1
0
mirror of https://github.com/bitdefender/bddisasm.git synced 2024-11-22 07:28:07 +00:00

Improve bddisasm and bdshemu test scripts.

This commit is contained in:
Andrei KISARI 2024-09-16 12:47:03 +03:00
parent 767bf2e5c0
commit d8f3046391
344 changed files with 96349 additions and 6151 deletions

View File

@ -1,12 +0,0 @@
# Disassembler Tests
These tests are used to validate bddisasm. Each test consists of up to three files:
* The binary test file. The name format for this type of file is `name_16|32|64.test`. 16/32/64 indicates disassembly mode
* The output result file. Must be named the same as the binary test file, but with the extension .result
* Optional assembly file, used to generate the binary test file
The `test_all.py` script will iterate all the test folders, and it will run bddisasm on each identified test file.
The result file will be compared with the output of the test run. If they are not the same, the test will fail.
Note that bddisasm will be run with the `-exi` option, in order to dump all possible information about the instructions.
NOTE: This test will assume `disasm` is in the path.

709
bddisasm_test/conf-x86.json Normal file
View File

@ -0,0 +1,709 @@
[
{
"f_source": "x86/amx/amx1_64.asm",
"f_result": "x86/amx/amx1_64.result",
"f_test": "x86/amx/amx1_64.test",
"options": "-b64",
"command": "decode"
},
{
"f_source": "x86/apx/apx3_64.asm",
"f_result": "x86/apx/apx3_64.result",
"f_test": "x86/apx/apx3_64.test",
"options": "-b64",
"command": "decode"
},
{
"f_source": "x86/apx/rex2_bad_64_skip.asm",
"f_result": "x86/apx/rex2_bad_64_skip.result",
"f_test": "x86/apx/rex2_bad_64_skip.test",
"options": "-b64 -skip16",
"command": "decode"
},
{
"f_source": "x86/apx/rex2_valid_64.asm",
"f_result": "x86/apx/rex2_valid_64.result",
"f_test": "x86/apx/rex2_valid_64.test",
"options": "-b64",
"command": "decode"
},
{
"f_source": "x86/apx/apx1_64.asm",
"f_result": "x86/apx/apx1_64.result",
"f_test": "x86/apx/apx1_64.test",
"options": "-b64",
"command": "decode"
},
{
"f_source": "x86/apx/apx2_64.asm",
"f_result": "x86/apx/apx2_64.result",
"f_test": "x86/apx/apx2_64.test",
"options": "-b64",
"command": "decode"
},
{
"f_source": "x86/apx/evex_bad_64_skip.asm",
"f_result": "x86/apx/evex_bad_64_skip.result",
"f_test": "x86/apx/evex_bad_64_skip.test",
"options": "-b64 -skip16",
"command": "decode"
},
{
"f_source": "x86/avx/avx2_64.asm",
"f_result": "x86/avx/avx2_64.result",
"f_test": "x86/avx/avx2_64.test",
"options": "-b64",
"command": "decode"
},
{
"f_source": "x86/avx/avx2gather_64.asm",
"f_result": "x86/avx/avx2gather_64.result",
"f_test": "x86/avx/avx2gather_64.test",
"options": "-b64",
"command": "decode"
},
{
"f_source": "x86/avx/avx_64.asm",
"f_result": "x86/avx/avx_64.result",
"f_test": "x86/avx/avx_64.test",
"options": "-b64",
"command": "decode"
},
{
"f_source": "x86/avx/avxifma_64.asm",
"f_result": "x86/avx/avxifma_64.result",
"f_test": "x86/avx/avxifma_64.test",
"options": "-b64",
"command": "decode"
},
{
"f_source": "x86/avx/avxneconvert_64.asm",
"f_result": "x86/avx/avxneconvert_64.result",
"f_test": "x86/avx/avxneconvert_64.test",
"options": "-b64",
"command": "decode"
},
{
"f_source": "x86/avx/avxvnni_64.asm",
"f_result": "x86/avx/avxvnni_64.result",
"f_test": "x86/avx/avxvnni_64.test",
"options": "-b64",
"command": "decode"
},
{
"f_source": "x86/avx/avxvnniint16_64.asm",
"f_result": "x86/avx/avxvnniint16_64.result",
"f_test": "x86/avx/avxvnniint16_64.test",
"options": "-b64",
"command": "decode"
},
{
"f_source": "x86/avx/avxvnniint8_64.asm",
"f_result": "x86/avx/avxvnniint8_64.result",
"f_test": "x86/avx/avxvnniint8_64.test",
"options": "-b64",
"command": "decode"
},
{
"f_source": "x86/avx/f16c_64.asm",
"f_result": "x86/avx/f16c_64.result",
"f_test": "x86/avx/f16c_64.test",
"options": "-b64",
"command": "decode"
},
{
"f_source": "x86/avx/fma4_64.asm",
"f_result": "x86/avx/fma4_64.result",
"f_test": "x86/avx/fma4_64.test",
"options": "-b64",
"command": "decode"
},
{
"f_source": "x86/avx/fma_64.asm",
"f_result": "x86/avx/fma_64.result",
"f_test": "x86/avx/fma_64.test",
"options": "-b64",
"command": "decode"
},
{
"f_source": "x86/avx512/avx512bitalg_64.asm",
"f_result": "x86/avx512/avx512bitalg_64.result",
"f_test": "x86/avx512/avx512bitalg_64.test",
"options": "-b64",
"command": "decode"
},
{
"f_source": "x86/avx512/avx512bw_64.asm",
"f_result": "x86/avx512/avx512bw_64.result",
"f_test": "x86/avx512/avx512bw_64.test",
"options": "-b64",
"command": "decode"
},
{
"f_source": "x86/avx512/avx512cd_64.asm",
"f_result": "x86/avx512/avx512cd_64.result",
"f_test": "x86/avx512/avx512cd_64.test",
"options": "-b64",
"command": "decode"
},
{
"f_source": "x86/avx512/avx512dq_64.asm",
"f_result": "x86/avx512/avx512dq_64.result",
"f_test": "x86/avx512/avx512dq_64.test",
"options": "-b64",
"command": "decode"
},
{
"f_source": "x86/avx512/avx512er_64.asm",
"f_result": "x86/avx512/avx512er_64.result",
"f_test": "x86/avx512/avx512er_64.test",
"options": "-b64",
"command": "decode"
},
{
"f_source": "x86/avx512/avx512f_64.asm",
"f_result": "x86/avx512/avx512f_64.result",
"f_test": "x86/avx512/avx512f_64.test",
"options": "-b64",
"command": "decode"
},
{
"f_source": "x86/avx512/avx512fma_64.asm",
"f_result": "x86/avx512/avx512fma_64.result",
"f_test": "x86/avx512/avx512fma_64.test",
"options": "-b64",
"command": "decode"
},
{
"f_source": "x86/avx512/avx512fp16_32.asm",
"f_result": "x86/avx512/avx512fp16_32.result",
"f_test": "x86/avx512/avx512fp16_32.test",
"options": "-b32",
"command": "decode"
},
{
"f_source": "x86/avx512/avx512fp16_64.asm",
"f_result": "x86/avx512/avx512fp16_64.result",
"f_test": "x86/avx512/avx512fp16_64.test",
"options": "-b64",
"command": "decode"
},
{
"f_source": "x86/avx512/avx512pf_64.asm",
"f_result": "x86/avx512/avx512pf_64.result",
"f_test": "x86/avx512/avx512pf_64.test",
"options": "-b64",
"command": "decode"
},
{
"f_source": "x86/avx512/avx512vbmi_64.asm",
"f_result": "x86/avx512/avx512vbmi_64.result",
"f_test": "x86/avx512/avx512vbmi_64.test",
"options": "-b64",
"command": "decode"
},
{
"f_source": "x86/avx512/avx512vnni_64.asm",
"f_result": "x86/avx512/avx512vnni_64.result",
"f_test": "x86/avx512/avx512vnni_64.test",
"options": "-b64",
"command": "decode"
},
{
"f_source": "x86/basic/address_16.asm",
"f_result": "x86/basic/address_16.result",
"f_test": "x86/basic/address_16.test",
"options": "-b16",
"command": "decode"
},
{
"f_source": "x86/basic/address_32.asm",
"f_result": "x86/basic/address_32.result",
"f_test": "x86/basic/address_32.test",
"options": "-b32",
"command": "decode"
},
{
"f_source": "x86/basic/address_64.asm",
"f_result": "x86/basic/address_64.result",
"f_test": "x86/basic/address_64.test",
"options": "-b64",
"command": "decode"
},
{
"f_source": "x86/basic/aes_64.asm",
"f_result": "x86/basic/aes_64.result",
"f_test": "x86/basic/aes_64.test",
"options": "-b64",
"command": "decode"
},
{
"f_source": "x86/basic/basic1_64.asm",
"f_result": "x86/basic/basic1_64.result",
"f_test": "x86/basic/basic1_64.test",
"options": "-b64",
"command": "decode"
},
{
"f_source": "x86/basic/basic2_64.asm",
"f_result": "x86/basic/basic2_64.result",
"f_test": "x86/basic/basic2_64.test",
"options": "-b64",
"command": "decode"
},
{
"f_source": "x86/basic/bmi_64.asm",
"f_result": "x86/basic/bmi_64.result",
"f_test": "x86/basic/bmi_64.test",
"options": "-b64",
"command": "decode"
},
{
"f_source": "x86/basic/branch_16.asm",
"f_result": "x86/basic/branch_16.result",
"f_test": "x86/basic/branch_16.test",
"options": "-b16",
"command": "decode"
},
{
"f_source": "x86/basic/branch_32.asm",
"f_result": "x86/basic/branch_32.result",
"f_test": "x86/basic/branch_32.test",
"options": "-b32",
"command": "decode"
},
{
"f_source": "x86/basic/branch_64.asm",
"f_result": "x86/basic/branch_64.result",
"f_test": "x86/basic/branch_64.test",
"options": "-b64",
"command": "decode"
},
{
"f_source": "x86/basic/cet_64.asm",
"f_result": "x86/basic/cet_64.result",
"f_test": "x86/basic/cet_64.test",
"options": "-b64",
"command": "decode"
},
{
"f_source": "x86/basic/enqcmd_64.asm",
"f_result": "x86/basic/enqcmd_64.result",
"f_test": "x86/basic/enqcmd_64.test",
"options": "-b64",
"command": "decode"
},
{
"f_source": "x86/basic/fpu_64.asm",
"f_result": "x86/basic/fpu_64.result",
"f_test": "x86/basic/fpu_64.test",
"options": "-b64",
"command": "decode"
},
{
"f_source": "x86/basic/gfni_64.asm",
"f_result": "x86/basic/gfni_64.result",
"f_test": "x86/basic/gfni_64.test",
"options": "-b64",
"command": "decode"
},
{
"f_source": "x86/basic/invlpgb_64.asm",
"f_result": "x86/basic/invlpgb_64.result",
"f_test": "x86/basic/invlpgb_64.test",
"options": "-b64",
"command": "decode"
},
{
"f_source": "x86/basic/misc_16.asm",
"f_result": "x86/basic/misc_16.result",
"f_test": "x86/basic/misc_16.test",
"options": "-b16",
"command": "decode"
},
{
"f_source": "x86/basic/misc_32.asm",
"f_result": "x86/basic/misc_32.result",
"f_test": "x86/basic/misc_32.test",
"options": "-b32",
"command": "decode"
},
{
"f_source": "x86/basic/misc_64.asm",
"f_result": "x86/basic/misc_64.result",
"f_test": "x86/basic/misc_64.test",
"options": "-b64",
"command": "decode"
},
{
"f_source": "x86/basic/mpx_64.asm",
"f_result": "x86/basic/mpx_64.result",
"f_test": "x86/basic/mpx_64.test",
"options": "-b64",
"command": "decode"
},
{
"f_source": "x86/basic/prefixes_64.asm",
"f_result": "x86/basic/prefixes_64.result",
"f_test": "x86/basic/prefixes_64.test",
"options": "-b64",
"command": "decode"
},
{
"f_source": "x86/basic/sha_64.asm",
"f_result": "x86/basic/sha_64.result",
"f_test": "x86/basic/sha_64.test",
"options": "-b64",
"command": "decode"
},
{
"f_source": "x86/basic/stack_16.asm",
"f_result": "x86/basic/stack_16.result",
"f_test": "x86/basic/stack_16.test",
"options": "-b16",
"command": "decode"
},
{
"f_source": "x86/basic/stack_32.asm",
"f_result": "x86/basic/stack_32.result",
"f_test": "x86/basic/stack_32.test",
"options": "-b32",
"command": "decode"
},
{
"f_source": "x86/basic/stack_64.asm",
"f_result": "x86/basic/stack_64.result",
"f_test": "x86/basic/stack_64.test",
"options": "-b64",
"command": "decode"
},
{
"f_source": "x86/basic/svm_64.asm",
"f_result": "x86/basic/svm_64.result",
"f_test": "x86/basic/svm_64.test",
"options": "-b64",
"command": "decode"
},
{
"f_source": "x86/basic/system_16.asm",
"f_result": "x86/basic/system_16.result",
"f_test": "x86/basic/system_16.test",
"options": "-b16",
"command": "decode"
},
{
"f_source": "x86/basic/system_32.asm",
"f_result": "x86/basic/system_32.result",
"f_test": "x86/basic/system_32.test",
"options": "-b32",
"command": "decode"
},
{
"f_source": "x86/basic/system_64.asm",
"f_result": "x86/basic/system_64.result",
"f_test": "x86/basic/system_64.test",
"options": "-b64",
"command": "decode"
},
{
"f_source": "x86/basic/tsx_64.asm",
"f_result": "x86/basic/tsx_64.result",
"f_test": "x86/basic/tsx_64.test",
"options": "-b64",
"command": "decode"
},
{
"f_source": "x86/basic/vmx_64.asm",
"f_result": "x86/basic/vmx_64.result",
"f_test": "x86/basic/vmx_64.test",
"options": "-b64",
"command": "decode"
},
{
"f_source": "x86/basic/snp_64.asm",
"f_result": "x86/basic/snp_64.result",
"f_test": "x86/basic/snp_64.test",
"options": "-b64",
"command": "decode"
},
{
"f_source": "x86/cet/cet_32.asm",
"f_result": "x86/cet/cet_32.result",
"f_test": "x86/cet/cet_32.test",
"options": "-b32",
"command": "decode"
},
{
"f_source": "x86/cet/cet_64.asm",
"f_result": "x86/cet/cet_64.result",
"f_test": "x86/cet/cet_64.test",
"options": "-b64",
"command": "decode"
},
{
"f_source": "x86/cet/dnt_32.asm",
"f_result": "x86/cet/dnt_32.result",
"f_test": "x86/cet/dnt_32.test",
"options": "-b32",
"command": "decode"
},
{
"f_source": "x86/cet/dnt_64.asm",
"f_result": "x86/cet/dnt_64.result",
"f_test": "x86/cet/dnt_64.test",
"options": "-b64",
"command": "decode"
},
{
"f_source": "x86/cmpccxadd/cmpccxadd_64.asm",
"f_result": "x86/cmpccxadd/cmpccxadd_64.result",
"f_test": "x86/cmpccxadd/cmpccxadd_64.test",
"options": "-b64",
"command": "decode"
},
{
"f_source": "x86/fred/fred_64.asm",
"f_result": "x86/fred/fred_64.result",
"f_test": "x86/fred/fred_64.test",
"options": "-b64",
"command": "decode"
},
{
"f_source": "x86/kl/kl_64.asm",
"f_result": "x86/kl/kl_64.result",
"f_test": "x86/kl/kl_64.test",
"options": "-b64",
"command": "decode"
},
{
"f_source": "x86/msr/msr_64.asm",
"f_result": "x86/msr/msr_64.result",
"f_test": "x86/msr/msr_64.test",
"options": "-b64",
"command": "decode"
},
{
"f_source": "x86/prefetchit/prefetchit_32.asm",
"f_result": "x86/prefetchit/prefetchit_32.result",
"f_test": "x86/prefetchit/prefetchit_32.test",
"options": "-b32",
"command": "decode"
},
{
"f_source": "x86/prefetchit/prefetchit_64.asm",
"f_result": "x86/prefetchit/prefetchit_64.result",
"f_test": "x86/prefetchit/prefetchit_64.test",
"options": "-b64",
"command": "decode"
},
{
"f_source": "x86/rao-int/raoint_64.asm",
"f_result": "x86/rao-int/raoint_64.result",
"f_test": "x86/rao-int/raoint_64.test",
"options": "-b64",
"command": "decode"
},
{
"f_source": "x86/sha512/sha512_64.asm",
"f_result": "x86/sha512/sha512_64.result",
"f_test": "x86/sha512/sha512_64.test",
"options": "-b64",
"command": "decode"
},
{
"f_source": "x86/simd/3dnow_64.asm",
"f_result": "x86/simd/3dnow_64.result",
"f_test": "x86/simd/3dnow_64.test",
"options": "-b64",
"command": "decode"
},
{
"f_source": "x86/simd/mmx_64.asm",
"f_result": "x86/simd/mmx_64.result",
"f_test": "x86/simd/mmx_64.test",
"options": "-b64",
"command": "decode"
},
{
"f_source": "x86/simd/sse2_64.asm",
"f_result": "x86/simd/sse2_64.result",
"f_test": "x86/simd/sse2_64.test",
"options": "-b64",
"command": "decode"
},
{
"f_source": "x86/simd/sse3_64.asm",
"f_result": "x86/simd/sse3_64.result",
"f_test": "x86/simd/sse3_64.test",
"options": "-b64",
"command": "decode"
},
{
"f_source": "x86/simd/sse4_64.asm",
"f_result": "x86/simd/sse4_64.result",
"f_test": "x86/simd/sse4_64.test",
"options": "-b64",
"command": "decode"
},
{
"f_source": "x86/sm/sm_64.asm",
"f_result": "x86/sm/sm_64.result",
"f_test": "x86/sm/sm_64.test",
"options": "-b64",
"command": "decode"
},
{
"f_source": "x86/special/amx_64_skip.asm",
"f_result": "x86/special/amx_64_skip.result",
"f_test": "x86/special/amx_64_skip.test",
"options": "-b64 -skip16",
"command": "decode"
},
{
"f_source": "x86/special/avx2gather_1_64_skip.asm",
"f_result": "x86/special/avx2gather_1_64_skip.result",
"f_test": "x86/special/avx2gather_1_64_skip.test",
"options": "-b64 -skip16",
"command": "decode"
},
{
"f_source": "x86/special/avx2gather_2_64_skip.asm",
"f_result": "x86/special/avx2gather_2_64_skip.result",
"f_test": "x86/special/avx2gather_2_64_skip.test",
"options": "-b64 -skip16",
"command": "decode"
},
{
"f_source": "x86/special/avx2gather_3_64_skip.asm",
"f_result": "x86/special/avx2gather_3_64_skip.result",
"f_test": "x86/special/avx2gather_3_64_skip.test",
"options": "-b64 -skip16",
"command": "decode"
},
{
"f_source": "x86/special/cr8_32.asm",
"f_result": "x86/special/cr8_32.result",
"f_test": "x86/special/cr8_32.test",
"options": "-b32",
"command": "decode"
},
{
"f_source": "x86/special/ignorew_evex_32.asm",
"f_result": "x86/special/ignorew_evex_32.result",
"f_test": "x86/special/ignorew_evex_32.test",
"options": "-b32",
"command": "decode"
},
{
"f_source": "x86/special/ignorew_evex_64.asm",
"f_result": "x86/special/ignorew_evex_64.result",
"f_test": "x86/special/ignorew_evex_64.test",
"options": "-b64",
"command": "decode"
},
{
"f_source": "x86/special/invalid_32_skip.asm",
"f_result": "x86/special/invalid_32_skip.result",
"f_test": "x86/special/invalid_32_skip.test",
"options": "-b32 -skip16",
"command": "decode"
},
{
"f_source": "x86/special/invalid_64_skip.asm",
"f_result": "x86/special/invalid_64_skip.result",
"f_test": "x86/special/invalid_64_skip.test",
"options": "-b64 -skip16",
"command": "decode"
},
{
"f_source": "x86/special/long_64.asm",
"f_result": "x86/special/long_64.result",
"f_test": "x86/special/long_64.test",
"options": "-b64",
"command": "decode"
},
{
"f_source": "x86/special/movcrdr_64.asm",
"f_result": "x86/special/movcrdr_64.result",
"f_test": "x86/special/movcrdr_64.test",
"options": "-b64",
"command": "decode"
},
{
"f_source": "x86/special/only_32.asm",
"f_result": "x86/special/only_32.result",
"f_test": "x86/special/only_32.test",
"options": "-b32",
"command": "decode"
},
{
"f_source": "x86/special/only_64.asm",
"f_result": "x86/special/only_64.result",
"f_test": "x86/special/only_64.test",
"options": "-b64",
"command": "decode"
},
{
"f_source": "x86/special/regressions_32.asm",
"f_result": "x86/special/regressions_32.result",
"f_test": "x86/special/regressions_32.test",
"options": "-b32",
"command": "decode"
},
{
"f_source": "x86/special/regressions_64.asm",
"f_result": "x86/special/regressions_64.result",
"f_test": "x86/special/regressions_64.test",
"options": "-b64",
"command": "decode"
},
{
"f_source": "x86/special/invalid_evex_64_skip.asm",
"f_result": "x86/special/invalid_evex_64_skip.result",
"f_test": "x86/special/invalid_evex_64_skip.test",
"options": "-b64 -skip16",
"command": "decode"
},
{
"f_source": "x86/tdx/tdx_64.asm",
"f_result": "x86/tdx/tdx_64.result",
"f_test": "x86/tdx/tdx_64.test",
"options": "-b64",
"command": "decode"
},
{
"f_source": "x86/tse/tse_64.asm",
"f_result": "x86/tse/tse_64.result",
"f_test": "x86/tse/tse_64.test",
"options": "-b64",
"command": "decode"
},
{
"f_source": "x86/uintr/uintr_64.asm",
"f_result": "x86/uintr/uintr_64.result",
"f_test": "x86/uintr/uintr_64.test",
"options": "-b64",
"command": "decode"
},
{
"f_source": "x86/usermsr/rex2_valid_64.asm",
"f_result": "x86/usermsr/rex2_valid_64.result",
"f_test": "x86/usermsr/rex2_valid_64.test",
"options": "-b64",
"command": "decode"
},
{
"f_source": "x86/avx10/avx101_64.asm",
"f_result": "x86/avx10/avx101_64.result",
"f_test": "x86/avx10/avx101_64.test",
"options": "-b64",
"command": "decode"
},
{
"f_source": "x86/avx10/avx102_64.asm",
"f_result": "x86/avx10/avx102_64.result",
"f_test": "x86/avx10/avx102_64.test",
"options": "-b64",
"command": "decode"
}
]

View File

@ -1,141 +0,0 @@
#
# Copyright (c) 2020 Bitdefender
# SPDX-License-Identifier: Apache-2.0
#
import os
import sys
import glob
total_tests = 0
failed_tests = 0
def get_dict(ins):
d = {}
prefix = ""
# Remove lines that don't contain tokens.
lines = ins.split("\n")
# Main disassembly.
d["disasm"] = lines[0]
for line in lines[1:]:
tokens = line.split(",")
for t in tokens:
val = t.split(":")
if len(val) != 2:
continue
a = val[0].strip(" ")
b = val[1].strip(" ")
if a == "Operand":
prefix = "op%s_" % b
a = prefix + a
d[a] = b
return d
def compare_instruction(i1, i2):
x1 = get_dict(i1)
x2 = get_dict(i2)
for t in x1:
if not t in x2:
print(" ! ERROR: Token '%s', value '%s' missing from output!" % (t, x1[t]))
return False
if x1[t] != x2[t]:
print(" ! ERROR: Token '%s' value mismatch: expected '%s', got '%s'!" % (t, x1[t], x2[t]))
return False
for t in x2:
if not t in x1:
print(" ! WARNING: Extra token in result: '%s', value '%s'!" % (t, x2[t]))
return True
def compare_results(data1, data2):
ins1 = data1.split("\n\n")
ins2 = data2.split("\n\n")
if len(ins1) != len(ins2):
print(" ! Different number of instructions in output: expected %d, got %d!" % (len(ins1), len(ins2)))
return False
for i in range(0, len(ins1)):
if not compare_instruction(ins1[i], ins2[i]):
print(" ! ERROR: Instruction mismatch at %d!" % (i))
return False
return True
def test_dir(dir):
global total_tests
global failed_tests
for f in glob.glob('%s/*.test' % dir):
base, _ = os.path.splitext(f)
tst_file = f
res_file = base + '.result'
tmp_file = base + '.temp'
if 0 < f.find('_16'):
mod = '-b16'
elif 0 < f.find('_32'):
mod = '-b32'
else:
mod = '-b64'
if 0 < f.find('_r0'):
mod += ' -k'
if 0 < f.find('_skip'):
mod += ' -skip16'
print(' * Running test case %s...' % f)
os.system('disasm -exi %s -f %s >%s' % (mod, tst_file, tmp_file))
try:
res = open(res_file).read()
except:
print(' ! No result file provided for test %s!' % tst_file)
try:
tmp = open(tmp_file).read()
except:
print(' ! No result produced by test %s!' % tst_file)
total_tests += 1
if not compare_results(res, tmp):
print(' **** FAILED! ****')
failed_tests += 1
else:
print(' * Passed.')
# Cleanup.
os.remove(tmp_file)
def regenerate(dir):
for f in glob.glob('%s/*.test' % dir):
base, _ = os.path.splitext(f)
tst_file = f
res_file = base + '.result'
if 0 < f.find('_16'):
mod = '-b16'
elif 0 < f.find('_32'):
mod = '-b32'
else:
mod = '-b64'
if 0 < f.find('_r0'):
mod += ' -k'
if 0 < f.find('_skip'):
mod += ' -skip16'
print(' * Regenerating test case %s...' % tst_file)
os.system('disasm -exi %s -f %s >%s' % (mod, tst_file, res_file))
if __name__ == "__main__":
for dn in glob.glob("x86/*"):
if not os.path.isdir(dn):
continue
if "regenerate" in sys.argv:
print('Regenerating %s...' % dn)
regenerate(dn)
else:
print('Testing %s...' % dn)
test_dir(dn)
print("Ran %d tests, %d failed" % (total_tests, failed_tests))

File diff suppressed because it is too large Load Diff

Binary file not shown.

View File

@ -1,4 +1,4 @@
0000000000000000 626c7808fc1e AADD dword ptr [r22], r27d 0000000000000000 626c7c08fc1e AADD dword ptr [r22], r27d
DSIZE: 32, ASIZE: 64, VLEN: - DSIZE: 32, ASIZE: 64, VLEN: -
ISA Set: APX_F, Ins cat: RAO-INT, CET tracked: no ISA Set: APX_F, Ins cat: RAO-INT, CET tracked: no
CPUID leaf: 0x00000007, sub-leaf: 0x00000001, reg: edx, bit: 21 CPUID leaf: 0x00000007, sub-leaf: 0x00000001, reg: edx, bit: 21
@ -17,7 +17,7 @@
Segment: 3, Base: 22, Segment: 3, Base: 22,
Operand: 1, Acc: R-, Type: Register, Size: 4, RawSize: 4, Encoding: R, RegType: General Purpose, RegSize: 4, RegId: 27, RegCount: 1 Operand: 1, Acc: R-, Type: Register, Size: 4, RawSize: 4, Encoding: R, RegType: General Purpose, RegSize: 4, RegId: 27, RegCount: 1
0000000000000006 626cf808fc1e AADD qword ptr [r22], r27 0000000000000006 626cfc08fc1e AADD qword ptr [r22], r27
DSIZE: 64, ASIZE: 64, VLEN: - DSIZE: 64, ASIZE: 64, VLEN: -
ISA Set: APX_F, Ins cat: RAO-INT, CET tracked: no ISA Set: APX_F, Ins cat: RAO-INT, CET tracked: no
CPUID leaf: 0x00000007, sub-leaf: 0x00000001, reg: edx, bit: 21 CPUID leaf: 0x00000007, sub-leaf: 0x00000001, reg: edx, bit: 21
@ -36,7 +36,7 @@
Segment: 3, Base: 22, Segment: 3, Base: 22,
Operand: 1, Acc: R-, Type: Register, Size: 8, RawSize: 8, Encoding: R, RegType: General Purpose, RegSize: 8, RegId: 27, RegCount: 1 Operand: 1, Acc: R-, Type: Register, Size: 8, RawSize: 8, Encoding: R, RegType: General Purpose, RegSize: 8, RegId: 27, RegCount: 1
000000000000000C 626c7908fc1e AAND dword ptr [r22], r27d 000000000000000C 626c7d08fc1e AAND dword ptr [r22], r27d
DSIZE: 32, ASIZE: 64, VLEN: - DSIZE: 32, ASIZE: 64, VLEN: -
ISA Set: APX_F, Ins cat: RAO-INT, CET tracked: no ISA Set: APX_F, Ins cat: RAO-INT, CET tracked: no
CPUID leaf: 0x00000007, sub-leaf: 0x00000001, reg: edx, bit: 21 CPUID leaf: 0x00000007, sub-leaf: 0x00000001, reg: edx, bit: 21
@ -55,7 +55,7 @@
Segment: 3, Base: 22, Segment: 3, Base: 22,
Operand: 1, Acc: R-, Type: Register, Size: 4, RawSize: 4, Encoding: R, RegType: General Purpose, RegSize: 4, RegId: 27, RegCount: 1 Operand: 1, Acc: R-, Type: Register, Size: 4, RawSize: 4, Encoding: R, RegType: General Purpose, RegSize: 4, RegId: 27, RegCount: 1
0000000000000012 626cf908fc1e AAND qword ptr [r22], r27 0000000000000012 626cfd08fc1e AAND qword ptr [r22], r27
DSIZE: 64, ASIZE: 64, VLEN: - DSIZE: 64, ASIZE: 64, VLEN: -
ISA Set: APX_F, Ins cat: RAO-INT, CET tracked: no ISA Set: APX_F, Ins cat: RAO-INT, CET tracked: no
CPUID leaf: 0x00000007, sub-leaf: 0x00000001, reg: edx, bit: 21 CPUID leaf: 0x00000007, sub-leaf: 0x00000001, reg: edx, bit: 21
@ -74,7 +74,7 @@
Segment: 3, Base: 22, Segment: 3, Base: 22,
Operand: 1, Acc: R-, Type: Register, Size: 8, RawSize: 8, Encoding: R, RegType: General Purpose, RegSize: 8, RegId: 27, RegCount: 1 Operand: 1, Acc: R-, Type: Register, Size: 8, RawSize: 8, Encoding: R, RegType: General Purpose, RegSize: 8, RegId: 27, RegCount: 1
0000000000000018 626c7b08fc1e AOR dword ptr [r22], r27d 0000000000000018 626c7f08fc1e AOR dword ptr [r22], r27d
DSIZE: 32, ASIZE: 64, VLEN: - DSIZE: 32, ASIZE: 64, VLEN: -
ISA Set: APX_F, Ins cat: RAO-INT, CET tracked: no ISA Set: APX_F, Ins cat: RAO-INT, CET tracked: no
CPUID leaf: 0x00000007, sub-leaf: 0x00000001, reg: edx, bit: 21 CPUID leaf: 0x00000007, sub-leaf: 0x00000001, reg: edx, bit: 21
@ -93,7 +93,7 @@
Segment: 3, Base: 22, Segment: 3, Base: 22,
Operand: 1, Acc: R-, Type: Register, Size: 4, RawSize: 4, Encoding: R, RegType: General Purpose, RegSize: 4, RegId: 27, RegCount: 1 Operand: 1, Acc: R-, Type: Register, Size: 4, RawSize: 4, Encoding: R, RegType: General Purpose, RegSize: 4, RegId: 27, RegCount: 1
000000000000001E 626cfb08fc1e AOR qword ptr [r22], r27 000000000000001E 626cff08fc1e AOR qword ptr [r22], r27
DSIZE: 64, ASIZE: 64, VLEN: - DSIZE: 64, ASIZE: 64, VLEN: -
ISA Set: APX_F, Ins cat: RAO-INT, CET tracked: no ISA Set: APX_F, Ins cat: RAO-INT, CET tracked: no
CPUID leaf: 0x00000007, sub-leaf: 0x00000001, reg: edx, bit: 21 CPUID leaf: 0x00000007, sub-leaf: 0x00000001, reg: edx, bit: 21
@ -112,7 +112,7 @@
Segment: 3, Base: 22, Segment: 3, Base: 22,
Operand: 1, Acc: R-, Type: Register, Size: 8, RawSize: 8, Encoding: R, RegType: General Purpose, RegSize: 8, RegId: 27, RegCount: 1 Operand: 1, Acc: R-, Type: Register, Size: 8, RawSize: 8, Encoding: R, RegType: General Purpose, RegSize: 8, RegId: 27, RegCount: 1
0000000000000024 626c7a08fc1e AXOR dword ptr [r22], r27d 0000000000000024 626c7e08fc1e AXOR dword ptr [r22], r27d
DSIZE: 32, ASIZE: 64, VLEN: - DSIZE: 32, ASIZE: 64, VLEN: -
ISA Set: APX_F, Ins cat: RAO-INT, CET tracked: no ISA Set: APX_F, Ins cat: RAO-INT, CET tracked: no
CPUID leaf: 0x00000007, sub-leaf: 0x00000001, reg: edx, bit: 21 CPUID leaf: 0x00000007, sub-leaf: 0x00000001, reg: edx, bit: 21
@ -131,7 +131,7 @@
Segment: 3, Base: 22, Segment: 3, Base: 22,
Operand: 1, Acc: R-, Type: Register, Size: 4, RawSize: 4, Encoding: R, RegType: General Purpose, RegSize: 4, RegId: 27, RegCount: 1 Operand: 1, Acc: R-, Type: Register, Size: 4, RawSize: 4, Encoding: R, RegType: General Purpose, RegSize: 4, RegId: 27, RegCount: 1
000000000000002A 626cfa08fc1e AXOR qword ptr [r22], r27 000000000000002A 626cfe08fc1e AXOR qword ptr [r22], r27
DSIZE: 64, ASIZE: 64, VLEN: - DSIZE: 64, ASIZE: 64, VLEN: -
ISA Set: APX_F, Ins cat: RAO-INT, CET tracked: no ISA Set: APX_F, Ins cat: RAO-INT, CET tracked: no
CPUID leaf: 0x00000007, sub-leaf: 0x00000001, reg: edx, bit: 21 CPUID leaf: 0x00000007, sub-leaf: 0x00000001, reg: edx, bit: 21
@ -150,7 +150,7 @@
Segment: 3, Base: 22, Segment: 3, Base: 22,
Operand: 1, Acc: R-, Type: Register, Size: 8, RawSize: 8, Encoding: R, RegType: General Purpose, RegSize: 8, RegId: 27, RegCount: 1 Operand: 1, Acc: R-, Type: Register, Size: 8, RawSize: 8, Encoding: R, RegType: General Purpose, RegSize: 8, RegId: 27, RegCount: 1
0000000000000030 626c7b08f8de URDMSR r22, r27 0000000000000030 626c7f08f8de URDMSR r22, r27
DSIZE: 32, ASIZE: 64, VLEN: - DSIZE: 32, ASIZE: 64, VLEN: -
ISA Set: APX_F, Ins cat: USER_MSR, CET tracked: no ISA Set: APX_F, Ins cat: USER_MSR, CET tracked: no
CPUID leaf: 0x00000007, sub-leaf: 0x00000001, reg: edx, bit: 21 CPUID leaf: 0x00000007, sub-leaf: 0x00000001, reg: edx, bit: 21
@ -168,7 +168,7 @@
Operand: 0, Acc: -W, Type: Register, Size: 8, RawSize: 8, Encoding: M, RegType: General Purpose, RegSize: 8, RegId: 22, RegCount: 1 Operand: 0, Acc: -W, Type: Register, Size: 8, RawSize: 8, Encoding: M, RegType: General Purpose, RegSize: 8, RegId: 22, RegCount: 1
Operand: 1, Acc: R-, Type: Register, Size: 8, RawSize: 8, Encoding: R, RegType: General Purpose, RegSize: 8, RegId: 27, RegCount: 1 Operand: 1, Acc: R-, Type: Register, Size: 8, RawSize: 8, Encoding: R, RegType: General Purpose, RegSize: 8, RegId: 27, RegCount: 1
0000000000000036 62ff7b08f8c6bdbdbdbd URDMSR r22, 0xbdbdbdbd 0000000000000036 62ff7f08f8c6bdbdbdbd URDMSR r22, 0xbdbdbdbd
DSIZE: 32, ASIZE: 64, VLEN: - DSIZE: 32, ASIZE: 64, VLEN: -
ISA Set: APX_F, Ins cat: USER_MSR, CET tracked: no ISA Set: APX_F, Ins cat: USER_MSR, CET tracked: no
CPUID leaf: 0x00000007, sub-leaf: 0x00000001, reg: edx, bit: 21 CPUID leaf: 0x00000007, sub-leaf: 0x00000001, reg: edx, bit: 21
@ -186,7 +186,7 @@
Operand: 1, Acc: R-, Type: Immediate, Size: 4, RawSize: 4, Encoding: I Operand: 1, Acc: R-, Type: Immediate, Size: 4, RawSize: 4, Encoding: I
Operand: 2, Acc: R-, Type: Register, Size: 8, RawSize: 8, Encoding: E, RegType: Model Specific, RegSize: 8, RegId: 0xffffffff, RegCount: 1 Operand: 2, Acc: R-, Type: Register, Size: 8, RawSize: 8, Encoding: E, RegType: Model Specific, RegSize: 8, RegId: 0xffffffff, RegCount: 1
0000000000000040 626c7a08f8de UWRMSR r27, r22 0000000000000040 626c7e08f8de UWRMSR r27, r22
DSIZE: 32, ASIZE: 64, VLEN: - DSIZE: 32, ASIZE: 64, VLEN: -
ISA Set: APX_F, Ins cat: USER_MSR, CET tracked: no ISA Set: APX_F, Ins cat: USER_MSR, CET tracked: no
CPUID leaf: 0x00000007, sub-leaf: 0x00000001, reg: edx, bit: 21 CPUID leaf: 0x00000007, sub-leaf: 0x00000001, reg: edx, bit: 21
@ -204,7 +204,7 @@
Operand: 0, Acc: R-, Type: Register, Size: 8, RawSize: 8, Encoding: R, RegType: General Purpose, RegSize: 8, RegId: 27, RegCount: 1 Operand: 0, Acc: R-, Type: Register, Size: 8, RawSize: 8, Encoding: R, RegType: General Purpose, RegSize: 8, RegId: 27, RegCount: 1
Operand: 1, Acc: R-, Type: Register, Size: 8, RawSize: 8, Encoding: M, RegType: General Purpose, RegSize: 8, RegId: 22, RegCount: 1 Operand: 1, Acc: R-, Type: Register, Size: 8, RawSize: 8, Encoding: M, RegType: General Purpose, RegSize: 8, RegId: 22, RegCount: 1
0000000000000046 62ff7a08f8c6bdbdbdbd UWRMSR 0xbdbdbdbd, r22 0000000000000046 62ff7e08f8c6bdbdbdbd UWRMSR 0xbdbdbdbd, r22
DSIZE: 32, ASIZE: 64, VLEN: - DSIZE: 32, ASIZE: 64, VLEN: -
ISA Set: APX_F, Ins cat: USER_MSR, CET tracked: no ISA Set: APX_F, Ins cat: USER_MSR, CET tracked: no
CPUID leaf: 0x00000007, sub-leaf: 0x00000001, reg: edx, bit: 21 CPUID leaf: 0x00000007, sub-leaf: 0x00000001, reg: edx, bit: 21

View File

@ -1 +1 @@
blxüblřüblyüblůübl{üblűüblzüblúübl{řŢb˙{řĆ˝˝˝˝blzřŢb˙zřĆ˝˝˝˝ bl|<08>bl<62><08>bl}<08>bl<62><08>bl<08>bl<62><08>bl~<08>bl<62><08>bl<08><>b<EFBFBD><08>ƽ<EFBFBD><C6BD><EFBFBD>bl~<08><>b<EFBFBD>~<08>ƽ<EFBFBD><C6BD><EFBFBD>

View File

@ -10,7 +10,9 @@
db 0x62, 0x6C, 0x78, 0x09, 0x10, 0x1E, 0x90, 0x90, 0x90, 0x90, 0x90, 0x90, 0x90, 0x90, 0x90, 0x90, db 0x62, 0x6C, 0x78, 0x09, 0x10, 0x1E, 0x90, 0x90, 0x90, 0x90, 0x90, 0x90, 0x90, 0x90, 0x90, 0x90,
db 0x62, 0x6C, 0x78, 0x88, 0x10, 0x1E, 0x90, 0x90, 0x90, 0x90, 0x90, 0x90, 0x90, 0x90, 0x90, 0x90, db 0x62, 0x6C, 0x78, 0x88, 0x10, 0x1E, 0x90, 0x90, 0x90, 0x90, 0x90, 0x90, 0x90, 0x90, 0x90, 0x90,
; Invalid PUSH2 register (RSP). ; Invalid PUSH2 register (RSP).
db 0x62, 0x6C, 0x58, 0x18, 0xFF, 0xF4, 0x90, 0x90, 0x90, 0x90, 0x90, 0x90, 0x90, 0x90, 0x90, 0x90, db 0x62, 0x6C, 0x5C, 0x18, 0xFF, 0xF4, 0x90, 0x90, 0x90, 0x90, 0x90, 0x90, 0x90, 0x90, 0x90, 0x90,
; Invalid POP2 registers (same dest register, RAX). ; Invalid POP2 registers (same dest register, RAX).
db 0x62, 0x64, 0x78, 0x18, 0x8F, 0xC0, 0x90, 0x90, 0x90, 0x90, 0x90, 0x90, 0x90, 0x90, 0x90, 0x90, db 0x62, 0x64, 0x7C, 0x18, 0x8F, 0xC0, 0x90, 0x90, 0x90, 0x90, 0x90, 0x90, 0x90, 0x90, 0x90, 0x90,
; EVEX.U bit logical 0 (binary 1) with ModRM.Mod == 3
db 0x62, 0x6c, 0xf8, 0x08, 0x11, 0xde, 0x90, 0x90, 0x90, 0x90, 0x90, 0x90, 0x90, 0x90, 0x90, 0x90,

View File

@ -5,3 +5,4 @@
0000000000000040 62 db 0x62 (0x80000045) 0000000000000040 62 db 0x62 (0x80000045)
0000000000000050 62 db 0x62 (0x80000044) 0000000000000050 62 db 0x62 (0x80000044)
0000000000000060 62 db 0x62 (0x80000044) 0000000000000060 62 db 0x62 (0x80000044)
0000000000000070 62 db 0x62 (0x80000046)

View File

@ -0,0 +1,7 @@
bits 64
; VCVTPD2QQ zmm24, zmm31, {rd-sae}
db 0x62, 0x01, 0xfd, 0x38, 0x7b, 0xc7
; VCVTPD2QQ ymm24, ymm31, {rd-sae}
db 0x62, 0x01, 0xf9, 0x38, 0x7b, 0xc7

View File

@ -0,0 +1,38 @@
0000000000000000 6201fd387bc7 VCVTPD2QQ zmm24, zmm31, {rd-sae}
DSIZE: 64, ASIZE: 64, VLEN: 512
ISA Set: AVX512DQ, Ins cat: CONVERT, CET tracked: no
CPUID leaf: 0x00000007, sub-leaf: 0x00000000, reg: ebx, bit: 17
EVEX Tuple Type: Full
Exception class: EVEX, exception type: E2
Valid modes
R0: yes, R1: yes, R2: yes, R3: yes
Real: no, V8086: no, Prot: yes, Compat: yes, Long: yes
SMM on: yes, SMM off: yes, SGX on: yes, SGX off: yes, TSX on: yes, TSX off: yes
VMXRoot: yes, VMXNonRoot: yes, VMXRoot SEAM: yes, VMXNonRoot SEAM: yes, VMX off: yes
Valid prefixes
REP: no, REPcc: no, LOCK: no
HLE: no, XACQUIRE only: no, XRELEASE only: no
BND: no, BHINT: no, DNT: no
Operand: 0, Acc: -W, Type: Register, Size: 64, RawSize: 64, Encoding: R, RegType: Vector, RegSize: 64, RegId: 24, RegCount: 1
Operand: 1, Acc: R-, Type: Register, Size: 8, RawSize: 8, Encoding: A, RegType: Mask, RegSize: 8, RegId: 0, RegCount: 1
Operand: 2, Acc: R-, Type: Register, Size: 64, RawSize: 64, Encoding: M, RegType: Vector, RegSize: 64, RegId: 31, RegCount: 1
0000000000000006 6201f9387bc7 VCVTPD2QQ ymm24, ymm31, {rd-sae}
DSIZE: 64, ASIZE: 64, VLEN: 256
ISA Set: AVX512DQ, Ins cat: CONVERT, CET tracked: no
CPUID leaf: 0x00000007, sub-leaf: 0x00000000, reg: ebx, bit: 17
EVEX Tuple Type: Full
Exception class: EVEX, exception type: E2
Valid modes
R0: yes, R1: yes, R2: yes, R3: yes
Real: no, V8086: no, Prot: yes, Compat: yes, Long: yes
SMM on: yes, SMM off: yes, SGX on: yes, SGX off: yes, TSX on: yes, TSX off: yes
VMXRoot: yes, VMXNonRoot: yes, VMXRoot SEAM: yes, VMXNonRoot SEAM: yes, VMX off: yes
Valid prefixes
REP: no, REPcc: no, LOCK: no
HLE: no, XACQUIRE only: no, XRELEASE only: no
BND: no, BHINT: no, DNT: no
Operand: 0, Acc: -W, Type: Register, Size: 32, RawSize: 32, Encoding: R, RegType: Vector, RegSize: 32, RegId: 24, RegCount: 1
Operand: 1, Acc: R-, Type: Register, Size: 8, RawSize: 8, Encoding: A, RegType: Mask, RegSize: 8, RegId: 0, RegCount: 1
Operand: 2, Acc: R-, Type: Register, Size: 32, RawSize: 32, Encoding: M, RegType: Vector, RegSize: 32, RegId: 31, RegCount: 1

View File

@ -0,0 +1 @@
bύ8{Ηbω8{Η

File diff suppressed because it is too large Load Diff

File diff suppressed because one or more lines are too long

View File

@ -1,7 +1,8 @@
bits 64 bits 64
rmpadjust db 0xf3, 0x0f, 0x01, 0xfe ; rmpadjust
rmpupdate db 0xf2, 0x0f, 0x01, 0xfe ; rmpupdate
psmash db 0xf3, 0x0f, 0x01, 0xff ; psmash
pvalidate db 0xf2, 0x0f, 0x01, 0xff ; pvalidate
rmpquery db 0xf3, 0x0f, 0x01, 0xfd ; rmpquery
db 0xf2, 0x0f, 0x01, 0xfd ; rmpread

View File

@ -100,3 +100,23 @@
Operand: 3, Acc: RW, Type: Register, Size: 8, RawSize: 8, Encoding: S, RegType: General Purpose, RegSize: 8, RegId: 2, RegCount: 1 Operand: 3, Acc: RW, Type: Register, Size: 8, RawSize: 8, Encoding: S, RegType: General Purpose, RegSize: 8, RegId: 2, RegCount: 1
Operand: 4, Acc: -W, Type: Register, Size: 4, RawSize: 4, Encoding: S, RegType: Flags, RegSize: 4, RegId: 0, RegCount: 1 Operand: 4, Acc: -W, Type: Register, Size: 4, RawSize: 4, Encoding: S, RegType: Flags, RegSize: 4, RegId: 0, RegCount: 1
0000000000000014 f20f01fd RMPREAD
DSIZE: 32, ASIZE: 64, VLEN: -
ISA Set: SNP, Ins cat: SYSTEM, CET tracked: no
CPUID leaf: 0x8000001f, reg: eax, bit: 21
FLAGS access
PF: m, AF: m, ZF: m, SF: m, OF: m,
Valid modes
R0: yes, R1: no, R2: no, R3: no
Real: no, V8086: no, Prot: no, Compat: no, Long: yes
SMM on: yes, SMM off: yes, SGX on: no, SGX off: yes, TSX on: yes, TSX off: yes
VMXRoot: yes, VMXNonRoot: yes, VMXRoot SEAM: yes, VMXNonRoot SEAM: yes, VMX off: yes
Valid prefixes
REP: no, REPcc: no, LOCK: no
HLE: no, XACQUIRE only: no, XRELEASE only: no
BND: no, BHINT: no, DNT: no
Operand: 0, Acc: RW, Type: Register, Size: 8, RawSize: 8, Encoding: S, RegType: General Purpose, RegSize: 8, RegId: 0, RegCount: 1
Operand: 1, Acc: -W, Type: Memory, Size: 16, RawSize: 16, Encoding: S,
Segment: 3, Base: 1,
Operand: 2, Acc: -W, Type: Register, Size: 4, RawSize: 4, Encoding: S, RegType: Flags, RegSize: 4, RegId: 0, RegCount: 1

View File

@ -1 +1 @@
<EFBFBD><01><><01><><01><><01><><01> уютюуятяуэтэ

View File

@ -248,6 +248,9 @@
Operand: 3, Acc: RW, Type: Register, Size: 2, RawSize: 2, Encoding: S, RegType: General Purpose, RegSize: 2, RegId: 4, RegCount: 1 Operand: 3, Acc: RW, Type: Register, Size: 2, RawSize: 2, Encoding: S, RegType: General Purpose, RegSize: 2, RegId: 4, RegCount: 1
Operand: 4, Acc: -W, Type: Memory, Size: 2, RawSize: 2, Encoding: S, Stack: yes, Operand: 4, Acc: -W, Type: Memory, Size: 2, RawSize: 2, Encoding: S, Stack: yes,
Segment: 2, Base: 4, Segment: 2, Base: 4,
Operand: 5, Acc: RW, Type: Register, Size: 2, RawSize: 2, Encoding: S, RegType: General Purpose, RegSize: 2, RegId: 5, RegCount: 1
Operand: 6, Acc: R-, Type: Memory, Size: 2, RawSize: 2, Encoding: S,
Segment: 2, Base: 5,
000000000000002A c9 LEAVE 000000000000002A c9 LEAVE
DSIZE: 16, ASIZE: 16, VLEN: - DSIZE: 16, ASIZE: 16, VLEN: -

View File

@ -248,6 +248,9 @@
Operand: 3, Acc: RW, Type: Register, Size: 4, RawSize: 4, Encoding: S, RegType: General Purpose, RegSize: 4, RegId: 4, RegCount: 1 Operand: 3, Acc: RW, Type: Register, Size: 4, RawSize: 4, Encoding: S, RegType: General Purpose, RegSize: 4, RegId: 4, RegCount: 1
Operand: 4, Acc: -W, Type: Memory, Size: 4, RawSize: 4, Encoding: S, Stack: yes, Operand: 4, Acc: -W, Type: Memory, Size: 4, RawSize: 4, Encoding: S, Stack: yes,
Segment: 2, Base: 4, Segment: 2, Base: 4,
Operand: 5, Acc: RW, Type: Register, Size: 4, RawSize: 4, Encoding: S, RegType: General Purpose, RegSize: 4, RegId: 5, RegCount: 1
Operand: 6, Acc: R-, Type: Memory, Size: 4, RawSize: 4, Encoding: S,
Segment: 2, Base: 5,
000000000000002A c9 LEAVE 000000000000002A c9 LEAVE
DSIZE: 32, ASIZE: 32, VLEN: - DSIZE: 32, ASIZE: 32, VLEN: -

View File

@ -264,6 +264,9 @@
Operand: 3, Acc: RW, Type: Register, Size: 8, RawSize: 8, Encoding: S, RegType: General Purpose, RegSize: 8, RegId: 4, RegCount: 1 Operand: 3, Acc: RW, Type: Register, Size: 8, RawSize: 8, Encoding: S, RegType: General Purpose, RegSize: 8, RegId: 4, RegCount: 1
Operand: 4, Acc: -W, Type: Memory, Size: 8, RawSize: 8, Encoding: S, Stack: yes, Operand: 4, Acc: -W, Type: Memory, Size: 8, RawSize: 8, Encoding: S, Stack: yes,
Segment: 2, Base: 4, Segment: 2, Base: 4,
Operand: 5, Acc: RW, Type: Register, Size: 8, RawSize: 8, Encoding: S, RegType: General Purpose, RegSize: 8, RegId: 5, RegCount: 1
Operand: 6, Acc: R-, Type: Memory, Size: 8, RawSize: 8, Encoding: S,
Segment: 2, Base: 5,
000000000000002F c9 LEAVE 000000000000002F c9 LEAVE
DSIZE: 64, ASIZE: 64, VLEN: - DSIZE: 64, ASIZE: 64, VLEN: -

View File

@ -65,3 +65,15 @@
; EVEX.z set but EVEX.aaa == 0 ; EVEX.z set but EVEX.aaa == 0
db 0x62, 0xf3, 0xfd, 0xa8, 0x0b, 0xc9, 0x90, 0x90, 0x90, 0x90, 0x90, 0x90, 0x90, 0x90, 0x90, 0x90 db 0x62, 0xf3, 0xfd, 0xa8, 0x0b, 0xc9, 0x90, 0x90, 0x90, 0x90, 0x90, 0x90, 0x90, 0x90, 0x90, 0x90
; EVEX.u == 0, ModRM.Mod == reg, instruction is APX
db 0x62, 0x6c, 0x78, 0x08, 0x10, 0xde, 0x90, 0x90, 0x90, 0x90, 0x90, 0x90, 0x90, 0x90, 0x90, 0x90
; EVEX.u == 0, EVEX.b == 1, ModRM.Mod == mem, instruction is AVX with SAE support
db 0x62, 0x01, 0xf9, 0x18, 0x7a, 0x00, 0x90, 0x90, 0x90, 0x90, 0x90, 0x90, 0x90, 0x90, 0x90, 0x90
; EVEX.u == 0, EVEX.b == 0, ModRM.Mod == reg, instruction is AVX with SAE support
db 0x62, 0x01, 0xf9, 0x08, 0x7a, 0xc7, 0x90, 0x90, 0x90, 0x90, 0x90, 0x90, 0x90, 0x90, 0x90, 0x90
; EVEX.u == 0, EVEX.b == 0, ModRM.Mod == mem, instruction is AVX with SAE support
db 0x62, 0x01, 0xf9, 0x08, 0x7a, 0x00, 0x90, 0x90, 0x90, 0x90, 0x90, 0x90, 0x90, 0x90, 0x90, 0x90

View File

@ -20,3 +20,7 @@
0000000000000130 62 db 0x62 (0x80000037) 0000000000000130 62 db 0x62 (0x80000037)
0000000000000140 62 db 0x62 (0x80000038) 0000000000000140 62 db 0x62 (0x80000038)
0000000000000150 62 db 0x62 (0x80000038) 0000000000000150 62 db 0x62 (0x80000038)
0000000000000160 62 db 0x62 (0x80000046)
0000000000000170 62 db 0x62 (0x80000046)
0000000000000180 62 db 0x62 (0x80000046)
0000000000000190 62 db 0x62 (0x80000046)

View File

@ -1,11 +0,0 @@
# Shellcode Emulator Tests
These tests are used to validate basic bdshemu functionality. Each test consists of up to three files:
* The binary test file. The name format for this type of file is `name_32|64[_r0].test`. 32 indicates 32 bit test file, 64 indicates 64 bit test file, and r0 indicates kernel payload
* The output result file. Must be named the same as the binary test file, but with the extension .result
* Optional assembly file, used to generate the binary test file
The `test_all.py` script will iterate all the test folders, and it will run bdshemu on each identified test file.
The result file will be compared with the output of the test run. If they are not the same, the test will fail.
NOTE: This test will assume `disasm` is in the path. Works on Windows only.

709
bdshemu_test/conf-x86.json Normal file
View File

@ -0,0 +1,709 @@
[
{
"f_source": "x86/basic/test_32_callf1.asm",
"f_result": "x86/basic/test_32_callf1.result",
"f_test": "x86/basic/test_32_callf1.test",
"options": "-b32 -skipdecoded",
"command": "shemu"
},
{
"f_source": "x86/basic/test_32_callf2.asm",
"f_result": "x86/basic/test_32_callf2.result",
"f_test": "x86/basic/test_32_callf2.test",
"options": "-b32 -skipdecoded",
"command": "shemu"
},
{
"f_source": "x86/basic/test_32_iret.asm",
"f_result": "x86/basic/test_32_iret.result",
"f_test": "x86/basic/test_32_iret.test",
"options": "-b32 -skipdecoded",
"command": "shemu"
},
{
"f_source": "x86/basic/test_32_jmpf1.asm",
"f_result": "x86/basic/test_32_jmpf1.result",
"f_test": "x86/basic/test_32_jmpf1.test",
"options": "-b32 -skipdecoded",
"command": "shemu"
},
{
"f_source": "x86/basic/test_32_jmpf2.asm",
"f_result": "x86/basic/test_32_jmpf2.result",
"f_test": "x86/basic/test_32_jmpf2.test",
"options": "-b32 -skipdecoded",
"command": "shemu"
},
{
"f_source": "x86/basic/test_32_loadrip01.asm",
"f_result": "x86/basic/test_32_loadrip01.result",
"f_test": "x86/basic/test_32_loadrip01.test",
"options": "-b32 -skipdecoded",
"command": "shemu"
},
{
"f_source": "x86/basic/test_32_loadrip02.asm",
"f_result": "x86/basic/test_32_loadrip02.result",
"f_test": "x86/basic/test_32_loadrip02.test",
"options": "-b32 -skipdecoded",
"command": "shemu"
},
{
"f_source": "x86/basic/test_32_loadseg01.asm",
"f_result": "x86/basic/test_32_loadseg01.result",
"f_test": "x86/basic/test_32_loadseg01.test",
"options": "-b32 -skipdecoded",
"command": "shemu"
},
{
"f_source": "x86/basic/test_32_loadseg02.asm",
"f_result": "x86/basic/test_32_loadseg02.result",
"f_test": "x86/basic/test_32_loadseg02.test",
"options": "-b32 -skipdecoded",
"command": "shemu"
},
{
"f_source": "x86/basic/test_32_loadseg03.asm",
"f_result": "x86/basic/test_32_loadseg03.result",
"f_test": "x86/basic/test_32_loadseg03.test",
"options": "-b32 -skipdecoded",
"command": "shemu"
},
{
"f_source": "x86/basic/test_32_neg.asm",
"f_result": "x86/basic/test_32_neg.result",
"f_test": "x86/basic/test_32_neg.test",
"options": "-b32 -skipdecoded",
"command": "shemu"
},
{
"f_source": "x86/basic/test_32_retf.asm",
"f_result": "x86/basic/test_32_retf.result",
"f_test": "x86/basic/test_32_retf.test",
"options": "-b32 -skipdecoded",
"command": "shemu"
},
{
"f_source": "x86/basic/test_32_stack_pivot1.asm",
"f_result": "x86/basic/test_32_stack_pivot1.result",
"f_test": "x86/basic/test_32_stack_pivot1.test",
"options": "-b32 -skipdecoded",
"command": "shemu"
},
{
"f_source": "x86/basic/test_32_stack_pivot2.asm",
"f_result": "x86/basic/test_32_stack_pivot2.result",
"f_test": "x86/basic/test_32_stack_pivot2.test",
"options": "-b32 -skipdecoded",
"command": "shemu"
},
{
"f_source": "x86/basic/test_32_stack_pivot3.asm",
"f_result": "x86/basic/test_32_stack_pivot3.result",
"f_test": "x86/basic/test_32_stack_pivot3.test",
"options": "-b32 -skipdecoded",
"command": "shemu"
},
{
"f_source": "x86/basic/test_32_stack_pivot4.asm",
"f_result": "x86/basic/test_32_stack_pivot4.result",
"f_test": "x86/basic/test_32_stack_pivot4.test",
"options": "-b32 -skipdecoded",
"command": "shemu"
},
{
"f_source": "x86/basic/test_32_str01.asm",
"f_result": "x86/basic/test_32_str01.result",
"f_test": "x86/basic/test_32_str01.test",
"options": "-b32 -skipdecoded",
"command": "shemu"
},
{
"f_source": "x86/basic/test_32_str02.asm",
"f_result": "x86/basic/test_32_str02.result",
"f_test": "x86/basic/test_32_str02.test",
"options": "-b32 -skipdecoded",
"command": "shemu"
},
{
"f_source": "x86/basic/test_32_str03.asm",
"f_result": "x86/basic/test_32_str03.result",
"f_test": "x86/basic/test_32_str03.test",
"options": "-b32 -skipdecoded",
"command": "shemu"
},
{
"f_source": "x86/basic/test_32_str04.asm",
"f_result": "x86/basic/test_32_str04.result",
"f_test": "x86/basic/test_32_str04.test",
"options": "-b32 -skipdecoded",
"command": "shemu"
},
{
"f_source": "x86/basic/test_32_str05.asm",
"f_result": "x86/basic/test_32_str05.result",
"f_test": "x86/basic/test_32_str05.test",
"options": "-b32 -skipdecoded",
"command": "shemu"
},
{
"f_source": "x86/basic/test_32_sud01.asm",
"f_result": "x86/basic/test_32_sud01.result",
"f_test": "x86/basic/test_32_sud01.test",
"options": "-b32 -skipdecoded",
"command": "shemu"
},
{
"f_source": "x86/basic/test_32_sud02.asm",
"f_result": "x86/basic/test_32_sud02.result",
"f_test": "x86/basic/test_32_sud02.test",
"options": "-b32 -skipdecoded",
"command": "shemu"
},
{
"f_source": "x86/basic/test_32_sys01.asm",
"f_result": "x86/basic/test_32_sys01.result",
"f_test": "x86/basic/test_32_sys01.test",
"options": "-b32 -skipdecoded",
"command": "shemu"
},
{
"f_source": "x86/basic/test_64_adc01.asm",
"f_result": "x86/basic/test_64_adc01.result",
"f_test": "x86/basic/test_64_adc01.test",
"options": "-b64 -skipdecoded",
"command": "shemu"
},
{
"f_source": "x86/basic/test_64_basic01.asm",
"f_result": "x86/basic/test_64_basic01.result",
"f_test": "x86/basic/test_64_basic01.test",
"options": "-b64 -skipdecoded",
"command": "shemu"
},
{
"f_source": "x86/basic/test_64_basic02.asm",
"f_result": "x86/basic/test_64_basic02.result",
"f_test": "x86/basic/test_64_basic02.test",
"options": "-b64 -skipdecoded",
"command": "shemu"
},
{
"f_source": "x86/basic/test_64_basic03.asm",
"f_result": "x86/basic/test_64_basic03.result",
"f_test": "x86/basic/test_64_basic03.test",
"options": "-b64 -skipdecoded",
"command": "shemu"
},
{
"f_source": "x86/basic/test_64_basic04.asm",
"f_result": "x86/basic/test_64_basic04.result",
"f_test": "x86/basic/test_64_basic04.test",
"options": "-b64 -skipdecoded",
"command": "shemu"
},
{
"f_source": "x86/basic/test_64_basic05.asm",
"f_result": "x86/basic/test_64_basic05.result",
"f_test": "x86/basic/test_64_basic05.test",
"options": "-b64 -skipdecoded",
"command": "shemu"
},
{
"f_source": "x86/basic/test_64_basic06.asm",
"f_result": "x86/basic/test_64_basic06.result",
"f_test": "x86/basic/test_64_basic06.test",
"options": "-b64 -skipdecoded",
"command": "shemu"
},
{
"f_source": "x86/basic/test_64_basic07.asm",
"f_result": "x86/basic/test_64_basic07.result",
"f_test": "x86/basic/test_64_basic07.test",
"options": "-b64 -skipdecoded",
"command": "shemu"
},
{
"f_source": "x86/basic/test_64_basic08.asm",
"f_result": "x86/basic/test_64_basic08.result",
"f_test": "x86/basic/test_64_basic08.test",
"options": "-b64 -skipdecoded",
"command": "shemu"
},
{
"f_source": "x86/basic/test_64_basic09.asm",
"f_result": "x86/basic/test_64_basic09.result",
"f_test": "x86/basic/test_64_basic09.test",
"options": "-b64 -skipdecoded",
"command": "shemu"
},
{
"f_source": "x86/basic/test_64_bitscan01.asm",
"f_result": "x86/basic/test_64_bitscan01.result",
"f_test": "x86/basic/test_64_bitscan01.test",
"options": "-b64 -skipdecoded",
"command": "shemu"
},
{
"f_source": "x86/basic/test_64_branch1.asm",
"f_result": "x86/basic/test_64_branch1.result",
"f_test": "x86/basic/test_64_branch1.test",
"options": "-b64 -skipdecoded",
"command": "shemu"
},
{
"f_source": "x86/basic/test_64_branch2.asm",
"f_result": "x86/basic/test_64_branch2.result",
"f_test": "x86/basic/test_64_branch2.test",
"options": "-b64 -skipdecoded",
"command": "shemu"
},
{
"f_source": "x86/basic/test_64_branch3.asm",
"f_result": "x86/basic/test_64_branch3.result",
"f_test": "x86/basic/test_64_branch3.test",
"options": "-b64 -skipdecoded",
"command": "shemu"
},
{
"f_source": "x86/basic/test_64_branch4.asm",
"f_result": "x86/basic/test_64_branch4.result",
"f_test": "x86/basic/test_64_branch4.test",
"options": "-b64 -skipdecoded",
"command": "shemu"
},
{
"f_source": "x86/basic/test_64_branch_boundary01.asm",
"f_result": "x86/basic/test_64_branch_boundary01.result",
"f_test": "x86/basic/test_64_branch_boundary01.test",
"options": "-b64 -skipdecoded",
"command": "shemu"
},
{
"f_source": "x86/basic/test_64_branch_boundary02.asm",
"f_result": "x86/basic/test_64_branch_boundary02.result",
"f_test": "x86/basic/test_64_branch_boundary02.test",
"options": "-b64 -skipdecoded",
"command": "shemu"
},
{
"f_source": "x86/basic/test_64_bswap01.asm",
"f_result": "x86/basic/test_64_bswap01.result",
"f_test": "x86/basic/test_64_bswap01.test",
"options": "-b64 -skipdecoded",
"command": "shemu"
},
{
"f_source": "x86/basic/test_64_cmov.asm",
"f_result": "x86/basic/test_64_cmov.result",
"f_test": "x86/basic/test_64_cmov.test",
"options": "-b64 -skipdecoded",
"command": "shemu"
},
{
"f_source": "x86/basic/test_64_cmpxchg01.asm",
"f_result": "x86/basic/test_64_cmpxchg01.result",
"f_test": "x86/basic/test_64_cmpxchg01.test",
"options": "-b64 -skipdecoded",
"command": "shemu"
},
{
"f_source": "x86/basic/test_64_div.asm",
"f_result": "x86/basic/test_64_div.result",
"f_test": "x86/basic/test_64_div.test",
"options": "-b64 -skipdecoded",
"command": "shemu"
},
{
"f_source": "x86/basic/test_64_div2.asm",
"f_result": "x86/basic/test_64_div2.result",
"f_test": "x86/basic/test_64_div2.test",
"options": "-b64 -skipdecoded",
"command": "shemu"
},
{
"f_source": "x86/basic/test_64_eicar.asm",
"f_result": "x86/basic/test_64_eicar.result",
"f_test": "x86/basic/test_64_eicar.test",
"options": "-b64 -skipdecoded",
"command": "shemu"
},
{
"f_source": "x86/basic/test_64_flags.asm",
"f_result": "x86/basic/test_64_flags.result",
"f_test": "x86/basic/test_64_flags.test",
"options": "-b64 -skipdecoded",
"command": "shemu"
},
{
"f_source": "x86/basic/test_64_flags2.asm",
"f_result": "x86/basic/test_64_flags2.result",
"f_test": "x86/basic/test_64_flags2.test",
"options": "-b64 -skipdecoded",
"command": "shemu"
},
{
"f_source": "x86/basic/test_64_flags3.asm",
"f_result": "x86/basic/test_64_flags3.result",
"f_test": "x86/basic/test_64_flags3.test",
"options": "-b64 -skipdecoded",
"command": "shemu"
},
{
"f_source": "x86/basic/test_64_imul01.asm",
"f_result": "x86/basic/test_64_imul01.result",
"f_test": "x86/basic/test_64_imul01.test",
"options": "-b64 -skipdecoded",
"command": "shemu"
},
{
"f_source": "x86/basic/test_64_imul02.asm",
"f_result": "x86/basic/test_64_imul02.result",
"f_test": "x86/basic/test_64_imul02.test",
"options": "-b64 -skipdecoded",
"command": "shemu"
},
{
"f_source": "x86/basic/test_64_incdec.asm",
"f_result": "x86/basic/test_64_incdec.result",
"f_test": "x86/basic/test_64_incdec.test",
"options": "-b64 -skipdecoded",
"command": "shemu"
},
{
"f_source": "x86/basic/test_64_loadrip01.asm",
"f_result": "x86/basic/test_64_loadrip01.result",
"f_test": "x86/basic/test_64_loadrip01.test",
"options": "-b64 -skipdecoded",
"command": "shemu"
},
{
"f_source": "x86/basic/test_64_loadrip02.asm",
"f_result": "x86/basic/test_64_loadrip02.result",
"f_test": "x86/basic/test_64_loadrip02.test",
"options": "-b64 -skipdecoded",
"command": "shemu"
},
{
"f_source": "x86/basic/test_64_loadrip03.asm",
"f_result": "x86/basic/test_64_loadrip03.result",
"f_test": "x86/basic/test_64_loadrip03.test",
"options": "-b64 -skipdecoded",
"command": "shemu"
},
{
"f_source": "x86/basic/test_64_loadrip04.asm",
"f_result": "x86/basic/test_64_loadrip04.result",
"f_test": "x86/basic/test_64_loadrip04.test",
"options": "-b64 -skipdecoded",
"command": "shemu"
},
{
"f_source": "x86/basic/test_64_loadrip05.asm",
"f_result": "x86/basic/test_64_loadrip05.result",
"f_test": "x86/basic/test_64_loadrip05.test",
"options": "-b64 -skipdecoded",
"command": "shemu"
},
{
"f_source": "x86/basic/test_64_loadrip06.asm",
"f_result": "x86/basic/test_64_loadrip06.result",
"f_test": "x86/basic/test_64_loadrip06.test",
"options": "-b64 -skipdecoded",
"command": "shemu"
},
{
"f_source": "x86/basic/test_64_loadrip07.asm",
"f_result": "x86/basic/test_64_loadrip07.result",
"f_test": "x86/basic/test_64_loadrip07.test",
"options": "-b64 -skipdecoded",
"command": "shemu"
},
{
"f_source": "x86/basic/test_64_loadrip08.asm",
"f_result": "x86/basic/test_64_loadrip08.result",
"f_test": "x86/basic/test_64_loadrip08.test",
"options": "-b64 -skipdecoded",
"command": "shemu"
},
{
"f_source": "x86/basic/test_64_loadrip09.asm",
"f_result": "x86/basic/test_64_loadrip09.result",
"f_test": "x86/basic/test_64_loadrip09.test",
"options": "-b64 -skipdecoded",
"command": "shemu"
},
{
"f_source": "x86/basic/test_64_loadseg01.asm",
"f_result": "x86/basic/test_64_loadseg01.result",
"f_test": "x86/basic/test_64_loadseg01.test",
"options": "-b64 -skipdecoded",
"command": "shemu"
},
{
"f_source": "x86/basic/test_64_moffset.asm",
"f_result": "x86/basic/test_64_moffset.result",
"f_test": "x86/basic/test_64_moffset.test",
"options": "-b64 -skipdecoded",
"command": "shemu"
},
{
"f_source": "x86/basic/test_64_mov.asm",
"f_result": "x86/basic/test_64_mov.result",
"f_test": "x86/basic/test_64_mov.test",
"options": "-b64 -skipdecoded",
"command": "shemu"
},
{
"f_source": "x86/basic/test_64_movszx.asm",
"f_result": "x86/basic/test_64_movszx.result",
"f_test": "x86/basic/test_64_movszx.test",
"options": "-b64 -skipdecoded",
"command": "shemu"
},
{
"f_source": "x86/basic/test_64_nopsled01.asm",
"f_result": "x86/basic/test_64_nopsled01.result",
"f_test": "x86/basic/test_64_nopsled01.test",
"options": "-b64 -skipdecoded",
"command": "shemu"
},
{
"f_source": "x86/basic/test_64_nopsled02.asm",
"f_result": "x86/basic/test_64_nopsled02.result",
"f_test": "x86/basic/test_64_nopsled02.test",
"options": "-b64 -skipdecoded",
"command": "shemu"
},
{
"f_source": "x86/basic/test_64_nopsled03.asm",
"f_result": "x86/basic/test_64_nopsled03.result",
"f_test": "x86/basic/test_64_nopsled03.test",
"options": "-b64 -skipdecoded",
"command": "shemu"
},
{
"f_source": "x86/basic/test_64_popcnt01.asm",
"f_result": "x86/basic/test_64_popcnt01.result",
"f_test": "x86/basic/test_64_popcnt01.test",
"options": "-b64 -skipdecoded",
"command": "shemu"
},
{
"f_source": "x86/basic/test_64_r0_sidt.asm",
"f_result": "x86/basic/test_64_r0_sidt.result",
"f_test": "x86/basic/test_64_r0_sidt.test",
"options": "-b64 -k -skipdecoded",
"command": "shemu"
},
{
"f_source": "x86/basic/test_64_rcl01.asm",
"f_result": "x86/basic/test_64_rcl01.result",
"f_test": "x86/basic/test_64_rcl01.test",
"options": "-b64 -skipdecoded",
"command": "shemu"
},
{
"f_source": "x86/basic/test_64_rcr01.asm",
"f_result": "x86/basic/test_64_rcr01.result",
"f_test": "x86/basic/test_64_rcr01.test",
"options": "-b64 -skipdecoded",
"command": "shemu"
},
{
"f_source": "x86/basic/test_64_rdtsc.asm",
"f_result": "x86/basic/test_64_rdtsc.result",
"f_test": "x86/basic/test_64_rdtsc.test",
"options": "-b64 -skipdecoded",
"command": "shemu"
},
{
"f_source": "x86/basic/test_64_rol01.asm",
"f_result": "x86/basic/test_64_rol01.result",
"f_test": "x86/basic/test_64_rol01.test",
"options": "-b64 -skipdecoded",
"command": "shemu"
},
{
"f_source": "x86/basic/test_64_ror01.asm",
"f_result": "x86/basic/test_64_ror01.result",
"f_test": "x86/basic/test_64_ror01.test",
"options": "-b64 -skipdecoded",
"command": "shemu"
},
{
"f_source": "x86/basic/test_64_sar01.asm",
"f_result": "x86/basic/test_64_sar01.result",
"f_test": "x86/basic/test_64_sar01.test",
"options": "-b64 -skipdecoded",
"command": "shemu"
},
{
"f_source": "x86/basic/test_64_sbb01.asm",
"f_result": "x86/basic/test_64_sbb01.result",
"f_test": "x86/basic/test_64_sbb01.test",
"options": "-b64 -skipdecoded",
"command": "shemu"
},
{
"f_source": "x86/basic/test_64_selfwrite01.asm",
"f_result": "x86/basic/test_64_selfwrite01.result",
"f_test": "x86/basic/test_64_selfwrite01.test",
"options": "-b64 -skipdecoded",
"command": "shemu"
},
{
"f_source": "x86/basic/test_64_selfwrite02.asm",
"f_result": "x86/basic/test_64_selfwrite02.result",
"f_test": "x86/basic/test_64_selfwrite02.test",
"options": "-b64 -skipdecoded",
"command": "shemu"
},
{
"f_source": "x86/basic/test_64_selfwrite03.asm",
"f_result": "x86/basic/test_64_selfwrite03.result",
"f_test": "x86/basic/test_64_selfwrite03.test",
"options": "-b64 -skipdecoded",
"command": "shemu"
},
{
"f_source": "x86/basic/test_64_shl01.asm",
"f_result": "x86/basic/test_64_shl01.result",
"f_test": "x86/basic/test_64_shl01.test",
"options": "-b64 -skipdecoded",
"command": "shemu"
},
{
"f_source": "x86/basic/test_64_shld01.asm",
"f_result": "x86/basic/test_64_shld01.result",
"f_test": "x86/basic/test_64_shld01.test",
"options": "-b64 -skipdecoded",
"command": "shemu"
},
{
"f_source": "x86/basic/test_64_shld02.asm",
"f_result": "x86/basic/test_64_shld02.result",
"f_test": "x86/basic/test_64_shld02.test",
"options": "-b64 -skipdecoded",
"command": "shemu"
},
{
"f_source": "x86/basic/test_64_shr01.asm",
"f_result": "x86/basic/test_64_shr01.result",
"f_test": "x86/basic/test_64_shr01.test",
"options": "-b64 -skipdecoded",
"command": "shemu"
},
{
"f_source": "x86/basic/test_64_shrd01.asm",
"f_result": "x86/basic/test_64_shrd01.result",
"f_test": "x86/basic/test_64_shrd01.test",
"options": "-b64 -skipdecoded",
"command": "shemu"
},
{
"f_source": "x86/basic/test_64_shrd02.asm",
"f_result": "x86/basic/test_64_shrd02.result",
"f_test": "x86/basic/test_64_shrd02.test",
"options": "-b64 -skipdecoded",
"command": "shemu"
},
{
"f_source": "x86/basic/test_64_sidt.asm",
"f_result": "x86/basic/test_64_sidt.result",
"f_test": "x86/basic/test_64_sidt.test",
"options": "-b64 -skipdecoded",
"command": "shemu"
},
{
"f_source": "x86/basic/test_64_stack_pivot1.asm",
"f_result": "x86/basic/test_64_stack_pivot1.result",
"f_test": "x86/basic/test_64_stack_pivot1.test",
"options": "-b64 -skipdecoded",
"command": "shemu"
},
{
"f_source": "x86/basic/test_64_stack_pivot2.asm",
"f_result": "x86/basic/test_64_stack_pivot2.result",
"f_test": "x86/basic/test_64_stack_pivot2.test",
"options": "-b64 -skipdecoded",
"command": "shemu"
},
{
"f_source": "x86/basic/test_64_stack_pivot3.asm",
"f_result": "x86/basic/test_64_stack_pivot3.result",
"f_test": "x86/basic/test_64_stack_pivot3.test",
"options": "-b64 -skipdecoded",
"command": "shemu"
},
{
"f_source": "x86/basic/test_64_stack_pivot4.asm",
"f_result": "x86/basic/test_64_stack_pivot4.result",
"f_test": "x86/basic/test_64_stack_pivot4.test",
"options": "-b64 -skipdecoded",
"command": "shemu"
},
{
"f_source": "x86/basic/test_64_string.asm",
"f_result": "x86/basic/test_64_string.result",
"f_test": "x86/basic/test_64_string.test",
"options": "-b64 -skipdecoded",
"command": "shemu"
},
{
"f_source": "x86/basic/test_64_sys01.asm",
"f_result": "x86/basic/test_64_sys01.result",
"f_test": "x86/basic/test_64_sys01.test",
"options": "-b64 -skipdecoded",
"command": "shemu"
},
{
"f_source": "x86/basic/test_64_sys02.asm",
"f_result": "x86/basic/test_64_sys02.result",
"f_test": "x86/basic/test_64_sys02.test",
"options": "-b64 -skipdecoded",
"command": "shemu"
},
{
"f_source": "x86/basic/test_64_sys03.asm",
"f_result": "x86/basic/test_64_sys03.result",
"f_test": "x86/basic/test_64_sys03.test",
"options": "-b64 -skipdecoded",
"command": "shemu"
},
{
"f_source": "x86/basic/test_64_zcnt01.asm",
"f_result": "x86/basic/test_64_zcnt01.result",
"f_test": "x86/basic/test_64_zcnt01.test",
"options": "-b64 -skipdecoded",
"command": "shemu"
},
{
"f_source": "x86/basic_apx/test_64_apx01.asm",
"f_result": "x86/basic_apx/test_64_apx01.result",
"f_test": "x86/basic_apx/test_64_apx01.test",
"options": "-b64 -skipdecoded",
"command": "shemu"
},
{
"f_source": "x86/basic_apx/test_64_apx02.asm",
"f_result": "x86/basic_apx/test_64_apx02.result",
"f_test": "x86/basic_apx/test_64_apx02.test",
"options": "-b64 -skipdecoded",
"command": "shemu"
},
{
"f_source": "x86/basic_apx/test_64_apx03.asm",
"f_result": "x86/basic_apx/test_64_apx03.result",
"f_test": "x86/basic_apx/test_64_apx03.test",
"options": "-b64 -skipdecoded",
"command": "shemu"
},
{
"f_source": "x86/basic_apx/test_64_apx04.asm",
"f_result": "x86/basic_apx/test_64_apx04.result",
"f_test": "x86/basic_apx/test_64_apx04.test",
"options": "-b64 -skipdecoded",
"command": "shemu"
}
]

View File

@ -1,179 +0,0 @@
#
# Copyright (c) 2020 Bitdefender
# SPDX-License-Identifier: Apache-2.0
#
import os
import sys
import glob
import shutil
from zipfile import ZipFile
from pathlib import Path
TEMP_PATH = "!temp"
# A test file-name contains some indicators as to how the emulation should be done:
# - If '_16' is present in the name, emulation will be done on 16 bit
# - If '_32' is present in the name, emulation will be done on 32 bit
# - If '_64' is present in the name, emulation will be done on 64 bit
# - If '_r0' is present in the name, emulation will be done as kernel code
# A test case consists of minimum two files:
# - An '.test' file, containing the binary code to be emulated
# - An '.result' file, containing the emulation output
# A test is considered passed if the output produced during emulation is identical to the
# output containted in the '.result' file.
#
# test_dir
#
# Runs the tests inside the provided directory.
# Returns a tuplecontaining the total number of tests run and the number of failed tests.
#
def test_dir(dir, arch='x86'):
total_tests = 0
failed_tests = 0
for f in glob.glob('%s\\*.test' % dir):
base, _ = os.path.splitext(f)
tst_file = f
res_file = base + '.result'
tmp_file = base + '.temp'
if 0 < tst_file.find('_16'):
mod = '-b16'
elif 0 < tst_file.find('_32'):
mod = '-b32'
else:
mod = '-b64'
if 0 < tst_file.find('_r0'):
mod += ' -k'
print(' * Running test case %s...' % tst_file)
os.system('disasm shemu %s -f %s >%s' % (mod, tst_file, tmp_file))
try:
res = open(res_file).read()
except:
print(' ! No result file provided for test %s!' % tst_file)
try:
tmp = open(tmp_file).read()
except:
print(' ! No result produced by test %s!' % tst_file)
total_tests += 1
if res != tmp:
print(' **** FAILED! ****')
failed_tests += 1
else:
print(' * Passed.')
# Cleanup.
os.remove(tmp_file)
os.remove(tst_file + "_decoded.bin")
return (total_tests, failed_tests)
#
# regenerate
#
def regenerate(dir, arch='x86'):
for f in glob.glob('%s\\*.test' % dir):
base, _ = os.path.splitext(f)
tst_file = f
res_file = base + '.result'
if 0 < f.find('_16'):
mod = '-b16'
elif 0 < f.find('_32'):
mod = '-b32'
else:
mod = '-b64'
if 0 < f.find('_r0'):
mod += ' -k'
print(' * Regenerating test case %s...' % tst_file)
os.system('disasm -exi shemu %s -f %s >%s' % (mod, tst_file, res_file))
# Cleanup.
os.remove(tst_file + "_decoded.bin")
#
# parse_dir_rec
#
def parse_dir_rec(dir, arch, handler):
for f in glob.glob(dir + "\\*"):
path, name = os.path.split(f)
if name in ['.', '..']:
continue
if os.path.isdir(f):
parse_dir_rec(f, arch, handler)
handler(f, arch)
#
# test_archive
#
def test_archive(filename, arch='x86'):
cleanup_files = []
# Run the x86 test.
print("Extracting test archive...")
with ZipFile(filename) as zf:
cleanup_files = zf.namelist()
zf.extractall(path=TEMP_PATH)
zf.close()
print("Running tests...")
total_tests, failed_tests = 0, 0
for dn in glob.glob(os.path.join(TEMP_PATH, "*")):
if not os.path.isdir(dn):
continue
print('Testing %s...' % dn)
cnt_tests, cnt_failed = test_dir(dn, arch)
total_tests += cnt_tests
failed_tests += cnt_failed
print("========================================================================")
print("Summary:")
print("Ran %d tests, %d failed" % (total_tests, failed_tests))
print("========================================================================")
print()
shutil.rmtree(TEMP_PATH)
if __name__ == "__main__":
# No arguments provided, auto-run all tests.
if len(sys.argv) == 1:
print("Running x86 tests...")
test_archive("x86\\bdshemu_test_x86.zip")
sys.exit(0)
opt_dir = ""
opt_regen = False
opt_arch = 'x86'
for arg in sys.argv[1:]:
if os.path.isdir(arg):
print("Will test directory", arg)
opt_dir = arg
if arg == "regenerate":
print("Will regenerate tests...")
opt_regen = True
print("Identified architecture: ", opt_arch)
# Single directory test.
if not opt_dir:
print("A directory containing tests must be supplied!")
sys.exit(-1)
if opt_regen:
parse_dir_rec(opt_dir, opt_arch, regenerate)
else:
parse_dir_rec(opt_dir, opt_arch, test_dir)

View File

@ -0,0 +1,4 @@
bits 32
call 0x33:0x20000

View File

@ -0,0 +1,12 @@
RAX = 0x0000000000000000 RCX = 0x0000000000000000 RDX = 0x0000000000000000 RBX = 0x0000000000000000
RSP = 0x00000000001fe000 RBP = 0x0000000000000000 RSI = 0x0000000000000000 RDI = 0x0000000000000000
R8 = 0x0000000000000000 R9 = 0x0000000000000000 R10 = 0x0000000000000000 R11 = 0x0000000000000000
R12 = 0x0000000000000000 R13 = 0x0000000000000000 R14 = 0x0000000000000000 R15 = 0x0000000000000000
R16 = 0x0000000000000000 R17 = 0x0000000000000000 R18 = 0x0000000000000000 R19 = 0x0000000000000000
R20 = 0x0000000000000000 R21 = 0x0000000000000000 R22 = 0x0000000000000000 R23 = 0x0000000000000000
R24 = 0x0000000000000000 R25 = 0x0000000000000000 R26 = 0x0000000000000000 R27 = 0x0000000000000000
R28 = 0x0000000000000000 R29 = 0x0000000000000000 R30 = 0x0000000000000000 R31 = 0x0000000000000000
RIP = 0x0000000000200000 RFLAGS = 0x0000000000000202 CF:0 PF:0 AF:0 ZF:0 SF:0 TF:0 IF:1 DF:0 OF:0
IP: 0x0000000000200000 9A000002003300 CALLF 0x0033:0x00020000
Emulation terminated with status 0x0000000a, flags: 0x80, 0 NOPs, 0 NULLs, 2 total instructions, 1 unique instructions
SHEMU_FLAG_HEAVENS_GATE

Binary file not shown.

View File

@ -0,0 +1,18 @@
bits 32
call $+5
pop ebp
sub ebp, 5
lea eax, [ebp + dest]
mov dword [ebp + t_offset], eax
call far [ebp + t_offset]
dest:
int3
t_offset dd 0x0
t_segment dw 0x33

View File

@ -0,0 +1,67 @@
RAX = 0x0000000000000000 RCX = 0x0000000000000000 RDX = 0x0000000000000000 RBX = 0x0000000000000000
RSP = 0x00000000001fe000 RBP = 0x0000000000000000 RSI = 0x0000000000000000 RDI = 0x0000000000000000
R8 = 0x0000000000000000 R9 = 0x0000000000000000 R10 = 0x0000000000000000 R11 = 0x0000000000000000
R12 = 0x0000000000000000 R13 = 0x0000000000000000 R14 = 0x0000000000000000 R15 = 0x0000000000000000
R16 = 0x0000000000000000 R17 = 0x0000000000000000 R18 = 0x0000000000000000 R19 = 0x0000000000000000
R20 = 0x0000000000000000 R21 = 0x0000000000000000 R22 = 0x0000000000000000 R23 = 0x0000000000000000
R24 = 0x0000000000000000 R25 = 0x0000000000000000 R26 = 0x0000000000000000 R27 = 0x0000000000000000
R28 = 0x0000000000000000 R29 = 0x0000000000000000 R30 = 0x0000000000000000 R31 = 0x0000000000000000
RIP = 0x0000000000200000 RFLAGS = 0x0000000000000202 CF:0 PF:0 AF:0 ZF:0 SF:0 TF:0 IF:1 DF:0 OF:0
IP: 0x0000000000200000 E800000000 CALL 0x200005
Memory STOR, address 0x00000000001fdffc, size 4, value 05002000
RAX = 0x0000000000000000 RCX = 0x0000000000000000 RDX = 0x0000000000000000 RBX = 0x0000000000000000
RSP = 0x00000000001fdffc RBP = 0x0000000000000000 RSI = 0x0000000000000000 RDI = 0x0000000000000000
R8 = 0x0000000000000000 R9 = 0x0000000000000000 R10 = 0x0000000000000000 R11 = 0x0000000000000000
R12 = 0x0000000000000000 R13 = 0x0000000000000000 R14 = 0x0000000000000000 R15 = 0x0000000000000000
R16 = 0x0000000000000000 R17 = 0x0000000000000000 R18 = 0x0000000000000000 R19 = 0x0000000000000000
R20 = 0x0000000000000000 R21 = 0x0000000000000000 R22 = 0x0000000000000000 R23 = 0x0000000000000000
R24 = 0x0000000000000000 R25 = 0x0000000000000000 R26 = 0x0000000000000000 R27 = 0x0000000000000000
R28 = 0x0000000000000000 R29 = 0x0000000000000000 R30 = 0x0000000000000000 R31 = 0x0000000000000000
RIP = 0x0000000000200005 RFLAGS = 0x0000000000000202 CF:0 PF:0 AF:0 ZF:0 SF:0 TF:0 IF:1 DF:0 OF:0
IP: 0x0000000000200005 5D POP ebp
Memory LOAD, address 0x00000000001fdffc, size 4, value 05002000
RAX = 0x0000000000000000 RCX = 0x0000000000000000 RDX = 0x0000000000000000 RBX = 0x0000000000000000
RSP = 0x00000000001fe000 RBP = 0x0000000000200005 RSI = 0x0000000000000000 RDI = 0x0000000000000000
R8 = 0x0000000000000000 R9 = 0x0000000000000000 R10 = 0x0000000000000000 R11 = 0x0000000000000000
R12 = 0x0000000000000000 R13 = 0x0000000000000000 R14 = 0x0000000000000000 R15 = 0x0000000000000000
R16 = 0x0000000000000000 R17 = 0x0000000000000000 R18 = 0x0000000000000000 R19 = 0x0000000000000000
R20 = 0x0000000000000000 R21 = 0x0000000000000000 R22 = 0x0000000000000000 R23 = 0x0000000000000000
R24 = 0x0000000000000000 R25 = 0x0000000000000000 R26 = 0x0000000000000000 R27 = 0x0000000000000000
R28 = 0x0000000000000000 R29 = 0x0000000000000000 R30 = 0x0000000000000000 R31 = 0x0000000000000000
RIP = 0x0000000000200006 RFLAGS = 0x0000000000000202 CF:0 PF:0 AF:0 ZF:0 SF:0 TF:0 IF:1 DF:0 OF:0
IP: 0x0000000000200006 83ED05 SUB ebp, 0x00000005
RAX = 0x0000000000000000 RCX = 0x0000000000000000 RDX = 0x0000000000000000 RBX = 0x0000000000000000
RSP = 0x00000000001fe000 RBP = 0x0000000000200000 RSI = 0x0000000000000000 RDI = 0x0000000000000000
R8 = 0x0000000000000000 R9 = 0x0000000000000000 R10 = 0x0000000000000000 R11 = 0x0000000000000000
R12 = 0x0000000000000000 R13 = 0x0000000000000000 R14 = 0x0000000000000000 R15 = 0x0000000000000000
R16 = 0x0000000000000000 R17 = 0x0000000000000000 R18 = 0x0000000000000000 R19 = 0x0000000000000000
R20 = 0x0000000000000000 R21 = 0x0000000000000000 R22 = 0x0000000000000000 R23 = 0x0000000000000000
R24 = 0x0000000000000000 R25 = 0x0000000000000000 R26 = 0x0000000000000000 R27 = 0x0000000000000000
R28 = 0x0000000000000000 R29 = 0x0000000000000000 R30 = 0x0000000000000000 R31 = 0x0000000000000000
RIP = 0x0000000000200009 RFLAGS = 0x0000000000000206 CF:0 PF:1 AF:0 ZF:0 SF:0 TF:0 IF:1 DF:0 OF:0
IP: 0x0000000000200009 8D851B000000 LEA eax, [ebp+0x1b]
RAX = 0x000000000020001b RCX = 0x0000000000000000 RDX = 0x0000000000000000 RBX = 0x0000000000000000
RSP = 0x00000000001fe000 RBP = 0x0000000000200000 RSI = 0x0000000000000000 RDI = 0x0000000000000000
R8 = 0x0000000000000000 R9 = 0x0000000000000000 R10 = 0x0000000000000000 R11 = 0x0000000000000000
R12 = 0x0000000000000000 R13 = 0x0000000000000000 R14 = 0x0000000000000000 R15 = 0x0000000000000000
R16 = 0x0000000000000000 R17 = 0x0000000000000000 R18 = 0x0000000000000000 R19 = 0x0000000000000000
R20 = 0x0000000000000000 R21 = 0x0000000000000000 R22 = 0x0000000000000000 R23 = 0x0000000000000000
R24 = 0x0000000000000000 R25 = 0x0000000000000000 R26 = 0x0000000000000000 R27 = 0x0000000000000000
R28 = 0x0000000000000000 R29 = 0x0000000000000000 R30 = 0x0000000000000000 R31 = 0x0000000000000000
RIP = 0x000000000020000f RFLAGS = 0x0000000000000206 CF:0 PF:1 AF:0 ZF:0 SF:0 TF:0 IF:1 DF:0 OF:0
IP: 0x000000000020000f 89851C000000 MOV dword ptr [ebp+0x1c], eax
Memory STOR, address 0x000000000020001c, size 4, value 1B002000
RAX = 0x000000000020001b RCX = 0x0000000000000000 RDX = 0x0000000000000000 RBX = 0x0000000000000000
RSP = 0x00000000001fe000 RBP = 0x0000000000200000 RSI = 0x0000000000000000 RDI = 0x0000000000000000
R8 = 0x0000000000000000 R9 = 0x0000000000000000 R10 = 0x0000000000000000 R11 = 0x0000000000000000
R12 = 0x0000000000000000 R13 = 0x0000000000000000 R14 = 0x0000000000000000 R15 = 0x0000000000000000
R16 = 0x0000000000000000 R17 = 0x0000000000000000 R18 = 0x0000000000000000 R19 = 0x0000000000000000
R20 = 0x0000000000000000 R21 = 0x0000000000000000 R22 = 0x0000000000000000 R23 = 0x0000000000000000
R24 = 0x0000000000000000 R25 = 0x0000000000000000 R26 = 0x0000000000000000 R27 = 0x0000000000000000
R28 = 0x0000000000000000 R29 = 0x0000000000000000 R30 = 0x0000000000000000 R31 = 0x0000000000000000
RIP = 0x0000000000200015 RFLAGS = 0x0000000000000206 CF:0 PF:1 AF:0 ZF:0 SF:0 TF:0 IF:1 DF:0 OF:0
IP: 0x0000000000200015 FF9D1C000000 CALLF fword ptr [ebp+0x1c]
Memory LOAD, address 0x000000000020001c, size 6, value 1B0020003300
Emulation terminated with status 0x0000000a, flags: 0x82, 0 NOPs, 0 NULLs, 7 total instructions, 6 unique instructions
SHEMU_FLAG_LOAD_RIP
SHEMU_FLAG_HEAVENS_GATE

Binary file not shown.

View File

@ -0,0 +1,9 @@
bits 32
pushfd
push 0x33
call $+5
add dword [esp], 5
iretd
int3

View File

@ -0,0 +1,58 @@
RAX = 0x0000000000000000 RCX = 0x0000000000000000 RDX = 0x0000000000000000 RBX = 0x0000000000000000
RSP = 0x00000000001fe000 RBP = 0x0000000000000000 RSI = 0x0000000000000000 RDI = 0x0000000000000000
R8 = 0x0000000000000000 R9 = 0x0000000000000000 R10 = 0x0000000000000000 R11 = 0x0000000000000000
R12 = 0x0000000000000000 R13 = 0x0000000000000000 R14 = 0x0000000000000000 R15 = 0x0000000000000000
R16 = 0x0000000000000000 R17 = 0x0000000000000000 R18 = 0x0000000000000000 R19 = 0x0000000000000000
R20 = 0x0000000000000000 R21 = 0x0000000000000000 R22 = 0x0000000000000000 R23 = 0x0000000000000000
R24 = 0x0000000000000000 R25 = 0x0000000000000000 R26 = 0x0000000000000000 R27 = 0x0000000000000000
R28 = 0x0000000000000000 R29 = 0x0000000000000000 R30 = 0x0000000000000000 R31 = 0x0000000000000000
RIP = 0x0000000000200000 RFLAGS = 0x0000000000000202 CF:0 PF:0 AF:0 ZF:0 SF:0 TF:0 IF:1 DF:0 OF:0
IP: 0x0000000000200000 9C PUSHFD
Memory STOR, address 0x00000000001fdffc, size 4, value 02020000
RAX = 0x0000000000000000 RCX = 0x0000000000000000 RDX = 0x0000000000000000 RBX = 0x0000000000000000
RSP = 0x00000000001fdffc RBP = 0x0000000000000000 RSI = 0x0000000000000000 RDI = 0x0000000000000000
R8 = 0x0000000000000000 R9 = 0x0000000000000000 R10 = 0x0000000000000000 R11 = 0x0000000000000000
R12 = 0x0000000000000000 R13 = 0x0000000000000000 R14 = 0x0000000000000000 R15 = 0x0000000000000000
R16 = 0x0000000000000000 R17 = 0x0000000000000000 R18 = 0x0000000000000000 R19 = 0x0000000000000000
R20 = 0x0000000000000000 R21 = 0x0000000000000000 R22 = 0x0000000000000000 R23 = 0x0000000000000000
R24 = 0x0000000000000000 R25 = 0x0000000000000000 R26 = 0x0000000000000000 R27 = 0x0000000000000000
R28 = 0x0000000000000000 R29 = 0x0000000000000000 R30 = 0x0000000000000000 R31 = 0x0000000000000000
RIP = 0x0000000000200001 RFLAGS = 0x0000000000000202 CF:0 PF:0 AF:0 ZF:0 SF:0 TF:0 IF:1 DF:0 OF:0
IP: 0x0000000000200001 6A33 PUSH 0x00000033
Memory STOR, address 0x00000000001fdff8, size 4, value 33000000
RAX = 0x0000000000000000 RCX = 0x0000000000000000 RDX = 0x0000000000000000 RBX = 0x0000000000000000
RSP = 0x00000000001fdff8 RBP = 0x0000000000000000 RSI = 0x0000000000000000 RDI = 0x0000000000000000
R8 = 0x0000000000000000 R9 = 0x0000000000000000 R10 = 0x0000000000000000 R11 = 0x0000000000000000
R12 = 0x0000000000000000 R13 = 0x0000000000000000 R14 = 0x0000000000000000 R15 = 0x0000000000000000
R16 = 0x0000000000000000 R17 = 0x0000000000000000 R18 = 0x0000000000000000 R19 = 0x0000000000000000
R20 = 0x0000000000000000 R21 = 0x0000000000000000 R22 = 0x0000000000000000 R23 = 0x0000000000000000
R24 = 0x0000000000000000 R25 = 0x0000000000000000 R26 = 0x0000000000000000 R27 = 0x0000000000000000
R28 = 0x0000000000000000 R29 = 0x0000000000000000 R30 = 0x0000000000000000 R31 = 0x0000000000000000
RIP = 0x0000000000200003 RFLAGS = 0x0000000000000202 CF:0 PF:0 AF:0 ZF:0 SF:0 TF:0 IF:1 DF:0 OF:0
IP: 0x0000000000200003 E800000000 CALL 0x200008
Memory STOR, address 0x00000000001fdff4, size 4, value 08002000
RAX = 0x0000000000000000 RCX = 0x0000000000000000 RDX = 0x0000000000000000 RBX = 0x0000000000000000
RSP = 0x00000000001fdff4 RBP = 0x0000000000000000 RSI = 0x0000000000000000 RDI = 0x0000000000000000
R8 = 0x0000000000000000 R9 = 0x0000000000000000 R10 = 0x0000000000000000 R11 = 0x0000000000000000
R12 = 0x0000000000000000 R13 = 0x0000000000000000 R14 = 0x0000000000000000 R15 = 0x0000000000000000
R16 = 0x0000000000000000 R17 = 0x0000000000000000 R18 = 0x0000000000000000 R19 = 0x0000000000000000
R20 = 0x0000000000000000 R21 = 0x0000000000000000 R22 = 0x0000000000000000 R23 = 0x0000000000000000
R24 = 0x0000000000000000 R25 = 0x0000000000000000 R26 = 0x0000000000000000 R27 = 0x0000000000000000
R28 = 0x0000000000000000 R29 = 0x0000000000000000 R30 = 0x0000000000000000 R31 = 0x0000000000000000
RIP = 0x0000000000200008 RFLAGS = 0x0000000000000202 CF:0 PF:0 AF:0 ZF:0 SF:0 TF:0 IF:1 DF:0 OF:0
IP: 0x0000000000200008 83042405 ADD dword ptr [esp], 0x00000005
Memory LOAD, address 0x00000000001fdff4, size 4, value 08002000
Memory STOR, address 0x00000000001fdff4, size 4, value 0D002000
RAX = 0x0000000000000000 RCX = 0x0000000000000000 RDX = 0x0000000000000000 RBX = 0x0000000000000000
RSP = 0x00000000001fdff4 RBP = 0x0000000000000000 RSI = 0x0000000000000000 RDI = 0x0000000000000000
R8 = 0x0000000000000000 R9 = 0x0000000000000000 R10 = 0x0000000000000000 R11 = 0x0000000000000000
R12 = 0x0000000000000000 R13 = 0x0000000000000000 R14 = 0x0000000000000000 R15 = 0x0000000000000000
R16 = 0x0000000000000000 R17 = 0x0000000000000000 R18 = 0x0000000000000000 R19 = 0x0000000000000000
R20 = 0x0000000000000000 R21 = 0x0000000000000000 R22 = 0x0000000000000000 R23 = 0x0000000000000000
R24 = 0x0000000000000000 R25 = 0x0000000000000000 R26 = 0x0000000000000000 R27 = 0x0000000000000000
R28 = 0x0000000000000000 R29 = 0x0000000000000000 R30 = 0x0000000000000000 R31 = 0x0000000000000000
RIP = 0x000000000020000c RFLAGS = 0x0000000000000202 CF:0 PF:0 AF:0 ZF:0 SF:0 TF:0 IF:1 DF:0 OF:0
IP: 0x000000000020000c CF IRETD
Memory LOAD, address 0x00000000001fdff4, size 12, value 0D0020003300000002020000
Emulation terminated with status 0x0000000a, flags: 0x80, 0 NOPs, 0 NULLs, 6 total instructions, 5 unique instructions
SHEMU_FLAG_HEAVENS_GATE

Binary file not shown.

View File

@ -0,0 +1,4 @@
bits 32
jmp 0x33:0x20000

View File

@ -0,0 +1,12 @@
RAX = 0x0000000000000000 RCX = 0x0000000000000000 RDX = 0x0000000000000000 RBX = 0x0000000000000000
RSP = 0x00000000001fe000 RBP = 0x0000000000000000 RSI = 0x0000000000000000 RDI = 0x0000000000000000
R8 = 0x0000000000000000 R9 = 0x0000000000000000 R10 = 0x0000000000000000 R11 = 0x0000000000000000
R12 = 0x0000000000000000 R13 = 0x0000000000000000 R14 = 0x0000000000000000 R15 = 0x0000000000000000
R16 = 0x0000000000000000 R17 = 0x0000000000000000 R18 = 0x0000000000000000 R19 = 0x0000000000000000
R20 = 0x0000000000000000 R21 = 0x0000000000000000 R22 = 0x0000000000000000 R23 = 0x0000000000000000
R24 = 0x0000000000000000 R25 = 0x0000000000000000 R26 = 0x0000000000000000 R27 = 0x0000000000000000
R28 = 0x0000000000000000 R29 = 0x0000000000000000 R30 = 0x0000000000000000 R31 = 0x0000000000000000
RIP = 0x0000000000200000 RFLAGS = 0x0000000000000202 CF:0 PF:0 AF:0 ZF:0 SF:0 TF:0 IF:1 DF:0 OF:0
IP: 0x0000000000200000 EA000002003300 JMPF 0x0033:0x00020000
Emulation terminated with status 0x0000000a, flags: 0x80, 0 NOPs, 0 NULLs, 2 total instructions, 1 unique instructions
SHEMU_FLAG_HEAVENS_GATE

Binary file not shown.

View File

@ -0,0 +1,18 @@
bits 32
call $+5
pop ebp
sub ebp, 5
lea eax, [ebp + dest]
mov dword [ebp + t_offset], eax
jmp far [ebp + t_offset]
dest:
int3
t_offset dd 0x0
t_segment dw 0x33

View File

@ -0,0 +1,67 @@
RAX = 0x0000000000000000 RCX = 0x0000000000000000 RDX = 0x0000000000000000 RBX = 0x0000000000000000
RSP = 0x00000000001fe000 RBP = 0x0000000000000000 RSI = 0x0000000000000000 RDI = 0x0000000000000000
R8 = 0x0000000000000000 R9 = 0x0000000000000000 R10 = 0x0000000000000000 R11 = 0x0000000000000000
R12 = 0x0000000000000000 R13 = 0x0000000000000000 R14 = 0x0000000000000000 R15 = 0x0000000000000000
R16 = 0x0000000000000000 R17 = 0x0000000000000000 R18 = 0x0000000000000000 R19 = 0x0000000000000000
R20 = 0x0000000000000000 R21 = 0x0000000000000000 R22 = 0x0000000000000000 R23 = 0x0000000000000000
R24 = 0x0000000000000000 R25 = 0x0000000000000000 R26 = 0x0000000000000000 R27 = 0x0000000000000000
R28 = 0x0000000000000000 R29 = 0x0000000000000000 R30 = 0x0000000000000000 R31 = 0x0000000000000000
RIP = 0x0000000000200000 RFLAGS = 0x0000000000000202 CF:0 PF:0 AF:0 ZF:0 SF:0 TF:0 IF:1 DF:0 OF:0
IP: 0x0000000000200000 E800000000 CALL 0x200005
Memory STOR, address 0x00000000001fdffc, size 4, value 05002000
RAX = 0x0000000000000000 RCX = 0x0000000000000000 RDX = 0x0000000000000000 RBX = 0x0000000000000000
RSP = 0x00000000001fdffc RBP = 0x0000000000000000 RSI = 0x0000000000000000 RDI = 0x0000000000000000
R8 = 0x0000000000000000 R9 = 0x0000000000000000 R10 = 0x0000000000000000 R11 = 0x0000000000000000
R12 = 0x0000000000000000 R13 = 0x0000000000000000 R14 = 0x0000000000000000 R15 = 0x0000000000000000
R16 = 0x0000000000000000 R17 = 0x0000000000000000 R18 = 0x0000000000000000 R19 = 0x0000000000000000
R20 = 0x0000000000000000 R21 = 0x0000000000000000 R22 = 0x0000000000000000 R23 = 0x0000000000000000
R24 = 0x0000000000000000 R25 = 0x0000000000000000 R26 = 0x0000000000000000 R27 = 0x0000000000000000
R28 = 0x0000000000000000 R29 = 0x0000000000000000 R30 = 0x0000000000000000 R31 = 0x0000000000000000
RIP = 0x0000000000200005 RFLAGS = 0x0000000000000202 CF:0 PF:0 AF:0 ZF:0 SF:0 TF:0 IF:1 DF:0 OF:0
IP: 0x0000000000200005 5D POP ebp
Memory LOAD, address 0x00000000001fdffc, size 4, value 05002000
RAX = 0x0000000000000000 RCX = 0x0000000000000000 RDX = 0x0000000000000000 RBX = 0x0000000000000000
RSP = 0x00000000001fe000 RBP = 0x0000000000200005 RSI = 0x0000000000000000 RDI = 0x0000000000000000
R8 = 0x0000000000000000 R9 = 0x0000000000000000 R10 = 0x0000000000000000 R11 = 0x0000000000000000
R12 = 0x0000000000000000 R13 = 0x0000000000000000 R14 = 0x0000000000000000 R15 = 0x0000000000000000
R16 = 0x0000000000000000 R17 = 0x0000000000000000 R18 = 0x0000000000000000 R19 = 0x0000000000000000
R20 = 0x0000000000000000 R21 = 0x0000000000000000 R22 = 0x0000000000000000 R23 = 0x0000000000000000
R24 = 0x0000000000000000 R25 = 0x0000000000000000 R26 = 0x0000000000000000 R27 = 0x0000000000000000
R28 = 0x0000000000000000 R29 = 0x0000000000000000 R30 = 0x0000000000000000 R31 = 0x0000000000000000
RIP = 0x0000000000200006 RFLAGS = 0x0000000000000202 CF:0 PF:0 AF:0 ZF:0 SF:0 TF:0 IF:1 DF:0 OF:0
IP: 0x0000000000200006 83ED05 SUB ebp, 0x00000005
RAX = 0x0000000000000000 RCX = 0x0000000000000000 RDX = 0x0000000000000000 RBX = 0x0000000000000000
RSP = 0x00000000001fe000 RBP = 0x0000000000200000 RSI = 0x0000000000000000 RDI = 0x0000000000000000
R8 = 0x0000000000000000 R9 = 0x0000000000000000 R10 = 0x0000000000000000 R11 = 0x0000000000000000
R12 = 0x0000000000000000 R13 = 0x0000000000000000 R14 = 0x0000000000000000 R15 = 0x0000000000000000
R16 = 0x0000000000000000 R17 = 0x0000000000000000 R18 = 0x0000000000000000 R19 = 0x0000000000000000
R20 = 0x0000000000000000 R21 = 0x0000000000000000 R22 = 0x0000000000000000 R23 = 0x0000000000000000
R24 = 0x0000000000000000 R25 = 0x0000000000000000 R26 = 0x0000000000000000 R27 = 0x0000000000000000
R28 = 0x0000000000000000 R29 = 0x0000000000000000 R30 = 0x0000000000000000 R31 = 0x0000000000000000
RIP = 0x0000000000200009 RFLAGS = 0x0000000000000206 CF:0 PF:1 AF:0 ZF:0 SF:0 TF:0 IF:1 DF:0 OF:0
IP: 0x0000000000200009 8D851B000000 LEA eax, [ebp+0x1b]
RAX = 0x000000000020001b RCX = 0x0000000000000000 RDX = 0x0000000000000000 RBX = 0x0000000000000000
RSP = 0x00000000001fe000 RBP = 0x0000000000200000 RSI = 0x0000000000000000 RDI = 0x0000000000000000
R8 = 0x0000000000000000 R9 = 0x0000000000000000 R10 = 0x0000000000000000 R11 = 0x0000000000000000
R12 = 0x0000000000000000 R13 = 0x0000000000000000 R14 = 0x0000000000000000 R15 = 0x0000000000000000
R16 = 0x0000000000000000 R17 = 0x0000000000000000 R18 = 0x0000000000000000 R19 = 0x0000000000000000
R20 = 0x0000000000000000 R21 = 0x0000000000000000 R22 = 0x0000000000000000 R23 = 0x0000000000000000
R24 = 0x0000000000000000 R25 = 0x0000000000000000 R26 = 0x0000000000000000 R27 = 0x0000000000000000
R28 = 0x0000000000000000 R29 = 0x0000000000000000 R30 = 0x0000000000000000 R31 = 0x0000000000000000
RIP = 0x000000000020000f RFLAGS = 0x0000000000000206 CF:0 PF:1 AF:0 ZF:0 SF:0 TF:0 IF:1 DF:0 OF:0
IP: 0x000000000020000f 89851C000000 MOV dword ptr [ebp+0x1c], eax
Memory STOR, address 0x000000000020001c, size 4, value 1B002000
RAX = 0x000000000020001b RCX = 0x0000000000000000 RDX = 0x0000000000000000 RBX = 0x0000000000000000
RSP = 0x00000000001fe000 RBP = 0x0000000000200000 RSI = 0x0000000000000000 RDI = 0x0000000000000000
R8 = 0x0000000000000000 R9 = 0x0000000000000000 R10 = 0x0000000000000000 R11 = 0x0000000000000000
R12 = 0x0000000000000000 R13 = 0x0000000000000000 R14 = 0x0000000000000000 R15 = 0x0000000000000000
R16 = 0x0000000000000000 R17 = 0x0000000000000000 R18 = 0x0000000000000000 R19 = 0x0000000000000000
R20 = 0x0000000000000000 R21 = 0x0000000000000000 R22 = 0x0000000000000000 R23 = 0x0000000000000000
R24 = 0x0000000000000000 R25 = 0x0000000000000000 R26 = 0x0000000000000000 R27 = 0x0000000000000000
R28 = 0x0000000000000000 R29 = 0x0000000000000000 R30 = 0x0000000000000000 R31 = 0x0000000000000000
RIP = 0x0000000000200015 RFLAGS = 0x0000000000000206 CF:0 PF:1 AF:0 ZF:0 SF:0 TF:0 IF:1 DF:0 OF:0
IP: 0x0000000000200015 FFAD1C000000 JMPF fword ptr [ebp+0x1c]
Memory LOAD, address 0x000000000020001c, size 6, value 1B0020003300
Emulation terminated with status 0x0000000a, flags: 0x82, 0 NOPs, 0 NULLs, 7 total instructions, 6 unique instructions
SHEMU_FLAG_LOAD_RIP
SHEMU_FLAG_HEAVENS_GATE

Binary file not shown.

View File

@ -0,0 +1,7 @@
bits 32
call _test
_test:
pop ds
int3

View File

@ -0,0 +1,23 @@
RAX = 0x0000000000000000 RCX = 0x0000000000000000 RDX = 0x0000000000000000 RBX = 0x0000000000000000
RSP = 0x00000000001fe000 RBP = 0x0000000000000000 RSI = 0x0000000000000000 RDI = 0x0000000000000000
R8 = 0x0000000000000000 R9 = 0x0000000000000000 R10 = 0x0000000000000000 R11 = 0x0000000000000000
R12 = 0x0000000000000000 R13 = 0x0000000000000000 R14 = 0x0000000000000000 R15 = 0x0000000000000000
R16 = 0x0000000000000000 R17 = 0x0000000000000000 R18 = 0x0000000000000000 R19 = 0x0000000000000000
R20 = 0x0000000000000000 R21 = 0x0000000000000000 R22 = 0x0000000000000000 R23 = 0x0000000000000000
R24 = 0x0000000000000000 R25 = 0x0000000000000000 R26 = 0x0000000000000000 R27 = 0x0000000000000000
R28 = 0x0000000000000000 R29 = 0x0000000000000000 R30 = 0x0000000000000000 R31 = 0x0000000000000000
RIP = 0x0000000000200000 RFLAGS = 0x0000000000000202 CF:0 PF:0 AF:0 ZF:0 SF:0 TF:0 IF:1 DF:0 OF:0
IP: 0x0000000000200000 E800000000 CALL 0x200005
Memory STOR, address 0x00000000001fdffc, size 4, value 05002000
RAX = 0x0000000000000000 RCX = 0x0000000000000000 RDX = 0x0000000000000000 RBX = 0x0000000000000000
RSP = 0x00000000001fdffc RBP = 0x0000000000000000 RSI = 0x0000000000000000 RDI = 0x0000000000000000
R8 = 0x0000000000000000 R9 = 0x0000000000000000 R10 = 0x0000000000000000 R11 = 0x0000000000000000
R12 = 0x0000000000000000 R13 = 0x0000000000000000 R14 = 0x0000000000000000 R15 = 0x0000000000000000
R16 = 0x0000000000000000 R17 = 0x0000000000000000 R18 = 0x0000000000000000 R19 = 0x0000000000000000
R20 = 0x0000000000000000 R21 = 0x0000000000000000 R22 = 0x0000000000000000 R23 = 0x0000000000000000
R24 = 0x0000000000000000 R25 = 0x0000000000000000 R26 = 0x0000000000000000 R27 = 0x0000000000000000
R28 = 0x0000000000000000 R29 = 0x0000000000000000 R30 = 0x0000000000000000 R31 = 0x0000000000000000
RIP = 0x0000000000200005 RFLAGS = 0x0000000000000202 CF:0 PF:0 AF:0 ZF:0 SF:0 TF:0 IF:1 DF:0 OF:0
IP: 0x0000000000200005 1F POP ds
Memory LOAD, address 0x00000000001fdffc, size 4, value 05002000
Emulation terminated with status 0x0000000b, flags: 0x0, 0 NOPs, 0 NULLs, 2 total instructions, 2 unique instructions

Binary file not shown.

View File

@ -0,0 +1,15 @@
bits 32
call _test
push 0
push 0
push 0
push 0
push 0
push 0
push 0
_test:
popad
int3

View File

@ -0,0 +1,34 @@
RAX = 0x0000000000000000 RCX = 0x0000000000000000 RDX = 0x0000000000000000 RBX = 0x0000000000000000
RSP = 0x00000000001fe000 RBP = 0x0000000000000000 RSI = 0x0000000000000000 RDI = 0x0000000000000000
R8 = 0x0000000000000000 R9 = 0x0000000000000000 R10 = 0x0000000000000000 R11 = 0x0000000000000000
R12 = 0x0000000000000000 R13 = 0x0000000000000000 R14 = 0x0000000000000000 R15 = 0x0000000000000000
R16 = 0x0000000000000000 R17 = 0x0000000000000000 R18 = 0x0000000000000000 R19 = 0x0000000000000000
R20 = 0x0000000000000000 R21 = 0x0000000000000000 R22 = 0x0000000000000000 R23 = 0x0000000000000000
R24 = 0x0000000000000000 R25 = 0x0000000000000000 R26 = 0x0000000000000000 R27 = 0x0000000000000000
R28 = 0x0000000000000000 R29 = 0x0000000000000000 R30 = 0x0000000000000000 R31 = 0x0000000000000000
RIP = 0x0000000000200000 RFLAGS = 0x0000000000000202 CF:0 PF:0 AF:0 ZF:0 SF:0 TF:0 IF:1 DF:0 OF:0
IP: 0x0000000000200000 E80E000000 CALL 0x200013
Memory STOR, address 0x00000000001fdffc, size 4, value 05002000
RAX = 0x0000000000000000 RCX = 0x0000000000000000 RDX = 0x0000000000000000 RBX = 0x0000000000000000
RSP = 0x00000000001fdffc RBP = 0x0000000000000000 RSI = 0x0000000000000000 RDI = 0x0000000000000000
R8 = 0x0000000000000000 R9 = 0x0000000000000000 R10 = 0x0000000000000000 R11 = 0x0000000000000000
R12 = 0x0000000000000000 R13 = 0x0000000000000000 R14 = 0x0000000000000000 R15 = 0x0000000000000000
R16 = 0x0000000000000000 R17 = 0x0000000000000000 R18 = 0x0000000000000000 R19 = 0x0000000000000000
R20 = 0x0000000000000000 R21 = 0x0000000000000000 R22 = 0x0000000000000000 R23 = 0x0000000000000000
R24 = 0x0000000000000000 R25 = 0x0000000000000000 R26 = 0x0000000000000000 R27 = 0x0000000000000000
R28 = 0x0000000000000000 R29 = 0x0000000000000000 R30 = 0x0000000000000000 R31 = 0x0000000000000000
RIP = 0x0000000000200013 RFLAGS = 0x0000000000000202 CF:0 PF:0 AF:0 ZF:0 SF:0 TF:0 IF:1 DF:0 OF:0
IP: 0x0000000000200013 61 POPAD
Memory LOAD, address 0x00000000001fdffc, size 32, value 0500200000000000000000000000000000000000000000000000000000000000
RAX = 0x0000000000000000 RCX = 0x0000000000000000 RDX = 0x0000000000000000 RBX = 0x0000000000000000
RSP = 0x00000000001fe01c RBP = 0x0000000000000000 RSI = 0x0000000000000000 RDI = 0x0000000000200005
R8 = 0x0000000000000000 R9 = 0x0000000000000000 R10 = 0x0000000000000000 R11 = 0x0000000000000000
R12 = 0x0000000000000000 R13 = 0x0000000000000000 R14 = 0x0000000000000000 R15 = 0x0000000000000000
R16 = 0x0000000000000000 R17 = 0x0000000000000000 R18 = 0x0000000000000000 R19 = 0x0000000000000000
R20 = 0x0000000000000000 R21 = 0x0000000000000000 R22 = 0x0000000000000000 R23 = 0x0000000000000000
R24 = 0x0000000000000000 R25 = 0x0000000000000000 R26 = 0x0000000000000000 R27 = 0x0000000000000000
R28 = 0x0000000000000000 R29 = 0x0000000000000000 R30 = 0x0000000000000000 R31 = 0x0000000000000000
RIP = 0x0000000000200014 RFLAGS = 0x0000000000000202 CF:0 PF:0 AF:0 ZF:0 SF:0 TF:0 IF:1 DF:0 OF:0
IP: 0x0000000000200014 CC INT3
Emulation terminated with status 0x0000000a, flags: 0x2, 0 NOPs, 0 NULLs, 4 total instructions, 3 unique instructions
SHEMU_FLAG_LOAD_RIP

Binary file not shown.

View File

@ -0,0 +1,12 @@
bits 32
mov eax, 0xBDBDBDBD
push eax
pop ecx
push cs
pop ds
nop
int3

View File

@ -0,0 +1,75 @@
RAX = 0x0000000000000000 RCX = 0x0000000000000000 RDX = 0x0000000000000000 RBX = 0x0000000000000000
RSP = 0x00000000001fe000 RBP = 0x0000000000000000 RSI = 0x0000000000000000 RDI = 0x0000000000000000
R8 = 0x0000000000000000 R9 = 0x0000000000000000 R10 = 0x0000000000000000 R11 = 0x0000000000000000
R12 = 0x0000000000000000 R13 = 0x0000000000000000 R14 = 0x0000000000000000 R15 = 0x0000000000000000
R16 = 0x0000000000000000 R17 = 0x0000000000000000 R18 = 0x0000000000000000 R19 = 0x0000000000000000
R20 = 0x0000000000000000 R21 = 0x0000000000000000 R22 = 0x0000000000000000 R23 = 0x0000000000000000
R24 = 0x0000000000000000 R25 = 0x0000000000000000 R26 = 0x0000000000000000 R27 = 0x0000000000000000
R28 = 0x0000000000000000 R29 = 0x0000000000000000 R30 = 0x0000000000000000 R31 = 0x0000000000000000
RIP = 0x0000000000200000 RFLAGS = 0x0000000000000202 CF:0 PF:0 AF:0 ZF:0 SF:0 TF:0 IF:1 DF:0 OF:0
IP: 0x0000000000200000 B8BDBDBDBD MOV eax, 0xbdbdbdbd
RAX = 0x00000000bdbdbdbd RCX = 0x0000000000000000 RDX = 0x0000000000000000 RBX = 0x0000000000000000
RSP = 0x00000000001fe000 RBP = 0x0000000000000000 RSI = 0x0000000000000000 RDI = 0x0000000000000000
R8 = 0x0000000000000000 R9 = 0x0000000000000000 R10 = 0x0000000000000000 R11 = 0x0000000000000000
R12 = 0x0000000000000000 R13 = 0x0000000000000000 R14 = 0x0000000000000000 R15 = 0x0000000000000000
R16 = 0x0000000000000000 R17 = 0x0000000000000000 R18 = 0x0000000000000000 R19 = 0x0000000000000000
R20 = 0x0000000000000000 R21 = 0x0000000000000000 R22 = 0x0000000000000000 R23 = 0x0000000000000000
R24 = 0x0000000000000000 R25 = 0x0000000000000000 R26 = 0x0000000000000000 R27 = 0x0000000000000000
R28 = 0x0000000000000000 R29 = 0x0000000000000000 R30 = 0x0000000000000000 R31 = 0x0000000000000000
RIP = 0x0000000000200005 RFLAGS = 0x0000000000000202 CF:0 PF:0 AF:0 ZF:0 SF:0 TF:0 IF:1 DF:0 OF:0
IP: 0x0000000000200005 50 PUSH eax
Memory STOR, address 0x00000000001fdffc, size 4, value BDBDBDBD
RAX = 0x00000000bdbdbdbd RCX = 0x0000000000000000 RDX = 0x0000000000000000 RBX = 0x0000000000000000
RSP = 0x00000000001fdffc RBP = 0x0000000000000000 RSI = 0x0000000000000000 RDI = 0x0000000000000000
R8 = 0x0000000000000000 R9 = 0x0000000000000000 R10 = 0x0000000000000000 R11 = 0x0000000000000000
R12 = 0x0000000000000000 R13 = 0x0000000000000000 R14 = 0x0000000000000000 R15 = 0x0000000000000000
R16 = 0x0000000000000000 R17 = 0x0000000000000000 R18 = 0x0000000000000000 R19 = 0x0000000000000000
R20 = 0x0000000000000000 R21 = 0x0000000000000000 R22 = 0x0000000000000000 R23 = 0x0000000000000000
R24 = 0x0000000000000000 R25 = 0x0000000000000000 R26 = 0x0000000000000000 R27 = 0x0000000000000000
R28 = 0x0000000000000000 R29 = 0x0000000000000000 R30 = 0x0000000000000000 R31 = 0x0000000000000000
RIP = 0x0000000000200006 RFLAGS = 0x0000000000000202 CF:0 PF:0 AF:0 ZF:0 SF:0 TF:0 IF:1 DF:0 OF:0
IP: 0x0000000000200006 59 POP ecx
Memory LOAD, address 0x00000000001fdffc, size 4, value BDBDBDBD
RAX = 0x00000000bdbdbdbd RCX = 0x00000000bdbdbdbd RDX = 0x0000000000000000 RBX = 0x0000000000000000
RSP = 0x00000000001fe000 RBP = 0x0000000000000000 RSI = 0x0000000000000000 RDI = 0x0000000000000000
R8 = 0x0000000000000000 R9 = 0x0000000000000000 R10 = 0x0000000000000000 R11 = 0x0000000000000000
R12 = 0x0000000000000000 R13 = 0x0000000000000000 R14 = 0x0000000000000000 R15 = 0x0000000000000000
R16 = 0x0000000000000000 R17 = 0x0000000000000000 R18 = 0x0000000000000000 R19 = 0x0000000000000000
R20 = 0x0000000000000000 R21 = 0x0000000000000000 R22 = 0x0000000000000000 R23 = 0x0000000000000000
R24 = 0x0000000000000000 R25 = 0x0000000000000000 R26 = 0x0000000000000000 R27 = 0x0000000000000000
R28 = 0x0000000000000000 R29 = 0x0000000000000000 R30 = 0x0000000000000000 R31 = 0x0000000000000000
RIP = 0x0000000000200007 RFLAGS = 0x0000000000000202 CF:0 PF:0 AF:0 ZF:0 SF:0 TF:0 IF:1 DF:0 OF:0
IP: 0x0000000000200007 0E PUSH cs
Memory STOR, address 0x00000000001fdffc, size 4, value 1B000000
RAX = 0x00000000bdbdbdbd RCX = 0x00000000bdbdbdbd RDX = 0x0000000000000000 RBX = 0x0000000000000000
RSP = 0x00000000001fdffc RBP = 0x0000000000000000 RSI = 0x0000000000000000 RDI = 0x0000000000000000
R8 = 0x0000000000000000 R9 = 0x0000000000000000 R10 = 0x0000000000000000 R11 = 0x0000000000000000
R12 = 0x0000000000000000 R13 = 0x0000000000000000 R14 = 0x0000000000000000 R15 = 0x0000000000000000
R16 = 0x0000000000000000 R17 = 0x0000000000000000 R18 = 0x0000000000000000 R19 = 0x0000000000000000
R20 = 0x0000000000000000 R21 = 0x0000000000000000 R22 = 0x0000000000000000 R23 = 0x0000000000000000
R24 = 0x0000000000000000 R25 = 0x0000000000000000 R26 = 0x0000000000000000 R27 = 0x0000000000000000
R28 = 0x0000000000000000 R29 = 0x0000000000000000 R30 = 0x0000000000000000 R31 = 0x0000000000000000
RIP = 0x0000000000200008 RFLAGS = 0x0000000000000202 CF:0 PF:0 AF:0 ZF:0 SF:0 TF:0 IF:1 DF:0 OF:0
IP: 0x0000000000200008 1F POP ds
Memory LOAD, address 0x00000000001fdffc, size 4, value 1B000000
RAX = 0x00000000bdbdbdbd RCX = 0x00000000bdbdbdbd RDX = 0x0000000000000000 RBX = 0x0000000000000000
RSP = 0x00000000001fe000 RBP = 0x0000000000000000 RSI = 0x0000000000000000 RDI = 0x0000000000000000
R8 = 0x0000000000000000 R9 = 0x0000000000000000 R10 = 0x0000000000000000 R11 = 0x0000000000000000
R12 = 0x0000000000000000 R13 = 0x0000000000000000 R14 = 0x0000000000000000 R15 = 0x0000000000000000
R16 = 0x0000000000000000 R17 = 0x0000000000000000 R18 = 0x0000000000000000 R19 = 0x0000000000000000
R20 = 0x0000000000000000 R21 = 0x0000000000000000 R22 = 0x0000000000000000 R23 = 0x0000000000000000
R24 = 0x0000000000000000 R25 = 0x0000000000000000 R26 = 0x0000000000000000 R27 = 0x0000000000000000
R28 = 0x0000000000000000 R29 = 0x0000000000000000 R30 = 0x0000000000000000 R31 = 0x0000000000000000
RIP = 0x0000000000200009 RFLAGS = 0x0000000000000202 CF:0 PF:0 AF:0 ZF:0 SF:0 TF:0 IF:1 DF:0 OF:0
IP: 0x0000000000200009 90 NOP
RAX = 0x00000000bdbdbdbd RCX = 0x00000000bdbdbdbd RDX = 0x0000000000000000 RBX = 0x0000000000000000
RSP = 0x00000000001fe000 RBP = 0x0000000000000000 RSI = 0x0000000000000000 RDI = 0x0000000000000000
R8 = 0x0000000000000000 R9 = 0x0000000000000000 R10 = 0x0000000000000000 R11 = 0x0000000000000000
R12 = 0x0000000000000000 R13 = 0x0000000000000000 R14 = 0x0000000000000000 R15 = 0x0000000000000000
R16 = 0x0000000000000000 R17 = 0x0000000000000000 R18 = 0x0000000000000000 R19 = 0x0000000000000000
R20 = 0x0000000000000000 R21 = 0x0000000000000000 R22 = 0x0000000000000000 R23 = 0x0000000000000000
R24 = 0x0000000000000000 R25 = 0x0000000000000000 R26 = 0x0000000000000000 R27 = 0x0000000000000000
R28 = 0x0000000000000000 R29 = 0x0000000000000000 R30 = 0x0000000000000000 R31 = 0x0000000000000000
RIP = 0x000000000020000a RFLAGS = 0x0000000000000202 CF:0 PF:0 AF:0 ZF:0 SF:0 TF:0 IF:1 DF:0 OF:0
IP: 0x000000000020000a CC INT3
Emulation terminated with status 0x0000000a, flags: 0x0, 0 NOPs, 0 NULLs, 8 total instructions, 7 unique instructions

View File

@ -0,0 +1 @@
クススススPY

View File

@ -0,0 +1,12 @@
bits 32
mov eax, 0xBDBDBDBD
push eax
pop ecx
push 0xBD
pop ds
nop
int3

View File

@ -0,0 +1,55 @@
RAX = 0x0000000000000000 RCX = 0x0000000000000000 RDX = 0x0000000000000000 RBX = 0x0000000000000000
RSP = 0x00000000001fe000 RBP = 0x0000000000000000 RSI = 0x0000000000000000 RDI = 0x0000000000000000
R8 = 0x0000000000000000 R9 = 0x0000000000000000 R10 = 0x0000000000000000 R11 = 0x0000000000000000
R12 = 0x0000000000000000 R13 = 0x0000000000000000 R14 = 0x0000000000000000 R15 = 0x0000000000000000
R16 = 0x0000000000000000 R17 = 0x0000000000000000 R18 = 0x0000000000000000 R19 = 0x0000000000000000
R20 = 0x0000000000000000 R21 = 0x0000000000000000 R22 = 0x0000000000000000 R23 = 0x0000000000000000
R24 = 0x0000000000000000 R25 = 0x0000000000000000 R26 = 0x0000000000000000 R27 = 0x0000000000000000
R28 = 0x0000000000000000 R29 = 0x0000000000000000 R30 = 0x0000000000000000 R31 = 0x0000000000000000
RIP = 0x0000000000200000 RFLAGS = 0x0000000000000202 CF:0 PF:0 AF:0 ZF:0 SF:0 TF:0 IF:1 DF:0 OF:0
IP: 0x0000000000200000 B8BDBDBDBD MOV eax, 0xbdbdbdbd
RAX = 0x00000000bdbdbdbd RCX = 0x0000000000000000 RDX = 0x0000000000000000 RBX = 0x0000000000000000
RSP = 0x00000000001fe000 RBP = 0x0000000000000000 RSI = 0x0000000000000000 RDI = 0x0000000000000000
R8 = 0x0000000000000000 R9 = 0x0000000000000000 R10 = 0x0000000000000000 R11 = 0x0000000000000000
R12 = 0x0000000000000000 R13 = 0x0000000000000000 R14 = 0x0000000000000000 R15 = 0x0000000000000000
R16 = 0x0000000000000000 R17 = 0x0000000000000000 R18 = 0x0000000000000000 R19 = 0x0000000000000000
R20 = 0x0000000000000000 R21 = 0x0000000000000000 R22 = 0x0000000000000000 R23 = 0x0000000000000000
R24 = 0x0000000000000000 R25 = 0x0000000000000000 R26 = 0x0000000000000000 R27 = 0x0000000000000000
R28 = 0x0000000000000000 R29 = 0x0000000000000000 R30 = 0x0000000000000000 R31 = 0x0000000000000000
RIP = 0x0000000000200005 RFLAGS = 0x0000000000000202 CF:0 PF:0 AF:0 ZF:0 SF:0 TF:0 IF:1 DF:0 OF:0
IP: 0x0000000000200005 50 PUSH eax
Memory STOR, address 0x00000000001fdffc, size 4, value BDBDBDBD
RAX = 0x00000000bdbdbdbd RCX = 0x0000000000000000 RDX = 0x0000000000000000 RBX = 0x0000000000000000
RSP = 0x00000000001fdffc RBP = 0x0000000000000000 RSI = 0x0000000000000000 RDI = 0x0000000000000000
R8 = 0x0000000000000000 R9 = 0x0000000000000000 R10 = 0x0000000000000000 R11 = 0x0000000000000000
R12 = 0x0000000000000000 R13 = 0x0000000000000000 R14 = 0x0000000000000000 R15 = 0x0000000000000000
R16 = 0x0000000000000000 R17 = 0x0000000000000000 R18 = 0x0000000000000000 R19 = 0x0000000000000000
R20 = 0x0000000000000000 R21 = 0x0000000000000000 R22 = 0x0000000000000000 R23 = 0x0000000000000000
R24 = 0x0000000000000000 R25 = 0x0000000000000000 R26 = 0x0000000000000000 R27 = 0x0000000000000000
R28 = 0x0000000000000000 R29 = 0x0000000000000000 R30 = 0x0000000000000000 R31 = 0x0000000000000000
RIP = 0x0000000000200006 RFLAGS = 0x0000000000000202 CF:0 PF:0 AF:0 ZF:0 SF:0 TF:0 IF:1 DF:0 OF:0
IP: 0x0000000000200006 59 POP ecx
Memory LOAD, address 0x00000000001fdffc, size 4, value BDBDBDBD
RAX = 0x00000000bdbdbdbd RCX = 0x00000000bdbdbdbd RDX = 0x0000000000000000 RBX = 0x0000000000000000
RSP = 0x00000000001fe000 RBP = 0x0000000000000000 RSI = 0x0000000000000000 RDI = 0x0000000000000000
R8 = 0x0000000000000000 R9 = 0x0000000000000000 R10 = 0x0000000000000000 R11 = 0x0000000000000000
R12 = 0x0000000000000000 R13 = 0x0000000000000000 R14 = 0x0000000000000000 R15 = 0x0000000000000000
R16 = 0x0000000000000000 R17 = 0x0000000000000000 R18 = 0x0000000000000000 R19 = 0x0000000000000000
R20 = 0x0000000000000000 R21 = 0x0000000000000000 R22 = 0x0000000000000000 R23 = 0x0000000000000000
R24 = 0x0000000000000000 R25 = 0x0000000000000000 R26 = 0x0000000000000000 R27 = 0x0000000000000000
R28 = 0x0000000000000000 R29 = 0x0000000000000000 R30 = 0x0000000000000000 R31 = 0x0000000000000000
RIP = 0x0000000000200007 RFLAGS = 0x0000000000000202 CF:0 PF:0 AF:0 ZF:0 SF:0 TF:0 IF:1 DF:0 OF:0
IP: 0x0000000000200007 68BD000000 PUSH 0x000000bd
Memory STOR, address 0x00000000001fdffc, size 4, value BD000000
RAX = 0x00000000bdbdbdbd RCX = 0x00000000bdbdbdbd RDX = 0x0000000000000000 RBX = 0x0000000000000000
RSP = 0x00000000001fdffc RBP = 0x0000000000000000 RSI = 0x0000000000000000 RDI = 0x0000000000000000
R8 = 0x0000000000000000 R9 = 0x0000000000000000 R10 = 0x0000000000000000 R11 = 0x0000000000000000
R12 = 0x0000000000000000 R13 = 0x0000000000000000 R14 = 0x0000000000000000 R15 = 0x0000000000000000
R16 = 0x0000000000000000 R17 = 0x0000000000000000 R18 = 0x0000000000000000 R19 = 0x0000000000000000
R20 = 0x0000000000000000 R21 = 0x0000000000000000 R22 = 0x0000000000000000 R23 = 0x0000000000000000
R24 = 0x0000000000000000 R25 = 0x0000000000000000 R26 = 0x0000000000000000 R27 = 0x0000000000000000
R28 = 0x0000000000000000 R29 = 0x0000000000000000 R30 = 0x0000000000000000 R31 = 0x0000000000000000
RIP = 0x000000000020000c RFLAGS = 0x0000000000000202 CF:0 PF:0 AF:0 ZF:0 SF:0 TF:0 IF:1 DF:0 OF:0
IP: 0x000000000020000c 1F POP ds
Memory LOAD, address 0x00000000001fdffc, size 4, value BD000000
Emulation terminated with status 0x0000000b, flags: 0x0, 0 NOPs, 0 NULLs, 5 total instructions, 5 unique instructions

Binary file not shown.

View File

@ -0,0 +1,7 @@
bits 32
push 0
pop es
int3

View File

@ -0,0 +1,23 @@
RAX = 0x0000000000000000 RCX = 0x0000000000000000 RDX = 0x0000000000000000 RBX = 0x0000000000000000
RSP = 0x00000000001fe000 RBP = 0x0000000000000000 RSI = 0x0000000000000000 RDI = 0x0000000000000000
R8 = 0x0000000000000000 R9 = 0x0000000000000000 R10 = 0x0000000000000000 R11 = 0x0000000000000000
R12 = 0x0000000000000000 R13 = 0x0000000000000000 R14 = 0x0000000000000000 R15 = 0x0000000000000000
R16 = 0x0000000000000000 R17 = 0x0000000000000000 R18 = 0x0000000000000000 R19 = 0x0000000000000000
R20 = 0x0000000000000000 R21 = 0x0000000000000000 R22 = 0x0000000000000000 R23 = 0x0000000000000000
R24 = 0x0000000000000000 R25 = 0x0000000000000000 R26 = 0x0000000000000000 R27 = 0x0000000000000000
R28 = 0x0000000000000000 R29 = 0x0000000000000000 R30 = 0x0000000000000000 R31 = 0x0000000000000000
RIP = 0x0000000000200000 RFLAGS = 0x0000000000000202 CF:0 PF:0 AF:0 ZF:0 SF:0 TF:0 IF:1 DF:0 OF:0
IP: 0x0000000000200000 6A00 PUSH 0x00000000
Memory STOR, address 0x00000000001fdffc, size 4, value 00000000
RAX = 0x0000000000000000 RCX = 0x0000000000000000 RDX = 0x0000000000000000 RBX = 0x0000000000000000
RSP = 0x00000000001fdffc RBP = 0x0000000000000000 RSI = 0x0000000000000000 RDI = 0x0000000000000000
R8 = 0x0000000000000000 R9 = 0x0000000000000000 R10 = 0x0000000000000000 R11 = 0x0000000000000000
R12 = 0x0000000000000000 R13 = 0x0000000000000000 R14 = 0x0000000000000000 R15 = 0x0000000000000000
R16 = 0x0000000000000000 R17 = 0x0000000000000000 R18 = 0x0000000000000000 R19 = 0x0000000000000000
R20 = 0x0000000000000000 R21 = 0x0000000000000000 R22 = 0x0000000000000000 R23 = 0x0000000000000000
R24 = 0x0000000000000000 R25 = 0x0000000000000000 R26 = 0x0000000000000000 R27 = 0x0000000000000000
R28 = 0x0000000000000000 R29 = 0x0000000000000000 R30 = 0x0000000000000000 R31 = 0x0000000000000000
RIP = 0x0000000000200002 RFLAGS = 0x0000000000000202 CF:0 PF:0 AF:0 ZF:0 SF:0 TF:0 IF:1 DF:0 OF:0
IP: 0x0000000000200002 07 POP es
Memory LOAD, address 0x00000000001fdffc, size 4, value 00000000
Emulation terminated with status 0x0000000b, flags: 0x0, 0 NOPs, 0 NULLs, 2 total instructions, 2 unique instructions

Binary file not shown.

View File

@ -0,0 +1,9 @@
bits 32
mov ecx, 2
sub ecx, 1
neg ecx
sbb ecx, ecx
inc ecx
mov eax, ecx
int3

View File

@ -0,0 +1,71 @@
RAX = 0x0000000000000000 RCX = 0x0000000000000000 RDX = 0x0000000000000000 RBX = 0x0000000000000000
RSP = 0x00000000001fe000 RBP = 0x0000000000000000 RSI = 0x0000000000000000 RDI = 0x0000000000000000
R8 = 0x0000000000000000 R9 = 0x0000000000000000 R10 = 0x0000000000000000 R11 = 0x0000000000000000
R12 = 0x0000000000000000 R13 = 0x0000000000000000 R14 = 0x0000000000000000 R15 = 0x0000000000000000
R16 = 0x0000000000000000 R17 = 0x0000000000000000 R18 = 0x0000000000000000 R19 = 0x0000000000000000
R20 = 0x0000000000000000 R21 = 0x0000000000000000 R22 = 0x0000000000000000 R23 = 0x0000000000000000
R24 = 0x0000000000000000 R25 = 0x0000000000000000 R26 = 0x0000000000000000 R27 = 0x0000000000000000
R28 = 0x0000000000000000 R29 = 0x0000000000000000 R30 = 0x0000000000000000 R31 = 0x0000000000000000
RIP = 0x0000000000200000 RFLAGS = 0x0000000000000202 CF:0 PF:0 AF:0 ZF:0 SF:0 TF:0 IF:1 DF:0 OF:0
IP: 0x0000000000200000 B902000000 MOV ecx, 0x00000002
RAX = 0x0000000000000000 RCX = 0x0000000000000002 RDX = 0x0000000000000000 RBX = 0x0000000000000000
RSP = 0x00000000001fe000 RBP = 0x0000000000000000 RSI = 0x0000000000000000 RDI = 0x0000000000000000
R8 = 0x0000000000000000 R9 = 0x0000000000000000 R10 = 0x0000000000000000 R11 = 0x0000000000000000
R12 = 0x0000000000000000 R13 = 0x0000000000000000 R14 = 0x0000000000000000 R15 = 0x0000000000000000
R16 = 0x0000000000000000 R17 = 0x0000000000000000 R18 = 0x0000000000000000 R19 = 0x0000000000000000
R20 = 0x0000000000000000 R21 = 0x0000000000000000 R22 = 0x0000000000000000 R23 = 0x0000000000000000
R24 = 0x0000000000000000 R25 = 0x0000000000000000 R26 = 0x0000000000000000 R27 = 0x0000000000000000
R28 = 0x0000000000000000 R29 = 0x0000000000000000 R30 = 0x0000000000000000 R31 = 0x0000000000000000
RIP = 0x0000000000200005 RFLAGS = 0x0000000000000202 CF:0 PF:0 AF:0 ZF:0 SF:0 TF:0 IF:1 DF:0 OF:0
IP: 0x0000000000200005 83E901 SUB ecx, 0x00000001
RAX = 0x0000000000000000 RCX = 0x0000000000000001 RDX = 0x0000000000000000 RBX = 0x0000000000000000
RSP = 0x00000000001fe000 RBP = 0x0000000000000000 RSI = 0x0000000000000000 RDI = 0x0000000000000000
R8 = 0x0000000000000000 R9 = 0x0000000000000000 R10 = 0x0000000000000000 R11 = 0x0000000000000000
R12 = 0x0000000000000000 R13 = 0x0000000000000000 R14 = 0x0000000000000000 R15 = 0x0000000000000000
R16 = 0x0000000000000000 R17 = 0x0000000000000000 R18 = 0x0000000000000000 R19 = 0x0000000000000000
R20 = 0x0000000000000000 R21 = 0x0000000000000000 R22 = 0x0000000000000000 R23 = 0x0000000000000000
R24 = 0x0000000000000000 R25 = 0x0000000000000000 R26 = 0x0000000000000000 R27 = 0x0000000000000000
R28 = 0x0000000000000000 R29 = 0x0000000000000000 R30 = 0x0000000000000000 R31 = 0x0000000000000000
RIP = 0x0000000000200008 RFLAGS = 0x0000000000000202 CF:0 PF:0 AF:0 ZF:0 SF:0 TF:0 IF:1 DF:0 OF:0
IP: 0x0000000000200008 F7D9 NEG ecx
RAX = 0x0000000000000000 RCX = 0x00000000ffffffff RDX = 0x0000000000000000 RBX = 0x0000000000000000
RSP = 0x00000000001fe000 RBP = 0x0000000000000000 RSI = 0x0000000000000000 RDI = 0x0000000000000000
R8 = 0x0000000000000000 R9 = 0x0000000000000000 R10 = 0x0000000000000000 R11 = 0x0000000000000000
R12 = 0x0000000000000000 R13 = 0x0000000000000000 R14 = 0x0000000000000000 R15 = 0x0000000000000000
R16 = 0x0000000000000000 R17 = 0x0000000000000000 R18 = 0x0000000000000000 R19 = 0x0000000000000000
R20 = 0x0000000000000000 R21 = 0x0000000000000000 R22 = 0x0000000000000000 R23 = 0x0000000000000000
R24 = 0x0000000000000000 R25 = 0x0000000000000000 R26 = 0x0000000000000000 R27 = 0x0000000000000000
R28 = 0x0000000000000000 R29 = 0x0000000000000000 R30 = 0x0000000000000000 R31 = 0x0000000000000000
RIP = 0x000000000020000a RFLAGS = 0x0000000000000287 CF:1 PF:1 AF:0 ZF:0 SF:1 TF:0 IF:1 DF:0 OF:0
IP: 0x000000000020000a 19C9 SBB ecx, ecx
RAX = 0x0000000000000000 RCX = 0x00000000ffffffff RDX = 0x0000000000000000 RBX = 0x0000000000000000
RSP = 0x00000000001fe000 RBP = 0x0000000000000000 RSI = 0x0000000000000000 RDI = 0x0000000000000000
R8 = 0x0000000000000000 R9 = 0x0000000000000000 R10 = 0x0000000000000000 R11 = 0x0000000000000000
R12 = 0x0000000000000000 R13 = 0x0000000000000000 R14 = 0x0000000000000000 R15 = 0x0000000000000000
R16 = 0x0000000000000000 R17 = 0x0000000000000000 R18 = 0x0000000000000000 R19 = 0x0000000000000000
R20 = 0x0000000000000000 R21 = 0x0000000000000000 R22 = 0x0000000000000000 R23 = 0x0000000000000000
R24 = 0x0000000000000000 R25 = 0x0000000000000000 R26 = 0x0000000000000000 R27 = 0x0000000000000000
R28 = 0x0000000000000000 R29 = 0x0000000000000000 R30 = 0x0000000000000000 R31 = 0x0000000000000000
RIP = 0x000000000020000c RFLAGS = 0x0000000000000287 CF:1 PF:1 AF:0 ZF:0 SF:1 TF:0 IF:1 DF:0 OF:0
IP: 0x000000000020000c 41 INC ecx
RAX = 0x0000000000000000 RCX = 0x0000000000000000 RDX = 0x0000000000000000 RBX = 0x0000000000000000
RSP = 0x00000000001fe000 RBP = 0x0000000000000000 RSI = 0x0000000000000000 RDI = 0x0000000000000000
R8 = 0x0000000000000000 R9 = 0x0000000000000000 R10 = 0x0000000000000000 R11 = 0x0000000000000000
R12 = 0x0000000000000000 R13 = 0x0000000000000000 R14 = 0x0000000000000000 R15 = 0x0000000000000000
R16 = 0x0000000000000000 R17 = 0x0000000000000000 R18 = 0x0000000000000000 R19 = 0x0000000000000000
R20 = 0x0000000000000000 R21 = 0x0000000000000000 R22 = 0x0000000000000000 R23 = 0x0000000000000000
R24 = 0x0000000000000000 R25 = 0x0000000000000000 R26 = 0x0000000000000000 R27 = 0x0000000000000000
R28 = 0x0000000000000000 R29 = 0x0000000000000000 R30 = 0x0000000000000000 R31 = 0x0000000000000000
RIP = 0x000000000020000d RFLAGS = 0x0000000000000247 CF:1 PF:1 AF:0 ZF:1 SF:0 TF:0 IF:1 DF:0 OF:0
IP: 0x000000000020000d 89C8 MOV eax, ecx
RAX = 0x0000000000000000 RCX = 0x0000000000000000 RDX = 0x0000000000000000 RBX = 0x0000000000000000
RSP = 0x00000000001fe000 RBP = 0x0000000000000000 RSI = 0x0000000000000000 RDI = 0x0000000000000000
R8 = 0x0000000000000000 R9 = 0x0000000000000000 R10 = 0x0000000000000000 R11 = 0x0000000000000000
R12 = 0x0000000000000000 R13 = 0x0000000000000000 R14 = 0x0000000000000000 R15 = 0x0000000000000000
R16 = 0x0000000000000000 R17 = 0x0000000000000000 R18 = 0x0000000000000000 R19 = 0x0000000000000000
R20 = 0x0000000000000000 R21 = 0x0000000000000000 R22 = 0x0000000000000000 R23 = 0x0000000000000000
R24 = 0x0000000000000000 R25 = 0x0000000000000000 R26 = 0x0000000000000000 R27 = 0x0000000000000000
R28 = 0x0000000000000000 R29 = 0x0000000000000000 R30 = 0x0000000000000000 R31 = 0x0000000000000000
RIP = 0x000000000020000f RFLAGS = 0x0000000000000247 CF:1 PF:1 AF:0 ZF:1 SF:0 TF:0 IF:1 DF:0 OF:0
IP: 0x000000000020000f CC INT3
Emulation terminated with status 0x0000000a, flags: 0x0, 0 NOPs, 0 NULLs, 8 total instructions, 7 unique instructions

Binary file not shown.

View File

@ -0,0 +1,8 @@
bits 32
push 0x33
call $+5
add dword [esp], 5
retf
int3

View File

@ -0,0 +1,47 @@
RAX = 0x0000000000000000 RCX = 0x0000000000000000 RDX = 0x0000000000000000 RBX = 0x0000000000000000
RSP = 0x00000000001fe000 RBP = 0x0000000000000000 RSI = 0x0000000000000000 RDI = 0x0000000000000000
R8 = 0x0000000000000000 R9 = 0x0000000000000000 R10 = 0x0000000000000000 R11 = 0x0000000000000000
R12 = 0x0000000000000000 R13 = 0x0000000000000000 R14 = 0x0000000000000000 R15 = 0x0000000000000000
R16 = 0x0000000000000000 R17 = 0x0000000000000000 R18 = 0x0000000000000000 R19 = 0x0000000000000000
R20 = 0x0000000000000000 R21 = 0x0000000000000000 R22 = 0x0000000000000000 R23 = 0x0000000000000000
R24 = 0x0000000000000000 R25 = 0x0000000000000000 R26 = 0x0000000000000000 R27 = 0x0000000000000000
R28 = 0x0000000000000000 R29 = 0x0000000000000000 R30 = 0x0000000000000000 R31 = 0x0000000000000000
RIP = 0x0000000000200000 RFLAGS = 0x0000000000000202 CF:0 PF:0 AF:0 ZF:0 SF:0 TF:0 IF:1 DF:0 OF:0
IP: 0x0000000000200000 6A33 PUSH 0x00000033
Memory STOR, address 0x00000000001fdffc, size 4, value 33000000
RAX = 0x0000000000000000 RCX = 0x0000000000000000 RDX = 0x0000000000000000 RBX = 0x0000000000000000
RSP = 0x00000000001fdffc RBP = 0x0000000000000000 RSI = 0x0000000000000000 RDI = 0x0000000000000000
R8 = 0x0000000000000000 R9 = 0x0000000000000000 R10 = 0x0000000000000000 R11 = 0x0000000000000000
R12 = 0x0000000000000000 R13 = 0x0000000000000000 R14 = 0x0000000000000000 R15 = 0x0000000000000000
R16 = 0x0000000000000000 R17 = 0x0000000000000000 R18 = 0x0000000000000000 R19 = 0x0000000000000000
R20 = 0x0000000000000000 R21 = 0x0000000000000000 R22 = 0x0000000000000000 R23 = 0x0000000000000000
R24 = 0x0000000000000000 R25 = 0x0000000000000000 R26 = 0x0000000000000000 R27 = 0x0000000000000000
R28 = 0x0000000000000000 R29 = 0x0000000000000000 R30 = 0x0000000000000000 R31 = 0x0000000000000000
RIP = 0x0000000000200002 RFLAGS = 0x0000000000000202 CF:0 PF:0 AF:0 ZF:0 SF:0 TF:0 IF:1 DF:0 OF:0
IP: 0x0000000000200002 E800000000 CALL 0x200007
Memory STOR, address 0x00000000001fdff8, size 4, value 07002000
RAX = 0x0000000000000000 RCX = 0x0000000000000000 RDX = 0x0000000000000000 RBX = 0x0000000000000000
RSP = 0x00000000001fdff8 RBP = 0x0000000000000000 RSI = 0x0000000000000000 RDI = 0x0000000000000000
R8 = 0x0000000000000000 R9 = 0x0000000000000000 R10 = 0x0000000000000000 R11 = 0x0000000000000000
R12 = 0x0000000000000000 R13 = 0x0000000000000000 R14 = 0x0000000000000000 R15 = 0x0000000000000000
R16 = 0x0000000000000000 R17 = 0x0000000000000000 R18 = 0x0000000000000000 R19 = 0x0000000000000000
R20 = 0x0000000000000000 R21 = 0x0000000000000000 R22 = 0x0000000000000000 R23 = 0x0000000000000000
R24 = 0x0000000000000000 R25 = 0x0000000000000000 R26 = 0x0000000000000000 R27 = 0x0000000000000000
R28 = 0x0000000000000000 R29 = 0x0000000000000000 R30 = 0x0000000000000000 R31 = 0x0000000000000000
RIP = 0x0000000000200007 RFLAGS = 0x0000000000000202 CF:0 PF:0 AF:0 ZF:0 SF:0 TF:0 IF:1 DF:0 OF:0
IP: 0x0000000000200007 83042405 ADD dword ptr [esp], 0x00000005
Memory LOAD, address 0x00000000001fdff8, size 4, value 07002000
Memory STOR, address 0x00000000001fdff8, size 4, value 0C002000
RAX = 0x0000000000000000 RCX = 0x0000000000000000 RDX = 0x0000000000000000 RBX = 0x0000000000000000
RSP = 0x00000000001fdff8 RBP = 0x0000000000000000 RSI = 0x0000000000000000 RDI = 0x0000000000000000
R8 = 0x0000000000000000 R9 = 0x0000000000000000 R10 = 0x0000000000000000 R11 = 0x0000000000000000
R12 = 0x0000000000000000 R13 = 0x0000000000000000 R14 = 0x0000000000000000 R15 = 0x0000000000000000
R16 = 0x0000000000000000 R17 = 0x0000000000000000 R18 = 0x0000000000000000 R19 = 0x0000000000000000
R20 = 0x0000000000000000 R21 = 0x0000000000000000 R22 = 0x0000000000000000 R23 = 0x0000000000000000
R24 = 0x0000000000000000 R25 = 0x0000000000000000 R26 = 0x0000000000000000 R27 = 0x0000000000000000
R28 = 0x0000000000000000 R29 = 0x0000000000000000 R30 = 0x0000000000000000 R31 = 0x0000000000000000
RIP = 0x000000000020000b RFLAGS = 0x0000000000000206 CF:0 PF:1 AF:0 ZF:0 SF:0 TF:0 IF:1 DF:0 OF:0
IP: 0x000000000020000b CB RETF
Memory LOAD, address 0x00000000001fdff8, size 8, value 0C00200033000000
Emulation terminated with status 0x0000000a, flags: 0x80, 0 NOPs, 0 NULLs, 5 total instructions, 4 unique instructions
SHEMU_FLAG_HEAVENS_GATE

Binary file not shown.

View File

@ -0,0 +1,6 @@
bits 32
nop
xchg esp, eax
int3

View File

@ -0,0 +1,31 @@
RAX = 0x0000000000000000 RCX = 0x0000000000000000 RDX = 0x0000000000000000 RBX = 0x0000000000000000
RSP = 0x00000000001fe000 RBP = 0x0000000000000000 RSI = 0x0000000000000000 RDI = 0x0000000000000000
R8 = 0x0000000000000000 R9 = 0x0000000000000000 R10 = 0x0000000000000000 R11 = 0x0000000000000000
R12 = 0x0000000000000000 R13 = 0x0000000000000000 R14 = 0x0000000000000000 R15 = 0x0000000000000000
R16 = 0x0000000000000000 R17 = 0x0000000000000000 R18 = 0x0000000000000000 R19 = 0x0000000000000000
R20 = 0x0000000000000000 R21 = 0x0000000000000000 R22 = 0x0000000000000000 R23 = 0x0000000000000000
R24 = 0x0000000000000000 R25 = 0x0000000000000000 R26 = 0x0000000000000000 R27 = 0x0000000000000000
R28 = 0x0000000000000000 R29 = 0x0000000000000000 R30 = 0x0000000000000000 R31 = 0x0000000000000000
RIP = 0x0000000000200000 RFLAGS = 0x0000000000000202 CF:0 PF:0 AF:0 ZF:0 SF:0 TF:0 IF:1 DF:0 OF:0
IP: 0x0000000000200000 90 NOP
RAX = 0x0000000000000000 RCX = 0x0000000000000000 RDX = 0x0000000000000000 RBX = 0x0000000000000000
RSP = 0x00000000001fe000 RBP = 0x0000000000000000 RSI = 0x0000000000000000 RDI = 0x0000000000000000
R8 = 0x0000000000000000 R9 = 0x0000000000000000 R10 = 0x0000000000000000 R11 = 0x0000000000000000
R12 = 0x0000000000000000 R13 = 0x0000000000000000 R14 = 0x0000000000000000 R15 = 0x0000000000000000
R16 = 0x0000000000000000 R17 = 0x0000000000000000 R18 = 0x0000000000000000 R19 = 0x0000000000000000
R20 = 0x0000000000000000 R21 = 0x0000000000000000 R22 = 0x0000000000000000 R23 = 0x0000000000000000
R24 = 0x0000000000000000 R25 = 0x0000000000000000 R26 = 0x0000000000000000 R27 = 0x0000000000000000
R28 = 0x0000000000000000 R29 = 0x0000000000000000 R30 = 0x0000000000000000 R31 = 0x0000000000000000
RIP = 0x0000000000200001 RFLAGS = 0x0000000000000202 CF:0 PF:0 AF:0 ZF:0 SF:0 TF:0 IF:1 DF:0 OF:0
IP: 0x0000000000200001 94 XCHG esp, eax
RAX = 0x00000000001fe000 RCX = 0x0000000000000000 RDX = 0x0000000000000000 RBX = 0x0000000000000000
RSP = 0x0000000000000000 RBP = 0x0000000000000000 RSI = 0x0000000000000000 RDI = 0x0000000000000000
R8 = 0x0000000000000000 R9 = 0x0000000000000000 R10 = 0x0000000000000000 R11 = 0x0000000000000000
R12 = 0x0000000000000000 R13 = 0x0000000000000000 R14 = 0x0000000000000000 R15 = 0x0000000000000000
R16 = 0x0000000000000000 R17 = 0x0000000000000000 R18 = 0x0000000000000000 R19 = 0x0000000000000000
R20 = 0x0000000000000000 R21 = 0x0000000000000000 R22 = 0x0000000000000000 R23 = 0x0000000000000000
R24 = 0x0000000000000000 R25 = 0x0000000000000000 R26 = 0x0000000000000000 R27 = 0x0000000000000000
R28 = 0x0000000000000000 R29 = 0x0000000000000000 R30 = 0x0000000000000000 R31 = 0x0000000000000000
RIP = 0x0000000000200002 RFLAGS = 0x0000000000000202 CF:0 PF:0 AF:0 ZF:0 SF:0 TF:0 IF:1 DF:0 OF:0
IP: 0x0000000000200002 CC INT3
Emulation terminated with status 0x0000000a, flags: 0x0, 1 NOPs, 0 NULLs, 4 total instructions, 3 unique instructions

View File

@ -0,0 +1 @@
数フ

View File

@ -0,0 +1,7 @@
bits 32
nop
xchg esp, eax
push ebp
int3

View File

@ -0,0 +1,31 @@
RAX = 0x0000000000000000 RCX = 0x0000000000000000 RDX = 0x0000000000000000 RBX = 0x0000000000000000
RSP = 0x00000000001fe000 RBP = 0x0000000000000000 RSI = 0x0000000000000000 RDI = 0x0000000000000000
R8 = 0x0000000000000000 R9 = 0x0000000000000000 R10 = 0x0000000000000000 R11 = 0x0000000000000000
R12 = 0x0000000000000000 R13 = 0x0000000000000000 R14 = 0x0000000000000000 R15 = 0x0000000000000000
R16 = 0x0000000000000000 R17 = 0x0000000000000000 R18 = 0x0000000000000000 R19 = 0x0000000000000000
R20 = 0x0000000000000000 R21 = 0x0000000000000000 R22 = 0x0000000000000000 R23 = 0x0000000000000000
R24 = 0x0000000000000000 R25 = 0x0000000000000000 R26 = 0x0000000000000000 R27 = 0x0000000000000000
R28 = 0x0000000000000000 R29 = 0x0000000000000000 R30 = 0x0000000000000000 R31 = 0x0000000000000000
RIP = 0x0000000000200000 RFLAGS = 0x0000000000000202 CF:0 PF:0 AF:0 ZF:0 SF:0 TF:0 IF:1 DF:0 OF:0
IP: 0x0000000000200000 90 NOP
RAX = 0x0000000000000000 RCX = 0x0000000000000000 RDX = 0x0000000000000000 RBX = 0x0000000000000000
RSP = 0x00000000001fe000 RBP = 0x0000000000000000 RSI = 0x0000000000000000 RDI = 0x0000000000000000
R8 = 0x0000000000000000 R9 = 0x0000000000000000 R10 = 0x0000000000000000 R11 = 0x0000000000000000
R12 = 0x0000000000000000 R13 = 0x0000000000000000 R14 = 0x0000000000000000 R15 = 0x0000000000000000
R16 = 0x0000000000000000 R17 = 0x0000000000000000 R18 = 0x0000000000000000 R19 = 0x0000000000000000
R20 = 0x0000000000000000 R21 = 0x0000000000000000 R22 = 0x0000000000000000 R23 = 0x0000000000000000
R24 = 0x0000000000000000 R25 = 0x0000000000000000 R26 = 0x0000000000000000 R27 = 0x0000000000000000
R28 = 0x0000000000000000 R29 = 0x0000000000000000 R30 = 0x0000000000000000 R31 = 0x0000000000000000
RIP = 0x0000000000200001 RFLAGS = 0x0000000000000202 CF:0 PF:0 AF:0 ZF:0 SF:0 TF:0 IF:1 DF:0 OF:0
IP: 0x0000000000200001 94 XCHG esp, eax
RAX = 0x00000000001fe000 RCX = 0x0000000000000000 RDX = 0x0000000000000000 RBX = 0x0000000000000000
RSP = 0x0000000000000000 RBP = 0x0000000000000000 RSI = 0x0000000000000000 RDI = 0x0000000000000000
R8 = 0x0000000000000000 R9 = 0x0000000000000000 R10 = 0x0000000000000000 R11 = 0x0000000000000000
R12 = 0x0000000000000000 R13 = 0x0000000000000000 R14 = 0x0000000000000000 R15 = 0x0000000000000000
R16 = 0x0000000000000000 R17 = 0x0000000000000000 R18 = 0x0000000000000000 R19 = 0x0000000000000000
R20 = 0x0000000000000000 R21 = 0x0000000000000000 R22 = 0x0000000000000000 R23 = 0x0000000000000000
R24 = 0x0000000000000000 R25 = 0x0000000000000000 R26 = 0x0000000000000000 R27 = 0x0000000000000000
R28 = 0x0000000000000000 R29 = 0x0000000000000000 R30 = 0x0000000000000000 R31 = 0x0000000000000000
RIP = 0x0000000000200002 RFLAGS = 0x0000000000000202 CF:0 PF:0 AF:0 ZF:0 SF:0 TF:0 IF:1 DF:0 OF:0
IP: 0x0000000000200002 55 PUSH ebp
Emulation terminated with status 0x00000001, flags: 0x0, 1 NOPs, 0 NULLs, 3 total instructions, 3 unique instructions

View File

@ -0,0 +1 @@
数Uフ

View File

@ -0,0 +1,17 @@
bits 32
nop
call next
next:
pop eax
sub eax, next
lea eax, [eax + new_stack]
dec eax
xchg esp, eax
int3
align 4
new_stack:
resd 64

View File

@ -0,0 +1,84 @@
RAX = 0x0000000000000000 RCX = 0x0000000000000000 RDX = 0x0000000000000000 RBX = 0x0000000000000000
RSP = 0x00000000001fe000 RBP = 0x0000000000000000 RSI = 0x0000000000000000 RDI = 0x0000000000000000
R8 = 0x0000000000000000 R9 = 0x0000000000000000 R10 = 0x0000000000000000 R11 = 0x0000000000000000
R12 = 0x0000000000000000 R13 = 0x0000000000000000 R14 = 0x0000000000000000 R15 = 0x0000000000000000
R16 = 0x0000000000000000 R17 = 0x0000000000000000 R18 = 0x0000000000000000 R19 = 0x0000000000000000
R20 = 0x0000000000000000 R21 = 0x0000000000000000 R22 = 0x0000000000000000 R23 = 0x0000000000000000
R24 = 0x0000000000000000 R25 = 0x0000000000000000 R26 = 0x0000000000000000 R27 = 0x0000000000000000
R28 = 0x0000000000000000 R29 = 0x0000000000000000 R30 = 0x0000000000000000 R31 = 0x0000000000000000
RIP = 0x0000000000200000 RFLAGS = 0x0000000000000202 CF:0 PF:0 AF:0 ZF:0 SF:0 TF:0 IF:1 DF:0 OF:0
IP: 0x0000000000200000 90 NOP
RAX = 0x0000000000000000 RCX = 0x0000000000000000 RDX = 0x0000000000000000 RBX = 0x0000000000000000
RSP = 0x00000000001fe000 RBP = 0x0000000000000000 RSI = 0x0000000000000000 RDI = 0x0000000000000000
R8 = 0x0000000000000000 R9 = 0x0000000000000000 R10 = 0x0000000000000000 R11 = 0x0000000000000000
R12 = 0x0000000000000000 R13 = 0x0000000000000000 R14 = 0x0000000000000000 R15 = 0x0000000000000000
R16 = 0x0000000000000000 R17 = 0x0000000000000000 R18 = 0x0000000000000000 R19 = 0x0000000000000000
R20 = 0x0000000000000000 R21 = 0x0000000000000000 R22 = 0x0000000000000000 R23 = 0x0000000000000000
R24 = 0x0000000000000000 R25 = 0x0000000000000000 R26 = 0x0000000000000000 R27 = 0x0000000000000000
R28 = 0x0000000000000000 R29 = 0x0000000000000000 R30 = 0x0000000000000000 R31 = 0x0000000000000000
RIP = 0x0000000000200001 RFLAGS = 0x0000000000000202 CF:0 PF:0 AF:0 ZF:0 SF:0 TF:0 IF:1 DF:0 OF:0
IP: 0x0000000000200001 E800000000 CALL 0x200006
Memory STOR, address 0x00000000001fdffc, size 4, value 06002000
RAX = 0x0000000000000000 RCX = 0x0000000000000000 RDX = 0x0000000000000000 RBX = 0x0000000000000000
RSP = 0x00000000001fdffc RBP = 0x0000000000000000 RSI = 0x0000000000000000 RDI = 0x0000000000000000
R8 = 0x0000000000000000 R9 = 0x0000000000000000 R10 = 0x0000000000000000 R11 = 0x0000000000000000
R12 = 0x0000000000000000 R13 = 0x0000000000000000 R14 = 0x0000000000000000 R15 = 0x0000000000000000
R16 = 0x0000000000000000 R17 = 0x0000000000000000 R18 = 0x0000000000000000 R19 = 0x0000000000000000
R20 = 0x0000000000000000 R21 = 0x0000000000000000 R22 = 0x0000000000000000 R23 = 0x0000000000000000
R24 = 0x0000000000000000 R25 = 0x0000000000000000 R26 = 0x0000000000000000 R27 = 0x0000000000000000
R28 = 0x0000000000000000 R29 = 0x0000000000000000 R30 = 0x0000000000000000 R31 = 0x0000000000000000
RIP = 0x0000000000200006 RFLAGS = 0x0000000000000202 CF:0 PF:0 AF:0 ZF:0 SF:0 TF:0 IF:1 DF:0 OF:0
IP: 0x0000000000200006 58 POP eax
Memory LOAD, address 0x00000000001fdffc, size 4, value 06002000
RAX = 0x0000000000200006 RCX = 0x0000000000000000 RDX = 0x0000000000000000 RBX = 0x0000000000000000
RSP = 0x00000000001fe000 RBP = 0x0000000000000000 RSI = 0x0000000000000000 RDI = 0x0000000000000000
R8 = 0x0000000000000000 R9 = 0x0000000000000000 R10 = 0x0000000000000000 R11 = 0x0000000000000000
R12 = 0x0000000000000000 R13 = 0x0000000000000000 R14 = 0x0000000000000000 R15 = 0x0000000000000000
R16 = 0x0000000000000000 R17 = 0x0000000000000000 R18 = 0x0000000000000000 R19 = 0x0000000000000000
R20 = 0x0000000000000000 R21 = 0x0000000000000000 R22 = 0x0000000000000000 R23 = 0x0000000000000000
R24 = 0x0000000000000000 R25 = 0x0000000000000000 R26 = 0x0000000000000000 R27 = 0x0000000000000000
R28 = 0x0000000000000000 R29 = 0x0000000000000000 R30 = 0x0000000000000000 R31 = 0x0000000000000000
RIP = 0x0000000000200007 RFLAGS = 0x0000000000000202 CF:0 PF:0 AF:0 ZF:0 SF:0 TF:0 IF:1 DF:0 OF:0
IP: 0x0000000000200007 2D06000000 SUB eax, 0x00000006
RAX = 0x0000000000200000 RCX = 0x0000000000000000 RDX = 0x0000000000000000 RBX = 0x0000000000000000
RSP = 0x00000000001fe000 RBP = 0x0000000000000000 RSI = 0x0000000000000000 RDI = 0x0000000000000000
R8 = 0x0000000000000000 R9 = 0x0000000000000000 R10 = 0x0000000000000000 R11 = 0x0000000000000000
R12 = 0x0000000000000000 R13 = 0x0000000000000000 R14 = 0x0000000000000000 R15 = 0x0000000000000000
R16 = 0x0000000000000000 R17 = 0x0000000000000000 R18 = 0x0000000000000000 R19 = 0x0000000000000000
R20 = 0x0000000000000000 R21 = 0x0000000000000000 R22 = 0x0000000000000000 R23 = 0x0000000000000000
R24 = 0x0000000000000000 R25 = 0x0000000000000000 R26 = 0x0000000000000000 R27 = 0x0000000000000000
R28 = 0x0000000000000000 R29 = 0x0000000000000000 R30 = 0x0000000000000000 R31 = 0x0000000000000000
RIP = 0x000000000020000c RFLAGS = 0x0000000000000206 CF:0 PF:1 AF:0 ZF:0 SF:0 TF:0 IF:1 DF:0 OF:0
IP: 0x000000000020000c 8D8018000000 LEA eax, [eax+0x18]
RAX = 0x0000000000200018 RCX = 0x0000000000000000 RDX = 0x0000000000000000 RBX = 0x0000000000000000
RSP = 0x00000000001fe000 RBP = 0x0000000000000000 RSI = 0x0000000000000000 RDI = 0x0000000000000000
R8 = 0x0000000000000000 R9 = 0x0000000000000000 R10 = 0x0000000000000000 R11 = 0x0000000000000000
R12 = 0x0000000000000000 R13 = 0x0000000000000000 R14 = 0x0000000000000000 R15 = 0x0000000000000000
R16 = 0x0000000000000000 R17 = 0x0000000000000000 R18 = 0x0000000000000000 R19 = 0x0000000000000000
R20 = 0x0000000000000000 R21 = 0x0000000000000000 R22 = 0x0000000000000000 R23 = 0x0000000000000000
R24 = 0x0000000000000000 R25 = 0x0000000000000000 R26 = 0x0000000000000000 R27 = 0x0000000000000000
R28 = 0x0000000000000000 R29 = 0x0000000000000000 R30 = 0x0000000000000000 R31 = 0x0000000000000000
RIP = 0x0000000000200012 RFLAGS = 0x0000000000000206 CF:0 PF:1 AF:0 ZF:0 SF:0 TF:0 IF:1 DF:0 OF:0
IP: 0x0000000000200012 48 DEC eax
RAX = 0x0000000000200017 RCX = 0x0000000000000000 RDX = 0x0000000000000000 RBX = 0x0000000000000000
RSP = 0x00000000001fe000 RBP = 0x0000000000000000 RSI = 0x0000000000000000 RDI = 0x0000000000000000
R8 = 0x0000000000000000 R9 = 0x0000000000000000 R10 = 0x0000000000000000 R11 = 0x0000000000000000
R12 = 0x0000000000000000 R13 = 0x0000000000000000 R14 = 0x0000000000000000 R15 = 0x0000000000000000
R16 = 0x0000000000000000 R17 = 0x0000000000000000 R18 = 0x0000000000000000 R19 = 0x0000000000000000
R20 = 0x0000000000000000 R21 = 0x0000000000000000 R22 = 0x0000000000000000 R23 = 0x0000000000000000
R24 = 0x0000000000000000 R25 = 0x0000000000000000 R26 = 0x0000000000000000 R27 = 0x0000000000000000
R28 = 0x0000000000000000 R29 = 0x0000000000000000 R30 = 0x0000000000000000 R31 = 0x0000000000000000
RIP = 0x0000000000200013 RFLAGS = 0x0000000000000206 CF:0 PF:1 AF:0 ZF:0 SF:0 TF:0 IF:1 DF:0 OF:0
IP: 0x0000000000200013 94 XCHG esp, eax
RAX = 0x00000000001fe000 RCX = 0x0000000000000000 RDX = 0x0000000000000000 RBX = 0x0000000000000000
RSP = 0x0000000000200017 RBP = 0x0000000000000000 RSI = 0x0000000000000000 RDI = 0x0000000000000000
R8 = 0x0000000000000000 R9 = 0x0000000000000000 R10 = 0x0000000000000000 R11 = 0x0000000000000000
R12 = 0x0000000000000000 R13 = 0x0000000000000000 R14 = 0x0000000000000000 R15 = 0x0000000000000000
R16 = 0x0000000000000000 R17 = 0x0000000000000000 R18 = 0x0000000000000000 R19 = 0x0000000000000000
R20 = 0x0000000000000000 R21 = 0x0000000000000000 R22 = 0x0000000000000000 R23 = 0x0000000000000000
R24 = 0x0000000000000000 R25 = 0x0000000000000000 R26 = 0x0000000000000000 R27 = 0x0000000000000000
R28 = 0x0000000000000000 R29 = 0x0000000000000000 R30 = 0x0000000000000000 R31 = 0x0000000000000000
RIP = 0x0000000000200014 RFLAGS = 0x0000000000000206 CF:0 PF:1 AF:0 ZF:0 SF:0 TF:0 IF:1 DF:0 OF:0
IP: 0x0000000000200014 CC INT3
Emulation terminated with status 0x0000000a, flags: 0x2, 1 NOPs, 0 NULLs, 9 total instructions, 8 unique instructions
SHEMU_FLAG_LOAD_RIP

Binary file not shown.

View File

@ -0,0 +1,16 @@
bits 32
nop
call next
next:
pop eax
sub eax, next
lea eax, [eax + new_stack]
xchg esp, eax
int3
align 4
new_stack:
resd 64

View File

@ -0,0 +1,75 @@
RAX = 0x0000000000000000 RCX = 0x0000000000000000 RDX = 0x0000000000000000 RBX = 0x0000000000000000
RSP = 0x00000000001fe000 RBP = 0x0000000000000000 RSI = 0x0000000000000000 RDI = 0x0000000000000000
R8 = 0x0000000000000000 R9 = 0x0000000000000000 R10 = 0x0000000000000000 R11 = 0x0000000000000000
R12 = 0x0000000000000000 R13 = 0x0000000000000000 R14 = 0x0000000000000000 R15 = 0x0000000000000000
R16 = 0x0000000000000000 R17 = 0x0000000000000000 R18 = 0x0000000000000000 R19 = 0x0000000000000000
R20 = 0x0000000000000000 R21 = 0x0000000000000000 R22 = 0x0000000000000000 R23 = 0x0000000000000000
R24 = 0x0000000000000000 R25 = 0x0000000000000000 R26 = 0x0000000000000000 R27 = 0x0000000000000000
R28 = 0x0000000000000000 R29 = 0x0000000000000000 R30 = 0x0000000000000000 R31 = 0x0000000000000000
RIP = 0x0000000000200000 RFLAGS = 0x0000000000000202 CF:0 PF:0 AF:0 ZF:0 SF:0 TF:0 IF:1 DF:0 OF:0
IP: 0x0000000000200000 90 NOP
RAX = 0x0000000000000000 RCX = 0x0000000000000000 RDX = 0x0000000000000000 RBX = 0x0000000000000000
RSP = 0x00000000001fe000 RBP = 0x0000000000000000 RSI = 0x0000000000000000 RDI = 0x0000000000000000
R8 = 0x0000000000000000 R9 = 0x0000000000000000 R10 = 0x0000000000000000 R11 = 0x0000000000000000
R12 = 0x0000000000000000 R13 = 0x0000000000000000 R14 = 0x0000000000000000 R15 = 0x0000000000000000
R16 = 0x0000000000000000 R17 = 0x0000000000000000 R18 = 0x0000000000000000 R19 = 0x0000000000000000
R20 = 0x0000000000000000 R21 = 0x0000000000000000 R22 = 0x0000000000000000 R23 = 0x0000000000000000
R24 = 0x0000000000000000 R25 = 0x0000000000000000 R26 = 0x0000000000000000 R27 = 0x0000000000000000
R28 = 0x0000000000000000 R29 = 0x0000000000000000 R30 = 0x0000000000000000 R31 = 0x0000000000000000
RIP = 0x0000000000200001 RFLAGS = 0x0000000000000202 CF:0 PF:0 AF:0 ZF:0 SF:0 TF:0 IF:1 DF:0 OF:0
IP: 0x0000000000200001 E800000000 CALL 0x200006
Memory STOR, address 0x00000000001fdffc, size 4, value 06002000
RAX = 0x0000000000000000 RCX = 0x0000000000000000 RDX = 0x0000000000000000 RBX = 0x0000000000000000
RSP = 0x00000000001fdffc RBP = 0x0000000000000000 RSI = 0x0000000000000000 RDI = 0x0000000000000000
R8 = 0x0000000000000000 R9 = 0x0000000000000000 R10 = 0x0000000000000000 R11 = 0x0000000000000000
R12 = 0x0000000000000000 R13 = 0x0000000000000000 R14 = 0x0000000000000000 R15 = 0x0000000000000000
R16 = 0x0000000000000000 R17 = 0x0000000000000000 R18 = 0x0000000000000000 R19 = 0x0000000000000000
R20 = 0x0000000000000000 R21 = 0x0000000000000000 R22 = 0x0000000000000000 R23 = 0x0000000000000000
R24 = 0x0000000000000000 R25 = 0x0000000000000000 R26 = 0x0000000000000000 R27 = 0x0000000000000000
R28 = 0x0000000000000000 R29 = 0x0000000000000000 R30 = 0x0000000000000000 R31 = 0x0000000000000000
RIP = 0x0000000000200006 RFLAGS = 0x0000000000000202 CF:0 PF:0 AF:0 ZF:0 SF:0 TF:0 IF:1 DF:0 OF:0
IP: 0x0000000000200006 58 POP eax
Memory LOAD, address 0x00000000001fdffc, size 4, value 06002000
RAX = 0x0000000000200006 RCX = 0x0000000000000000 RDX = 0x0000000000000000 RBX = 0x0000000000000000
RSP = 0x00000000001fe000 RBP = 0x0000000000000000 RSI = 0x0000000000000000 RDI = 0x0000000000000000
R8 = 0x0000000000000000 R9 = 0x0000000000000000 R10 = 0x0000000000000000 R11 = 0x0000000000000000
R12 = 0x0000000000000000 R13 = 0x0000000000000000 R14 = 0x0000000000000000 R15 = 0x0000000000000000
R16 = 0x0000000000000000 R17 = 0x0000000000000000 R18 = 0x0000000000000000 R19 = 0x0000000000000000
R20 = 0x0000000000000000 R21 = 0x0000000000000000 R22 = 0x0000000000000000 R23 = 0x0000000000000000
R24 = 0x0000000000000000 R25 = 0x0000000000000000 R26 = 0x0000000000000000 R27 = 0x0000000000000000
R28 = 0x0000000000000000 R29 = 0x0000000000000000 R30 = 0x0000000000000000 R31 = 0x0000000000000000
RIP = 0x0000000000200007 RFLAGS = 0x0000000000000202 CF:0 PF:0 AF:0 ZF:0 SF:0 TF:0 IF:1 DF:0 OF:0
IP: 0x0000000000200007 2D06000000 SUB eax, 0x00000006
RAX = 0x0000000000200000 RCX = 0x0000000000000000 RDX = 0x0000000000000000 RBX = 0x0000000000000000
RSP = 0x00000000001fe000 RBP = 0x0000000000000000 RSI = 0x0000000000000000 RDI = 0x0000000000000000
R8 = 0x0000000000000000 R9 = 0x0000000000000000 R10 = 0x0000000000000000 R11 = 0x0000000000000000
R12 = 0x0000000000000000 R13 = 0x0000000000000000 R14 = 0x0000000000000000 R15 = 0x0000000000000000
R16 = 0x0000000000000000 R17 = 0x0000000000000000 R18 = 0x0000000000000000 R19 = 0x0000000000000000
R20 = 0x0000000000000000 R21 = 0x0000000000000000 R22 = 0x0000000000000000 R23 = 0x0000000000000000
R24 = 0x0000000000000000 R25 = 0x0000000000000000 R26 = 0x0000000000000000 R27 = 0x0000000000000000
R28 = 0x0000000000000000 R29 = 0x0000000000000000 R30 = 0x0000000000000000 R31 = 0x0000000000000000
RIP = 0x000000000020000c RFLAGS = 0x0000000000000206 CF:0 PF:1 AF:0 ZF:0 SF:0 TF:0 IF:1 DF:0 OF:0
IP: 0x000000000020000c 8D8014000000 LEA eax, [eax+0x14]
RAX = 0x0000000000200014 RCX = 0x0000000000000000 RDX = 0x0000000000000000 RBX = 0x0000000000000000
RSP = 0x00000000001fe000 RBP = 0x0000000000000000 RSI = 0x0000000000000000 RDI = 0x0000000000000000
R8 = 0x0000000000000000 R9 = 0x0000000000000000 R10 = 0x0000000000000000 R11 = 0x0000000000000000
R12 = 0x0000000000000000 R13 = 0x0000000000000000 R14 = 0x0000000000000000 R15 = 0x0000000000000000
R16 = 0x0000000000000000 R17 = 0x0000000000000000 R18 = 0x0000000000000000 R19 = 0x0000000000000000
R20 = 0x0000000000000000 R21 = 0x0000000000000000 R22 = 0x0000000000000000 R23 = 0x0000000000000000
R24 = 0x0000000000000000 R25 = 0x0000000000000000 R26 = 0x0000000000000000 R27 = 0x0000000000000000
R28 = 0x0000000000000000 R29 = 0x0000000000000000 R30 = 0x0000000000000000 R31 = 0x0000000000000000
RIP = 0x0000000000200012 RFLAGS = 0x0000000000000206 CF:0 PF:1 AF:0 ZF:0 SF:0 TF:0 IF:1 DF:0 OF:0
IP: 0x0000000000200012 94 XCHG esp, eax
RAX = 0x00000000001fe000 RCX = 0x0000000000000000 RDX = 0x0000000000000000 RBX = 0x0000000000000000
RSP = 0x0000000000200014 RBP = 0x0000000000000000 RSI = 0x0000000000000000 RDI = 0x0000000000000000
R8 = 0x0000000000000000 R9 = 0x0000000000000000 R10 = 0x0000000000000000 R11 = 0x0000000000000000
R12 = 0x0000000000000000 R13 = 0x0000000000000000 R14 = 0x0000000000000000 R15 = 0x0000000000000000
R16 = 0x0000000000000000 R17 = 0x0000000000000000 R18 = 0x0000000000000000 R19 = 0x0000000000000000
R20 = 0x0000000000000000 R21 = 0x0000000000000000 R22 = 0x0000000000000000 R23 = 0x0000000000000000
R24 = 0x0000000000000000 R25 = 0x0000000000000000 R26 = 0x0000000000000000 R27 = 0x0000000000000000
R28 = 0x0000000000000000 R29 = 0x0000000000000000 R30 = 0x0000000000000000 R31 = 0x0000000000000000
RIP = 0x0000000000200013 RFLAGS = 0x0000000000000206 CF:0 PF:1 AF:0 ZF:0 SF:0 TF:0 IF:1 DF:0 OF:0
IP: 0x0000000000200013 CC INT3
Emulation terminated with status 0x0000000a, flags: 0x102, 1 NOPs, 0 NULLs, 8 total instructions, 7 unique instructions
SHEMU_FLAG_LOAD_RIP
SHEMU_FLAG_STACK_PIVOT

Binary file not shown.

View File

@ -0,0 +1,6 @@
bits 32
mov eax, 0x41414141
push eax
retn

View File

@ -0,0 +1,33 @@
RAX = 0x0000000000000000 RCX = 0x0000000000000000 RDX = 0x0000000000000000 RBX = 0x0000000000000000
RSP = 0x00000000001fe000 RBP = 0x0000000000000000 RSI = 0x0000000000000000 RDI = 0x0000000000000000
R8 = 0x0000000000000000 R9 = 0x0000000000000000 R10 = 0x0000000000000000 R11 = 0x0000000000000000
R12 = 0x0000000000000000 R13 = 0x0000000000000000 R14 = 0x0000000000000000 R15 = 0x0000000000000000
R16 = 0x0000000000000000 R17 = 0x0000000000000000 R18 = 0x0000000000000000 R19 = 0x0000000000000000
R20 = 0x0000000000000000 R21 = 0x0000000000000000 R22 = 0x0000000000000000 R23 = 0x0000000000000000
R24 = 0x0000000000000000 R25 = 0x0000000000000000 R26 = 0x0000000000000000 R27 = 0x0000000000000000
R28 = 0x0000000000000000 R29 = 0x0000000000000000 R30 = 0x0000000000000000 R31 = 0x0000000000000000
RIP = 0x0000000000200000 RFLAGS = 0x0000000000000202 CF:0 PF:0 AF:0 ZF:0 SF:0 TF:0 IF:1 DF:0 OF:0
IP: 0x0000000000200000 B841414141 MOV eax, 0x41414141
RAX = 0x0000000041414141 RCX = 0x0000000000000000 RDX = 0x0000000000000000 RBX = 0x0000000000000000
RSP = 0x00000000001fe000 RBP = 0x0000000000000000 RSI = 0x0000000000000000 RDI = 0x0000000000000000
R8 = 0x0000000000000000 R9 = 0x0000000000000000 R10 = 0x0000000000000000 R11 = 0x0000000000000000
R12 = 0x0000000000000000 R13 = 0x0000000000000000 R14 = 0x0000000000000000 R15 = 0x0000000000000000
R16 = 0x0000000000000000 R17 = 0x0000000000000000 R18 = 0x0000000000000000 R19 = 0x0000000000000000
R20 = 0x0000000000000000 R21 = 0x0000000000000000 R22 = 0x0000000000000000 R23 = 0x0000000000000000
R24 = 0x0000000000000000 R25 = 0x0000000000000000 R26 = 0x0000000000000000 R27 = 0x0000000000000000
R28 = 0x0000000000000000 R29 = 0x0000000000000000 R30 = 0x0000000000000000 R31 = 0x0000000000000000
RIP = 0x0000000000200005 RFLAGS = 0x0000000000000202 CF:0 PF:0 AF:0 ZF:0 SF:0 TF:0 IF:1 DF:0 OF:0
IP: 0x0000000000200005 50 PUSH eax
Memory STOR, address 0x00000000001fdffc, size 4, value 41414141
RAX = 0x0000000041414141 RCX = 0x0000000000000000 RDX = 0x0000000000000000 RBX = 0x0000000000000000
RSP = 0x00000000001fdffc RBP = 0x0000000000000000 RSI = 0x0000000000000000 RDI = 0x0000000000000000
R8 = 0x0000000000000000 R9 = 0x0000000000000000 R10 = 0x0000000000000000 R11 = 0x0000000000000000
R12 = 0x0000000000000000 R13 = 0x0000000000000000 R14 = 0x0000000000000000 R15 = 0x0000000000000000
R16 = 0x0000000000000000 R17 = 0x0000000000000000 R18 = 0x0000000000000000 R19 = 0x0000000000000000
R20 = 0x0000000000000000 R21 = 0x0000000000000000 R22 = 0x0000000000000000 R23 = 0x0000000000000000
R24 = 0x0000000000000000 R25 = 0x0000000000000000 R26 = 0x0000000000000000 R27 = 0x0000000000000000
R28 = 0x0000000000000000 R29 = 0x0000000000000000 R30 = 0x0000000000000000 R31 = 0x0000000000000000
RIP = 0x0000000000200006 RFLAGS = 0x0000000000000202 CF:0 PF:0 AF:0 ZF:0 SF:0 TF:0 IF:1 DF:0 OF:0
IP: 0x0000000000200006 C3 RETN
Memory LOAD, address 0x00000000001fdffc, size 4, value 41414141
Emulation terminated with status 0x00000002, flags: 0x0, 0 NOPs, 0 NULLs, 4 total instructions, 3 unique instructions

View File

@ -0,0 +1 @@
クAAAAPテ

View File

@ -0,0 +1,7 @@
bits 32
mov eax, 0x41414141
push eax
push eax
retn

View File

@ -0,0 +1,44 @@
RAX = 0x0000000000000000 RCX = 0x0000000000000000 RDX = 0x0000000000000000 RBX = 0x0000000000000000
RSP = 0x00000000001fe000 RBP = 0x0000000000000000 RSI = 0x0000000000000000 RDI = 0x0000000000000000
R8 = 0x0000000000000000 R9 = 0x0000000000000000 R10 = 0x0000000000000000 R11 = 0x0000000000000000
R12 = 0x0000000000000000 R13 = 0x0000000000000000 R14 = 0x0000000000000000 R15 = 0x0000000000000000
R16 = 0x0000000000000000 R17 = 0x0000000000000000 R18 = 0x0000000000000000 R19 = 0x0000000000000000
R20 = 0x0000000000000000 R21 = 0x0000000000000000 R22 = 0x0000000000000000 R23 = 0x0000000000000000
R24 = 0x0000000000000000 R25 = 0x0000000000000000 R26 = 0x0000000000000000 R27 = 0x0000000000000000
R28 = 0x0000000000000000 R29 = 0x0000000000000000 R30 = 0x0000000000000000 R31 = 0x0000000000000000
RIP = 0x0000000000200000 RFLAGS = 0x0000000000000202 CF:0 PF:0 AF:0 ZF:0 SF:0 TF:0 IF:1 DF:0 OF:0
IP: 0x0000000000200000 B841414141 MOV eax, 0x41414141
RAX = 0x0000000041414141 RCX = 0x0000000000000000 RDX = 0x0000000000000000 RBX = 0x0000000000000000
RSP = 0x00000000001fe000 RBP = 0x0000000000000000 RSI = 0x0000000000000000 RDI = 0x0000000000000000
R8 = 0x0000000000000000 R9 = 0x0000000000000000 R10 = 0x0000000000000000 R11 = 0x0000000000000000
R12 = 0x0000000000000000 R13 = 0x0000000000000000 R14 = 0x0000000000000000 R15 = 0x0000000000000000
R16 = 0x0000000000000000 R17 = 0x0000000000000000 R18 = 0x0000000000000000 R19 = 0x0000000000000000
R20 = 0x0000000000000000 R21 = 0x0000000000000000 R22 = 0x0000000000000000 R23 = 0x0000000000000000
R24 = 0x0000000000000000 R25 = 0x0000000000000000 R26 = 0x0000000000000000 R27 = 0x0000000000000000
R28 = 0x0000000000000000 R29 = 0x0000000000000000 R30 = 0x0000000000000000 R31 = 0x0000000000000000
RIP = 0x0000000000200005 RFLAGS = 0x0000000000000202 CF:0 PF:0 AF:0 ZF:0 SF:0 TF:0 IF:1 DF:0 OF:0
IP: 0x0000000000200005 50 PUSH eax
Memory STOR, address 0x00000000001fdffc, size 4, value 41414141
RAX = 0x0000000041414141 RCX = 0x0000000000000000 RDX = 0x0000000000000000 RBX = 0x0000000000000000
RSP = 0x00000000001fdffc RBP = 0x0000000000000000 RSI = 0x0000000000000000 RDI = 0x0000000000000000
R8 = 0x0000000000000000 R9 = 0x0000000000000000 R10 = 0x0000000000000000 R11 = 0x0000000000000000
R12 = 0x0000000000000000 R13 = 0x0000000000000000 R14 = 0x0000000000000000 R15 = 0x0000000000000000
R16 = 0x0000000000000000 R17 = 0x0000000000000000 R18 = 0x0000000000000000 R19 = 0x0000000000000000
R20 = 0x0000000000000000 R21 = 0x0000000000000000 R22 = 0x0000000000000000 R23 = 0x0000000000000000
R24 = 0x0000000000000000 R25 = 0x0000000000000000 R26 = 0x0000000000000000 R27 = 0x0000000000000000
R28 = 0x0000000000000000 R29 = 0x0000000000000000 R30 = 0x0000000000000000 R31 = 0x0000000000000000
RIP = 0x0000000000200006 RFLAGS = 0x0000000000000202 CF:0 PF:0 AF:0 ZF:0 SF:0 TF:0 IF:1 DF:0 OF:0
IP: 0x0000000000200006 50 PUSH eax
Memory STOR, address 0x00000000001fdff8, size 4, value 41414141
RAX = 0x0000000041414141 RCX = 0x0000000000000000 RDX = 0x0000000000000000 RBX = 0x0000000000000000
RSP = 0x00000000001fdff8 RBP = 0x0000000000000000 RSI = 0x0000000000000000 RDI = 0x0000000000000000
R8 = 0x0000000000000000 R9 = 0x0000000000000000 R10 = 0x0000000000000000 R11 = 0x0000000000000000
R12 = 0x0000000000000000 R13 = 0x0000000000000000 R14 = 0x0000000000000000 R15 = 0x0000000000000000
R16 = 0x0000000000000000 R17 = 0x0000000000000000 R18 = 0x0000000000000000 R19 = 0x0000000000000000
R20 = 0x0000000000000000 R21 = 0x0000000000000000 R22 = 0x0000000000000000 R23 = 0x0000000000000000
R24 = 0x0000000000000000 R25 = 0x0000000000000000 R26 = 0x0000000000000000 R27 = 0x0000000000000000
R28 = 0x0000000000000000 R29 = 0x0000000000000000 R30 = 0x0000000000000000 R31 = 0x0000000000000000
RIP = 0x0000000000200007 RFLAGS = 0x0000000000000202 CF:0 PF:0 AF:0 ZF:0 SF:0 TF:0 IF:1 DF:0 OF:0
IP: 0x0000000000200007 C3 RETN
Memory LOAD, address 0x00000000001fdff8, size 4, value 41414141
Emulation terminated with status 0x00000002, flags: 0x0, 0 NOPs, 0 NULLs, 5 total instructions, 4 unique instructions

View File

@ -0,0 +1 @@
クAAAAPPテ

View File

@ -0,0 +1,8 @@
bits 32
mov eax, 0x41414141
push eax
mov eax, 0x00414141
push eax
retn

View File

@ -0,0 +1,54 @@
RAX = 0x0000000000000000 RCX = 0x0000000000000000 RDX = 0x0000000000000000 RBX = 0x0000000000000000
RSP = 0x00000000001fe000 RBP = 0x0000000000000000 RSI = 0x0000000000000000 RDI = 0x0000000000000000
R8 = 0x0000000000000000 R9 = 0x0000000000000000 R10 = 0x0000000000000000 R11 = 0x0000000000000000
R12 = 0x0000000000000000 R13 = 0x0000000000000000 R14 = 0x0000000000000000 R15 = 0x0000000000000000
R16 = 0x0000000000000000 R17 = 0x0000000000000000 R18 = 0x0000000000000000 R19 = 0x0000000000000000
R20 = 0x0000000000000000 R21 = 0x0000000000000000 R22 = 0x0000000000000000 R23 = 0x0000000000000000
R24 = 0x0000000000000000 R25 = 0x0000000000000000 R26 = 0x0000000000000000 R27 = 0x0000000000000000
R28 = 0x0000000000000000 R29 = 0x0000000000000000 R30 = 0x0000000000000000 R31 = 0x0000000000000000
RIP = 0x0000000000200000 RFLAGS = 0x0000000000000202 CF:0 PF:0 AF:0 ZF:0 SF:0 TF:0 IF:1 DF:0 OF:0
IP: 0x0000000000200000 B841414141 MOV eax, 0x41414141
RAX = 0x0000000041414141 RCX = 0x0000000000000000 RDX = 0x0000000000000000 RBX = 0x0000000000000000
RSP = 0x00000000001fe000 RBP = 0x0000000000000000 RSI = 0x0000000000000000 RDI = 0x0000000000000000
R8 = 0x0000000000000000 R9 = 0x0000000000000000 R10 = 0x0000000000000000 R11 = 0x0000000000000000
R12 = 0x0000000000000000 R13 = 0x0000000000000000 R14 = 0x0000000000000000 R15 = 0x0000000000000000
R16 = 0x0000000000000000 R17 = 0x0000000000000000 R18 = 0x0000000000000000 R19 = 0x0000000000000000
R20 = 0x0000000000000000 R21 = 0x0000000000000000 R22 = 0x0000000000000000 R23 = 0x0000000000000000
R24 = 0x0000000000000000 R25 = 0x0000000000000000 R26 = 0x0000000000000000 R27 = 0x0000000000000000
R28 = 0x0000000000000000 R29 = 0x0000000000000000 R30 = 0x0000000000000000 R31 = 0x0000000000000000
RIP = 0x0000000000200005 RFLAGS = 0x0000000000000202 CF:0 PF:0 AF:0 ZF:0 SF:0 TF:0 IF:1 DF:0 OF:0
IP: 0x0000000000200005 50 PUSH eax
Memory STOR, address 0x00000000001fdffc, size 4, value 41414141
RAX = 0x0000000041414141 RCX = 0x0000000000000000 RDX = 0x0000000000000000 RBX = 0x0000000000000000
RSP = 0x00000000001fdffc RBP = 0x0000000000000000 RSI = 0x0000000000000000 RDI = 0x0000000000000000
R8 = 0x0000000000000000 R9 = 0x0000000000000000 R10 = 0x0000000000000000 R11 = 0x0000000000000000
R12 = 0x0000000000000000 R13 = 0x0000000000000000 R14 = 0x0000000000000000 R15 = 0x0000000000000000
R16 = 0x0000000000000000 R17 = 0x0000000000000000 R18 = 0x0000000000000000 R19 = 0x0000000000000000
R20 = 0x0000000000000000 R21 = 0x0000000000000000 R22 = 0x0000000000000000 R23 = 0x0000000000000000
R24 = 0x0000000000000000 R25 = 0x0000000000000000 R26 = 0x0000000000000000 R27 = 0x0000000000000000
R28 = 0x0000000000000000 R29 = 0x0000000000000000 R30 = 0x0000000000000000 R31 = 0x0000000000000000
RIP = 0x0000000000200006 RFLAGS = 0x0000000000000202 CF:0 PF:0 AF:0 ZF:0 SF:0 TF:0 IF:1 DF:0 OF:0
IP: 0x0000000000200006 B841414100 MOV eax, 0x00414141
RAX = 0x0000000000414141 RCX = 0x0000000000000000 RDX = 0x0000000000000000 RBX = 0x0000000000000000
RSP = 0x00000000001fdffc RBP = 0x0000000000000000 RSI = 0x0000000000000000 RDI = 0x0000000000000000
R8 = 0x0000000000000000 R9 = 0x0000000000000000 R10 = 0x0000000000000000 R11 = 0x0000000000000000
R12 = 0x0000000000000000 R13 = 0x0000000000000000 R14 = 0x0000000000000000 R15 = 0x0000000000000000
R16 = 0x0000000000000000 R17 = 0x0000000000000000 R18 = 0x0000000000000000 R19 = 0x0000000000000000
R20 = 0x0000000000000000 R21 = 0x0000000000000000 R22 = 0x0000000000000000 R23 = 0x0000000000000000
R24 = 0x0000000000000000 R25 = 0x0000000000000000 R26 = 0x0000000000000000 R27 = 0x0000000000000000
R28 = 0x0000000000000000 R29 = 0x0000000000000000 R30 = 0x0000000000000000 R31 = 0x0000000000000000
RIP = 0x000000000020000b RFLAGS = 0x0000000000000202 CF:0 PF:0 AF:0 ZF:0 SF:0 TF:0 IF:1 DF:0 OF:0
IP: 0x000000000020000b 50 PUSH eax
Memory STOR, address 0x00000000001fdff8, size 4, value 41414100
RAX = 0x0000000000414141 RCX = 0x0000000000000000 RDX = 0x0000000000000000 RBX = 0x0000000000000000
RSP = 0x00000000001fdff8 RBP = 0x0000000000000000 RSI = 0x0000000000000000 RDI = 0x0000000000000000
R8 = 0x0000000000000000 R9 = 0x0000000000000000 R10 = 0x0000000000000000 R11 = 0x0000000000000000
R12 = 0x0000000000000000 R13 = 0x0000000000000000 R14 = 0x0000000000000000 R15 = 0x0000000000000000
R16 = 0x0000000000000000 R17 = 0x0000000000000000 R18 = 0x0000000000000000 R19 = 0x0000000000000000
R20 = 0x0000000000000000 R21 = 0x0000000000000000 R22 = 0x0000000000000000 R23 = 0x0000000000000000
R24 = 0x0000000000000000 R25 = 0x0000000000000000 R26 = 0x0000000000000000 R27 = 0x0000000000000000
R28 = 0x0000000000000000 R29 = 0x0000000000000000 R30 = 0x0000000000000000 R31 = 0x0000000000000000
RIP = 0x000000000020000c RFLAGS = 0x0000000000000202 CF:0 PF:0 AF:0 ZF:0 SF:0 TF:0 IF:1 DF:0 OF:0
IP: 0x000000000020000c C3 RETN
Memory LOAD, address 0x00000000001fdff8, size 4, value 41414100
Emulation terminated with status 0x00000002, flags: 0x0, 0 NOPs, 0 NULLs, 6 total instructions, 5 unique instructions

Binary file not shown.

View File

@ -0,0 +1,13 @@
bits 32
mov eax, 0x41414141
mov ebx, 0xbdbdbdbd
push eax
push ebx
push eax
push ebx
push eax
push ebx
push eax
push ebx
retn

View File

@ -0,0 +1,120 @@
RAX = 0x0000000000000000 RCX = 0x0000000000000000 RDX = 0x0000000000000000 RBX = 0x0000000000000000
RSP = 0x00000000001fe000 RBP = 0x0000000000000000 RSI = 0x0000000000000000 RDI = 0x0000000000000000
R8 = 0x0000000000000000 R9 = 0x0000000000000000 R10 = 0x0000000000000000 R11 = 0x0000000000000000
R12 = 0x0000000000000000 R13 = 0x0000000000000000 R14 = 0x0000000000000000 R15 = 0x0000000000000000
R16 = 0x0000000000000000 R17 = 0x0000000000000000 R18 = 0x0000000000000000 R19 = 0x0000000000000000
R20 = 0x0000000000000000 R21 = 0x0000000000000000 R22 = 0x0000000000000000 R23 = 0x0000000000000000
R24 = 0x0000000000000000 R25 = 0x0000000000000000 R26 = 0x0000000000000000 R27 = 0x0000000000000000
R28 = 0x0000000000000000 R29 = 0x0000000000000000 R30 = 0x0000000000000000 R31 = 0x0000000000000000
RIP = 0x0000000000200000 RFLAGS = 0x0000000000000202 CF:0 PF:0 AF:0 ZF:0 SF:0 TF:0 IF:1 DF:0 OF:0
IP: 0x0000000000200000 B841414141 MOV eax, 0x41414141
RAX = 0x0000000041414141 RCX = 0x0000000000000000 RDX = 0x0000000000000000 RBX = 0x0000000000000000
RSP = 0x00000000001fe000 RBP = 0x0000000000000000 RSI = 0x0000000000000000 RDI = 0x0000000000000000
R8 = 0x0000000000000000 R9 = 0x0000000000000000 R10 = 0x0000000000000000 R11 = 0x0000000000000000
R12 = 0x0000000000000000 R13 = 0x0000000000000000 R14 = 0x0000000000000000 R15 = 0x0000000000000000
R16 = 0x0000000000000000 R17 = 0x0000000000000000 R18 = 0x0000000000000000 R19 = 0x0000000000000000
R20 = 0x0000000000000000 R21 = 0x0000000000000000 R22 = 0x0000000000000000 R23 = 0x0000000000000000
R24 = 0x0000000000000000 R25 = 0x0000000000000000 R26 = 0x0000000000000000 R27 = 0x0000000000000000
R28 = 0x0000000000000000 R29 = 0x0000000000000000 R30 = 0x0000000000000000 R31 = 0x0000000000000000
RIP = 0x0000000000200005 RFLAGS = 0x0000000000000202 CF:0 PF:0 AF:0 ZF:0 SF:0 TF:0 IF:1 DF:0 OF:0
IP: 0x0000000000200005 BBBDBDBDBD MOV ebx, 0xbdbdbdbd
RAX = 0x0000000041414141 RCX = 0x0000000000000000 RDX = 0x0000000000000000 RBX = 0x00000000bdbdbdbd
RSP = 0x00000000001fe000 RBP = 0x0000000000000000 RSI = 0x0000000000000000 RDI = 0x0000000000000000
R8 = 0x0000000000000000 R9 = 0x0000000000000000 R10 = 0x0000000000000000 R11 = 0x0000000000000000
R12 = 0x0000000000000000 R13 = 0x0000000000000000 R14 = 0x0000000000000000 R15 = 0x0000000000000000
R16 = 0x0000000000000000 R17 = 0x0000000000000000 R18 = 0x0000000000000000 R19 = 0x0000000000000000
R20 = 0x0000000000000000 R21 = 0x0000000000000000 R22 = 0x0000000000000000 R23 = 0x0000000000000000
R24 = 0x0000000000000000 R25 = 0x0000000000000000 R26 = 0x0000000000000000 R27 = 0x0000000000000000
R28 = 0x0000000000000000 R29 = 0x0000000000000000 R30 = 0x0000000000000000 R31 = 0x0000000000000000
RIP = 0x000000000020000a RFLAGS = 0x0000000000000202 CF:0 PF:0 AF:0 ZF:0 SF:0 TF:0 IF:1 DF:0 OF:0
IP: 0x000000000020000a 50 PUSH eax
Memory STOR, address 0x00000000001fdffc, size 4, value 41414141
RAX = 0x0000000041414141 RCX = 0x0000000000000000 RDX = 0x0000000000000000 RBX = 0x00000000bdbdbdbd
RSP = 0x00000000001fdffc RBP = 0x0000000000000000 RSI = 0x0000000000000000 RDI = 0x0000000000000000
R8 = 0x0000000000000000 R9 = 0x0000000000000000 R10 = 0x0000000000000000 R11 = 0x0000000000000000
R12 = 0x0000000000000000 R13 = 0x0000000000000000 R14 = 0x0000000000000000 R15 = 0x0000000000000000
R16 = 0x0000000000000000 R17 = 0x0000000000000000 R18 = 0x0000000000000000 R19 = 0x0000000000000000
R20 = 0x0000000000000000 R21 = 0x0000000000000000 R22 = 0x0000000000000000 R23 = 0x0000000000000000
R24 = 0x0000000000000000 R25 = 0x0000000000000000 R26 = 0x0000000000000000 R27 = 0x0000000000000000
R28 = 0x0000000000000000 R29 = 0x0000000000000000 R30 = 0x0000000000000000 R31 = 0x0000000000000000
RIP = 0x000000000020000b RFLAGS = 0x0000000000000202 CF:0 PF:0 AF:0 ZF:0 SF:0 TF:0 IF:1 DF:0 OF:0
IP: 0x000000000020000b 53 PUSH ebx
Memory STOR, address 0x00000000001fdff8, size 4, value BDBDBDBD
RAX = 0x0000000041414141 RCX = 0x0000000000000000 RDX = 0x0000000000000000 RBX = 0x00000000bdbdbdbd
RSP = 0x00000000001fdff8 RBP = 0x0000000000000000 RSI = 0x0000000000000000 RDI = 0x0000000000000000
R8 = 0x0000000000000000 R9 = 0x0000000000000000 R10 = 0x0000000000000000 R11 = 0x0000000000000000
R12 = 0x0000000000000000 R13 = 0x0000000000000000 R14 = 0x0000000000000000 R15 = 0x0000000000000000
R16 = 0x0000000000000000 R17 = 0x0000000000000000 R18 = 0x0000000000000000 R19 = 0x0000000000000000
R20 = 0x0000000000000000 R21 = 0x0000000000000000 R22 = 0x0000000000000000 R23 = 0x0000000000000000
R24 = 0x0000000000000000 R25 = 0x0000000000000000 R26 = 0x0000000000000000 R27 = 0x0000000000000000
R28 = 0x0000000000000000 R29 = 0x0000000000000000 R30 = 0x0000000000000000 R31 = 0x0000000000000000
RIP = 0x000000000020000c RFLAGS = 0x0000000000000202 CF:0 PF:0 AF:0 ZF:0 SF:0 TF:0 IF:1 DF:0 OF:0
IP: 0x000000000020000c 50 PUSH eax
Memory STOR, address 0x00000000001fdff4, size 4, value 41414141
RAX = 0x0000000041414141 RCX = 0x0000000000000000 RDX = 0x0000000000000000 RBX = 0x00000000bdbdbdbd
RSP = 0x00000000001fdff4 RBP = 0x0000000000000000 RSI = 0x0000000000000000 RDI = 0x0000000000000000
R8 = 0x0000000000000000 R9 = 0x0000000000000000 R10 = 0x0000000000000000 R11 = 0x0000000000000000
R12 = 0x0000000000000000 R13 = 0x0000000000000000 R14 = 0x0000000000000000 R15 = 0x0000000000000000
R16 = 0x0000000000000000 R17 = 0x0000000000000000 R18 = 0x0000000000000000 R19 = 0x0000000000000000
R20 = 0x0000000000000000 R21 = 0x0000000000000000 R22 = 0x0000000000000000 R23 = 0x0000000000000000
R24 = 0x0000000000000000 R25 = 0x0000000000000000 R26 = 0x0000000000000000 R27 = 0x0000000000000000
R28 = 0x0000000000000000 R29 = 0x0000000000000000 R30 = 0x0000000000000000 R31 = 0x0000000000000000
RIP = 0x000000000020000d RFLAGS = 0x0000000000000202 CF:0 PF:0 AF:0 ZF:0 SF:0 TF:0 IF:1 DF:0 OF:0
IP: 0x000000000020000d 53 PUSH ebx
Memory STOR, address 0x00000000001fdff0, size 4, value BDBDBDBD
RAX = 0x0000000041414141 RCX = 0x0000000000000000 RDX = 0x0000000000000000 RBX = 0x00000000bdbdbdbd
RSP = 0x00000000001fdff0 RBP = 0x0000000000000000 RSI = 0x0000000000000000 RDI = 0x0000000000000000
R8 = 0x0000000000000000 R9 = 0x0000000000000000 R10 = 0x0000000000000000 R11 = 0x0000000000000000
R12 = 0x0000000000000000 R13 = 0x0000000000000000 R14 = 0x0000000000000000 R15 = 0x0000000000000000
R16 = 0x0000000000000000 R17 = 0x0000000000000000 R18 = 0x0000000000000000 R19 = 0x0000000000000000
R20 = 0x0000000000000000 R21 = 0x0000000000000000 R22 = 0x0000000000000000 R23 = 0x0000000000000000
R24 = 0x0000000000000000 R25 = 0x0000000000000000 R26 = 0x0000000000000000 R27 = 0x0000000000000000
R28 = 0x0000000000000000 R29 = 0x0000000000000000 R30 = 0x0000000000000000 R31 = 0x0000000000000000
RIP = 0x000000000020000e RFLAGS = 0x0000000000000202 CF:0 PF:0 AF:0 ZF:0 SF:0 TF:0 IF:1 DF:0 OF:0
IP: 0x000000000020000e 50 PUSH eax
Memory STOR, address 0x00000000001fdfec, size 4, value 41414141
RAX = 0x0000000041414141 RCX = 0x0000000000000000 RDX = 0x0000000000000000 RBX = 0x00000000bdbdbdbd
RSP = 0x00000000001fdfec RBP = 0x0000000000000000 RSI = 0x0000000000000000 RDI = 0x0000000000000000
R8 = 0x0000000000000000 R9 = 0x0000000000000000 R10 = 0x0000000000000000 R11 = 0x0000000000000000
R12 = 0x0000000000000000 R13 = 0x0000000000000000 R14 = 0x0000000000000000 R15 = 0x0000000000000000
R16 = 0x0000000000000000 R17 = 0x0000000000000000 R18 = 0x0000000000000000 R19 = 0x0000000000000000
R20 = 0x0000000000000000 R21 = 0x0000000000000000 R22 = 0x0000000000000000 R23 = 0x0000000000000000
R24 = 0x0000000000000000 R25 = 0x0000000000000000 R26 = 0x0000000000000000 R27 = 0x0000000000000000
R28 = 0x0000000000000000 R29 = 0x0000000000000000 R30 = 0x0000000000000000 R31 = 0x0000000000000000
RIP = 0x000000000020000f RFLAGS = 0x0000000000000202 CF:0 PF:0 AF:0 ZF:0 SF:0 TF:0 IF:1 DF:0 OF:0
IP: 0x000000000020000f 53 PUSH ebx
Memory STOR, address 0x00000000001fdfe8, size 4, value BDBDBDBD
RAX = 0x0000000041414141 RCX = 0x0000000000000000 RDX = 0x0000000000000000 RBX = 0x00000000bdbdbdbd
RSP = 0x00000000001fdfe8 RBP = 0x0000000000000000 RSI = 0x0000000000000000 RDI = 0x0000000000000000
R8 = 0x0000000000000000 R9 = 0x0000000000000000 R10 = 0x0000000000000000 R11 = 0x0000000000000000
R12 = 0x0000000000000000 R13 = 0x0000000000000000 R14 = 0x0000000000000000 R15 = 0x0000000000000000
R16 = 0x0000000000000000 R17 = 0x0000000000000000 R18 = 0x0000000000000000 R19 = 0x0000000000000000
R20 = 0x0000000000000000 R21 = 0x0000000000000000 R22 = 0x0000000000000000 R23 = 0x0000000000000000
R24 = 0x0000000000000000 R25 = 0x0000000000000000 R26 = 0x0000000000000000 R27 = 0x0000000000000000
R28 = 0x0000000000000000 R29 = 0x0000000000000000 R30 = 0x0000000000000000 R31 = 0x0000000000000000
RIP = 0x0000000000200010 RFLAGS = 0x0000000000000202 CF:0 PF:0 AF:0 ZF:0 SF:0 TF:0 IF:1 DF:0 OF:0
IP: 0x0000000000200010 50 PUSH eax
Memory STOR, address 0x00000000001fdfe4, size 4, value 41414141
RAX = 0x0000000041414141 RCX = 0x0000000000000000 RDX = 0x0000000000000000 RBX = 0x00000000bdbdbdbd
RSP = 0x00000000001fdfe4 RBP = 0x0000000000000000 RSI = 0x0000000000000000 RDI = 0x0000000000000000
R8 = 0x0000000000000000 R9 = 0x0000000000000000 R10 = 0x0000000000000000 R11 = 0x0000000000000000
R12 = 0x0000000000000000 R13 = 0x0000000000000000 R14 = 0x0000000000000000 R15 = 0x0000000000000000
R16 = 0x0000000000000000 R17 = 0x0000000000000000 R18 = 0x0000000000000000 R19 = 0x0000000000000000
R20 = 0x0000000000000000 R21 = 0x0000000000000000 R22 = 0x0000000000000000 R23 = 0x0000000000000000
R24 = 0x0000000000000000 R25 = 0x0000000000000000 R26 = 0x0000000000000000 R27 = 0x0000000000000000
R28 = 0x0000000000000000 R29 = 0x0000000000000000 R30 = 0x0000000000000000 R31 = 0x0000000000000000
RIP = 0x0000000000200011 RFLAGS = 0x0000000000000202 CF:0 PF:0 AF:0 ZF:0 SF:0 TF:0 IF:1 DF:0 OF:0
IP: 0x0000000000200011 53 PUSH ebx
Memory STOR, address 0x00000000001fdfe0, size 4, value BDBDBDBD
RAX = 0x0000000041414141 RCX = 0x0000000000000000 RDX = 0x0000000000000000 RBX = 0x00000000bdbdbdbd
RSP = 0x00000000001fdfe0 RBP = 0x0000000000000000 RSI = 0x0000000000000000 RDI = 0x0000000000000000
R8 = 0x0000000000000000 R9 = 0x0000000000000000 R10 = 0x0000000000000000 R11 = 0x0000000000000000
R12 = 0x0000000000000000 R13 = 0x0000000000000000 R14 = 0x0000000000000000 R15 = 0x0000000000000000
R16 = 0x0000000000000000 R17 = 0x0000000000000000 R18 = 0x0000000000000000 R19 = 0x0000000000000000
R20 = 0x0000000000000000 R21 = 0x0000000000000000 R22 = 0x0000000000000000 R23 = 0x0000000000000000
R24 = 0x0000000000000000 R25 = 0x0000000000000000 R26 = 0x0000000000000000 R27 = 0x0000000000000000
R28 = 0x0000000000000000 R29 = 0x0000000000000000 R30 = 0x0000000000000000 R31 = 0x0000000000000000
RIP = 0x0000000000200012 RFLAGS = 0x0000000000000202 CF:0 PF:0 AF:0 ZF:0 SF:0 TF:0 IF:1 DF:0 OF:0
IP: 0x0000000000200012 C3 RETN
Memory LOAD, address 0x00000000001fdfe0, size 4, value BDBDBDBD
Emulation terminated with status 0x00000002, flags: 0x0, 0 NOPs, 0 NULLs, 12 total instructions, 11 unique instructions

View File

@ -0,0 +1 @@
¸AAAA»½½½½PSPSPSPSÃ

View File

@ -0,0 +1,8 @@
bits 32
mov eax, 0x41414141
push eax
push eax
lea ebp, [esp]
retn

View File

@ -0,0 +1,55 @@
RAX = 0x0000000000000000 RCX = 0x0000000000000000 RDX = 0x0000000000000000 RBX = 0x0000000000000000
RSP = 0x00000000001fe000 RBP = 0x0000000000000000 RSI = 0x0000000000000000 RDI = 0x0000000000000000
R8 = 0x0000000000000000 R9 = 0x0000000000000000 R10 = 0x0000000000000000 R11 = 0x0000000000000000
R12 = 0x0000000000000000 R13 = 0x0000000000000000 R14 = 0x0000000000000000 R15 = 0x0000000000000000
R16 = 0x0000000000000000 R17 = 0x0000000000000000 R18 = 0x0000000000000000 R19 = 0x0000000000000000
R20 = 0x0000000000000000 R21 = 0x0000000000000000 R22 = 0x0000000000000000 R23 = 0x0000000000000000
R24 = 0x0000000000000000 R25 = 0x0000000000000000 R26 = 0x0000000000000000 R27 = 0x0000000000000000
R28 = 0x0000000000000000 R29 = 0x0000000000000000 R30 = 0x0000000000000000 R31 = 0x0000000000000000
RIP = 0x0000000000200000 RFLAGS = 0x0000000000000202 CF:0 PF:0 AF:0 ZF:0 SF:0 TF:0 IF:1 DF:0 OF:0
IP: 0x0000000000200000 B841414141 MOV eax, 0x41414141
RAX = 0x0000000041414141 RCX = 0x0000000000000000 RDX = 0x0000000000000000 RBX = 0x0000000000000000
RSP = 0x00000000001fe000 RBP = 0x0000000000000000 RSI = 0x0000000000000000 RDI = 0x0000000000000000
R8 = 0x0000000000000000 R9 = 0x0000000000000000 R10 = 0x0000000000000000 R11 = 0x0000000000000000
R12 = 0x0000000000000000 R13 = 0x0000000000000000 R14 = 0x0000000000000000 R15 = 0x0000000000000000
R16 = 0x0000000000000000 R17 = 0x0000000000000000 R18 = 0x0000000000000000 R19 = 0x0000000000000000
R20 = 0x0000000000000000 R21 = 0x0000000000000000 R22 = 0x0000000000000000 R23 = 0x0000000000000000
R24 = 0x0000000000000000 R25 = 0x0000000000000000 R26 = 0x0000000000000000 R27 = 0x0000000000000000
R28 = 0x0000000000000000 R29 = 0x0000000000000000 R30 = 0x0000000000000000 R31 = 0x0000000000000000
RIP = 0x0000000000200005 RFLAGS = 0x0000000000000202 CF:0 PF:0 AF:0 ZF:0 SF:0 TF:0 IF:1 DF:0 OF:0
IP: 0x0000000000200005 50 PUSH eax
Memory STOR, address 0x00000000001fdffc, size 4, value 41414141
RAX = 0x0000000041414141 RCX = 0x0000000000000000 RDX = 0x0000000000000000 RBX = 0x0000000000000000
RSP = 0x00000000001fdffc RBP = 0x0000000000000000 RSI = 0x0000000000000000 RDI = 0x0000000000000000
R8 = 0x0000000000000000 R9 = 0x0000000000000000 R10 = 0x0000000000000000 R11 = 0x0000000000000000
R12 = 0x0000000000000000 R13 = 0x0000000000000000 R14 = 0x0000000000000000 R15 = 0x0000000000000000
R16 = 0x0000000000000000 R17 = 0x0000000000000000 R18 = 0x0000000000000000 R19 = 0x0000000000000000
R20 = 0x0000000000000000 R21 = 0x0000000000000000 R22 = 0x0000000000000000 R23 = 0x0000000000000000
R24 = 0x0000000000000000 R25 = 0x0000000000000000 R26 = 0x0000000000000000 R27 = 0x0000000000000000
R28 = 0x0000000000000000 R29 = 0x0000000000000000 R30 = 0x0000000000000000 R31 = 0x0000000000000000
RIP = 0x0000000000200006 RFLAGS = 0x0000000000000202 CF:0 PF:0 AF:0 ZF:0 SF:0 TF:0 IF:1 DF:0 OF:0
IP: 0x0000000000200006 50 PUSH eax
Memory STOR, address 0x00000000001fdff8, size 4, value 41414141
RAX = 0x0000000041414141 RCX = 0x0000000000000000 RDX = 0x0000000000000000 RBX = 0x0000000000000000
RSP = 0x00000000001fdff8 RBP = 0x0000000000000000 RSI = 0x0000000000000000 RDI = 0x0000000000000000
R8 = 0x0000000000000000 R9 = 0x0000000000000000 R10 = 0x0000000000000000 R11 = 0x0000000000000000
R12 = 0x0000000000000000 R13 = 0x0000000000000000 R14 = 0x0000000000000000 R15 = 0x0000000000000000
R16 = 0x0000000000000000 R17 = 0x0000000000000000 R18 = 0x0000000000000000 R19 = 0x0000000000000000
R20 = 0x0000000000000000 R21 = 0x0000000000000000 R22 = 0x0000000000000000 R23 = 0x0000000000000000
R24 = 0x0000000000000000 R25 = 0x0000000000000000 R26 = 0x0000000000000000 R27 = 0x0000000000000000
R28 = 0x0000000000000000 R29 = 0x0000000000000000 R30 = 0x0000000000000000 R31 = 0x0000000000000000
RIP = 0x0000000000200007 RFLAGS = 0x0000000000000202 CF:0 PF:0 AF:0 ZF:0 SF:0 TF:0 IF:1 DF:0 OF:0
IP: 0x0000000000200007 8D2C24 LEA ebp, [esp]
RAX = 0x0000000041414141 RCX = 0x0000000000000000 RDX = 0x0000000000000000 RBX = 0x0000000000000000
RSP = 0x00000000001fdff8 RBP = 0x00000000001fdff8 RSI = 0x0000000000000000 RDI = 0x0000000000000000
R8 = 0x0000000000000000 R9 = 0x0000000000000000 R10 = 0x0000000000000000 R11 = 0x0000000000000000
R12 = 0x0000000000000000 R13 = 0x0000000000000000 R14 = 0x0000000000000000 R15 = 0x0000000000000000
R16 = 0x0000000000000000 R17 = 0x0000000000000000 R18 = 0x0000000000000000 R19 = 0x0000000000000000
R20 = 0x0000000000000000 R21 = 0x0000000000000000 R22 = 0x0000000000000000 R23 = 0x0000000000000000
R24 = 0x0000000000000000 R25 = 0x0000000000000000 R26 = 0x0000000000000000 R27 = 0x0000000000000000
R28 = 0x0000000000000000 R29 = 0x0000000000000000 R30 = 0x0000000000000000 R31 = 0x0000000000000000
RIP = 0x000000000020000a RFLAGS = 0x0000000000000202 CF:0 PF:0 AF:0 ZF:0 SF:0 TF:0 IF:1 DF:0 OF:0
IP: 0x000000000020000a C3 RETN
Memory LOAD, address 0x00000000001fdff8, size 4, value 41414141
Emulation terminated with status 0x00000002, flags: 0x20, 0 NOPs, 0 NULLs, 6 total instructions, 5 unique instructions
SHEMU_FLAG_STACK_STR

View File

@ -0,0 +1 @@
<EFBFBD>AAAAPP<EFBFBD>,$<24>

View File

@ -0,0 +1,6 @@
bits 32
mov esi, 0x7FFE0000
mov eax, dword [esi]
int3

View File

@ -0,0 +1,21 @@
RAX = 0x0000000000000000 RCX = 0x0000000000000000 RDX = 0x0000000000000000 RBX = 0x0000000000000000
RSP = 0x00000000001fe000 RBP = 0x0000000000000000 RSI = 0x0000000000000000 RDI = 0x0000000000000000
R8 = 0x0000000000000000 R9 = 0x0000000000000000 R10 = 0x0000000000000000 R11 = 0x0000000000000000
R12 = 0x0000000000000000 R13 = 0x0000000000000000 R14 = 0x0000000000000000 R15 = 0x0000000000000000
R16 = 0x0000000000000000 R17 = 0x0000000000000000 R18 = 0x0000000000000000 R19 = 0x0000000000000000
R20 = 0x0000000000000000 R21 = 0x0000000000000000 R22 = 0x0000000000000000 R23 = 0x0000000000000000
R24 = 0x0000000000000000 R25 = 0x0000000000000000 R26 = 0x0000000000000000 R27 = 0x0000000000000000
R28 = 0x0000000000000000 R29 = 0x0000000000000000 R30 = 0x0000000000000000 R31 = 0x0000000000000000
RIP = 0x0000000000200000 RFLAGS = 0x0000000000000202 CF:0 PF:0 AF:0 ZF:0 SF:0 TF:0 IF:1 DF:0 OF:0
IP: 0x0000000000200000 BE0000FE7F MOV esi, 0x7ffe0000
RAX = 0x0000000000000000 RCX = 0x0000000000000000 RDX = 0x0000000000000000 RBX = 0x0000000000000000
RSP = 0x00000000001fe000 RBP = 0x0000000000000000 RSI = 0x000000007ffe0000 RDI = 0x0000000000000000
R8 = 0x0000000000000000 R9 = 0x0000000000000000 R10 = 0x0000000000000000 R11 = 0x0000000000000000
R12 = 0x0000000000000000 R13 = 0x0000000000000000 R14 = 0x0000000000000000 R15 = 0x0000000000000000
R16 = 0x0000000000000000 R17 = 0x0000000000000000 R18 = 0x0000000000000000 R19 = 0x0000000000000000
R20 = 0x0000000000000000 R21 = 0x0000000000000000 R22 = 0x0000000000000000 R23 = 0x0000000000000000
R24 = 0x0000000000000000 R25 = 0x0000000000000000 R26 = 0x0000000000000000 R27 = 0x0000000000000000
R28 = 0x0000000000000000 R29 = 0x0000000000000000 R30 = 0x0000000000000000 R31 = 0x0000000000000000
RIP = 0x0000000000200005 RFLAGS = 0x0000000000000202 CF:0 PF:0 AF:0 ZF:0 SF:0 TF:0 IF:1 DF:0 OF:0
IP: 0x0000000000200005 8B06 MOV eax, dword ptr [esi]
Emulation terminated with status 0x00000001, flags: 0x0, 0 NOPs, 0 NULLs, 2 total instructions, 2 unique instructions

Binary file not shown.

View File

@ -0,0 +1,6 @@
bits 32
mov esi, 0x7FFE0000
mov eax, dword [esi + 0x308]
int3

View File

@ -0,0 +1,22 @@
RAX = 0x0000000000000000 RCX = 0x0000000000000000 RDX = 0x0000000000000000 RBX = 0x0000000000000000
RSP = 0x00000000001fe000 RBP = 0x0000000000000000 RSI = 0x0000000000000000 RDI = 0x0000000000000000
R8 = 0x0000000000000000 R9 = 0x0000000000000000 R10 = 0x0000000000000000 R11 = 0x0000000000000000
R12 = 0x0000000000000000 R13 = 0x0000000000000000 R14 = 0x0000000000000000 R15 = 0x0000000000000000
R16 = 0x0000000000000000 R17 = 0x0000000000000000 R18 = 0x0000000000000000 R19 = 0x0000000000000000
R20 = 0x0000000000000000 R21 = 0x0000000000000000 R22 = 0x0000000000000000 R23 = 0x0000000000000000
R24 = 0x0000000000000000 R25 = 0x0000000000000000 R26 = 0x0000000000000000 R27 = 0x0000000000000000
R28 = 0x0000000000000000 R29 = 0x0000000000000000 R30 = 0x0000000000000000 R31 = 0x0000000000000000
RIP = 0x0000000000200000 RFLAGS = 0x0000000000000202 CF:0 PF:0 AF:0 ZF:0 SF:0 TF:0 IF:1 DF:0 OF:0
IP: 0x0000000000200000 BE0000FE7F MOV esi, 0x7ffe0000
RAX = 0x0000000000000000 RCX = 0x0000000000000000 RDX = 0x0000000000000000 RBX = 0x0000000000000000
RSP = 0x00000000001fe000 RBP = 0x0000000000000000 RSI = 0x000000007ffe0000 RDI = 0x0000000000000000
R8 = 0x0000000000000000 R9 = 0x0000000000000000 R10 = 0x0000000000000000 R11 = 0x0000000000000000
R12 = 0x0000000000000000 R13 = 0x0000000000000000 R14 = 0x0000000000000000 R15 = 0x0000000000000000
R16 = 0x0000000000000000 R17 = 0x0000000000000000 R18 = 0x0000000000000000 R19 = 0x0000000000000000
R20 = 0x0000000000000000 R21 = 0x0000000000000000 R22 = 0x0000000000000000 R23 = 0x0000000000000000
R24 = 0x0000000000000000 R25 = 0x0000000000000000 R26 = 0x0000000000000000 R27 = 0x0000000000000000
R28 = 0x0000000000000000 R29 = 0x0000000000000000 R30 = 0x0000000000000000 R31 = 0x0000000000000000
RIP = 0x0000000000200005 RFLAGS = 0x0000000000000202 CF:0 PF:0 AF:0 ZF:0 SF:0 TF:0 IF:1 DF:0 OF:0
IP: 0x0000000000200005 8B8608030000 MOV eax, dword ptr [esi+0x308]
Emulation terminated with status 0x00000001, flags: 0x200, 0 NOPs, 0 NULLs, 2 total instructions, 2 unique instructions
SHEMU_FLAG_SUD_ACCESS

Binary file not shown.

View File

@ -0,0 +1,4 @@
bits 32
sysenter

View File

@ -0,0 +1,12 @@
RAX = 0x0000000000000000 RCX = 0x0000000000000000 RDX = 0x0000000000000000 RBX = 0x0000000000000000
RSP = 0x00000000001fe000 RBP = 0x0000000000000000 RSI = 0x0000000000000000 RDI = 0x0000000000000000
R8 = 0x0000000000000000 R9 = 0x0000000000000000 R10 = 0x0000000000000000 R11 = 0x0000000000000000
R12 = 0x0000000000000000 R13 = 0x0000000000000000 R14 = 0x0000000000000000 R15 = 0x0000000000000000
R16 = 0x0000000000000000 R17 = 0x0000000000000000 R18 = 0x0000000000000000 R19 = 0x0000000000000000
R20 = 0x0000000000000000 R21 = 0x0000000000000000 R22 = 0x0000000000000000 R23 = 0x0000000000000000
R24 = 0x0000000000000000 R25 = 0x0000000000000000 R26 = 0x0000000000000000 R27 = 0x0000000000000000
R28 = 0x0000000000000000 R29 = 0x0000000000000000 R30 = 0x0000000000000000 R31 = 0x0000000000000000
RIP = 0x0000000000200000 RFLAGS = 0x0000000000000202 CF:0 PF:0 AF:0 ZF:0 SF:0 TF:0 IF:1 DF:0 OF:0
IP: 0x0000000000200000 0F34 SYSENTER
Emulation terminated with status 0x0000000a, flags: 0x10, 0 NOPs, 0 NULLs, 2 total instructions, 1 unique instructions
SHEMU_FLAG_SYSCALL

View File

@ -0,0 +1 @@
4

View File

@ -0,0 +1,28 @@
bits 64
global _start
section .text
_start:
nop
stc
mov al, 0xFF
adc al, 0xFF
nop
stc
mov al, 0x60
adc al, 0xFF
nop
stc
mov al, 0xFF
adc al, 0x60
nop
stc
mov al, 1
adc al, 0xFE
int3

Some files were not shown because too many files have changed in this diff Show More