description: |2
|
|
100
99
|
Capstone is a disassembly engine written by Nguyen Anh Quynh, available here
|
|
101
|
-
https://github.com/aquynh/capstone. This is the Ruby FFI binding.
|
|
102
|
-
against MRI 2.0.0, 2.1.0 and JRuby 1.7.8. AFAIK it works with rubinius
|
|
103
|
-
2.2.1.
|
|
104
|
-
|
|
100
|
+
https://github.com/aquynh/capstone. This is the Ruby FFI binding.
|
|
105
101
|
email:
|
|
106
102
|
- crabstone@ben.iagu.net
|
|
107
103
|
- david942j@gmail.com
|
|
@@ -174,7 +170,12 @@ files:
|
|
|
174
170
|
homepage: https://github.com/david942j/crabstone
|
|
175
171
|
licenses:
|
|
176
172
|
- BSD-3-Clause
|
|
177
|
-
metadata:
|
|
173
|
+
metadata:
|
|
174
|
+
bug_tracker_uri: https://github.com/david942j/crabstone/issues
|
|
175
|
+
changelog_uri: https://github.com/david942j/crabstone/blob/master/CHANGES.md
|
|
176
|
+
documentation_uri: https://www.rubydoc.info/gems/crabstone
|
|
177
|
+
homepage_uri: https://github.com/david942j/crabstone
|
|
178
|
+
source_code_uri: https://github.com/david942j/crabstone
|
|
178
179
|
post_install_message:
|
|
179
180
|
rdoc_options: []
|
|
180
181
|
require_paths:
|
|
@@ -190,7 +191,7 @@ required_rubygems_version: !ruby/object:Gem::Requirement
|
|
|
190
191
|
- !ruby/object:Gem::Version
|
|
191
192
|
version: '0'
|
|
192
193
|
requirements: []
|
|
193
|
-
rubygems_version: 3.0.
|
|
194
|
+
rubygems_version: 3.0.3
|
|
194
195
|
signing_key:
|
|
195
196
|
specification_version: 4
|
|
196
197
|
summary: Ruby FFI bindings for the capstone disassembly engine
|