lazymio/unicorn
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Switch samples to use long instead of Long for registers

Browse Source
This commit is contained in:
Robert Xiao
2023-05-07 01:01:58 -07:00
parent aa430587cc
commit 78de584409
9 changed files with 178 additions and 178 deletions
Download Patch File Download Diff File Expand all files Collapse all files

18
bindings/java/samples/SampleNetworkAuditing.java
View File

@@ -67,11 +67,11 @@ public class SampleNetworkAuditing {
if (intno != 0x80) { if (intno != 0x80) {
return; return;
} }
Long eax = (Long) uc.reg_read(Unicorn.UC_X86_REG_EAX); long eax = uc.reg_read(Unicorn.UC_X86_REG_EAX);
Long ebx = (Long) uc.reg_read(Unicorn.UC_X86_REG_EBX); long ebx = uc.reg_read(Unicorn.UC_X86_REG_EBX);
Long ecx = (Long) uc.reg_read(Unicorn.UC_X86_REG_ECX); long ecx = uc.reg_read(Unicorn.UC_X86_REG_ECX);
Long edx = (Long) uc.reg_read(Unicorn.UC_X86_REG_EDX); long edx = uc.reg_read(Unicorn.UC_X86_REG_EDX);
Long eip = (Long) uc.reg_read(Unicorn.UC_X86_REG_EIP); long eip = uc.reg_read(Unicorn.UC_X86_REG_EIP);
// System.out.printf(">>> INTERRUPT %d\n", toInt(eax)); // System.out.printf(">>> INTERRUPT %d\n", toInt(eax));
@@ -113,7 +113,7 @@ public class SampleNetworkAuditing {
long mode = edx; long mode = edx;
String filename = read_string(uc, filename_addr); String filename = read_string(uc, filename_addr);
Long dummy_fd = get_id(); long dummy_fd = get_id();
uc.reg_write(Unicorn.UC_X86_REG_EAX, dummy_fd); uc.reg_write(Unicorn.UC_X86_REG_EAX, dummy_fd);
String msg = String.format( String msg = String.format(
@@ -133,8 +133,8 @@ public class SampleNetworkAuditing {
System.out.printf(">>> SYS_DUP2 oldfd=%d newfd=%d\n", ebx, ecx); System.out.printf(">>> SYS_DUP2 oldfd=%d newfd=%d\n", ebx, ecx);
} else if (eax == 102) { // sys_socketcall } else if (eax == 102) { // sys_socketcall
// ref: http://www.skyfree.org/linux/kernel_network/socket.html // ref: http://www.skyfree.org/linux/kernel_network/socket.html
Long call = (Long) uc.reg_read(Unicorn.UC_X86_REG_EBX); long call = uc.reg_read(Unicorn.UC_X86_REG_EBX);
Long args = (Long) uc.reg_read(Unicorn.UC_X86_REG_ECX); long args = uc.reg_read(Unicorn.UC_X86_REG_ECX);
// int sys_socketcall(int call, unsigned long *args) // int sys_socketcall(int call, unsigned long *args)
if (call == 1) { // sys_socket if (call == 1) { // sys_socket
@@ -146,7 +146,7 @@ public class SampleNetworkAuditing {
long protocol = long protocol =
toInt(uc.mem_read(args + SIZE_REG * 2, SIZE_REG)); toInt(uc.mem_read(args + SIZE_REG * 2, SIZE_REG));
Long dummy_fd = get_id(); long dummy_fd = get_id();
uc.reg_write(Unicorn.UC_X86_REG_EAX, dummy_fd); uc.reg_write(Unicorn.UC_X86_REG_EAX, dummy_fd);
if (family == 2) { // AF_INET if (family == 2) { // AF_INET

22
bindings/java/samples/Sample_arm.java
View File

@@ -45,10 +45,10 @@ public class Sample_arm {
public static void test_arm() { public static void test_arm() {
Long r0 = 0x1234L; // R0 register long r0 = 0x1234L; // R0 register
Long r2 = 0x6789L; // R1 register long r2 = 0x6789L; // R1 register
Long r3 = 0x3333L; // R2 register long r3 = 0x3333L; // R2 register
Long r1; // R1 register long r1; // R1 register
System.out.print("Emulate ARM code\n"); System.out.print("Emulate ARM code\n");
@@ -79,17 +79,17 @@ public class Sample_arm {
// now print out some registers // now print out some registers
System.out.print(">>> Emulation done. Below is the CPU context\n"); System.out.print(">>> Emulation done. Below is the CPU context\n");
r0 = (Long) u.reg_read(Unicorn.UC_ARM_REG_R0); r0 = u.reg_read(Unicorn.UC_ARM_REG_R0);
r1 = (Long) u.reg_read(Unicorn.UC_ARM_REG_R1); r1 = u.reg_read(Unicorn.UC_ARM_REG_R1);
System.out.print(String.format(">>> R0 = 0x%x\n", r0.intValue())); System.out.print(String.format(">>> R0 = 0x%x\n", r0));
System.out.print(String.format(">>> R1 = 0x%x\n", r1.intValue())); System.out.print(String.format(">>> R1 = 0x%x\n", r1));
u.close(); u.close();
} }
public static void test_thumb() { public static void test_thumb() {
Long sp = 0x1234L; // R0 register long sp = 0x1234L; // R0 register
System.out.print("Emulate THUMB code\n"); System.out.print("Emulate THUMB code\n");
@@ -118,8 +118,8 @@ public class Sample_arm {
// now print out some registers // now print out some registers
System.out.print(">>> Emulation done. Below is the CPU context\n"); System.out.print(">>> Emulation done. Below is the CPU context\n");
sp = (Long) u.reg_read(Unicorn.UC_ARM_REG_SP); sp = u.reg_read(Unicorn.UC_ARM_REG_SP);
System.out.print(String.format(">>> SP = 0x%x\n", sp.intValue())); System.out.print(String.format(">>> SP = 0x%x\n", sp));
u.close(); u.close();
} }

10
bindings/java/samples/Sample_arm64.java
View File

@@ -74,9 +74,9 @@ public class Sample_arm64 {
public static void test_arm64() { public static void test_arm64() {
Long x11 = 0x1234L; // X11 register long x11 = 0x1234L; // X11 register
Long x13 = 0x6789L; // X13 register long x13 = 0x6789L; // X13 register
Long x15 = 0x3333L; // X15 register long x15 = 0x3333L; // X15 register
System.out.print("Emulate ARM64 code\n"); System.out.print("Emulate ARM64 code\n");
@@ -107,8 +107,8 @@ public class Sample_arm64 {
// now print out some registers // now print out some registers
System.out.print(">>> Emulation done. Below is the CPU context\n"); System.out.print(">>> Emulation done. Below is the CPU context\n");
x11 = (Long) u.reg_read(Unicorn.UC_ARM64_REG_X11); x11 = u.reg_read(Unicorn.UC_ARM64_REG_X11);
System.out.print(String.format(">>> X11 = 0x%x\n", x11.longValue())); System.out.print(String.format(">>> X11 = 0x%x\n", x11));
u.close(); u.close();
} }

92
bindings/java/samples/Sample_m68k.java
View File

@@ -73,26 +73,26 @@ public class Sample_m68k {
} }
public static void test_m68k() { public static void test_m68k() {
Long d0 = 0x0000L; // d0 data register long d0 = 0x0000L; // d0 data register
Long d1 = 0x0000L; // d1 data register long d1 = 0x0000L; // d1 data register
Long d2 = 0x0000L; // d2 data register long d2 = 0x0000L; // d2 data register
Long d3 = 0x0000L; // d3 data register long d3 = 0x0000L; // d3 data register
Long d4 = 0x0000L; // d4 data register long d4 = 0x0000L; // d4 data register
Long d5 = 0x0000L; // d5 data register long d5 = 0x0000L; // d5 data register
Long d6 = 0x0000L; // d6 data register long d6 = 0x0000L; // d6 data register
Long d7 = 0x0000L; // d7 data register long d7 = 0x0000L; // d7 data register
Long a0 = 0x0000L; // a0 address register long a0 = 0x0000L; // a0 address register
Long a1 = 0x0000L; // a1 address register long a1 = 0x0000L; // a1 address register
Long a2 = 0x0000L; // a2 address register long a2 = 0x0000L; // a2 address register
Long a3 = 0x0000L; // a3 address register long a3 = 0x0000L; // a3 address register
Long a4 = 0x0000L; // a4 address register long a4 = 0x0000L; // a4 address register
Long a5 = 0x0000L; // a5 address register long a5 = 0x0000L; // a5 address register
Long a6 = 0x0000L; // a6 address register long a6 = 0x0000L; // a6 address register
Long a7 = 0x0000L; // a6 address register long a7 = 0x0000L; // a6 address register
Long pc = 0x0000L; // program counter long pc = 0x0000L; // program counter
Long sr = 0x0000L; // status register long sr = 0x0000L; // status register
System.out.print("Emulate M68K code\n"); System.out.print("Emulate M68K code\n");
@@ -141,45 +141,45 @@ public class Sample_m68k {
// now print out some registers // now print out some registers
System.out.print(">>> Emulation done. Below is the CPU context\n"); System.out.print(">>> Emulation done. Below is the CPU context\n");
d0 = (Long) u.reg_read(Unicorn.UC_M68K_REG_D0); d0 = u.reg_read(Unicorn.UC_M68K_REG_D0);
d1 = (Long) u.reg_read(Unicorn.UC_M68K_REG_D1); d1 = u.reg_read(Unicorn.UC_M68K_REG_D1);
d2 = (Long) u.reg_read(Unicorn.UC_M68K_REG_D2); d2 = u.reg_read(Unicorn.UC_M68K_REG_D2);
d3 = (Long) u.reg_read(Unicorn.UC_M68K_REG_D3); d3 = u.reg_read(Unicorn.UC_M68K_REG_D3);
d4 = (Long) u.reg_read(Unicorn.UC_M68K_REG_D4); d4 = u.reg_read(Unicorn.UC_M68K_REG_D4);
d5 = (Long) u.reg_read(Unicorn.UC_M68K_REG_D5); d5 = u.reg_read(Unicorn.UC_M68K_REG_D5);
d6 = (Long) u.reg_read(Unicorn.UC_M68K_REG_D6); d6 = u.reg_read(Unicorn.UC_M68K_REG_D6);
d7 = (Long) u.reg_read(Unicorn.UC_M68K_REG_D7); d7 = u.reg_read(Unicorn.UC_M68K_REG_D7);
a0 = (Long) u.reg_read(Unicorn.UC_M68K_REG_A0); a0 = u.reg_read(Unicorn.UC_M68K_REG_A0);
a1 = (Long) u.reg_read(Unicorn.UC_M68K_REG_A1); a1 = u.reg_read(Unicorn.UC_M68K_REG_A1);
a2 = (Long) u.reg_read(Unicorn.UC_M68K_REG_A2); a2 = u.reg_read(Unicorn.UC_M68K_REG_A2);
a3 = (Long) u.reg_read(Unicorn.UC_M68K_REG_A3); a3 = u.reg_read(Unicorn.UC_M68K_REG_A3);
a4 = (Long) u.reg_read(Unicorn.UC_M68K_REG_A4); a4 = u.reg_read(Unicorn.UC_M68K_REG_A4);
a5 = (Long) u.reg_read(Unicorn.UC_M68K_REG_A5); a5 = u.reg_read(Unicorn.UC_M68K_REG_A5);
a6 = (Long) u.reg_read(Unicorn.UC_M68K_REG_A6); a6 = u.reg_read(Unicorn.UC_M68K_REG_A6);
a7 = (Long) u.reg_read(Unicorn.UC_M68K_REG_A7); a7 = u.reg_read(Unicorn.UC_M68K_REG_A7);
pc = (Long) u.reg_read(Unicorn.UC_M68K_REG_PC); pc = u.reg_read(Unicorn.UC_M68K_REG_PC);
sr = (Long) u.reg_read(Unicorn.UC_M68K_REG_SR); sr = u.reg_read(Unicorn.UC_M68K_REG_SR);
System.out.print(String.format(">>> A0 = 0x%x\t\t>>> D0 = 0x%x\n", System.out.print(String.format(">>> A0 = 0x%x\t\t>>> D0 = 0x%x\n",
a0.intValue(), d0.intValue())); a0, d0));
System.out.print(String.format(">>> A1 = 0x%x\t\t>>> D1 = 0x%x\n", System.out.print(String.format(">>> A1 = 0x%x\t\t>>> D1 = 0x%x\n",
a1.intValue(), d1.intValue())); a1, d1));
System.out.print(String.format(">>> A2 = 0x%x\t\t>>> D2 = 0x%x\n", System.out.print(String.format(">>> A2 = 0x%x\t\t>>> D2 = 0x%x\n",
a2.intValue(), d2.intValue())); a2, d2));
System.out.print(String.format(">>> A3 = 0x%x\t\t>>> D3 = 0x%x\n", System.out.print(String.format(">>> A3 = 0x%x\t\t>>> D3 = 0x%x\n",
a3.intValue(), d3.intValue())); a3, d3));
System.out.print(String.format(">>> A4 = 0x%x\t\t>>> D4 = 0x%x\n", System.out.print(String.format(">>> A4 = 0x%x\t\t>>> D4 = 0x%x\n",
a4.intValue(), d4.intValue())); a4, d4));
System.out.print(String.format(">>> A5 = 0x%x\t\t>>> D5 = 0x%x\n", System.out.print(String.format(">>> A5 = 0x%x\t\t>>> D5 = 0x%x\n",
a5.intValue(), d5.intValue())); a5, d5));
System.out.print(String.format(">>> A6 = 0x%x\t\t>>> D6 = 0x%x\n", System.out.print(String.format(">>> A6 = 0x%x\t\t>>> D6 = 0x%x\n",
a6.intValue(), d6.intValue())); a6, d6));
System.out.print(String.format(">>> A7 = 0x%x\t\t>>> D7 = 0x%x\n", System.out.print(String.format(">>> A7 = 0x%x\t\t>>> D7 = 0x%x\n",
a7.intValue(), d7.intValue())); a7, d7));
System.out.print(String.format(">>> PC = 0x%x\n", pc.intValue())); System.out.print(String.format(">>> PC = 0x%x\n", pc));
System.out.print(String.format(">>> SR = 0x%x\n", sr.intValue())); System.out.print(String.format(">>> SR = 0x%x\n", sr));
u.close(); u.close();
} }

12
bindings/java/samples/Sample_mips.java
View File

@@ -75,7 +75,7 @@ public class Sample_mips {
public static void test_mips_eb() { public static void test_mips_eb() {
Long r1 = 0x6789L; // R1 register long r1 = 0x6789L; // R1 register
System.out.print("Emulate MIPS code (big-endian)\n"); System.out.print("Emulate MIPS code (big-endian)\n");
@@ -105,14 +105,14 @@ public class Sample_mips {
// now print out some registers // now print out some registers
System.out.print(">>> Emulation done. Below is the CPU context\n"); System.out.print(">>> Emulation done. Below is the CPU context\n");
r1 = (Long) u.reg_read(Unicorn.UC_MIPS_REG_1); r1 = u.reg_read(Unicorn.UC_MIPS_REG_1);
System.out.print(String.format(">>> R1 = 0x%x\n", r1.intValue())); System.out.print(String.format(">>> R1 = 0x%x\n", r1));
u.close(); u.close();
} }
public static void test_mips_el() { public static void test_mips_el() {
Long r1 = 0x6789L; // R1 register long r1 = 0x6789L; // R1 register
System.out.print("===========================\n"); System.out.print("===========================\n");
System.out.print("Emulate MIPS code (little-endian)\n"); System.out.print("Emulate MIPS code (little-endian)\n");
@@ -143,8 +143,8 @@ public class Sample_mips {
// now print out some registers // now print out some registers
System.out.print(">>> Emulation done. Below is the CPU context\n"); System.out.print(">>> Emulation done. Below is the CPU context\n");
r1 = (Long) u.reg_read(Unicorn.UC_MIPS_REG_1); r1 = u.reg_read(Unicorn.UC_MIPS_REG_1);
System.out.print(String.format(">>> R1 = 0x%x\n", r1.intValue())); System.out.print(String.format(">>> R1 = 0x%x\n", r1));
u.close(); u.close();
} }

10
bindings/java/samples/Sample_sparc.java
View File

@@ -74,9 +74,9 @@ public class Sample_sparc {
} }
public static void test_sparc() { public static void test_sparc() {
Long g1 = 0x1230L; // G1 register long g1 = 0x1230L; // G1 register
Long g2 = 0x6789L; // G2 register long g2 = 0x6789L; // G2 register
Long g3 = 0x5555L; // G3 register long g3 = 0x5555L; // G3 register
System.out.print("Emulate SPARC code\n"); System.out.print("Emulate SPARC code\n");
@@ -108,8 +108,8 @@ public class Sample_sparc {
// now print out some registers // now print out some registers
System.out.print(">>> Emulation done. Below is the CPU context\n"); System.out.print(">>> Emulation done. Below is the CPU context\n");
g3 = (Long) u.reg_read(Unicorn.UC_SPARC_REG_G3); g3 = u.reg_read(Unicorn.UC_SPARC_REG_G3);
System.out.print(String.format(">>> G3 = 0x%x\n", g3.intValue())); System.out.print(String.format(">>> G3 = 0x%x\n", g3));
u.close(); u.close();
} }

160
bindings/java/samples/Sample_x86.java
View File

@@ -94,8 +94,8 @@ public class Sample_x86 {
">>> Tracing instruction at 0x%x, instruction size = 0x%x\n", ">>> Tracing instruction at 0x%x, instruction size = 0x%x\n",
address, size); address, size);
Long eflags = (Long) u.reg_read(Unicorn.UC_X86_REG_EFLAGS); long eflags = u.reg_read(Unicorn.UC_X86_REG_EFLAGS);
System.out.printf(">>> --- EFLAGS is 0x%x\n", eflags.intValue()); System.out.printf(">>> --- EFLAGS is 0x%x\n", eflags);
// Uncomment below code to stop the emulation using uc_emu_stop() // Uncomment below code to stop the emulation using uc_emu_stop()
// if (address == 0x1000009) // if (address == 0x1000009)
@@ -120,11 +120,11 @@ public class Sample_x86 {
// callback for tracing instruction // callback for tracing instruction
private static class MyCode64Hook implements CodeHook { private static class MyCode64Hook implements CodeHook {
public void hook(Unicorn u, long address, int size, Object user_data) { public void hook(Unicorn u, long address, int size, Object user_data) {
Long r_rip = (Long) u.reg_read(Unicorn.UC_X86_REG_RIP); long r_rip = u.reg_read(Unicorn.UC_X86_REG_RIP);
System.out.printf( System.out.printf(
">>> Tracing instruction at 0x%x, instruction size = 0x%x\n", ">>> Tracing instruction at 0x%x, instruction size = 0x%x\n",
address, size); address, size);
System.out.printf(">>> RIP is 0x%x\n", r_rip.longValue()); System.out.printf(">>> RIP is 0x%x\n", r_rip);
// Uncomment below code to stop the emulation using uc_emu_stop() // Uncomment below code to stop the emulation using uc_emu_stop()
// if (address == 0x1000009) // if (address == 0x1000009)
@@ -155,11 +155,11 @@ public class Sample_x86 {
// this returns the data read from the port // this returns the data read from the port
private static class MyInHook implements InHook { private static class MyInHook implements InHook {
public int hook(Unicorn u, int port, int size, Object user_data) { public int hook(Unicorn u, int port, int size, Object user_data) {
Long r_eip = (Long) u.reg_read(Unicorn.UC_X86_REG_EIP); long r_eip = u.reg_read(Unicorn.UC_X86_REG_EIP);
System.out.printf( System.out.printf(
"--- reading from port 0x%x, size: %d, address: 0x%x\n", port, "--- reading from port 0x%x, size: %d, address: 0x%x\n", port,
size, r_eip.intValue()); size, r_eip);
switch (size) { switch (size) {
case 1: case 1:
@@ -180,34 +180,34 @@ public class Sample_x86 {
private static class MyOutHook implements OutHook { private static class MyOutHook implements OutHook {
public void hook(Unicorn u, int port, int size, int value, public void hook(Unicorn u, int port, int size, int value,
Object user) { Object user) {
Long eip = (Long) u.reg_read(Unicorn.UC_X86_REG_EIP); long eip = u.reg_read(Unicorn.UC_X86_REG_EIP);
Long tmp = null; long tmp = 0;
System.out.printf( System.out.printf(
"--- writing to port 0x%x, size: %d, value: 0x%x, address: 0x%x\n", "--- writing to port 0x%x, size: %d, value: 0x%x, address: 0x%x\n",
port, size, value, eip.intValue()); port, size, value, eip);
// confirm that value is indeed the value of AL/AX/EAX // confirm that value is indeed the value of AL/AX/EAX
switch (size) { switch (size) {
default: default:
return; // should never reach this return; // should never reach this
case 1: case 1:
tmp = (Long) u.reg_read(Unicorn.UC_X86_REG_AL); tmp = u.reg_read(Unicorn.UC_X86_REG_AL);
break; break;
case 2: case 2:
tmp = (Long) u.reg_read(Unicorn.UC_X86_REG_AX); tmp = u.reg_read(Unicorn.UC_X86_REG_AX);
break; break;
case 4: case 4:
tmp = (Long) u.reg_read(Unicorn.UC_X86_REG_EAX); tmp = u.reg_read(Unicorn.UC_X86_REG_EAX);
break; break;
} }
System.out.printf("--- register value = 0x%x\n", tmp.intValue()); System.out.printf("--- register value = 0x%x\n", tmp);
} }
} }
public static void test_i386() { public static void test_i386() {
Long r_ecx = 0x1234L; // ECX register long r_ecx = 0x1234L; // ECX register
Long r_edx = 0x7890L; // EDX register long r_edx = 0x7890L; // EDX register
System.out.print("Emulate i386 code\n"); System.out.print("Emulate i386 code\n");
@@ -254,10 +254,10 @@ public class Sample_x86 {
// now print out some registers // now print out some registers
System.out.print(">>> Emulation done. Below is the CPU context\n"); System.out.print(">>> Emulation done. Below is the CPU context\n");
r_ecx = (Long) uc.reg_read(Unicorn.UC_X86_REG_ECX); r_ecx = uc.reg_read(Unicorn.UC_X86_REG_ECX);
r_edx = (Long) uc.reg_read(Unicorn.UC_X86_REG_EDX); r_edx = uc.reg_read(Unicorn.UC_X86_REG_EDX);
System.out.printf(">>> ECX = 0x%x\n", r_ecx.intValue()); System.out.printf(">>> ECX = 0x%x\n", r_ecx);
System.out.printf(">>> EDX = 0x%x\n", r_edx.intValue()); System.out.printf(">>> EDX = 0x%x\n", r_edx);
// read from memory // read from memory
try { try {
@@ -272,8 +272,8 @@ public class Sample_x86 {
} }
public static void test_i386_inout() { public static void test_i386_inout() {
Long r_eax = 0x1234L; // ECX register long r_eax = 0x1234L; // ECX register
Long r_ecx = 0x6789L; // EDX register long r_ecx = 0x6789L; // EDX register
System.out.print("===================================\n"); System.out.print("===================================\n");
System.out.print("Emulate i386 code with IN/OUT instructions\n"); System.out.print("Emulate i386 code with IN/OUT instructions\n");
@@ -308,10 +308,10 @@ public class Sample_x86 {
// now print out some registers // now print out some registers
System.out.print(">>> Emulation done. Below is the CPU context\n"); System.out.print(">>> Emulation done. Below is the CPU context\n");
r_eax = (Long) u.reg_read(Unicorn.UC_X86_REG_EAX); r_eax = u.reg_read(Unicorn.UC_X86_REG_EAX);
r_ecx = (Long) u.reg_read(Unicorn.UC_X86_REG_ECX); r_ecx = u.reg_read(Unicorn.UC_X86_REG_ECX);
System.out.printf(">>> EAX = 0x%x\n", r_eax.intValue()); System.out.printf(">>> EAX = 0x%x\n", r_eax);
System.out.printf(">>> ECX = 0x%x\n", r_ecx.intValue()); System.out.printf(">>> ECX = 0x%x\n", r_ecx);
u.close(); u.close();
} }
@@ -345,8 +345,8 @@ public class Sample_x86 {
// emulate code that loop forever // emulate code that loop forever
public static void test_i386_loop() { public static void test_i386_loop() {
Long r_ecx = 0x1234L; // ECX register long r_ecx = 0x1234L; // ECX register
Long r_edx = 0x7890L; // EDX register long r_edx = 0x7890L; // EDX register
System.out.print("===================================\n"); System.out.print("===================================\n");
System.out.print("Emulate i386 code that loop forever\n"); System.out.print("Emulate i386 code that loop forever\n");
@@ -372,18 +372,18 @@ public class Sample_x86 {
// now print out some registers // now print out some registers
System.out.print(">>> Emulation done. Below is the CPU context\n"); System.out.print(">>> Emulation done. Below is the CPU context\n");
r_ecx = (Long) u.reg_read(Unicorn.UC_X86_REG_ECX); r_ecx = u.reg_read(Unicorn.UC_X86_REG_ECX);
r_edx = (Long) u.reg_read(Unicorn.UC_X86_REG_EDX); r_edx = u.reg_read(Unicorn.UC_X86_REG_EDX);
System.out.printf(">>> ECX = 0x%x\n", r_ecx.intValue()); System.out.printf(">>> ECX = 0x%x\n", r_ecx);
System.out.printf(">>> EDX = 0x%x\n", r_edx.intValue()); System.out.printf(">>> EDX = 0x%x\n", r_edx);
u.close(); u.close();
} }
// emulate code that read invalid memory // emulate code that read invalid memory
public static void test_i386_invalid_mem_read() { public static void test_i386_invalid_mem_read() {
Long r_ecx = 0x1234L; // ECX register long r_ecx = 0x1234L; // ECX register
Long r_edx = 0x7890L; // EDX register long r_edx = 0x7890L; // EDX register
System.out.print("===================================\n"); System.out.print("===================================\n");
System.out.print("Emulate i386 code that read from invalid memory\n"); System.out.print("Emulate i386 code that read from invalid memory\n");
@@ -420,18 +420,18 @@ public class Sample_x86 {
// now print out some registers // now print out some registers
System.out.print(">>> Emulation done. Below is the CPU context\n"); System.out.print(">>> Emulation done. Below is the CPU context\n");
r_ecx = (Long) u.reg_read(Unicorn.UC_X86_REG_ECX); r_ecx = u.reg_read(Unicorn.UC_X86_REG_ECX);
r_edx = (Long) u.reg_read(Unicorn.UC_X86_REG_EDX); r_edx = u.reg_read(Unicorn.UC_X86_REG_EDX);
System.out.printf(">>> ECX = 0x%x\n", r_ecx.intValue()); System.out.printf(">>> ECX = 0x%x\n", r_ecx);
System.out.printf(">>> EDX = 0x%x\n", r_edx.intValue()); System.out.printf(">>> EDX = 0x%x\n", r_edx);
u.close(); u.close();
} }
// emulate code that read invalid memory // emulate code that read invalid memory
public static void test_i386_invalid_mem_write() { public static void test_i386_invalid_mem_write() {
Long r_ecx = 0x1234L; // ECX register long r_ecx = 0x1234L; // ECX register
Long r_edx = 0x7890L; // EDX register long r_edx = 0x7890L; // EDX register
System.out.print("===================================\n"); System.out.print("===================================\n");
System.out.print("Emulate i386 code that write to invalid memory\n"); System.out.print("Emulate i386 code that write to invalid memory\n");
@@ -472,10 +472,10 @@ public class Sample_x86 {
// now print out some registers // now print out some registers
System.out.print(">>> Emulation done. Below is the CPU context\n"); System.out.print(">>> Emulation done. Below is the CPU context\n");
r_ecx = (Long) u.reg_read(Unicorn.UC_X86_REG_ECX); r_ecx = u.reg_read(Unicorn.UC_X86_REG_ECX);
r_edx = (Long) u.reg_read(Unicorn.UC_X86_REG_EDX); r_edx = u.reg_read(Unicorn.UC_X86_REG_EDX);
System.out.printf(">>> ECX = 0x%x\n", r_ecx.intValue()); System.out.printf(">>> ECX = 0x%x\n", r_ecx);
System.out.printf(">>> EDX = 0x%x\n", r_edx.intValue()); System.out.printf(">>> EDX = 0x%x\n", r_edx);
// read from memory // read from memory
byte tmp[] = u.mem_read(0xaaaaaaaa, 4); byte tmp[] = u.mem_read(0xaaaaaaaa, 4);
@@ -496,8 +496,8 @@ public class Sample_x86 {
// emulate code that jump to invalid memory // emulate code that jump to invalid memory
public static void test_i386_jump_invalid() { public static void test_i386_jump_invalid() {
Long r_ecx = 0x1234L; // ECX register long r_ecx = 0x1234L; // ECX register
Long r_edx = 0x7890L; // EDX register long r_edx = 0x7890L; // EDX register
System.out.print("===================================\n"); System.out.print("===================================\n");
System.out.print("Emulate i386 code that jumps to invalid memory\n"); System.out.print("Emulate i386 code that jumps to invalid memory\n");
@@ -533,10 +533,10 @@ public class Sample_x86 {
// now print out some registers // now print out some registers
System.out.print(">>> Emulation done. Below is the CPU context\n"); System.out.print(">>> Emulation done. Below is the CPU context\n");
r_ecx = (Long) u.reg_read(Unicorn.UC_X86_REG_ECX); r_ecx = u.reg_read(Unicorn.UC_X86_REG_ECX);
r_edx = (Long) u.reg_read(Unicorn.UC_X86_REG_EDX); r_edx = u.reg_read(Unicorn.UC_X86_REG_EDX);
System.out.printf(">>> ECX = 0x%x\n", r_ecx.intValue()); System.out.printf(">>> ECX = 0x%x\n", r_ecx);
System.out.printf(">>> EDX = 0x%x\n", r_edx.intValue()); System.out.printf(">>> EDX = 0x%x\n", r_edx);
u.close(); u.close();
} }
@@ -607,43 +607,43 @@ public class Sample_x86 {
// now print out some registers // now print out some registers
System.out.print(">>> Emulation done. Below is the CPU context\n"); System.out.print(">>> Emulation done. Below is the CPU context\n");
Long r_rax = (Long) u.reg_read(Unicorn.UC_X86_REG_RAX); long r_rax = u.reg_read(Unicorn.UC_X86_REG_RAX);
Long r_rbx = (Long) u.reg_read(Unicorn.UC_X86_REG_RBX); long r_rbx = u.reg_read(Unicorn.UC_X86_REG_RBX);
Long r_rcx = (Long) u.reg_read(Unicorn.UC_X86_REG_RCX); long r_rcx = u.reg_read(Unicorn.UC_X86_REG_RCX);
Long r_rdx = (Long) u.reg_read(Unicorn.UC_X86_REG_RDX); long r_rdx = u.reg_read(Unicorn.UC_X86_REG_RDX);
Long r_rsi = (Long) u.reg_read(Unicorn.UC_X86_REG_RSI); long r_rsi = u.reg_read(Unicorn.UC_X86_REG_RSI);
Long r_rdi = (Long) u.reg_read(Unicorn.UC_X86_REG_RDI); long r_rdi = u.reg_read(Unicorn.UC_X86_REG_RDI);
Long r_r8 = (Long) u.reg_read(Unicorn.UC_X86_REG_R8); long r_r8 = u.reg_read(Unicorn.UC_X86_REG_R8);
Long r_r9 = (Long) u.reg_read(Unicorn.UC_X86_REG_R9); long r_r9 = u.reg_read(Unicorn.UC_X86_REG_R9);
Long r_r10 = (Long) u.reg_read(Unicorn.UC_X86_REG_R10); long r_r10 = u.reg_read(Unicorn.UC_X86_REG_R10);
Long r_r11 = (Long) u.reg_read(Unicorn.UC_X86_REG_R11); long r_r11 = u.reg_read(Unicorn.UC_X86_REG_R11);
Long r_r12 = (Long) u.reg_read(Unicorn.UC_X86_REG_R12); long r_r12 = u.reg_read(Unicorn.UC_X86_REG_R12);
Long r_r13 = (Long) u.reg_read(Unicorn.UC_X86_REG_R13); long r_r13 = u.reg_read(Unicorn.UC_X86_REG_R13);
Long r_r14 = (Long) u.reg_read(Unicorn.UC_X86_REG_R14); long r_r14 = u.reg_read(Unicorn.UC_X86_REG_R14);
Long r_r15 = (Long) u.reg_read(Unicorn.UC_X86_REG_R15); long r_r15 = u.reg_read(Unicorn.UC_X86_REG_R15);
System.out.printf(">>> RAX = 0x%x\n", r_rax.longValue()); System.out.printf(">>> RAX = 0x%x\n", r_rax);
System.out.printf(">>> RBX = 0x%x\n", r_rbx.longValue()); System.out.printf(">>> RBX = 0x%x\n", r_rbx);
System.out.printf(">>> RCX = 0x%x\n", r_rcx.longValue()); System.out.printf(">>> RCX = 0x%x\n", r_rcx);
System.out.printf(">>> RDX = 0x%x\n", r_rdx.longValue()); System.out.printf(">>> RDX = 0x%x\n", r_rdx);
System.out.printf(">>> RSI = 0x%x\n", r_rsi.longValue()); System.out.printf(">>> RSI = 0x%x\n", r_rsi);
System.out.printf(">>> RDI = 0x%x\n", r_rdi.longValue()); System.out.printf(">>> RDI = 0x%x\n", r_rdi);
System.out.printf(">>> R8 = 0x%x\n", r_r8.longValue()); System.out.printf(">>> R8 = 0x%x\n", r_r8);
System.out.printf(">>> R9 = 0x%x\n", r_r9.longValue()); System.out.printf(">>> R9 = 0x%x\n", r_r9);
System.out.printf(">>> R10 = 0x%x\n", r_r10.longValue()); System.out.printf(">>> R10 = 0x%x\n", r_r10);
System.out.printf(">>> R11 = 0x%x\n", r_r11.longValue()); System.out.printf(">>> R11 = 0x%x\n", r_r11);
System.out.printf(">>> R12 = 0x%x\n", r_r12.longValue()); System.out.printf(">>> R12 = 0x%x\n", r_r12);
System.out.printf(">>> R13 = 0x%x\n", r_r13.longValue()); System.out.printf(">>> R13 = 0x%x\n", r_r13);
System.out.printf(">>> R14 = 0x%x\n", r_r14.longValue()); System.out.printf(">>> R14 = 0x%x\n", r_r14);
System.out.printf(">>> R15 = 0x%x\n", r_r15.longValue()); System.out.printf(">>> R15 = 0x%x\n", r_r15);
u.close(); u.close();
} }
public static void test_x86_16() { public static void test_x86_16() {
Long eax = 7L; long eax = 7L;
Long ebx = 5L; long ebx = 5L;
Long esi = 6L; long esi = 6L;
System.out.print("Emulate x86 16-bit code\n"); System.out.print("Emulate x86 16-bit code\n");

4
bindings/java/samples/Sample_x86_mmr.java
View File

@@ -46,7 +46,7 @@ public class Sample_x86_mmr {
X86_MMR ldtr2; X86_MMR ldtr2;
X86_MMR gdtr1 = new X86_MMR(0x6666666677777777L, 0x88888888, 0x99999999, X86_MMR gdtr1 = new X86_MMR(0x6666666677777777L, 0x88888888, 0x99999999,
(short) 0xaaaa); (short) 0xaaaa);
X86_MMR gdtr2, gdtr3, gdtr4; X86_MMR gdtr2;
int eax; int eax;
@@ -57,7 +57,7 @@ public class Sample_x86_mmr {
uc.reg_write(Unicorn.UC_X86_REG_EAX, 0xddddddddL); uc.reg_write(Unicorn.UC_X86_REG_EAX, 0xddddddddL);
// read the registers back out // read the registers back out
eax = (int) ((Long) uc.reg_read(Unicorn.UC_X86_REG_EAX)).longValue(); eax = (int) uc.reg_read(Unicorn.UC_X86_REG_EAX);
ldtr2 = (X86_MMR) uc.reg_read(Unicorn.UC_X86_REG_LDTR, null); ldtr2 = (X86_MMR) uc.reg_read(Unicorn.UC_X86_REG_LDTR, null);
gdtr2 = (X86_MMR) uc.reg_read(Unicorn.UC_X86_REG_GDTR, null); gdtr2 = (X86_MMR) uc.reg_read(Unicorn.UC_X86_REG_GDTR, null);

28
bindings/java/samples/Shellcode.java
View File

@@ -67,9 +67,9 @@ public class Shellcode {
"Tracing instruction at 0x%x, instruction size = 0x%x\n", "Tracing instruction at 0x%x, instruction size = 0x%x\n",
address, size)); address, size));
Long r_eip = (Long) u.reg_read(Unicorn.UC_X86_REG_EIP); long r_eip = u.reg_read(Unicorn.UC_X86_REG_EIP);
System.out.print( System.out.print(
String.format("*** EIP = %x ***: ", r_eip.intValue())); String.format("*** EIP = %x ***: ", r_eip));
size = Math.min(16, size); size = Math.min(16, size);
@@ -83,8 +83,8 @@ public class Shellcode {
public static class MyInterruptHook implements InterruptHook { public static class MyInterruptHook implements InterruptHook {
public void hook(Unicorn u, int intno, Object user) { public void hook(Unicorn u, int intno, Object user) {
Long r_ecx; long r_ecx;
Long r_edx; long r_edx;
int size; int size;
// only handle Linux syscall // only handle Linux syscall
@@ -92,27 +92,27 @@ public class Shellcode {
return; return;
} }
Long r_eax = (Long) u.reg_read(Unicorn.UC_X86_REG_EAX); long r_eax = u.reg_read(Unicorn.UC_X86_REG_EAX);
Long r_eip = (Long) u.reg_read(Unicorn.UC_X86_REG_EIP); long r_eip = u.reg_read(Unicorn.UC_X86_REG_EIP);
switch (r_eax.intValue()) { switch ((int) r_eax) {
default: default:
System.out.print( System.out.print(
String.format(">>> 0x%x: interrupt 0x%x, EAX = 0x%x\n", String.format(">>> 0x%x: interrupt 0x%x, EAX = 0x%x\n",
r_eip.intValue(), intno, r_eax.intValue())); r_eip, intno, r_eax));
break; break;
case 1: // sys_exit case 1: // sys_exit
System.out.print(String.format( System.out.print(String.format(
">>> 0x%x: interrupt 0x%x, SYS_EXIT. quit!\n\n", ">>> 0x%x: interrupt 0x%x, SYS_EXIT. quit!\n\n",
r_eip.intValue(), intno)); r_eip, intno));
u.emu_stop(); u.emu_stop();
break; break;
case 4: // sys_write case 4: // sys_write
// ECX = buffer address // ECX = buffer address
r_ecx = (Long) u.reg_read(Unicorn.UC_X86_REG_ECX); r_ecx = u.reg_read(Unicorn.UC_X86_REG_ECX);
// EDX = buffer size // EDX = buffer size
r_edx = (Long) u.reg_read(Unicorn.UC_X86_REG_EDX); r_edx = u.reg_read(Unicorn.UC_X86_REG_EDX);
// read the buffer in // read the buffer in
size = (int) Math.min(256, r_edx); size = (int) Math.min(256, r_edx);
@@ -120,15 +120,15 @@ public class Shellcode {
byte[] buffer = u.mem_read(r_ecx, size); byte[] buffer = u.mem_read(r_ecx, size);
System.out.print(String.format( System.out.print(String.format(
">>> 0x%x: interrupt 0x%x, SYS_WRITE. buffer = 0x%x, size = %u, content = '%s'\n", ">>> 0x%x: interrupt 0x%x, SYS_WRITE. buffer = 0x%x, size = %u, content = '%s'\n",
r_eip.intValue(), intno, r_ecx.intValue(), r_eip, intno, r_ecx,
r_edx.intValue(), new String(buffer))); r_edx, new String(buffer)));
break; break;
} }
} }
} }
public static void test_i386() { public static void test_i386() {
Long r_esp = ADDRESS + 0x200000L; // ESP register long r_esp = ADDRESS + 0x200000L; // ESP register
System.out.print("Emulate i386 code\n"); System.out.print("Emulate i386 code\n");