How to use the unicorn.UC_MODE_32 function in unicorn

To help you get started, we’ve selected a few unicorn examples, based on popular ways it is used in public projects.

Secure your code as it's written. Use Snyk Code to scan source code in minutes - no build needed - and fix issues immediately.

github unicorn-engine / unicorn / tests / regress / hook_add_crash.py View on Github external
#!/usr/bin/env python

"""https://github.com/unicorn-engine/unicorn/issues/165"""

import unicorn

def hook_mem_read_unmapped(mu, access, address, size, value, user_data):
    pass

mu = unicorn.Uc(unicorn.UC_ARCH_X86, unicorn.UC_MODE_32)

try:
    for x in range(0, 1000):
        mu.hook_add(unicorn.UC_HOOK_MEM_READ_UNMAPPED, hook_mem_read_unmapped, None)
except unicorn.UcError as e:
    print("ERROR: %s" % e)
github iGio90 / Dwarf / lib / emulator.py View on Github external
def setup_x86(self):
        self.uc = unicorn.Uc(unicorn.UC_ARCH_X86, unicorn.UC_MODE_32)
        self.cs = Cs(CS_ARCH_X86, CS_MODE_32)
github williballenthin / python-vb / vb / analyzer.py View on Github external
def create_emulator():
    '''
    create an emulator using some standard options.
    '''
    return unicorn.Uc(unicorn.UC_ARCH_X86, unicorn.UC_MODE_32)
github hugsy / cemu / cemu / utils.py View on Github external
def get_arch_mode(lib, a):
    arch = mode = endian = None

    # x86
    if is_x86_16(a):
        if lib=="keystone":      arch, mode, endian = keystone.KS_ARCH_X86, keystone.KS_MODE_16, keystone.KS_MODE_LITTLE_ENDIAN
        elif lib=="capstone":    arch, mode, endian = capstone.CS_ARCH_X86, capstone.CS_MODE_16, capstone.CS_MODE_LITTLE_ENDIAN
        else:                    arch, mode, endian = unicorn.UC_ARCH_X86, unicorn.UC_MODE_16, unicorn.UC_MODE_LITTLE_ENDIAN

    elif is_x86_32(a):
        if lib=="keystone":     arch, mode, endian = keystone.KS_ARCH_X86, keystone.KS_MODE_32, keystone.KS_MODE_LITTLE_ENDIAN
        elif lib=="capstone":   arch, mode, endian = capstone.CS_ARCH_X86, capstone.CS_MODE_32, capstone.CS_MODE_LITTLE_ENDIAN
        else:                   arch, mode, endian = unicorn.UC_ARCH_X86, unicorn.UC_MODE_32, unicorn.UC_MODE_LITTLE_ENDIAN

    elif is_x86_64(a):
        if lib=="keystone":     arch, mode, endian = keystone.KS_ARCH_X86, keystone.KS_MODE_64, keystone.KS_MODE_LITTLE_ENDIAN
        elif lib=="capstone":   arch, mode, endian = capstone.CS_ARCH_X86, capstone.CS_MODE_64, capstone.CS_MODE_LITTLE_ENDIAN
        else:                   arch, mode, endian = unicorn.UC_ARCH_X86, unicorn.UC_MODE_64, unicorn.UC_MODE_LITTLE_ENDIAN

    # arm
    elif is_arm(a):
        if lib=="keystone":     arch, mode, endian = keystone.KS_ARCH_ARM, keystone.KS_MODE_ARM, keystone.KS_MODE_LITTLE_ENDIAN
        elif lib=="capstone":   arch, mode, endian = capstone.CS_ARCH_ARM, capstone.CS_MODE_ARM, capstone.CS_MODE_LITTLE_ENDIAN
        else:                   arch, mode, endian = unicorn.UC_ARCH_ARM, unicorn.UC_MODE_ARM, unicorn.UC_MODE_LITTLE_ENDIAN
    elif is_arm_thumb(a):
        if lib=="keystone":     arch, mode, endian = keystone.KS_ARCH_ARM, keystone.KS_MODE_THUMB, keystone.KS_MODE_LITTLE_ENDIAN
        elif lib=="capstone":   arch, mode, endian = capstone.CS_ARCH_ARM, capstone.CS_MODE_THUMB, capstone.CS_MODE_LITTLE_ENDIAN
        else:                   arch, mode, endian = unicorn.UC_ARCH_ARM, unicorn.UC_MODE_THUMB, unicorn.UC_MODE_LITTLE_ENDIAN
github bx / bootloader_instrumentation_suite / fiddle_gdb / unicorn_trace.py View on Github external
def __init__(self):
        Emulator.__init__(self, "X86",
                          unicorn.UC_ARCH_X86, unicorn.UC_MODE_32,
                          "eip",
                          32,
                          ["esp", "eip", "gs", "fs", "ds"
                           ])
        # "ss", "cs", "ds", "es",

        self.syscall_regnames = ["edi", "esi", "ecx", "edx",
                                 "ebx", "eax", "ebp", "esp"]
        self.stackbot = "ebp"
        self.stacktop = "esp"
github Ledger-Donjon / rainbow / rainbow / generics / x86.py View on Github external
def __init__(self, trace=True, sca_mode=False, local_vars={}):
        super().__init__(trace, sca_mode)
        self.emu = uc.Uc(uc.UC_ARCH_X86, uc.UC_MODE_32)
        self.disasm = cs.Cs(cs.CS_ARCH_X86, cs.CS_MODE_32)
        self.disasm.detail = True
        self.word_size = 4
        self.endianness = "little"
        self.page_size = self.emu.query(uc.UC_QUERY_PAGE_SIZE)
        self.page_shift = self.page_size.bit_length() - 1
        self.pc = uc.x86_const.UC_X86_REG_EIP

        known_regs = [i[len('UC_X86_REG_'):] for i in dir(uc.x86_const) if '_REG' in i]
        self.reg_map = {r.lower(): getattr(uc.x86_const, 'UC_X86_REG_'+r) for r in known_regs}

        self.stubbed_functions = local_vars
        self.setup(sca_mode)

        self.reset_stack()
github unicorn-engine / unicorn / regress / emu_stop_segfault.py View on Github external
def runTest(self):
        ADDR = 0x10101000
        mu = unicorn.Uc(unicorn.UC_ARCH_X86, unicorn.UC_MODE_32)
        mu.mem_map(ADDR, 1024 * 4)
        mu.mem_write(ADDR, b'\x41')
        mu.emu_start(ADDR, ADDR + 1, count=1)
        # The following should not trigger a null pointer dereference
        self.assertEqual(None, mu.emu_stop())
github smuniz / pimp_my_ride / pimp_my_ride.py View on Github external
cs_arch = cs.CS_ARCH_ARM
            cs_mode = cs.CS_MODE_ARM

        elif architecture == "AArch64":
            cur_arch = uc.UC_ARCH_ARM64
            cur_mode = uc.UC_MODE_ARM

            cs_arch = cs.CS_ARCH_ARM64
            cs_mode = cs.CS_MODE_ARM

        elif architecture == "x86":
            cur_arch = uc.UC_ARCH_X86
            cs_arch = cs.CS_ARCH_X86

            if bits == 32:
                cur_mode = uc.UC_MODE_32
                cs_mode = cs.CS_MODE_32
            elif bits == 16:
                cur_mode = uc.UC_MODE_16
                cs_mode = cs.CS_MODE_16
            else:
                raise PimpMyRideException("Unknown %dbit for x86 architecture" % bits)

        elif architecture == "x64":
            cur_arch = uc.UC_ARCH_X86
            cur_mode = uc.UC_MODE_64

            cs_arch = cs.CS_ARCH_X86
            cs_mode = cs.CS_MODE_64

        else:
            raise PimpMyRideException(