orgasm 0.0.1a1 → 0.0.1a2

data/bin/disorgasm

@@ -0,0 +1,3 @@
+#! /usr/bin/env ruby
+require 'rubygems'
+require 'orgasm'

data/lib/orgasm/arch/i386/disassembler.rb

@@ -0,0 +1,178 @@
+#--
+# Copyleft meh. [http://meh.paranoid.pk | meh@paranoici.org]
+#
+# This file is part of orgasm.
+#
+# orgasm is free software: you can redistribute it and/or modify
+# it under the terms of the GNU Affero General Public License as published
+# by the Free Software Foundation, either version 3 of the License, or
+# (at your option) any later version.
+#
+# orgasm is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+# GNU Affero General Public License for more details.
+#
+# You should have received a copy of the GNU Affero General Public License
+# along with orgasm. If not, see <http://www.gnu.org/licenses/>.
+#++
+
+module Orgasm
+
+Disassembler.for('i386') {
+  reg = registers = Class.new(Hash) {
+    def initialize
+      merge!(
+        32 => {
+          EAX: 0x0,
+          ECX: 0x1,
+          EDX: 0x2,
+          EBX: 0x3,
+          ESP: 0x4,
+          EBP: 0x5,
+          ESI: 0x6,
+          EDI: 0x7
+        },
+
+        16 => {
+          AX: 0x0,
+          CX: 0x1,
+          DX: 0x2,
+          BX: 0x3,
+          SP: 0x4,
+          BP: 0x5,
+          SI: 0x6,
+          DI: 0x7
+        },
+
+        8 => {
+          AL: 0x0,
+          CL: 0x1,
+          DL: 0x2,
+          BL: 0x3,
+          AH: 0x4,
+          CH: 0x5,
+          DH: 0x6,
+          BH: 0x7
+        }
+      )
+    end
+
+    def source (byte, bits=32)
+      self[bits].key((byte & 0x38) >> 3)
+    end
+
+    def destination (byte, bits=32)
+      self[bits].key(byte & 0x07)
+    end; alias dest destination
+  }.new
+
+  on ?\x01, ?\x09, ?\x11, ?\x19, ?\x21, ?\x25, ?\x29, ?\x31, ?\x39, ?\x85, ?\x86, ?\x87, ?\x89, ?\xA1, ?\xA3 do
+    increment = 1
+
+    seek 1 do
+      read 1 do |data|
+        increment += 1 if data.to_byte & 0x07 == reg[32][:ESP]
+        increment += 1 if (data.to_byte & 0xC0) >> 6 == 0x01
+
+        if (data.to_byte & 0xC0) >> 6 == 0x10
+          Unknown.new(1)
+        end
+      end
+    end
+
+    on ?\x01 do
+      Instruction.new(:add) {|i|
+        seek +1
+
+        read 1 do |data|
+          i.parameters << Register.new(reg.source(data.to_byte), 32)
+          i.parameters << Register.new(reg.destination(data.to_byte), 32)
+        end
+
+        seek increment
+      }
+    end
+
+    on ?\x09 do
+      Instruction.new(:or) {
+        seek +1
+      }
+    end
+
+    on ?\x11 do
+      Instruction.new(:adc) {
+        seek +1
+      }
+    end
+
+    on ?\x19 do
+      Instruction.new(:sbb) {
+        seek +1
+      }
+    end
+
+    on ?\x21, ?\x25 do
+      Instruction.new(:ad) {
+        seek +1
+      }
+    end
+
+    on ?\x29 do
+      Instruction.new(:sub) {
+        seek +1
+      }
+    end
+
+    on ?\x31 do
+      Instruction.new(:xor) {
+        seek +1
+      }
+    end
+
+    on ?\x19 do
+      Instruction.new(:cmp) {
+        seek +1
+      }
+    end
+
+    on ?\x85 do
+      Instruction.new(:test) {
+        seek +1
+      }
+    end
+
+    on ?\x86 do
+      Instruction.new(:xchg) {
+        seek +1
+
+        # 8bit
+      }
+    end
+
+    on ?\x87 do
+      Instruction.new(:xchg) {
+        seek +1
+      }
+    end
+
+    on ?\x89 do
+      Instruction.new(:mov) {
+        seek +1
+
+        read 1 do |data|
+          increment = 5 if data.to_byte & 0x07 == 0x05 && data.to_byte < 0x40
+        end
+      }
+    end
+
+    on ?\xA1, ?\xA3 do
+      # increment = 4
+      Instruction.new(:mov) {
+        seek +1
+      }
+    end
+  end
+}
+
+end

data/lib/orgasm/assembler.rb

@@ -0,0 +1,43 @@
+#--
+# Copyleft meh. [http://meh.paranoid.pk | meh@paranoici.org]
+#
+# This file is part of orgasm.
+#
+# orgasm is free software: you can redistribute it and/or modify
+# it under the terms of the GNU Affero General Public License as published
+# by the Free Software Foundation, either version 3 of the License, or
+# (at your option) any later version.
+#
+# orgasm is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+# GNU Affero General Public License for more details.
+#
+# You should have received a copy of the GNU Affero General Public License
+# along with orgasm. If not, see <http://www.gnu.org/licenses/>.
+#++
+
+module Orgasm
+
+class Assembler
+  @@archs = {}
+
+  def self.for (arch, &block)
+    if block
+      @@archs[arch] = self.new(arch, &block)
+    else
+      @@archs[arch]
+    end
+  end
+
+  attr_reader :architecture, :features
+
+  alias arch architecture
+
+  def initialize (architecture, features=[])
+    @architecture = architecture
+    @features     = features
+  end
+end
+
+end

data/lib/orgasm/common/address.rb

@@ -0,0 +1,49 @@
+#--
+# Copyleft meh. [http://meh.paranoid.pk | meh@paranoici.org]
+#
+# This file is part of orgasm.
+#
+# orgasm is free software: you can redistribute it and/or modify
+# it under the terms of the GNU Affero General Public License as published
+# by the Free Software Foundation, either version 3 of the License, or
+# (at your option) any later version.
+#
+# orgasm is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+# GNU Affero General Public License for more details.
+#
+# You should have received a copy of the GNU Affero General Public License
+# along with orgasm. If not, see <http://www.gnu.org/licenses/>.
+#++
+
+module Orgasm
+
+class Address
+  attr_reader :start
+
+  def initialize (value, offset=nil)
+    if offset
+      @start = value
+      @value = offset.to_i
+    else
+      @value = value.to_i
+    end
+
+    yield self if block_given?
+  end
+
+  def offset?
+    !!start
+  end
+
+  def to_i
+    @value
+  end
+
+  def to_s
+    offset? ? "[#{start}+#{to_i}]" : "0x%x" % to_i
+  end
+end
+
+end

data/lib/orgasm/common/constant.rb

@@ -0,0 +1,37 @@
+#--
+# Copyleft meh. [http://meh.paranoid.pk | meh@paranoici.org]
+#
+# This file is part of orgasm.
+#
+# orgasm is free software: you can redistribute it and/or modify
+# it under the terms of the GNU Affero General Public License as published
+# by the Free Software Foundation, either version 3 of the License, or
+# (at your option) any later version.
+#
+# orgasm is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+# GNU Affero General Public License for more details.
+#
+# You should have received a copy of the GNU Affero General Public License
+# along with orgasm. If not, see <http://www.gnu.org/licenses/>.
+#++
+
+module Orgasm
+
+class Constant
+  attr_reader :size
+
+  def initialize (value, size)
+    @value = value.to_i
+    @size  = size
+
+    yield self if block_given?
+  end
+
+  def to_i
+    @value
+  end
+end
+
+end

data/lib/orgasm/common/extensions.rb

@@ -0,0 +1,22 @@
+#--
+# Copyleft meh. [http://meh.paranoid.pk | meh@paranoici.org]
+#
+# This file is part of orgasm.
+#
+# orgasm is free software: you can redistribute it and/or modify
+# it under the terms of the GNU Affero General Public License as published
+# by the Free Software Foundation, either version 3 of the License, or
+# (at your option) any later version.
+#
+# orgasm is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+# GNU Affero General Public License for more details.
+#
+# You should have received a copy of the GNU Affero General Public License
+# along with orgasm. If not, see <http://www.gnu.org/licenses/>.
+#++
+
+class String
+  alias to_byte ord
+end

data/lib/orgasm/common/instruction.rb

@@ -0,0 +1,37 @@
+#--
+# Copyleft meh. [http://meh.paranoid.pk | meh@paranoici.org]
+#
+# This file is part of orgasm.
+#
+# orgasm is free software: you can redistribute it and/or modify
+# it under the terms of the GNU Affero General Public License as published
+# by the Free Software Foundation, either version 3 of the License, or
+# (at your option) any later version.
+#
+# orgasm is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+# GNU Affero General Public License for more details.
+#
+# You should have received a copy of the GNU Affero General Public License
+# along with orgasm. If not, see <http://www.gnu.org/licenses/>.
+#++
+
+module Orgasm
+
+class Instruction
+  attr_reader :name, :parameters
+
+  def initialize (name, *parameters)
+    @name       = name.to_sym
+    @parameters = parameters.to_a
+
+    yield self if block_given?
+  end
+
+  def to_s
+    "#{name.to_s.upcase} #{parameters.join(', ')}"
+  end
+end
+
+end

data/lib/orgasm/common/register.rb

@@ -0,0 +1,37 @@
+#--
+# Copyleft meh. [http://meh.paranoid.pk | meh@paranoici.org]
+#
+# This file is part of orgasm.
+#
+# orgasm is free software: you can redistribute it and/or modify
+# it under the terms of the GNU Affero General Public License as published
+# by the Free Software Foundation, either version 3 of the License, or
+# (at your option) any later version.
+#
+# orgasm is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+# GNU Affero General Public License for more details.
+#
+# You should have received a copy of the GNU Affero General Public License
+# along with orgasm. If not, see <http://www.gnu.org/licenses/>.
+#++
+
+module Orgasm
+
+class Register
+  attr_reader :name, :size
+
+  def initialize (name, size)
+    @name = name.to_sym
+    @size = size.to_i
+
+    yield self if block_given?
+  end
+
+  def to_s
+    name.to_s.upcase
+  end
+end
+
+end

data/lib/orgasm/common/unknown.rb

@@ -0,0 +1,34 @@
+#--
+# Copyleft meh. [http://meh.paranoid.pk | meh@paranoici.org]
+#
+# This file is part of orgasm.
+#
+# orgasm is free software: you can redistribute it and/or modify
+# it under the terms of the GNU Affero General Public License as published
+# by the Free Software Foundation, either version 3 of the License, or
+# (at your option) any later version.
+#
+# orgasm is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+# GNU Affero General Public License for more details.
+#
+# You should have received a copy of the GNU Affero General Public License
+# along with orgasm. If not, see <http://www.gnu.org/licenses/>.
+#++
+
+module Orgasm
+
+class Unknown
+  def initialize (size)
+    @size = size.to_i
+
+    yield self if block_given?
+  end
+
+  def to_i
+    @size
+  end
+end
+
+end

data/lib/orgasm/common.rb

@@ -0,0 +1,36 @@
+#--
+# Copyleft meh. [http://meh.paranoid.pk | meh@paranoici.org]
+#
+# This file is part of orgasm.
+#
+# orgasm is free software: you can redistribute it and/or modify
+# it under the terms of the GNU Affero General Public License as published
+# by the Free Software Foundation, either version 3 of the License, or
+# (at your option) any later version.
+#
+# orgasm is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+# GNU Affero General Public License for more details.
+#
+# You should have received a copy of the GNU Affero General Public License
+# along with orgasm. If not, see <http://www.gnu.org/licenses/>.
+#++
+
+require 'orgasm/common/extensions'
+
+require 'orgasm/common/unknown'
+require 'orgasm/common/instruction'
+require 'orgasm/common/address'
+require 'orgasm/common/register'
+require 'orgasm/common/constant'
+
+module Orgasm
+
+def self.object? (value)
+  [Unknown, Instruction, Address, Register, Constant].any? {|klass|
+    value.is_a?(klass)
+  } && value
+end
+
+end

data/lib/orgasm/disassembler/decoder.rb

@@ -0,0 +1,127 @@
+#--
+# Copyleft meh. [http://meh.paranoid.pk | meh@paranoici.org]
+#
+# This file is part of orgasm.
+#
+# orgasm is free software: you can redistribute it and/or modify
+# it under the terms of the GNU Affero General Public License as published
+# by the Free Software Foundation, either version 3 of the License, or
+# (at your option) any later version.
+#
+# orgasm is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+# GNU Affero General Public License for more details.
+#
+# You should have received a copy of the GNU Affero General Public License
+# along with orgasm. If not, see <http://www.gnu.org/licenses/>.
+#++
+
+module Orgasm; class Disassembler
+
+class Decoder
+  def initialize (*args, &block)
+    @args  = args
+    @block = block
+  end
+
+  def with (io)
+    @io = io
+    self
+  end
+
+  def decode
+    return unless @io
+
+    return unless @args.any? {|arg|
+      matches(arg)
+    }
+
+    catch(:result) {
+      instance_eval &@block
+    }
+  end
+
+  def matches (what)
+    return false unless @io
+
+    where, result = @io.tell, if what.is_a?(Regexp)
+      !!@io.read.match(what)
+    else
+      what = what.to_s
+      @io.read(what.length) == what
+    end
+
+    @io.seek where
+
+    result
+  end
+
+  def on (*args, &block)
+    return unless @io
+
+    return unless args.any? {|arg|
+      matches(arg)
+    }
+
+    result = instance_eval &block
+
+    if Orgasm.object?(result)
+      throw :result, result
+    end
+
+    result
+  end
+
+  def seek (amount, whence=IO::SEEK_CUR, &block)
+    return unless @io
+
+    if block
+      where, = @io.tell, @io.seek(amount, whence)
+
+      result = instance_eval &block
+
+      if Orgasm.object?(result)
+        throw :result, result
+      end
+
+      @io.seek(where)
+
+      result
+    else
+      @io.seek(amount, whence)
+    end
+  end
+
+  def read (amount, &block)
+    return unless @io
+
+    if block
+      data = @io.read(amount)
+
+      if data.nil? or data.length != amount
+        raise RuntimeError, 'The stream has not enough data :('
+      end
+
+      result = instance_exec data, &block
+
+      if Orgasm.object?(result)
+        throw :result, result
+      end
+
+      seek -amount
+
+      result
+    else
+      @io.read(amount)
+    end
+  end
+
+  def lookahead (amount)
+    read(amount) do |data|
+      data
+    end
+  end
+end
+
+end; end

data/lib/orgasm/disassembler.rb

@@ -0,0 +1,79 @@
+#--
+# Copyleft meh. [http://meh.paranoid.pk | meh@paranoici.org]
+#
+# This file is part of orgasm.
+#
+# orgasm is free software: you can redistribute it and/or modify
+# it under the terms of the GNU Affero General Public License as published
+# by the Free Software Foundation, either version 3 of the License, or
+# (at your option) any later version.
+#
+# orgasm is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+# GNU Affero General Public License for more details.
+#
+# You should have received a copy of the GNU Affero General Public License
+# along with orgasm. If not, see <http://www.gnu.org/licenses/>.
+#++
+
+require 'orgasm/common'
+require 'orgasm/disassembler/decoder'
+
+module Orgasm
+
+class Disassembler
+  @@archs = {}
+
+  def self.for (arch, &block)
+    if block
+      @@archs[arch] = self.new(arch, &block)
+    else
+      @@archs[arch]
+    end
+  end
+
+  attr_reader :architecture
+
+  alias arch architecture
+
+  def initialize (architecture, &block)
+    @architecture = architecture
+    @decoders     = []
+
+    instance_eval(&block)
+  end
+
+  def disassemble (io)
+    if io.is_a?(String)
+      require 'stringio'
+
+      io = StringIO.new(io)
+    end
+
+    result = []
+
+    until io.eof?
+      where = io.tell
+
+      @decoders.each {|decoder|
+        if tmp = Orgasm.object?(decoder.with(io).decode)
+          result << tmp
+          break
+        end
+      }
+
+      if where == io.tell
+        raise RuntimeError, 'No input was read, something is wrong with the decoders'
+      end
+    end
+
+    result.flatten.compact
+  end
+
+  def on (*args, &block)
+    @decoders << Decoder.new(*args, &block)
+  end
+end
+
+end

data/lib/orgasm/format/elf.rb

@@ -0,0 +1,28 @@
+#--
+# Copyleft meh. [http://meh.paranoid.pk | meh@paranoici.org]
+#
+# This file is part of orgasm.
+#
+# orgasm is free software: you can redistribute it and/or modify
+# it under the terms of the GNU Affero General Public License as published
+# by the Free Software Foundation, either version 3 of the License, or
+# (at your option) any later version.
+#
+# orgasm is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+# GNU Affero General Public License for more details.
+#
+# You should have received a copy of the GNU Affero General Public License
+# along with orgasm. If not, see <http://www.gnu.org/licenses/>.
+#++
+
+module Orgasm; class Format
+
+class ELF < Format
+  def initialize (path)
+    super(:elf, path)
+  end
+end
+
+end; end

data/lib/orgasm/format/pe.rb

@@ -0,0 +1,28 @@
+#--
+# Copyleft meh. [http://meh.paranoid.pk | meh@paranoici.org]
+#
+# This file is part of orgasm.
+#
+# orgasm is free software: you can redistribute it and/or modify
+# it under the terms of the GNU Affero General Public License as published
+# by the Free Software Foundation, either version 3 of the License, or
+# (at your option) any later version.
+#
+# orgasm is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+# GNU Affero General Public License for more details.
+#
+# You should have received a copy of the GNU Affero General Public License
+# along with orgasm. If not, see <http://www.gnu.org/licenses/>.
+#++
+
+module Orgasm; class Format
+
+class ELF < Format
+  def initialize (path)
+    super(:pe, path)
+  end
+end
+
+end; end

data/lib/orgasm/format.rb

@@ -0,0 +1,34 @@
+#--
+# Copyleft meh. [http://meh.paranoid.pk | meh@paranoici.org]
+#
+# This file is part of orgasm.
+#
+# orgasm is free software: you can redistribute it and/or modify
+# it under the terms of the GNU Affero General Public License as published
+# by the Free Software Foundation, either version 3 of the License, or
+# (at your option) any later version.
+#
+# orgasm is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+# GNU Affero General Public License for more details.
+#
+# You should have received a copy of the GNU Affero General Public License
+# along with orgasm. If not, see <http://www.gnu.org/licenses/>.
+#++
+
+require 'orgasm/format/elf'
+require 'orgasm/format/pe'
+
+module Orgasm
+
+class Format
+  attr_reader :name, :path
+
+  def initialize (name, path)
+    @name = name.to_sym
+    @path = path
+  end
+end
+
+end

data/lib/orgasm/style.rb

@@ -0,0 +1,19 @@
+#--
+# Copyleft meh. [http://meh.paranoid.pk | meh@paranoici.org]
+#
+# This file is part of orgasm.
+#
+# orgasm is free software: you can redistribute it and/or modify
+# it under the terms of the GNU Affero General Public License as published
+# by the Free Software Foundation, either version 3 of the License, or
+# (at your option) any later version.
+#
+# orgasm is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+# GNU Affero General Public License for more details.
+#
+# You should have received a copy of the GNU Affero General Public License
+# along with orgasm. If not, see <http://www.gnu.org/licenses/>.
+#++
+

data/lib/orgasm/version.rb

@@ -19,6 +19,6 @@
 
 module Orgasm
   def self.version
-    '0.0.1a1'
+    '0.0.1a2'
   end
 end

metadata

@@ -2,7 +2,7 @@
 name: orgasm
 version: !ruby/object:Gem::Version 
   prerelease: 5
-  version: 0.0.1a1
+  version: 0.0.1a2
 platform: ruby
 authors: 
 - meh.
@@ -10,7 +10,7 @@ autorequire:
 bindir: bin
 cert_chain: []
 
-date: 2011-07-19 00:00:00 Z
+date: 2011-07-20 00:00:00 Z
 dependencies: []
 
 description: 
@@ -22,10 +22,25 @@ extensions: []
 extra_rdoc_files: []
 
 files: 
+- lib/orgasm/format/elf.rb
+- lib/orgasm/format/pe.rb
+- lib/orgasm/arch/i386/disassembler.rb
+- lib/orgasm/assembler.rb
 - lib/orgasm/version.rb
+- lib/orgasm/common/register.rb
+- lib/orgasm/common/unknown.rb
+- lib/orgasm/common/address.rb
+- lib/orgasm/common/extensions.rb
+- lib/orgasm/common/constant.rb
+- lib/orgasm/common/instruction.rb
+- lib/orgasm/style.rb
+- lib/orgasm/disassembler.rb
+- lib/orgasm/disassembler/decoder.rb
+- lib/orgasm/format.rb
+- lib/orgasm/common.rb
 - lib/orgasm.rb
 - bin/disorgasm
-homepage: http://github.com/meh/refr
+homepage: http://github.com/meh/orgasm
 licenses: []
 
 post_install_message: 
@@ -51,6 +66,6 @@ rubyforge_project:
 rubygems_version: 1.8.5
 signing_key: 
 specification_version: 3
-summary: A Ruby dissassembler library.
+summary: A Ruby (dis)?assembler library.
 test_files: []