Comments (14)
Just wanted to let you know that my simple use for this seems to work. I wrapped pretty much all of the outputs with verbose tests and fiddled around with returning instead of termination/console spawning but it wasn't bad at all.
I initialize once and then re-use it to load chunks and get my value.
fn init_emu() -> Emu {
let map_path = PathBuf::from("./src/client_commands/emu/maps64")
.as_os_str()
.to_str()
.unwrap()
.to_string();
let mut emu = Emu::new();
let mut cfg = emu::Config::new();
cfg.maps_folder = map_path;
cfg.is_64bits = true;
emu.set_config(cfg);
emu.init();
emu
}
fn get_code(
emu: &mut Emu,
code_bytes: &[u8],
start_addr: u64,
stop_addr: u64,
) -> Result<u32, Box<dyn std::error::Error>> {
emu.cfg.code_base_addr = start_addr;
emu.cfg.entry_point = start_addr;
emu.cfg.console_addr = stop_addr;
emu.regs.clear::<64>();
emu.load_code_bytes(code_bytes);
emu.run();
let code: u32 = emu.regs.get_r8d().try_into()?;
Ok(code)
}
from scemu.
Hello Thell, looks really interesting this would allow the people do their implementations, I thought about doing a scripting language for automating the binary analysis, but for now I'm busy implementing more API, and windows internals, and I also have to implement 64bits PE loading.
I'm focused on using this for malware analysis mainly, the most automatically possible, but for sure can be used for other purposes and also can be forked to do cool modifications.
from scemu.
I adapted the code a bit for being used programatically. People can modify the main.rs and emulate specific malware functions.
I managed to generate the crypto-key of Xloader malware with a program using scemu :)
from scemu.
Cool! I'll have to take a look at that.
And this reminds me that one other thing I ended up doing while using scemu as a lib was to make the maps embed into the executable so it'd be usable without install dependencies. I used RustEmbed
and it worked nicely. Since only the x64 was needed I used...
use rust_embed::RustEmbed;
#[derive(RustEmbed)]
#[folder = "src/client_commands/emu/maps64"]
struct EmuAsset;
from scemu.
from scemu.
I have the lib in local ok passing tests for 32bits and 64bits with the embedding thing working ok.
Im going to publish it soon.
from scemu.
crates.io don't allow that size, probably because of the maps.
"the remote server responded with an error: max upload size is: 10485760"
from scemu.
To use the lib, the developer will have to download the maps from a github release maps32.zip and maps64.zip and put them on specific place.
Is the unique solution i see :/
from scemu.
https://crates.io/crates/libscemu
from scemu.
Could the embed be compressed?
from scemu.
yes i could embed just two zips and decompress from rust, but it would make slower the initialization. And not sure if fits the size allowed on crates.io
from scemu.
btw there is a bug in github and all my commits appear like the user wit00 by error, when github will solve the ticket i will publish the code of the lib.
from scemu.
https://github.com/sha0coder/libscemu
from scemu.
🥳 Looking forward to trying it out!
I guess we can close this now... woot!
from scemu.
Related Issues (20)
- thread 'main' panicked at 'cannot found the library WINSPOOL.DRV on maps32/', src/emu/pe32.rs:848:17 HOT 1
- TLS callbacks not being executed HOT 18
- not implemented: unimplemented register SPL HOT 3
- fix ROR ROl, RCL RCR HOT 14
- fix neg64 + neg32 + sar + rep movsb HOT 46
- error: invalid asm template modifier for this register class HOT 2
- bswap not calling pre/post op diff HOT 1
- detect if we are piping to a file and do not pop console if so at end HOT 7
- bswap r9w (undefined behavior/bad operand) needs to always be 0x00 HOT 34
- pull libscemu into scemu HOT 8
- cdq in 64-bit mode broken for 32-bit registers HOT 28
- shrd ax, sp, D4 broken HOT 2
- lahf broken HOT 16
- btc rax, 24 broken HOT 1
- rdtsc (read timestamp counter) broken HOT 4
- shr setting f_zf when it shouldn't? HOT 9
- bsf (bit scan forward) broken HOT 12
- rol incorrectly setting f_zf 1 -> 0 HOT 1
- Error in make process HOT 3
- Linux User Mode Adventure HOT 2
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from scemu.