mirror of
https://github.com/bitdefender/bddisasm.git
synced 2024-12-26 16:08:08 +00:00
08096172cc
- New shemu flag - SHEMU_FLAG_SIDT, set when sheu encounters a SIDT in ring0. - Added the CET Tracked flag to SYSCLAL, SYSENTER and INT n instructions. - Fixed Do Not Track prefix recognition for CALL and JMP in long-mode. - Fixed MONITOR and MONITORX implicit operands - the rAX register encodes a virtual address that will be used as the monitored range. That address is subject to a 1 byte load. - Fixed RMPADJUST and RMPUPDATE implicit operands - the rAX register encodes a virtual address, and the rCX register encodes a virtual address of the RMP updated entry. |
||
|---|---|---|
| .. | ||
| _pybddisasm | ||
| pybddisasm | ||
| LICENSE | ||
| MANIFEST.in | ||
| README.md | ||
| setup.cfg | ||
| setup.py | ||
The Bitdefender disassembler Python wrapper
Build
Building and installing is easy:
python3 setup.py build
python3 setup.py install
Usage
Use it by importing the pybddisasm.disasm module:
from pybddisasm.bddisasm import *
instr = nd_decode_ex2(buff, arch, arch, arch, vendor, current_rip)
Example
from pybddisasm.bddisasm import *
from sys import *
buff = b"\x55\x48\x8b\x05\xb8\x13\x00\x00"
offset = 0
while offset < getsizeof(buff):
instr = nd_decode_ex2(buff[offset:], 64, 64, 64)
if instr is None:
break
print(instr.Text)
offset += instr.Length
Pip
Use pip to install the package:
pip install pybddisasm