admin/white_patch_detect
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

添加项目文件。

Browse Source
This commit is contained in:
Huoji's
2024-08-03 02:01:16 +08:00
parent f6d40b3762
commit 0848cf2be7
653 changed files with 302590 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

9
white_patch_detect/capstone-master/bindings/python/.gitignore vendored Normal file
View File

@@ -0,0 +1,9 @@
MANIFEST
dist/
src/
capstone/lib
capstone/include
pyx/lib
pyx/include
pyx/*.c
pyx/*.pyx

77
white_patch_detect/capstone-master/bindings/python/BUILDING.txt Normal file
View File

@@ -0,0 +1,77 @@
0. This documentation explains how to install the Python bindings for Capstone
from source. If you want to install it from a PyPi package (recommended if
you are on Windows), see README.txt.
1. To install Capstone and the Python bindings on *nix, run the command below:
$ sudo make install
To install Capstone for Python 3, run the command below:
(Note: this requires python3 installed in your machine)
$ sudo make install3
To control the install destination, set the DESTDIR environment variable.
2. For better Python performance, install cython-based binding with:
$ sudo make install_cython
Note that this requires Cython installed first. To install Cython, see
below.
3. To install Cython, you have to ensure that the header files
and the static library for Python are installed beforehand.
E.g. on Ubuntu, do:
$ sudo apt-get install python-dev
Depending on if you already have pip or easy_install installed, install
Cython with either:
$ sudo pip install cython
or:
$ sudo easy_install cython
NOTE: Depending on your distribution you might also be able to
install the required Cython version using your repository.
E.g. on Ubuntu, do:
$ sudo apt-get install cython
However, our cython-based binding requires Cython version 0.19 or newer,
but sometimes distributions only provide older version. Make sure to
verify the current installed version before going into section 2 above.
E.g, on Ubuntu, you can verify the current Cython version with:
$ apt-cache policy cython
Which should at least print version 0.19
4. This directory contains some test code to show how to use the Capstone API.
- test_basic.py
This code shows the most simple form of API where we only want to get basic
information out of disassembled instruction, such as address, mnemonic and
operand string.
- test_lite.py
Similarly to test_basic.py, but this code shows how to use disasm_lite(), a lighter
method to disassemble binary. Unlike disasm() API (used by test_basic.py), which returns
CsInsn objects, this API just returns tuples of (address, size, mnemonic, op_str).
The main reason for using this API is better performance: disasm_lite() is at least
20% faster than disasm(). Memory usage is also less. So if you just need basic
information out of disassembler, use disasm_lite() instead of disasm().
- test_detail.py:
This code shows how to access to architecture-neutral information in disassembled
instructions, such as implicit registers read/written, or groups of instructions
that this instruction belong to.
- test_<arch>.py
These code show how to access architecture-specific information for each
architecture.

31
white_patch_detect/capstone-master/bindings/python/LICENSE.TXT Normal file
View File

@@ -0,0 +1,31 @@
This is the software license for Capstone disassembly framework.
Capstone has been designed & implemented by Nguyen Anh Quynh <aquynh@gmail.com>
See http://www.capstone-engine.org for further information.
Copyright (c) 2013, COSEINC.
All rights reserved.
Redistribution and use in source and binary forms, with or without
modification, are permitted provided that the following conditions are met:
* Redistributions of source code must retain the above copyright notice,
this list of conditions and the following disclaimer.
* Redistributions in binary form must reproduce the above copyright notice,
this list of conditions and the following disclaimer in the documentation
and/or other materials provided with the distribution.
* Neither the name of the developer(s) nor the names of its
contributors may be used to endorse or promote products derived from this
software without specific prior written permission.
THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS"
AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDER OR CONTRIBUTORS BE
LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR
CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
POSSIBILITY OF SUCH DAMAGE.

5
white_patch_detect/capstone-master/bindings/python/MANIFEST.in Normal file
View File

@@ -0,0 +1,5 @@
recursive-include src *
include LICENSE.TXT
include README.txt
include BUILDING.txt
include Makefile

81
white_patch_detect/capstone-master/bindings/python/Makefile Normal file
View File

@@ -0,0 +1,81 @@
PYTHON2 ?= python
PYTHON3 ?= python3
.PHONY: gen_const install install3 install_cython sdist sdist3 bdist bdist3 clean check
gen_const:
cd .. && $(PYTHON2) const_generator.py python
install:
rm -rf src/
if test -n "${DESTDIR}"; then \
$(PYTHON2) setup.py build install --root="${DESTDIR}"; \
else \
$(PYTHON2) setup.py build install; \
fi
install3:
rm -rf src/
if test -n "${DESTDIR}"; then \
$(PYTHON3) setup.py build install --root="${DESTDIR}"; \
else \
$(PYTHON3) setup.py build install; \
fi
# NOTE: Newer cython can be installed by: sudo pip install --upgrade cython
install_cython:
rm -rf src/
if test -n "${DESTDIR}"; then \
$(PYTHON2) setup_cython.py build install --root="${DESTDIR}"; \
else \
$(PYTHON2) setup_cython.py build install; \
fi
install3_cython:
rm -rf src/
if test -n "${DESTDIR}"; then \
$(PYTHON3) setup_cython.py build install --root="${DESTDIR}"; \
else \
$(PYTHON3) setup_cython.py build install; \
fi
# build & upload PyPi package with source code of the core
sdist:
rm -rf src/ dist/
$(PYTHON2) setup.py sdist register upload
# build & upload PyPi package with source code of the core
sdist3:
rm -rf src/ dist/
$(PYTHON3) setup.py sdist register upload
# build & upload PyPi package with prebuilt core
bdist:
rm -rf src/ dist/
$(PYTHON2) setup.py bdist_wheel register upload
# build & upload PyPi package with prebuilt core
bdist3:
rm -rf src/ dist/
$(PYTHON3) setup.py bdist_wheel register upload
clean:
rm -rf build/ src/ dist/ *.egg-info
rm -rf capstone/lib capstone/include pyx/lib pyx/include
rm -f pyx/*.c pyx/__init__.py
for f in capstone/*.py; do rm -f pyx/$$(basename $$f)x; done
rm -f MANIFEST
rm -f *.pyc capstone/*.pyc
TESTS = test_basic.py test_detail.py test_arm.py test_arm64.py test_m68k.py test_mips.py
TESTS += test_ppc.py test_sparc.py test_systemz.py test_x86.py test_xcore.py test_tms320c64x.py
TESTS += test_m680x.py test_skipdata.py test_mos65xx.py
check:
@for t in $(TESTS); do \
echo Check $$t ... ; \
./$$t > /dev/null; \
if [ $$? -eq 0 ]; then echo OK; else echo FAILED; exit 1; fi \
done

65
white_patch_detect/capstone-master/bindings/python/README.txt Normal file
View File

@@ -0,0 +1,65 @@
To install Capstone, you should run `pip install capstone`.
If you would like to build Capstone with just the source distribution, without
pip, just run `python setup.py install` in the folder with setup.py in it.
In order to use this source distribution, you will need an environment that can
compile C code. On Linux, this is usually easy, but on Windows, this involves
installing Visual Studio and using the "Developer Command Prompt" to perform the
installation. See BUILDING.txt for more information.
By default, attempting to install the python bindings will trigger a build of
the capstone native core. If this is undesirable for whatever reason, for
instance, you already have a globally installed copy of libcapstone, you may
inhibit the build by setting the environment variable LIBCAPSTONE_PATH. The
exact value is not checked, just setting it will inhibit the build. During
execution, this variable may be set to the path of a directory containing a
specific version of libcapstone you would like to use.
If you don't want to build your own copy of Capstone, you can use a precompiled
binary distribution from PyPI. Saying `pip install capstone` should
automatically obtain an appropriate copy for your system. If it does not, please
open an issue at https://github.com/aquynh/capstone and tag @rhelmot - she
will fix this, probably!
--------------------------------------------------------------------------------
Capstone is a disassembly framework with the target of becoming the ultimate
disasm engine for binary analysis and reversing in the security community.
Created by Nguyen Anh Quynh, then developed and maintained by a small community,
Capstone offers some unparalleled features:
- Support multiple hardware architectures: ARM, ARM64 (ARMv8), Mips, PPC, Sparc,
SystemZ, XCore and X86 (including X86_64).
- Having clean/simple/lightweight/intuitive architecture-neutral API.
- Provide details on disassembled instruction (called “decomposer” by others).
- Provide semantics of the disassembled instruction, such as list of implicit
registers read & written.
- Implemented in pure C language, with lightweight wrappers for C++, C#, Go,
Java, NodeJS, Ocaml, Python, Ruby & Vala ready (available in main code,
or provided externally by the community).
- Native support for all popular platforms: Windows, Mac OSX, iOS, Android,
Linux, *BSD, Solaris, etc.
- Thread-safe by design.
- Special support for embedding into firmware or OS kernel.
- High performance & suitable for malware analysis (capable of handling various
X86 malware tricks).
- Distributed under the open source BSD license.
Further information is available at http://www.capstone-engine.org
[License]
This project is released under the BSD license. If you redistribute the binary
or source code of Capstone, please attach file LICENSE.TXT with your products.

15
white_patch_detect/capstone-master/bindings/python/build_wheel.sh Normal file
View File

@@ -0,0 +1,15 @@
#!/bin/bash
set -e -x
cd bindings/python
sudo rm /usr/bin/python && sudo ln -s /opt/python/cp27-cp27m/bin/python /usr/bin/python; python -V
# Compile wheels
if [ -f /opt/python/cp36-cp36m/bin/python ];then
/opt/python/cp36-cp36m/bin/python setup.py bdist_wheel
else
python3 setup.py bdist_wheel
fi
cd dist
auditwheel repair *.whl
mv -f wheelhouse/*.whl .

82
white_patch_detect/capstone-master/bindings/python/capstone/arm.py Normal file
View File

@@ -0,0 +1,82 @@
# Capstone Python bindings, by Nguyen Anh Quynnh <aquynh@gmail.com>
import ctypes
from . import copy_ctypes_list
from .arm_const import *
# define the API
class ArmOpMem(ctypes.Structure):
_fields_ = (
('base', ctypes.c_uint),
('index', ctypes.c_uint),
('scale', ctypes.c_int),
('disp', ctypes.c_int),
('lshift', ctypes.c_int),
)
class ArmOpShift(ctypes.Structure):
_fields_ = (
('type', ctypes.c_uint),
('value', ctypes.c_uint),
)
class ArmOpValue(ctypes.Union):
_fields_ = (
('reg', ctypes.c_uint),
('imm', ctypes.c_int32),
('fp', ctypes.c_double),
('mem', ArmOpMem),
('setend', ctypes.c_int),
)
class ArmOp(ctypes.Structure):
_fields_ = (
('vector_index', ctypes.c_int),
('shift', ArmOpShift),
('type', ctypes.c_uint),
('value', ArmOpValue),
('subtracted', ctypes.c_bool),
('access', ctypes.c_uint8),
('neon_lane', ctypes.c_int8),
)
@property
def imm(self):
return self.value.imm
@property
def reg(self):
return self.value.reg
@property
def fp(self):
return self.value.fp
@property
def mem(self):
return self.value.mem
@property
def setend(self):
return self.value.setend
class CsArm(ctypes.Structure):
_fields_ = (
('usermode', ctypes.c_bool),
('vector_size', ctypes.c_int),
('vector_data', ctypes.c_int),
('cps_mode', ctypes.c_int),
('cps_flag', ctypes.c_int),
('cc', ctypes.c_uint),
('update_flags', ctypes.c_bool),
('writeback', ctypes.c_bool),
('mem_barrier', ctypes.c_int),
('op_count', ctypes.c_uint8),
('operands', ArmOp * 36),
)
def get_arch_info(a):
return (a.usermode, a.vector_size, a.vector_data, a.cps_mode, a.cps_flag, a.cc, a.update_flags, \
a.writeback, a.mem_barrier, copy_ctypes_list(a.operands[:a.op_count]))

90
white_patch_detect/capstone-master/bindings/python/capstone/arm64.py Normal file
View File

@@ -0,0 +1,90 @@
# Capstone Python bindings, by Nguyen Anh Quynnh <aquynh@gmail.com>
import ctypes
from . import copy_ctypes_list
from .arm64_const import *
# define the API
class Arm64OpMem(ctypes.Structure):
_fields_ = (
('base', ctypes.c_uint),
('index', ctypes.c_uint),
('disp', ctypes.c_int32),
)
class Arm64OpShift(ctypes.Structure):
_fields_ = (
('type', ctypes.c_uint),
('value', ctypes.c_uint),
)
class Arm64OpValue(ctypes.Union):
_fields_ = (
('reg', ctypes.c_uint),
('imm', ctypes.c_int64),
('fp', ctypes.c_double),
('mem', Arm64OpMem),
('pstate', ctypes.c_int),
('sys', ctypes.c_uint),
('prefetch', ctypes.c_int),
('barrier', ctypes.c_int),
)
class Arm64Op(ctypes.Structure):
_fields_ = (
('vector_index', ctypes.c_int),
('vas', ctypes.c_int),
('vess', ctypes.c_int),
('shift', Arm64OpShift),
('ext', ctypes.c_uint),
('type', ctypes.c_uint),
('value', Arm64OpValue),
('access', ctypes.c_uint8),
)
@property
def imm(self):
return self.value.imm
@property
def reg(self):
return self.value.reg
@property
def fp(self):
return self.value.fp
@property
def mem(self):
return self.value.mem
@property
def pstate(self):
return self.value.pstate
@property
def sys(self):
return self.value.sys
@property
def prefetch(self):
return self.value.prefetch
@property
def barrier(self):
return self.value.barrier
class CsArm64(ctypes.Structure):
_fields_ = (
('cc', ctypes.c_uint),
('update_flags', ctypes.c_bool),
('writeback', ctypes.c_bool),
('op_count', ctypes.c_uint8),
('operands', Arm64Op * 8),
)
def get_arch_info(a):
return (a.cc, a.update_flags, a.writeback, copy_ctypes_list(a.operands[:a.op_count]))

1006
white_patch_detect/capstone-master/bindings/python/capstone/arm64_const.py Normal file
View File

File diff suppressed because it is too large Load Diff

775
white_patch_detect/capstone-master/bindings/python/capstone/arm_const.py Normal file
View File

@@ -0,0 +1,775 @@
# For Capstone Engine. AUTO-GENERATED FILE, DO NOT EDIT [arm_const.py]
ARM_SFT_INVALID = 0
ARM_SFT_ASR = 1
ARM_SFT_LSL = 2
ARM_SFT_LSR = 3
ARM_SFT_ROR = 4
ARM_SFT_RRX = 5
ARM_SFT_ASR_REG = 6
ARM_SFT_LSL_REG = 7
ARM_SFT_LSR_REG = 8
ARM_SFT_ROR_REG = 9
ARM_SFT_RRX_REG = 10
ARM_CC_INVALID = 0
ARM_CC_EQ = 1
ARM_CC_NE = 2
ARM_CC_HS = 3
ARM_CC_LO = 4
ARM_CC_MI = 5
ARM_CC_PL = 6
ARM_CC_VS = 7
ARM_CC_VC = 8
ARM_CC_HI = 9
ARM_CC_LS = 10
ARM_CC_GE = 11
ARM_CC_LT = 12
ARM_CC_GT = 13
ARM_CC_LE = 14
ARM_CC_AL = 15
ARM_SYSREG_INVALID = 0
ARM_SYSREG_SPSR_C = 1
ARM_SYSREG_SPSR_X = 2
ARM_SYSREG_SPSR_S = 4
ARM_SYSREG_SPSR_F = 8
ARM_SYSREG_CPSR_C = 16
ARM_SYSREG_CPSR_X = 32
ARM_SYSREG_CPSR_S = 64
ARM_SYSREG_CPSR_F = 128
ARM_SYSREG_APSR = 256
ARM_SYSREG_APSR_G = 257
ARM_SYSREG_APSR_NZCVQ = 258
ARM_SYSREG_APSR_NZCVQG = 259
ARM_SYSREG_IAPSR = 260
ARM_SYSREG_IAPSR_G = 261
ARM_SYSREG_IAPSR_NZCVQG = 262
ARM_SYSREG_IAPSR_NZCVQ = 263
ARM_SYSREG_EAPSR = 264
ARM_SYSREG_EAPSR_G = 265
ARM_SYSREG_EAPSR_NZCVQG = 266
ARM_SYSREG_EAPSR_NZCVQ = 267
ARM_SYSREG_XPSR = 268
ARM_SYSREG_XPSR_G = 269
ARM_SYSREG_XPSR_NZCVQG = 270
ARM_SYSREG_XPSR_NZCVQ = 271
ARM_SYSREG_IPSR = 272
ARM_SYSREG_EPSR = 273
ARM_SYSREG_IEPSR = 274
ARM_SYSREG_MSP = 275
ARM_SYSREG_PSP = 276
ARM_SYSREG_PRIMASK = 277
ARM_SYSREG_BASEPRI = 278
ARM_SYSREG_BASEPRI_MAX = 279
ARM_SYSREG_FAULTMASK = 280
ARM_SYSREG_CONTROL = 281
ARM_SYSREG_R8_USR = 282
ARM_SYSREG_R9_USR = 283
ARM_SYSREG_R10_USR = 284
ARM_SYSREG_R11_USR = 285
ARM_SYSREG_R12_USR = 286
ARM_SYSREG_SP_USR = 287
ARM_SYSREG_LR_USR = 288
ARM_SYSREG_R8_FIQ = 289
ARM_SYSREG_R9_FIQ = 290
ARM_SYSREG_R10_FIQ = 291
ARM_SYSREG_R11_FIQ = 292
ARM_SYSREG_R12_FIQ = 293
ARM_SYSREG_SP_FIQ = 294
ARM_SYSREG_LR_FIQ = 295
ARM_SYSREG_LR_IRQ = 296
ARM_SYSREG_SP_IRQ = 297
ARM_SYSREG_LR_SVC = 298
ARM_SYSREG_SP_SVC = 299
ARM_SYSREG_LR_ABT = 300
ARM_SYSREG_SP_ABT = 301
ARM_SYSREG_LR_UND = 302
ARM_SYSREG_SP_UND = 303
ARM_SYSREG_LR_MON = 304
ARM_SYSREG_SP_MON = 305
ARM_SYSREG_ELR_HYP = 306
ARM_SYSREG_SP_HYP = 307
ARM_SYSREG_SPSR_FIQ = 308
ARM_SYSREG_SPSR_IRQ = 309
ARM_SYSREG_SPSR_SVC = 310
ARM_SYSREG_SPSR_ABT = 311
ARM_SYSREG_SPSR_UND = 312
ARM_SYSREG_SPSR_MON = 313
ARM_SYSREG_SPSR_HYP = 314
ARM_MB_INVALID = 0
ARM_MB_RESERVED_0 = 1
ARM_MB_OSHLD = 2
ARM_MB_OSHST = 3
ARM_MB_OSH = 4
ARM_MB_RESERVED_4 = 5
ARM_MB_NSHLD = 6
ARM_MB_NSHST = 7
ARM_MB_NSH = 8
ARM_MB_RESERVED_8 = 9
ARM_MB_ISHLD = 10
ARM_MB_ISHST = 11
ARM_MB_ISH = 12
ARM_MB_RESERVED_12 = 13
ARM_MB_LD = 14
ARM_MB_ST = 15
ARM_MB_SY = 16
ARM_OP_INVALID = 0
ARM_OP_REG = 1
ARM_OP_IMM = 2
ARM_OP_MEM = 3
ARM_OP_FP = 4
ARM_OP_CIMM = 64
ARM_OP_PIMM = 65
ARM_OP_SETEND = 66
ARM_OP_SYSREG = 67
ARM_SETEND_INVALID = 0
ARM_SETEND_BE = 1
ARM_SETEND_LE = 2
ARM_CPSMODE_INVALID = 0
ARM_CPSMODE_IE = 2
ARM_CPSMODE_ID = 3
ARM_CPSFLAG_INVALID = 0
ARM_CPSFLAG_F = 1
ARM_CPSFLAG_I = 2
ARM_CPSFLAG_A = 4
ARM_CPSFLAG_NONE = 16
ARM_VECTORDATA_INVALID = 0
ARM_VECTORDATA_I8 = 1
ARM_VECTORDATA_I16 = 2
ARM_VECTORDATA_I32 = 3
ARM_VECTORDATA_I64 = 4
ARM_VECTORDATA_S8 = 5
ARM_VECTORDATA_S16 = 6
ARM_VECTORDATA_S32 = 7
ARM_VECTORDATA_S64 = 8
ARM_VECTORDATA_U8 = 9
ARM_VECTORDATA_U16 = 10
ARM_VECTORDATA_U32 = 11
ARM_VECTORDATA_U64 = 12
ARM_VECTORDATA_P8 = 13
ARM_VECTORDATA_F32 = 14
ARM_VECTORDATA_F64 = 15
ARM_VECTORDATA_F16F64 = 16
ARM_VECTORDATA_F64F16 = 17
ARM_VECTORDATA_F32F16 = 18
ARM_VECTORDATA_F16F32 = 19
ARM_VECTORDATA_F64F32 = 20
ARM_VECTORDATA_F32F64 = 21
ARM_VECTORDATA_S32F32 = 22
ARM_VECTORDATA_U32F32 = 23
ARM_VECTORDATA_F32S32 = 24
ARM_VECTORDATA_F32U32 = 25
ARM_VECTORDATA_F64S16 = 26
ARM_VECTORDATA_F32S16 = 27
ARM_VECTORDATA_F64S32 = 28
ARM_VECTORDATA_S16F64 = 29
ARM_VECTORDATA_S16F32 = 30
ARM_VECTORDATA_S32F64 = 31
ARM_VECTORDATA_U16F64 = 32
ARM_VECTORDATA_U16F32 = 33
ARM_VECTORDATA_U32F64 = 34
ARM_VECTORDATA_F64U16 = 35
ARM_VECTORDATA_F32U16 = 36
ARM_VECTORDATA_F64U32 = 37
ARM_REG_INVALID = 0
ARM_REG_APSR = 1
ARM_REG_APSR_NZCV = 2
ARM_REG_CPSR = 3
ARM_REG_FPEXC = 4
ARM_REG_FPINST = 5
ARM_REG_FPSCR = 6
ARM_REG_FPSCR_NZCV = 7
ARM_REG_FPSID = 8
ARM_REG_ITSTATE = 9
ARM_REG_LR = 10
ARM_REG_PC = 11
ARM_REG_SP = 12
ARM_REG_SPSR = 13
ARM_REG_D0 = 14
ARM_REG_D1 = 15
ARM_REG_D2 = 16
ARM_REG_D3 = 17
ARM_REG_D4 = 18
ARM_REG_D5 = 19
ARM_REG_D6 = 20
ARM_REG_D7 = 21
ARM_REG_D8 = 22
ARM_REG_D9 = 23
ARM_REG_D10 = 24
ARM_REG_D11 = 25
ARM_REG_D12 = 26
ARM_REG_D13 = 27
ARM_REG_D14 = 28
ARM_REG_D15 = 29
ARM_REG_D16 = 30
ARM_REG_D17 = 31
ARM_REG_D18 = 32
ARM_REG_D19 = 33
ARM_REG_D20 = 34
ARM_REG_D21 = 35
ARM_REG_D22 = 36
ARM_REG_D23 = 37
ARM_REG_D24 = 38
ARM_REG_D25 = 39
ARM_REG_D26 = 40
ARM_REG_D27 = 41
ARM_REG_D28 = 42
ARM_REG_D29 = 43
ARM_REG_D30 = 44
ARM_REG_D31 = 45
ARM_REG_FPINST2 = 46
ARM_REG_MVFR0 = 47
ARM_REG_MVFR1 = 48
ARM_REG_MVFR2 = 49
ARM_REG_Q0 = 50
ARM_REG_Q1 = 51
ARM_REG_Q2 = 52
ARM_REG_Q3 = 53
ARM_REG_Q4 = 54
ARM_REG_Q5 = 55
ARM_REG_Q6 = 56
ARM_REG_Q7 = 57
ARM_REG_Q8 = 58
ARM_REG_Q9 = 59
ARM_REG_Q10 = 60
ARM_REG_Q11 = 61
ARM_REG_Q12 = 62
ARM_REG_Q13 = 63
ARM_REG_Q14 = 64
ARM_REG_Q15 = 65
ARM_REG_R0 = 66
ARM_REG_R1 = 67
ARM_REG_R2 = 68
ARM_REG_R3 = 69
ARM_REG_R4 = 70
ARM_REG_R5 = 71
ARM_REG_R6 = 72
ARM_REG_R7 = 73
ARM_REG_R8 = 74
ARM_REG_R9 = 75
ARM_REG_R10 = 76
ARM_REG_R11 = 77
ARM_REG_R12 = 78
ARM_REG_S0 = 79
ARM_REG_S1 = 80
ARM_REG_S2 = 81
ARM_REG_S3 = 82
ARM_REG_S4 = 83
ARM_REG_S5 = 84
ARM_REG_S6 = 85
ARM_REG_S7 = 86
ARM_REG_S8 = 87
ARM_REG_S9 = 88
ARM_REG_S10 = 89
ARM_REG_S11 = 90
ARM_REG_S12 = 91
ARM_REG_S13 = 92
ARM_REG_S14 = 93
ARM_REG_S15 = 94
ARM_REG_S16 = 95
ARM_REG_S17 = 96
ARM_REG_S18 = 97
ARM_REG_S19 = 98
ARM_REG_S20 = 99
ARM_REG_S21 = 100
ARM_REG_S22 = 101
ARM_REG_S23 = 102
ARM_REG_S24 = 103
ARM_REG_S25 = 104
ARM_REG_S26 = 105
ARM_REG_S27 = 106
ARM_REG_S28 = 107
ARM_REG_S29 = 108
ARM_REG_S30 = 109
ARM_REG_S31 = 110
ARM_REG_ENDING = 111
ARM_REG_R13 = ARM_REG_SP
ARM_REG_R14 = ARM_REG_LR
ARM_REG_R15 = ARM_REG_PC
ARM_REG_SB = ARM_REG_R9
ARM_REG_SL = ARM_REG_R10
ARM_REG_FP = ARM_REG_R11
ARM_REG_IP = ARM_REG_R12
ARM_INS_INVALID = 0
ARM_INS_ADC = 1
ARM_INS_ADD = 2
ARM_INS_ADR = 3
ARM_INS_AESD = 4
ARM_INS_AESE = 5
ARM_INS_AESIMC = 6
ARM_INS_AESMC = 7
ARM_INS_AND = 8
ARM_INS_BFC = 9
ARM_INS_BFI = 10
ARM_INS_BIC = 11
ARM_INS_BKPT = 12
ARM_INS_BL = 13
ARM_INS_BLX = 14
ARM_INS_BX = 15
ARM_INS_BXJ = 16
ARM_INS_B = 17
ARM_INS_CDP = 18
ARM_INS_CDP2 = 19
ARM_INS_CLREX = 20
ARM_INS_CLZ = 21
ARM_INS_CMN = 22
ARM_INS_CMP = 23
ARM_INS_CPS = 24
ARM_INS_CRC32B = 25
ARM_INS_CRC32CB = 26
ARM_INS_CRC32CH = 27
ARM_INS_CRC32CW = 28
ARM_INS_CRC32H = 29
ARM_INS_CRC32W = 30
ARM_INS_DBG = 31
ARM_INS_DMB = 32
ARM_INS_DSB = 33
ARM_INS_EOR = 34
ARM_INS_ERET = 35
ARM_INS_VMOV = 36
ARM_INS_FLDMDBX = 37
ARM_INS_FLDMIAX = 38
ARM_INS_VMRS = 39
ARM_INS_FSTMDBX = 40
ARM_INS_FSTMIAX = 41
ARM_INS_HINT = 42
ARM_INS_HLT = 43
ARM_INS_HVC = 44
ARM_INS_ISB = 45
ARM_INS_LDA = 46
ARM_INS_LDAB = 47
ARM_INS_LDAEX = 48
ARM_INS_LDAEXB = 49
ARM_INS_LDAEXD = 50
ARM_INS_LDAEXH = 51
ARM_INS_LDAH = 52
ARM_INS_LDC2L = 53
ARM_INS_LDC2 = 54
ARM_INS_LDCL = 55
ARM_INS_LDC = 56
ARM_INS_LDMDA = 57
ARM_INS_LDMDB = 58
ARM_INS_LDM = 59
ARM_INS_LDMIB = 60
ARM_INS_LDRBT = 61
ARM_INS_LDRB = 62
ARM_INS_LDRD = 63
ARM_INS_LDREX = 64
ARM_INS_LDREXB = 65
ARM_INS_LDREXD = 66
ARM_INS_LDREXH = 67
ARM_INS_LDRH = 68
ARM_INS_LDRHT = 69
ARM_INS_LDRSB = 70
ARM_INS_LDRSBT = 71
ARM_INS_LDRSH = 72
ARM_INS_LDRSHT = 73
ARM_INS_LDRT = 74
ARM_INS_LDR = 75
ARM_INS_MCR = 76
ARM_INS_MCR2 = 77
ARM_INS_MCRR = 78
ARM_INS_MCRR2 = 79
ARM_INS_MLA = 80
ARM_INS_MLS = 81
ARM_INS_MOV = 82
ARM_INS_MOVT = 83
ARM_INS_MOVW = 84
ARM_INS_MRC = 85
ARM_INS_MRC2 = 86
ARM_INS_MRRC = 87
ARM_INS_MRRC2 = 88
ARM_INS_MRS = 89
ARM_INS_MSR = 90
ARM_INS_MUL = 91
ARM_INS_MVN = 92
ARM_INS_ORR = 93
ARM_INS_PKHBT = 94
ARM_INS_PKHTB = 95
ARM_INS_PLDW = 96
ARM_INS_PLD = 97
ARM_INS_PLI = 98
ARM_INS_QADD = 99
ARM_INS_QADD16 = 100
ARM_INS_QADD8 = 101
ARM_INS_QASX = 102
ARM_INS_QDADD = 103
ARM_INS_QDSUB = 104
ARM_INS_QSAX = 105
ARM_INS_QSUB = 106
ARM_INS_QSUB16 = 107
ARM_INS_QSUB8 = 108
ARM_INS_RBIT = 109
ARM_INS_REV = 110
ARM_INS_REV16 = 111
ARM_INS_REVSH = 112
ARM_INS_RFEDA = 113
ARM_INS_RFEDB = 114
ARM_INS_RFEIA = 115
ARM_INS_RFEIB = 116
ARM_INS_RSB = 117
ARM_INS_RSC = 118
ARM_INS_SADD16 = 119
ARM_INS_SADD8 = 120
ARM_INS_SASX = 121
ARM_INS_SBC = 122
ARM_INS_SBFX = 123
ARM_INS_SDIV = 124
ARM_INS_SEL = 125
ARM_INS_SETEND = 126
ARM_INS_SHA1C = 127
ARM_INS_SHA1H = 128
ARM_INS_SHA1M = 129
ARM_INS_SHA1P = 130
ARM_INS_SHA1SU0 = 131
ARM_INS_SHA1SU1 = 132
ARM_INS_SHA256H = 133
ARM_INS_SHA256H2 = 134
ARM_INS_SHA256SU0 = 135
ARM_INS_SHA256SU1 = 136
ARM_INS_SHADD16 = 137
ARM_INS_SHADD8 = 138
ARM_INS_SHASX = 139
ARM_INS_SHSAX = 140
ARM_INS_SHSUB16 = 141
ARM_INS_SHSUB8 = 142
ARM_INS_SMC = 143
ARM_INS_SMLABB = 144
ARM_INS_SMLABT = 145
ARM_INS_SMLAD = 146
ARM_INS_SMLADX = 147
ARM_INS_SMLAL = 148
ARM_INS_SMLALBB = 149
ARM_INS_SMLALBT = 150
ARM_INS_SMLALD = 151
ARM_INS_SMLALDX = 152
ARM_INS_SMLALTB = 153
ARM_INS_SMLALTT = 154
ARM_INS_SMLATB = 155
ARM_INS_SMLATT = 156
ARM_INS_SMLAWB = 157
ARM_INS_SMLAWT = 158
ARM_INS_SMLSD = 159
ARM_INS_SMLSDX = 160
ARM_INS_SMLSLD = 161
ARM_INS_SMLSLDX = 162
ARM_INS_SMMLA = 163
ARM_INS_SMMLAR = 164
ARM_INS_SMMLS = 165
ARM_INS_SMMLSR = 166
ARM_INS_SMMUL = 167
ARM_INS_SMMULR = 168
ARM_INS_SMUAD = 169
ARM_INS_SMUADX = 170
ARM_INS_SMULBB = 171
ARM_INS_SMULBT = 172
ARM_INS_SMULL = 173
ARM_INS_SMULTB = 174
ARM_INS_SMULTT = 175
ARM_INS_SMULWB = 176
ARM_INS_SMULWT = 177
ARM_INS_SMUSD = 178
ARM_INS_SMUSDX = 179
ARM_INS_SRSDA = 180
ARM_INS_SRSDB = 181
ARM_INS_SRSIA = 182
ARM_INS_SRSIB = 183
ARM_INS_SSAT = 184
ARM_INS_SSAT16 = 185
ARM_INS_SSAX = 186
ARM_INS_SSUB16 = 187
ARM_INS_SSUB8 = 188
ARM_INS_STC2L = 189
ARM_INS_STC2 = 190
ARM_INS_STCL = 191
ARM_INS_STC = 192
ARM_INS_STL = 193
ARM_INS_STLB = 194
ARM_INS_STLEX = 195
ARM_INS_STLEXB = 196
ARM_INS_STLEXD = 197
ARM_INS_STLEXH = 198
ARM_INS_STLH = 199
ARM_INS_STMDA = 200
ARM_INS_STMDB = 201
ARM_INS_STM = 202
ARM_INS_STMIB = 203
ARM_INS_STRBT = 204
ARM_INS_STRB = 205
ARM_INS_STRD = 206
ARM_INS_STREX = 207
ARM_INS_STREXB = 208
ARM_INS_STREXD = 209
ARM_INS_STREXH = 210
ARM_INS_STRH = 211
ARM_INS_STRHT = 212
ARM_INS_STRT = 213
ARM_INS_STR = 214
ARM_INS_SUB = 215
ARM_INS_SVC = 216
ARM_INS_SWP = 217
ARM_INS_SWPB = 218
ARM_INS_SXTAB = 219
ARM_INS_SXTAB16 = 220
ARM_INS_SXTAH = 221
ARM_INS_SXTB = 222
ARM_INS_SXTB16 = 223
ARM_INS_SXTH = 224
ARM_INS_TEQ = 225
ARM_INS_TRAP = 226
ARM_INS_TST = 227
ARM_INS_UADD16 = 228
ARM_INS_UADD8 = 229
ARM_INS_UASX = 230
ARM_INS_UBFX = 231
ARM_INS_UDF = 232
ARM_INS_UDIV = 233
ARM_INS_UHADD16 = 234
ARM_INS_UHADD8 = 235
ARM_INS_UHASX = 236
ARM_INS_UHSAX = 237
ARM_INS_UHSUB16 = 238
ARM_INS_UHSUB8 = 239
ARM_INS_UMAAL = 240
ARM_INS_UMLAL = 241
ARM_INS_UMULL = 242
ARM_INS_UQADD16 = 243
ARM_INS_UQADD8 = 244
ARM_INS_UQASX = 245
ARM_INS_UQSAX = 246
ARM_INS_UQSUB16 = 247
ARM_INS_UQSUB8 = 248
ARM_INS_USAD8 = 249
ARM_INS_USADA8 = 250
ARM_INS_USAT = 251
ARM_INS_USAT16 = 252
ARM_INS_USAX = 253
ARM_INS_USUB16 = 254
ARM_INS_USUB8 = 255
ARM_INS_UXTAB = 256
ARM_INS_UXTAB16 = 257
ARM_INS_UXTAH = 258
ARM_INS_UXTB = 259
ARM_INS_UXTB16 = 260
ARM_INS_UXTH = 261
ARM_INS_VABAL = 262
ARM_INS_VABA = 263
ARM_INS_VABDL = 264
ARM_INS_VABD = 265
ARM_INS_VABS = 266
ARM_INS_VACGE = 267
ARM_INS_VACGT = 268
ARM_INS_VADD = 269
ARM_INS_VADDHN = 270
ARM_INS_VADDL = 271
ARM_INS_VADDW = 272
ARM_INS_VAND = 273
ARM_INS_VBIC = 274
ARM_INS_VBIF = 275
ARM_INS_VBIT = 276
ARM_INS_VBSL = 277
ARM_INS_VCEQ = 278
ARM_INS_VCGE = 279
ARM_INS_VCGT = 280
ARM_INS_VCLE = 281
ARM_INS_VCLS = 282
ARM_INS_VCLT = 283
ARM_INS_VCLZ = 284
ARM_INS_VCMP = 285
ARM_INS_VCMPE = 286
ARM_INS_VCNT = 287
ARM_INS_VCVTA = 288
ARM_INS_VCVTB = 289
ARM_INS_VCVT = 290
ARM_INS_VCVTM = 291
ARM_INS_VCVTN = 292
ARM_INS_VCVTP = 293
ARM_INS_VCVTT = 294
ARM_INS_VDIV = 295
ARM_INS_VDUP = 296
ARM_INS_VEOR = 297
ARM_INS_VEXT = 298
ARM_INS_VFMA = 299
ARM_INS_VFMS = 300
ARM_INS_VFNMA = 301
ARM_INS_VFNMS = 302
ARM_INS_VHADD = 303
ARM_INS_VHSUB = 304
ARM_INS_VLD1 = 305
ARM_INS_VLD2 = 306
ARM_INS_VLD3 = 307
ARM_INS_VLD4 = 308
ARM_INS_VLDMDB = 309
ARM_INS_VLDMIA = 310
ARM_INS_VLDR = 311
ARM_INS_VMAXNM = 312
ARM_INS_VMAX = 313
ARM_INS_VMINNM = 314
ARM_INS_VMIN = 315
ARM_INS_VMLA = 316
ARM_INS_VMLAL = 317
ARM_INS_VMLS = 318
ARM_INS_VMLSL = 319
ARM_INS_VMOVL = 320
ARM_INS_VMOVN = 321
ARM_INS_VMSR = 322
ARM_INS_VMUL = 323
ARM_INS_VMULL = 324
ARM_INS_VMVN = 325
ARM_INS_VNEG = 326
ARM_INS_VNMLA = 327
ARM_INS_VNMLS = 328
ARM_INS_VNMUL = 329
ARM_INS_VORN = 330
ARM_INS_VORR = 331
ARM_INS_VPADAL = 332
ARM_INS_VPADDL = 333
ARM_INS_VPADD = 334
ARM_INS_VPMAX = 335
ARM_INS_VPMIN = 336
ARM_INS_VQABS = 337
ARM_INS_VQADD = 338
ARM_INS_VQDMLAL = 339
ARM_INS_VQDMLSL = 340
ARM_INS_VQDMULH = 341
ARM_INS_VQDMULL = 342
ARM_INS_VQMOVUN = 343
ARM_INS_VQMOVN = 344
ARM_INS_VQNEG = 345
ARM_INS_VQRDMULH = 346
ARM_INS_VQRSHL = 347
ARM_INS_VQRSHRN = 348
ARM_INS_VQRSHRUN = 349
ARM_INS_VQSHL = 350
ARM_INS_VQSHLU = 351
ARM_INS_VQSHRN = 352
ARM_INS_VQSHRUN = 353
ARM_INS_VQSUB = 354
ARM_INS_VRADDHN = 355
ARM_INS_VRECPE = 356
ARM_INS_VRECPS = 357
ARM_INS_VREV16 = 358
ARM_INS_VREV32 = 359
ARM_INS_VREV64 = 360
ARM_INS_VRHADD = 361
ARM_INS_VRINTA = 362
ARM_INS_VRINTM = 363
ARM_INS_VRINTN = 364
ARM_INS_VRINTP = 365
ARM_INS_VRINTR = 366
ARM_INS_VRINTX = 367
ARM_INS_VRINTZ = 368
ARM_INS_VRSHL = 369
ARM_INS_VRSHRN = 370
ARM_INS_VRSHR = 371
ARM_INS_VRSQRTE = 372
ARM_INS_VRSQRTS = 373
ARM_INS_VRSRA = 374
ARM_INS_VRSUBHN = 375
ARM_INS_VSELEQ = 376
ARM_INS_VSELGE = 377
ARM_INS_VSELGT = 378
ARM_INS_VSELVS = 379
ARM_INS_VSHLL = 380
ARM_INS_VSHL = 381
ARM_INS_VSHRN = 382
ARM_INS_VSHR = 383
ARM_INS_VSLI = 384
ARM_INS_VSQRT = 385
ARM_INS_VSRA = 386
ARM_INS_VSRI = 387
ARM_INS_VST1 = 388
ARM_INS_VST2 = 389
ARM_INS_VST3 = 390
ARM_INS_VST4 = 391
ARM_INS_VSTMDB = 392
ARM_INS_VSTMIA = 393
ARM_INS_VSTR = 394
ARM_INS_VSUB = 395
ARM_INS_VSUBHN = 396
ARM_INS_VSUBL = 397
ARM_INS_VSUBW = 398
ARM_INS_VSWP = 399
ARM_INS_VTBL = 400
ARM_INS_VTBX = 401
ARM_INS_VCVTR = 402
ARM_INS_VTRN = 403
ARM_INS_VTST = 404
ARM_INS_VUZP = 405
ARM_INS_VZIP = 406
ARM_INS_ADDW = 407
ARM_INS_ASR = 408
ARM_INS_DCPS1 = 409
ARM_INS_DCPS2 = 410
ARM_INS_DCPS3 = 411
ARM_INS_IT = 412
ARM_INS_LSL = 413
ARM_INS_LSR = 414
ARM_INS_ORN = 415
ARM_INS_ROR = 416
ARM_INS_RRX = 417
ARM_INS_SUBW = 418
ARM_INS_TBB = 419
ARM_INS_TBH = 420
ARM_INS_CBNZ = 421
ARM_INS_CBZ = 422
ARM_INS_POP = 423
ARM_INS_PUSH = 424
ARM_INS_NOP = 425
ARM_INS_YIELD = 426
ARM_INS_WFE = 427
ARM_INS_WFI = 428
ARM_INS_SEV = 429
ARM_INS_SEVL = 430
ARM_INS_VPUSH = 431
ARM_INS_VPOP = 432
ARM_INS_ENDING = 433
ARM_GRP_INVALID = 0
ARM_GRP_JUMP = 1
ARM_GRP_CALL = 2
ARM_GRP_INT = 4
ARM_GRP_PRIVILEGE = 6
ARM_GRP_BRANCH_RELATIVE = 7
ARM_GRP_CRYPTO = 128
ARM_GRP_DATABARRIER = 129
ARM_GRP_DIVIDE = 130
ARM_GRP_FPARMV8 = 131
ARM_GRP_MULTPRO = 132
ARM_GRP_NEON = 133
ARM_GRP_T2EXTRACTPACK = 134
ARM_GRP_THUMB2DSP = 135
ARM_GRP_TRUSTZONE = 136
ARM_GRP_V4T = 137
ARM_GRP_V5T = 138
ARM_GRP_V5TE = 139
ARM_GRP_V6 = 140
ARM_GRP_V6T2 = 141
ARM_GRP_V7 = 142
ARM_GRP_V8 = 143
ARM_GRP_VFP2 = 144
ARM_GRP_VFP3 = 145
ARM_GRP_VFP4 = 146
ARM_GRP_ARM = 147
ARM_GRP_MCLASS = 148
ARM_GRP_NOTMCLASS = 149
ARM_GRP_THUMB = 150
ARM_GRP_THUMB1ONLY = 151
ARM_GRP_THUMB2 = 152
ARM_GRP_PREV8 = 153
ARM_GRP_FPVMLX = 154
ARM_GRP_MULOPS = 155
ARM_GRP_CRC = 156
ARM_GRP_DPVFP = 157
ARM_GRP_V6M = 158
ARM_GRP_VIRTUALIZATION = 159
ARM_GRP_ENDING = 160

17
white_patch_detect/capstone-master/bindings/python/capstone/evm.py Normal file
View File

@@ -0,0 +1,17 @@
# Capstone Python bindings, by Nguyen Anh Quynnh <aquynh@gmail.com>
import ctypes
from . import copy_ctypes_list
from .evm_const import *
# define the API
class CsEvm(ctypes.Structure):
_fields_ = (
('pop', ctypes.c_byte),
('push', ctypes.c_byte),
('fee', ctypes.c_uint),
)
def get_arch_info(a):
return (a.pop, a.push, a.fee)

151
white_patch_detect/capstone-master/bindings/python/capstone/evm_const.py Normal file
View File

@@ -0,0 +1,151 @@
# For Capstone Engine. AUTO-GENERATED FILE, DO NOT EDIT [evm_const.py]
EVM_INS_STOP = 0
EVM_INS_ADD = 1
EVM_INS_MUL = 2
EVM_INS_SUB = 3
EVM_INS_DIV = 4
EVM_INS_SDIV = 5
EVM_INS_MOD = 6
EVM_INS_SMOD = 7
EVM_INS_ADDMOD = 8
EVM_INS_MULMOD = 9
EVM_INS_EXP = 10
EVM_INS_SIGNEXTEND = 11
EVM_INS_LT = 16
EVM_INS_GT = 17
EVM_INS_SLT = 18
EVM_INS_SGT = 19
EVM_INS_EQ = 20
EVM_INS_ISZERO = 21
EVM_INS_AND = 22
EVM_INS_OR = 23
EVM_INS_XOR = 24
EVM_INS_NOT = 25
EVM_INS_BYTE = 26
EVM_INS_SHA3 = 32
EVM_INS_ADDRESS = 48
EVM_INS_BALANCE = 49
EVM_INS_ORIGIN = 50
EVM_INS_CALLER = 51
EVM_INS_CALLVALUE = 52
EVM_INS_CALLDATALOAD = 53
EVM_INS_CALLDATASIZE = 54
EVM_INS_CALLDATACOPY = 55
EVM_INS_CODESIZE = 56
EVM_INS_CODECOPY = 57
EVM_INS_GASPRICE = 58
EVM_INS_EXTCODESIZE = 59
EVM_INS_EXTCODECOPY = 60
EVM_INS_RETURNDATASIZE = 61
EVM_INS_RETURNDATACOPY = 62
EVM_INS_BLOCKHASH = 64
EVM_INS_COINBASE = 65
EVM_INS_TIMESTAMP = 66
EVM_INS_NUMBER = 67
EVM_INS_DIFFICULTY = 68
EVM_INS_GASLIMIT = 69
EVM_INS_POP = 80
EVM_INS_MLOAD = 81
EVM_INS_MSTORE = 82
EVM_INS_MSTORE8 = 83
EVM_INS_SLOAD = 84
EVM_INS_SSTORE = 85
EVM_INS_JUMP = 86
EVM_INS_JUMPI = 87
EVM_INS_PC = 88
EVM_INS_MSIZE = 89
EVM_INS_GAS = 90
EVM_INS_JUMPDEST = 91
EVM_INS_PUSH1 = 96
EVM_INS_PUSH2 = 97
EVM_INS_PUSH3 = 98
EVM_INS_PUSH4 = 99
EVM_INS_PUSH5 = 100
EVM_INS_PUSH6 = 101
EVM_INS_PUSH7 = 102
EVM_INS_PUSH8 = 103
EVM_INS_PUSH9 = 104
EVM_INS_PUSH10 = 105
EVM_INS_PUSH11 = 106
EVM_INS_PUSH12 = 107
EVM_INS_PUSH13 = 108
EVM_INS_PUSH14 = 109
EVM_INS_PUSH15 = 110
EVM_INS_PUSH16 = 111
EVM_INS_PUSH17 = 112
EVM_INS_PUSH18 = 113
EVM_INS_PUSH19 = 114
EVM_INS_PUSH20 = 115
EVM_INS_PUSH21 = 116
EVM_INS_PUSH22 = 117
EVM_INS_PUSH23 = 118
EVM_INS_PUSH24 = 119
EVM_INS_PUSH25 = 120
EVM_INS_PUSH26 = 121
EVM_INS_PUSH27 = 122
EVM_INS_PUSH28 = 123
EVM_INS_PUSH29 = 124
EVM_INS_PUSH30 = 125
EVM_INS_PUSH31 = 126
EVM_INS_PUSH32 = 127
EVM_INS_DUP1 = 128
EVM_INS_DUP2 = 129
EVM_INS_DUP3 = 130
EVM_INS_DUP4 = 131
EVM_INS_DUP5 = 132
EVM_INS_DUP6 = 133
EVM_INS_DUP7 = 134
EVM_INS_DUP8 = 135
EVM_INS_DUP9 = 136
EVM_INS_DUP10 = 137
EVM_INS_DUP11 = 138
EVM_INS_DUP12 = 139
EVM_INS_DUP13 = 140
EVM_INS_DUP14 = 141
EVM_INS_DUP15 = 142
EVM_INS_DUP16 = 143
EVM_INS_SWAP1 = 144
EVM_INS_SWAP2 = 145
EVM_INS_SWAP3 = 146
EVM_INS_SWAP4 = 147
EVM_INS_SWAP5 = 148
EVM_INS_SWAP6 = 149
EVM_INS_SWAP7 = 150
EVM_INS_SWAP8 = 151
EVM_INS_SWAP9 = 152
EVM_INS_SWAP10 = 153
EVM_INS_SWAP11 = 154
EVM_INS_SWAP12 = 155
EVM_INS_SWAP13 = 156
EVM_INS_SWAP14 = 157
EVM_INS_SWAP15 = 158
EVM_INS_SWAP16 = 159
EVM_INS_LOG0 = 160
EVM_INS_LOG1 = 161
EVM_INS_LOG2 = 162
EVM_INS_LOG3 = 163
EVM_INS_LOG4 = 164
EVM_INS_CREATE = 240
EVM_INS_CALL = 241
EVM_INS_CALLCODE = 242
EVM_INS_RETURN = 243
EVM_INS_DELEGATECALL = 244
EVM_INS_CALLBLACKBOX = 245
EVM_INS_STATICCALL = 250
EVM_INS_REVERT = 253
EVM_INS_SUICIDE = 255
EVM_INS_INVALID = 512
EVM_INS_ENDING = 513
EVM_GRP_INVALID = 0
EVM_GRP_JUMP = 1
EVM_GRP_MATH = 8
EVM_GRP_STACK_WRITE = 9
EVM_GRP_STACK_READ = 10
EVM_GRP_MEM_WRITE = 11
EVM_GRP_MEM_READ = 12
EVM_GRP_STORE_WRITE = 13
EVM_GRP_STORE_READ = 14
EVM_GRP_HALT = 15
EVM_GRP_ENDING = 16

88
white_patch_detect/capstone-master/bindings/python/capstone/m680x.py Normal file
View File

@@ -0,0 +1,88 @@
# Capstone Python bindings, by Wolfgang Schwotzer <wolfgang.schwotzer@gmx.net>
import ctypes
from . import copy_ctypes_list
from .m680x_const import *
# define the API
class M680xOpIdx(ctypes.Structure):
_fields_ = (
('base_reg', ctypes.c_uint),
('offset_reg', ctypes.c_uint),
('offset', ctypes.c_int16),
('offset_addr', ctypes.c_uint16),
('offset_bits', ctypes.c_uint8),
('inc_dec', ctypes.c_int8),
('flags', ctypes.c_uint8),
)
class M680xOpRel(ctypes.Structure):
_fields_ = (
('address', ctypes.c_uint16),
('offset', ctypes.c_int16),
)
class M680xOpExt(ctypes.Structure):
_fields_ = (
('address', ctypes.c_uint16),
('indirect', ctypes.c_bool),
)
class M680xOpValue(ctypes.Union):
_fields_ = (
('imm', ctypes.c_int32),
('reg', ctypes.c_uint),
('idx', M680xOpIdx),
('rel', M680xOpRel),
('ext', M680xOpExt),
('direct_addr', ctypes.c_uint8),
('const_val', ctypes.c_uint8),
)
class M680xOp(ctypes.Structure):
_fields_ = (
('type', ctypes.c_uint),
('value', M680xOpValue),
('size', ctypes.c_uint8),
('access', ctypes.c_uint8),
)
@property
def imm(self):
return self.value.imm
@property
def reg(self):
return self.value.reg
@property
def idx(self):
return self.value.idx
@property
def rel(self):
return self.value.rel
@property
def ext(self):
return self.value.ext
@property
def direct_addr(self):
return self.value.direct_addr
@property
def const_val(self):
return self.value.const_val
class CsM680x(ctypes.Structure):
_fields_ = (
('flags', ctypes.c_uint8),
('op_count', ctypes.c_uint8),
('operands', M680xOp * 9),
)
def get_arch_info(a):
return (a.flags, copy_ctypes_list(a.operands[:a.op_count]))

415
white_patch_detect/capstone-master/bindings/python/capstone/m680x_const.py Normal file
View File

@@ -0,0 +1,415 @@
# For Capstone Engine. AUTO-GENERATED FILE, DO NOT EDIT [m680x_const.py]
M680X_OPERAND_COUNT = 9
M680X_REG_INVALID = 0
M680X_REG_A = 1
M680X_REG_B = 2
M680X_REG_E = 3
M680X_REG_F = 4
M680X_REG_0 = 5
M680X_REG_D = 6
M680X_REG_W = 7
M680X_REG_CC = 8
M680X_REG_DP = 9
M680X_REG_MD = 10
M680X_REG_HX = 11
M680X_REG_H = 12
M680X_REG_X = 13
M680X_REG_Y = 14
M680X_REG_S = 15
M680X_REG_U = 16
M680X_REG_V = 17
M680X_REG_Q = 18
M680X_REG_PC = 19
M680X_REG_TMP2 = 20
M680X_REG_TMP3 = 21
M680X_REG_ENDING = 22
M680X_OP_INVALID = 0
M680X_OP_REGISTER = 1
M680X_OP_IMMEDIATE = 2
M680X_OP_INDEXED = 3
M680X_OP_EXTENDED = 4
M680X_OP_DIRECT = 5
M680X_OP_RELATIVE = 6
M680X_OP_CONSTANT = 7
M680X_OFFSET_NONE = 0
M680X_OFFSET_BITS_5 = 5
M680X_OFFSET_BITS_8 = 8
M680X_OFFSET_BITS_9 = 9
M680X_OFFSET_BITS_16 = 16
M680X_IDX_INDIRECT = 1
M680X_IDX_NO_COMMA = 2
M680X_IDX_POST_INC_DEC = 4
M680X_GRP_INVALID = 0
M680X_GRP_JUMP = 1
M680X_GRP_CALL = 2
M680X_GRP_RET = 3
M680X_GRP_INT = 4
M680X_GRP_IRET = 5
M680X_GRP_PRIV = 6
M680X_GRP_BRAREL = 7
M680X_GRP_ENDING = 8
M680X_FIRST_OP_IN_MNEM = 1
M680X_SECOND_OP_IN_MNEM = 2
M680X_INS_INVLD = 0
M680X_INS_ABA = 1
M680X_INS_ABX = 2
M680X_INS_ABY = 3
M680X_INS_ADC = 4
M680X_INS_ADCA = 5
M680X_INS_ADCB = 6
M680X_INS_ADCD = 7
M680X_INS_ADCR = 8
M680X_INS_ADD = 9
M680X_INS_ADDA = 10
M680X_INS_ADDB = 11
M680X_INS_ADDD = 12
M680X_INS_ADDE = 13
M680X_INS_ADDF = 14
M680X_INS_ADDR = 15
M680X_INS_ADDW = 16
M680X_INS_AIM = 17
M680X_INS_AIS = 18
M680X_INS_AIX = 19
M680X_INS_AND = 20
M680X_INS_ANDA = 21
M680X_INS_ANDB = 22
M680X_INS_ANDCC = 23
M680X_INS_ANDD = 24
M680X_INS_ANDR = 25
M680X_INS_ASL = 26
M680X_INS_ASLA = 27
M680X_INS_ASLB = 28
M680X_INS_ASLD = 29
M680X_INS_ASR = 30
M680X_INS_ASRA = 31
M680X_INS_ASRB = 32
M680X_INS_ASRD = 33
M680X_INS_ASRX = 34
M680X_INS_BAND = 35
M680X_INS_BCC = 36
M680X_INS_BCLR = 37
M680X_INS_BCS = 38
M680X_INS_BEOR = 39
M680X_INS_BEQ = 40
M680X_INS_BGE = 41
M680X_INS_BGND = 42
M680X_INS_BGT = 43
M680X_INS_BHCC = 44
M680X_INS_BHCS = 45
M680X_INS_BHI = 46
M680X_INS_BIAND = 47
M680X_INS_BIEOR = 48
M680X_INS_BIH = 49
M680X_INS_BIL = 50
M680X_INS_BIOR = 51
M680X_INS_BIT = 52
M680X_INS_BITA = 53
M680X_INS_BITB = 54
M680X_INS_BITD = 55
M680X_INS_BITMD = 56
M680X_INS_BLE = 57
M680X_INS_BLS = 58
M680X_INS_BLT = 59
M680X_INS_BMC = 60
M680X_INS_BMI = 61
M680X_INS_BMS = 62
M680X_INS_BNE = 63
M680X_INS_BOR = 64
M680X_INS_BPL = 65
M680X_INS_BRCLR = 66
M680X_INS_BRSET = 67
M680X_INS_BRA = 68
M680X_INS_BRN = 69
M680X_INS_BSET = 70
M680X_INS_BSR = 71
M680X_INS_BVC = 72
M680X_INS_BVS = 73
M680X_INS_CALL = 74
M680X_INS_CBA = 75
M680X_INS_CBEQ = 76
M680X_INS_CBEQA = 77
M680X_INS_CBEQX = 78
M680X_INS_CLC = 79
M680X_INS_CLI = 80
M680X_INS_CLR = 81
M680X_INS_CLRA = 82
M680X_INS_CLRB = 83
M680X_INS_CLRD = 84
M680X_INS_CLRE = 85
M680X_INS_CLRF = 86
M680X_INS_CLRH = 87
M680X_INS_CLRW = 88
M680X_INS_CLRX = 89
M680X_INS_CLV = 90
M680X_INS_CMP = 91
M680X_INS_CMPA = 92
M680X_INS_CMPB = 93
M680X_INS_CMPD = 94
M680X_INS_CMPE = 95
M680X_INS_CMPF = 96
M680X_INS_CMPR = 97
M680X_INS_CMPS = 98
M680X_INS_CMPU = 99
M680X_INS_CMPW = 100
M680X_INS_CMPX = 101
M680X_INS_CMPY = 102
M680X_INS_COM = 103
M680X_INS_COMA = 104
M680X_INS_COMB = 105
M680X_INS_COMD = 106
M680X_INS_COME = 107
M680X_INS_COMF = 108
M680X_INS_COMW = 109
M680X_INS_COMX = 110
M680X_INS_CPD = 111
M680X_INS_CPHX = 112
M680X_INS_CPS = 113
M680X_INS_CPX = 114
M680X_INS_CPY = 115
M680X_INS_CWAI = 116
M680X_INS_DAA = 117
M680X_INS_DBEQ = 118
M680X_INS_DBNE = 119
M680X_INS_DBNZ = 120
M680X_INS_DBNZA = 121
M680X_INS_DBNZX = 122
M680X_INS_DEC = 123
M680X_INS_DECA = 124
M680X_INS_DECB = 125
M680X_INS_DECD = 126
M680X_INS_DECE = 127
M680X_INS_DECF = 128
M680X_INS_DECW = 129
M680X_INS_DECX = 130
M680X_INS_DES = 131
M680X_INS_DEX = 132
M680X_INS_DEY = 133
M680X_INS_DIV = 134
M680X_INS_DIVD = 135
M680X_INS_DIVQ = 136
M680X_INS_EDIV = 137
M680X_INS_EDIVS = 138
M680X_INS_EIM = 139
M680X_INS_EMACS = 140
M680X_INS_EMAXD = 141
M680X_INS_EMAXM = 142
M680X_INS_EMIND = 143
M680X_INS_EMINM = 144
M680X_INS_EMUL = 145
M680X_INS_EMULS = 146
M680X_INS_EOR = 147
M680X_INS_EORA = 148
M680X_INS_EORB = 149
M680X_INS_EORD = 150
M680X_INS_EORR = 151
M680X_INS_ETBL = 152
M680X_INS_EXG = 153
M680X_INS_FDIV = 154
M680X_INS_IBEQ = 155
M680X_INS_IBNE = 156
M680X_INS_IDIV = 157
M680X_INS_IDIVS = 158
M680X_INS_ILLGL = 159
M680X_INS_INC = 160
M680X_INS_INCA = 161
M680X_INS_INCB = 162
M680X_INS_INCD = 163
M680X_INS_INCE = 164
M680X_INS_INCF = 165
M680X_INS_INCW = 166
M680X_INS_INCX = 167
M680X_INS_INS = 168
M680X_INS_INX = 169
M680X_INS_INY = 170
M680X_INS_JMP = 171
M680X_INS_JSR = 172
M680X_INS_LBCC = 173
M680X_INS_LBCS = 174
M680X_INS_LBEQ = 175
M680X_INS_LBGE = 176
M680X_INS_LBGT = 177
M680X_INS_LBHI = 178
M680X_INS_LBLE = 179
M680X_INS_LBLS = 180
M680X_INS_LBLT = 181
M680X_INS_LBMI = 182
M680X_INS_LBNE = 183
M680X_INS_LBPL = 184
M680X_INS_LBRA = 185
M680X_INS_LBRN = 186
M680X_INS_LBSR = 187
M680X_INS_LBVC = 188
M680X_INS_LBVS = 189
M680X_INS_LDA = 190
M680X_INS_LDAA = 191
M680X_INS_LDAB = 192
M680X_INS_LDB = 193
M680X_INS_LDBT = 194
M680X_INS_LDD = 195
M680X_INS_LDE = 196
M680X_INS_LDF = 197
M680X_INS_LDHX = 198
M680X_INS_LDMD = 199
M680X_INS_LDQ = 200
M680X_INS_LDS = 201
M680X_INS_LDU = 202
M680X_INS_LDW = 203
M680X_INS_LDX = 204
M680X_INS_LDY = 205
M680X_INS_LEAS = 206
M680X_INS_LEAU = 207
M680X_INS_LEAX = 208
M680X_INS_LEAY = 209
M680X_INS_LSL = 210
M680X_INS_LSLA = 211
M680X_INS_LSLB = 212
M680X_INS_LSLD = 213
M680X_INS_LSLX = 214
M680X_INS_LSR = 215
M680X_INS_LSRA = 216
M680X_INS_LSRB = 217
M680X_INS_LSRD = 218
M680X_INS_LSRW = 219
M680X_INS_LSRX = 220
M680X_INS_MAXA = 221
M680X_INS_MAXM = 222
M680X_INS_MEM = 223
M680X_INS_MINA = 224
M680X_INS_MINM = 225
M680X_INS_MOV = 226
M680X_INS_MOVB = 227
M680X_INS_MOVW = 228
M680X_INS_MUL = 229
M680X_INS_MULD = 230
M680X_INS_NEG = 231
M680X_INS_NEGA = 232
M680X_INS_NEGB = 233
M680X_INS_NEGD = 234
M680X_INS_NEGX = 235
M680X_INS_NOP = 236
M680X_INS_NSA = 237
M680X_INS_OIM = 238
M680X_INS_ORA = 239
M680X_INS_ORAA = 240
M680X_INS_ORAB = 241
M680X_INS_ORB = 242
M680X_INS_ORCC = 243
M680X_INS_ORD = 244
M680X_INS_ORR = 245
M680X_INS_PSHA = 246
M680X_INS_PSHB = 247
M680X_INS_PSHC = 248
M680X_INS_PSHD = 249
M680X_INS_PSHH = 250
M680X_INS_PSHS = 251
M680X_INS_PSHSW = 252
M680X_INS_PSHU = 253
M680X_INS_PSHUW = 254
M680X_INS_PSHX = 255
M680X_INS_PSHY = 256
M680X_INS_PULA = 257
M680X_INS_PULB = 258
M680X_INS_PULC = 259
M680X_INS_PULD = 260
M680X_INS_PULH = 261
M680X_INS_PULS = 262
M680X_INS_PULSW = 263
M680X_INS_PULU = 264
M680X_INS_PULUW = 265
M680X_INS_PULX = 266
M680X_INS_PULY = 267
M680X_INS_REV = 268
M680X_INS_REVW = 269
M680X_INS_ROL = 270
M680X_INS_ROLA = 271
M680X_INS_ROLB = 272
M680X_INS_ROLD = 273
M680X_INS_ROLW = 274
M680X_INS_ROLX = 275
M680X_INS_ROR = 276
M680X_INS_RORA = 277
M680X_INS_RORB = 278
M680X_INS_RORD = 279
M680X_INS_RORW = 280
M680X_INS_RORX = 281
M680X_INS_RSP = 282
M680X_INS_RTC = 283
M680X_INS_RTI = 284
M680X_INS_RTS = 285
M680X_INS_SBA = 286
M680X_INS_SBC = 287
M680X_INS_SBCA = 288
M680X_INS_SBCB = 289
M680X_INS_SBCD = 290
M680X_INS_SBCR = 291
M680X_INS_SEC = 292
M680X_INS_SEI = 293
M680X_INS_SEV = 294
M680X_INS_SEX = 295
M680X_INS_SEXW = 296
M680X_INS_SLP = 297
M680X_INS_STA = 298
M680X_INS_STAA = 299
M680X_INS_STAB = 300
M680X_INS_STB = 301
M680X_INS_STBT = 302
M680X_INS_STD = 303
M680X_INS_STE = 304
M680X_INS_STF = 305
M680X_INS_STOP = 306
M680X_INS_STHX = 307
M680X_INS_STQ = 308
M680X_INS_STS = 309
M680X_INS_STU = 310
M680X_INS_STW = 311
M680X_INS_STX = 312
M680X_INS_STY = 313
M680X_INS_SUB = 314
M680X_INS_SUBA = 315
M680X_INS_SUBB = 316
M680X_INS_SUBD = 317
M680X_INS_SUBE = 318
M680X_INS_SUBF = 319
M680X_INS_SUBR = 320
M680X_INS_SUBW = 321
M680X_INS_SWI = 322
M680X_INS_SWI2 = 323
M680X_INS_SWI3 = 324
M680X_INS_SYNC = 325
M680X_INS_TAB = 326
M680X_INS_TAP = 327
M680X_INS_TAX = 328
M680X_INS_TBA = 329
M680X_INS_TBEQ = 330
M680X_INS_TBL = 331
M680X_INS_TBNE = 332
M680X_INS_TEST = 333
M680X_INS_TFM = 334
M680X_INS_TFR = 335
M680X_INS_TIM = 336
M680X_INS_TPA = 337
M680X_INS_TST = 338
M680X_INS_TSTA = 339
M680X_INS_TSTB = 340
M680X_INS_TSTD = 341
M680X_INS_TSTE = 342
M680X_INS_TSTF = 343
M680X_INS_TSTW = 344
M680X_INS_TSTX = 345
M680X_INS_TSX = 346
M680X_INS_TSY = 347
M680X_INS_TXA = 348
M680X_INS_TXS = 349
M680X_INS_TYS = 350
M680X_INS_WAI = 351
M680X_INS_WAIT = 352
M680X_INS_WAV = 353
M680X_INS_WAVR = 354
M680X_INS_XGDX = 355
M680X_INS_XGDY = 356
M680X_INS_ENDING = 357

96
white_patch_detect/capstone-master/bindings/python/capstone/m68k.py Normal file
View File

@@ -0,0 +1,96 @@
# Capstone Python bindings, by Nicolas PLANEL <nplanel@gmail.com>
import ctypes
from . import copy_ctypes_list
from .m68k_const import *
# define the API
class M68KOpMem(ctypes.Structure):
_fields_ = (
('base_reg', ctypes.c_uint),
('index_reg', ctypes.c_uint),
('in_base_reg', ctypes.c_uint),
('in_disp', ctypes.c_uint),
('out_disp', ctypes.c_uint),
('disp', ctypes.c_short),
('scale', ctypes.c_ubyte),
('bitfield', ctypes.c_ubyte),
('width', ctypes.c_ubyte),
('offset', ctypes.c_ubyte),
('index_size', ctypes.c_ubyte),
)
class M68KOpRegPair(ctypes.Structure):
_fields_ = (
('reg_0', ctypes.c_uint),
('reg_1', ctypes.c_uint),
)
class M68KOpValue(ctypes.Union):
_fields_ = (
('imm', ctypes.c_int64),
('dimm', ctypes.c_double),
('simm', ctypes.c_float),
('reg', ctypes.c_uint),
('reg_pair', M68KOpRegPair),
)
class M68KOpBrDisp(ctypes.Structure):
_fields_ = (
('disp', ctypes.c_int),
('disp_size', ctypes.c_ubyte),
)
class M68KOp(ctypes.Structure):
_fields_ = (
('value', M68KOpValue),
('mem', M68KOpMem),
('br_disp', M68KOpBrDisp),
('register_bits', ctypes.c_uint),
('type', ctypes.c_uint),
('address_mode', ctypes.c_uint),
)
@property
def imm(self):
return self.value.imm
@property
def dimm(self):
return self.value.dimm
@property
def simm(self):
return self.value.simm
@property
def reg(self):
return self.value.reg
@property
def mem(self):
return self.mem
@property
def register_bits(self):
return self.register_bits
class M68KOpSize(ctypes.Structure):
_fields_ = (
('type', ctypes.c_uint),
('size', ctypes.c_uint),
)
def get(a):
return copy_ctypes_list(type, size)
class CsM68K(ctypes.Structure):
M68K_OPERAND_COUNT = 4
_fields_ = (
('operands', M68KOp * M68K_OPERAND_COUNT),
('op_size', M68KOpSize),
('op_count', ctypes.c_uint8),
)
def get_arch_info(a):
return (copy_ctypes_list(a.operands[:a.op_count]), a.op_size)

485
white_patch_detect/capstone-master/bindings/python/capstone/m68k_const.py Normal file
View File

@@ -0,0 +1,485 @@
# For Capstone Engine. AUTO-GENERATED FILE, DO NOT EDIT [m68k_const.py]
M68K_OPERAND_COUNT = 4
M68K_REG_INVALID = 0
M68K_REG_D0 = 1
M68K_REG_D1 = 2
M68K_REG_D2 = 3
M68K_REG_D3 = 4
M68K_REG_D4 = 5
M68K_REG_D5 = 6
M68K_REG_D6 = 7
M68K_REG_D7 = 8
M68K_REG_A0 = 9
M68K_REG_A1 = 10
M68K_REG_A2 = 11
M68K_REG_A3 = 12
M68K_REG_A4 = 13
M68K_REG_A5 = 14
M68K_REG_A6 = 15
M68K_REG_A7 = 16
M68K_REG_FP0 = 17
M68K_REG_FP1 = 18
M68K_REG_FP2 = 19
M68K_REG_FP3 = 20
M68K_REG_FP4 = 21
M68K_REG_FP5 = 22
M68K_REG_FP6 = 23
M68K_REG_FP7 = 24
M68K_REG_PC = 25
M68K_REG_SR = 26
M68K_REG_CCR = 27
M68K_REG_SFC = 28
M68K_REG_DFC = 29
M68K_REG_USP = 30
M68K_REG_VBR = 31
M68K_REG_CACR = 32
M68K_REG_CAAR = 33
M68K_REG_MSP = 34
M68K_REG_ISP = 35
M68K_REG_TC = 36
M68K_REG_ITT0 = 37
M68K_REG_ITT1 = 38
M68K_REG_DTT0 = 39
M68K_REG_DTT1 = 40
M68K_REG_MMUSR = 41
M68K_REG_URP = 42
M68K_REG_SRP = 43
M68K_REG_FPCR = 44
M68K_REG_FPSR = 45
M68K_REG_FPIAR = 46
M68K_REG_ENDING = 47
M68K_AM_NONE = 0
M68K_AM_REG_DIRECT_DATA = 1
M68K_AM_REG_DIRECT_ADDR = 2
M68K_AM_REGI_ADDR = 3
M68K_AM_REGI_ADDR_POST_INC = 4
M68K_AM_REGI_ADDR_PRE_DEC = 5
M68K_AM_REGI_ADDR_DISP = 6
M68K_AM_AREGI_INDEX_8_BIT_DISP = 7
M68K_AM_AREGI_INDEX_BASE_DISP = 8
M68K_AM_MEMI_POST_INDEX = 9
M68K_AM_MEMI_PRE_INDEX = 10
M68K_AM_PCI_DISP = 11
M68K_AM_PCI_INDEX_8_BIT_DISP = 12
M68K_AM_PCI_INDEX_BASE_DISP = 13
M68K_AM_PC_MEMI_POST_INDEX = 14
M68K_AM_PC_MEMI_PRE_INDEX = 15
M68K_AM_ABSOLUTE_DATA_SHORT = 16
M68K_AM_ABSOLUTE_DATA_LONG = 17
M68K_AM_IMMEDIATE = 18
M68K_AM_BRANCH_DISPLACEMENT = 19
M68K_OP_INVALID = 0
M68K_OP_REG = 1
M68K_OP_IMM = 2
M68K_OP_MEM = 3
M68K_OP_FP_SINGLE = 4
M68K_OP_FP_DOUBLE = 5
M68K_OP_REG_BITS = 6
M68K_OP_REG_PAIR = 7
M68K_OP_BR_DISP = 8
M68K_OP_BR_DISP_SIZE_INVALID = 0
M68K_OP_BR_DISP_SIZE_BYTE = 1
M68K_OP_BR_DISP_SIZE_WORD = 2
M68K_OP_BR_DISP_SIZE_LONG = 4
M68K_CPU_SIZE_NONE = 0
M68K_CPU_SIZE_BYTE = 1
M68K_CPU_SIZE_WORD = 2
M68K_CPU_SIZE_LONG = 4
M68K_FPU_SIZE_NONE = 0
M68K_FPU_SIZE_SINGLE = 4
M68K_FPU_SIZE_DOUBLE = 8
M68K_FPU_SIZE_EXTENDED = 12
M68K_SIZE_TYPE_INVALID = 0
M68K_SIZE_TYPE_CPU = 1
M68K_SIZE_TYPE_FPU = 2
M68K_INS_INVALID = 0
M68K_INS_ABCD = 1
M68K_INS_ADD = 2
M68K_INS_ADDA = 3
M68K_INS_ADDI = 4
M68K_INS_ADDQ = 5
M68K_INS_ADDX = 6
M68K_INS_AND = 7
M68K_INS_ANDI = 8
M68K_INS_ASL = 9
M68K_INS_ASR = 10
M68K_INS_BHS = 11
M68K_INS_BLO = 12
M68K_INS_BHI = 13
M68K_INS_BLS = 14
M68K_INS_BCC = 15
M68K_INS_BCS = 16
M68K_INS_BNE = 17
M68K_INS_BEQ = 18
M68K_INS_BVC = 19
M68K_INS_BVS = 20
M68K_INS_BPL = 21
M68K_INS_BMI = 22
M68K_INS_BGE = 23
M68K_INS_BLT = 24
M68K_INS_BGT = 25
M68K_INS_BLE = 26
M68K_INS_BRA = 27
M68K_INS_BSR = 28
M68K_INS_BCHG = 29
M68K_INS_BCLR = 30
M68K_INS_BSET = 31
M68K_INS_BTST = 32
M68K_INS_BFCHG = 33
M68K_INS_BFCLR = 34
M68K_INS_BFEXTS = 35
M68K_INS_BFEXTU = 36
M68K_INS_BFFFO = 37
M68K_INS_BFINS = 38
M68K_INS_BFSET = 39
M68K_INS_BFTST = 40
M68K_INS_BKPT = 41
M68K_INS_CALLM = 42
M68K_INS_CAS = 43
M68K_INS_CAS2 = 44
M68K_INS_CHK = 45
M68K_INS_CHK2 = 46
M68K_INS_CLR = 47
M68K_INS_CMP = 48
M68K_INS_CMPA = 49
M68K_INS_CMPI = 50
M68K_INS_CMPM = 51
M68K_INS_CMP2 = 52
M68K_INS_CINVL = 53
M68K_INS_CINVP = 54
M68K_INS_CINVA = 55
M68K_INS_CPUSHL = 56
M68K_INS_CPUSHP = 57
M68K_INS_CPUSHA = 58
M68K_INS_DBT = 59
M68K_INS_DBF = 60
M68K_INS_DBHI = 61
M68K_INS_DBLS = 62
M68K_INS_DBCC = 63
M68K_INS_DBCS = 64
M68K_INS_DBNE = 65
M68K_INS_DBEQ = 66
M68K_INS_DBVC = 67
M68K_INS_DBVS = 68
M68K_INS_DBPL = 69
M68K_INS_DBMI = 70
M68K_INS_DBGE = 71
M68K_INS_DBLT = 72
M68K_INS_DBGT = 73
M68K_INS_DBLE = 74
M68K_INS_DBRA = 75
M68K_INS_DIVS = 76
M68K_INS_DIVSL = 77
M68K_INS_DIVU = 78
M68K_INS_DIVUL = 79
M68K_INS_EOR = 80
M68K_INS_EORI = 81
M68K_INS_EXG = 82
M68K_INS_EXT = 83
M68K_INS_EXTB = 84
M68K_INS_FABS = 85
M68K_INS_FSABS = 86
M68K_INS_FDABS = 87
M68K_INS_FACOS = 88
M68K_INS_FADD = 89
M68K_INS_FSADD = 90
M68K_INS_FDADD = 91
M68K_INS_FASIN = 92
M68K_INS_FATAN = 93
M68K_INS_FATANH = 94
M68K_INS_FBF = 95
M68K_INS_FBEQ = 96
M68K_INS_FBOGT = 97
M68K_INS_FBOGE = 98
M68K_INS_FBOLT = 99
M68K_INS_FBOLE = 100
M68K_INS_FBOGL = 101
M68K_INS_FBOR = 102
M68K_INS_FBUN = 103
M68K_INS_FBUEQ = 104
M68K_INS_FBUGT = 105
M68K_INS_FBUGE = 106
M68K_INS_FBULT = 107
M68K_INS_FBULE = 108
M68K_INS_FBNE = 109
M68K_INS_FBT = 110
M68K_INS_FBSF = 111
M68K_INS_FBSEQ = 112
M68K_INS_FBGT = 113
M68K_INS_FBGE = 114
M68K_INS_FBLT = 115
M68K_INS_FBLE = 116
M68K_INS_FBGL = 117
M68K_INS_FBGLE = 118
M68K_INS_FBNGLE = 119
M68K_INS_FBNGL = 120
M68K_INS_FBNLE = 121
M68K_INS_FBNLT = 122
M68K_INS_FBNGE = 123
M68K_INS_FBNGT = 124
M68K_INS_FBSNE = 125
M68K_INS_FBST = 126
M68K_INS_FCMP = 127
M68K_INS_FCOS = 128
M68K_INS_FCOSH = 129
M68K_INS_FDBF = 130
M68K_INS_FDBEQ = 131
M68K_INS_FDBOGT = 132
M68K_INS_FDBOGE = 133
M68K_INS_FDBOLT = 134
M68K_INS_FDBOLE = 135
M68K_INS_FDBOGL = 136
M68K_INS_FDBOR = 137
M68K_INS_FDBUN = 138
M68K_INS_FDBUEQ = 139
M68K_INS_FDBUGT = 140
M68K_INS_FDBUGE = 141
M68K_INS_FDBULT = 142
M68K_INS_FDBULE = 143
M68K_INS_FDBNE = 144
M68K_INS_FDBT = 145
M68K_INS_FDBSF = 146
M68K_INS_FDBSEQ = 147
M68K_INS_FDBGT = 148
M68K_INS_FDBGE = 149
M68K_INS_FDBLT = 150
M68K_INS_FDBLE = 151
M68K_INS_FDBGL = 152
M68K_INS_FDBGLE = 153
M68K_INS_FDBNGLE = 154
M68K_INS_FDBNGL = 155
M68K_INS_FDBNLE = 156
M68K_INS_FDBNLT = 157
M68K_INS_FDBNGE = 158
M68K_INS_FDBNGT = 159
M68K_INS_FDBSNE = 160
M68K_INS_FDBST = 161
M68K_INS_FDIV = 162
M68K_INS_FSDIV = 163
M68K_INS_FDDIV = 164
M68K_INS_FETOX = 165
M68K_INS_FETOXM1 = 166
M68K_INS_FGETEXP = 167
M68K_INS_FGETMAN = 168
M68K_INS_FINT = 169
M68K_INS_FINTRZ = 170
M68K_INS_FLOG10 = 171
M68K_INS_FLOG2 = 172
M68K_INS_FLOGN = 173
M68K_INS_FLOGNP1 = 174
M68K_INS_FMOD = 175
M68K_INS_FMOVE = 176
M68K_INS_FSMOVE = 177
M68K_INS_FDMOVE = 178
M68K_INS_FMOVECR = 179
M68K_INS_FMOVEM = 180
M68K_INS_FMUL = 181
M68K_INS_FSMUL = 182
M68K_INS_FDMUL = 183
M68K_INS_FNEG = 184
M68K_INS_FSNEG = 185
M68K_INS_FDNEG = 186
M68K_INS_FNOP = 187
M68K_INS_FREM = 188
M68K_INS_FRESTORE = 189
M68K_INS_FSAVE = 190
M68K_INS_FSCALE = 191
M68K_INS_FSGLDIV = 192
M68K_INS_FSGLMUL = 193
M68K_INS_FSIN = 194
M68K_INS_FSINCOS = 195
M68K_INS_FSINH = 196
M68K_INS_FSQRT = 197
M68K_INS_FSSQRT = 198
M68K_INS_FDSQRT = 199
M68K_INS_FSF = 200
M68K_INS_FSBEQ = 201
M68K_INS_FSOGT = 202
M68K_INS_FSOGE = 203
M68K_INS_FSOLT = 204
M68K_INS_FSOLE = 205
M68K_INS_FSOGL = 206
M68K_INS_FSOR = 207
M68K_INS_FSUN = 208
M68K_INS_FSUEQ = 209
M68K_INS_FSUGT = 210
M68K_INS_FSUGE = 211
M68K_INS_FSULT = 212
M68K_INS_FSULE = 213
M68K_INS_FSNE = 214
M68K_INS_FST = 215
M68K_INS_FSSF = 216
M68K_INS_FSSEQ = 217
M68K_INS_FSGT = 218
M68K_INS_FSGE = 219
M68K_INS_FSLT = 220
M68K_INS_FSLE = 221
M68K_INS_FSGL = 222
M68K_INS_FSGLE = 223
M68K_INS_FSNGLE = 224
M68K_INS_FSNGL = 225
M68K_INS_FSNLE = 226
M68K_INS_FSNLT = 227
M68K_INS_FSNGE = 228
M68K_INS_FSNGT = 229
M68K_INS_FSSNE = 230
M68K_INS_FSST = 231
M68K_INS_FSUB = 232
M68K_INS_FSSUB = 233
M68K_INS_FDSUB = 234
M68K_INS_FTAN = 235
M68K_INS_FTANH = 236
M68K_INS_FTENTOX = 237
M68K_INS_FTRAPF = 238
M68K_INS_FTRAPEQ = 239
M68K_INS_FTRAPOGT = 240
M68K_INS_FTRAPOGE = 241
M68K_INS_FTRAPOLT = 242
M68K_INS_FTRAPOLE = 243
M68K_INS_FTRAPOGL = 244
M68K_INS_FTRAPOR = 245
M68K_INS_FTRAPUN = 246
M68K_INS_FTRAPUEQ = 247
M68K_INS_FTRAPUGT = 248
M68K_INS_FTRAPUGE = 249
M68K_INS_FTRAPULT = 250
M68K_INS_FTRAPULE = 251
M68K_INS_FTRAPNE = 252
M68K_INS_FTRAPT = 253
M68K_INS_FTRAPSF = 254
M68K_INS_FTRAPSEQ = 255
M68K_INS_FTRAPGT = 256
M68K_INS_FTRAPGE = 257
M68K_INS_FTRAPLT = 258
M68K_INS_FTRAPLE = 259
M68K_INS_FTRAPGL = 260
M68K_INS_FTRAPGLE = 261
M68K_INS_FTRAPNGLE = 262
M68K_INS_FTRAPNGL = 263
M68K_INS_FTRAPNLE = 264
M68K_INS_FTRAPNLT = 265
M68K_INS_FTRAPNGE = 266
M68K_INS_FTRAPNGT = 267
M68K_INS_FTRAPSNE = 268
M68K_INS_FTRAPST = 269
M68K_INS_FTST = 270
M68K_INS_FTWOTOX = 271
M68K_INS_HALT = 272
M68K_INS_ILLEGAL = 273
M68K_INS_JMP = 274
M68K_INS_JSR = 275
M68K_INS_LEA = 276
M68K_INS_LINK = 277
M68K_INS_LPSTOP = 278
M68K_INS_LSL = 279
M68K_INS_LSR = 280
M68K_INS_MOVE = 281
M68K_INS_MOVEA = 282
M68K_INS_MOVEC = 283
M68K_INS_MOVEM = 284
M68K_INS_MOVEP = 285
M68K_INS_MOVEQ = 286
M68K_INS_MOVES = 287
M68K_INS_MOVE16 = 288
M68K_INS_MULS = 289
M68K_INS_MULU = 290
M68K_INS_NBCD = 291
M68K_INS_NEG = 292
M68K_INS_NEGX = 293
M68K_INS_NOP = 294
M68K_INS_NOT = 295
M68K_INS_OR = 296
M68K_INS_ORI = 297
M68K_INS_PACK = 298
M68K_INS_PEA = 299
M68K_INS_PFLUSH = 300
M68K_INS_PFLUSHA = 301
M68K_INS_PFLUSHAN = 302
M68K_INS_PFLUSHN = 303
M68K_INS_PLOADR = 304
M68K_INS_PLOADW = 305
M68K_INS_PLPAR = 306
M68K_INS_PLPAW = 307
M68K_INS_PMOVE = 308
M68K_INS_PMOVEFD = 309
M68K_INS_PTESTR = 310
M68K_INS_PTESTW = 311
M68K_INS_PULSE = 312
M68K_INS_REMS = 313
M68K_INS_REMU = 314
M68K_INS_RESET = 315
M68K_INS_ROL = 316
M68K_INS_ROR = 317
M68K_INS_ROXL = 318
M68K_INS_ROXR = 319
M68K_INS_RTD = 320
M68K_INS_RTE = 321
M68K_INS_RTM = 322
M68K_INS_RTR = 323
M68K_INS_RTS = 324
M68K_INS_SBCD = 325
M68K_INS_ST = 326
M68K_INS_SF = 327
M68K_INS_SHI = 328
M68K_INS_SLS = 329
M68K_INS_SCC = 330
M68K_INS_SHS = 331
M68K_INS_SCS = 332
M68K_INS_SLO = 333
M68K_INS_SNE = 334
M68K_INS_SEQ = 335
M68K_INS_SVC = 336
M68K_INS_SVS = 337
M68K_INS_SPL = 338
M68K_INS_SMI = 339
M68K_INS_SGE = 340
M68K_INS_SLT = 341
M68K_INS_SGT = 342
M68K_INS_SLE = 343
M68K_INS_STOP = 344
M68K_INS_SUB = 345
M68K_INS_SUBA = 346
M68K_INS_SUBI = 347
M68K_INS_SUBQ = 348
M68K_INS_SUBX = 349
M68K_INS_SWAP = 350
M68K_INS_TAS = 351
M68K_INS_TRAP = 352
M68K_INS_TRAPV = 353
M68K_INS_TRAPT = 354
M68K_INS_TRAPF = 355
M68K_INS_TRAPHI = 356
M68K_INS_TRAPLS = 357
M68K_INS_TRAPCC = 358
M68K_INS_TRAPHS = 359
M68K_INS_TRAPCS = 360
M68K_INS_TRAPLO = 361
M68K_INS_TRAPNE = 362
M68K_INS_TRAPEQ = 363
M68K_INS_TRAPVC = 364
M68K_INS_TRAPVS = 365
M68K_INS_TRAPPL = 366
M68K_INS_TRAPMI = 367
M68K_INS_TRAPGE = 368
M68K_INS_TRAPLT = 369
M68K_INS_TRAPGT = 370
M68K_INS_TRAPLE = 371
M68K_INS_TST = 372
M68K_INS_UNLK = 373
M68K_INS_UNPK = 374
M68K_INS_ENDING = 375
M68K_GRP_INVALID = 0
M68K_GRP_JUMP = 1
M68K_GRP_RET = 3
M68K_GRP_IRET = 5
M68K_GRP_BRANCH_RELATIVE = 7
M68K_GRP_ENDING = 8

48
white_patch_detect/capstone-master/bindings/python/capstone/mips.py Normal file
View File

@@ -0,0 +1,48 @@
# Capstone Python bindings, by Nguyen Anh Quynnh <aquynh@gmail.com>
import ctypes
from . import copy_ctypes_list
from .mips_const import *
# define the API
class MipsOpMem(ctypes.Structure):
_fields_ = (
('base', ctypes.c_uint),
('disp', ctypes.c_int64),
)
class MipsOpValue(ctypes.Union):
_fields_ = (
('reg', ctypes.c_uint),
('imm', ctypes.c_int64),
('mem', MipsOpMem),
)
class MipsOp(ctypes.Structure):
_fields_ = (
('type', ctypes.c_uint),
('value', MipsOpValue),
)
@property
def imm(self):
return self.value.imm
@property
def reg(self):
return self.value.reg
@property
def mem(self):
return self.value.mem
class CsMips(ctypes.Structure):
_fields_ = (
('op_count', ctypes.c_uint8),
('operands', MipsOp * 10),
)
def get_arch_info(a):
return copy_ctypes_list(a.operands[:a.op_count])

861
white_patch_detect/capstone-master/bindings/python/capstone/mips_const.py Normal file
View File

@@ -0,0 +1,861 @@
# For Capstone Engine. AUTO-GENERATED FILE, DO NOT EDIT [mips_const.py]
MIPS_OP_INVALID = 0
MIPS_OP_REG = 1
MIPS_OP_IMM = 2
MIPS_OP_MEM = 3
MIPS_REG_INVALID = 0
MIPS_REG_PC = 1
MIPS_REG_0 = 2
MIPS_REG_1 = 3
MIPS_REG_2 = 4
MIPS_REG_3 = 5
MIPS_REG_4 = 6
MIPS_REG_5 = 7
MIPS_REG_6 = 8
MIPS_REG_7 = 9
MIPS_REG_8 = 10
MIPS_REG_9 = 11
MIPS_REG_10 = 12
MIPS_REG_11 = 13
MIPS_REG_12 = 14
MIPS_REG_13 = 15
MIPS_REG_14 = 16
MIPS_REG_15 = 17
MIPS_REG_16 = 18
MIPS_REG_17 = 19
MIPS_REG_18 = 20
MIPS_REG_19 = 21
MIPS_REG_20 = 22
MIPS_REG_21 = 23
MIPS_REG_22 = 24
MIPS_REG_23 = 25
MIPS_REG_24 = 26
MIPS_REG_25 = 27
MIPS_REG_26 = 28
MIPS_REG_27 = 29
MIPS_REG_28 = 30
MIPS_REG_29 = 31
MIPS_REG_30 = 32
MIPS_REG_31 = 33
MIPS_REG_DSPCCOND = 34
MIPS_REG_DSPCARRY = 35
MIPS_REG_DSPEFI = 36
MIPS_REG_DSPOUTFLAG = 37
MIPS_REG_DSPOUTFLAG16_19 = 38
MIPS_REG_DSPOUTFLAG20 = 39
MIPS_REG_DSPOUTFLAG21 = 40
MIPS_REG_DSPOUTFLAG22 = 41
MIPS_REG_DSPOUTFLAG23 = 42
MIPS_REG_DSPPOS = 43
MIPS_REG_DSPSCOUNT = 44
MIPS_REG_AC0 = 45
MIPS_REG_AC1 = 46
MIPS_REG_AC2 = 47
MIPS_REG_AC3 = 48
MIPS_REG_CC0 = 49
MIPS_REG_CC1 = 50
MIPS_REG_CC2 = 51
MIPS_REG_CC3 = 52
MIPS_REG_CC4 = 53
MIPS_REG_CC5 = 54
MIPS_REG_CC6 = 55
MIPS_REG_CC7 = 56
MIPS_REG_F0 = 57
MIPS_REG_F1 = 58
MIPS_REG_F2 = 59
MIPS_REG_F3 = 60
MIPS_REG_F4 = 61
MIPS_REG_F5 = 62
MIPS_REG_F6 = 63
MIPS_REG_F7 = 64
MIPS_REG_F8 = 65
MIPS_REG_F9 = 66
MIPS_REG_F10 = 67
MIPS_REG_F11 = 68
MIPS_REG_F12 = 69
MIPS_REG_F13 = 70
MIPS_REG_F14 = 71
MIPS_REG_F15 = 72
MIPS_REG_F16 = 73
MIPS_REG_F17 = 74
MIPS_REG_F18 = 75
MIPS_REG_F19 = 76
MIPS_REG_F20 = 77
MIPS_REG_F21 = 78
MIPS_REG_F22 = 79
MIPS_REG_F23 = 80
MIPS_REG_F24 = 81
MIPS_REG_F25 = 82
MIPS_REG_F26 = 83
MIPS_REG_F27 = 84
MIPS_REG_F28 = 85
MIPS_REG_F29 = 86
MIPS_REG_F30 = 87
MIPS_REG_F31 = 88
MIPS_REG_FCC0 = 89
MIPS_REG_FCC1 = 90
MIPS_REG_FCC2 = 91
MIPS_REG_FCC3 = 92
MIPS_REG_FCC4 = 93
MIPS_REG_FCC5 = 94
MIPS_REG_FCC6 = 95
MIPS_REG_FCC7 = 96
MIPS_REG_W0 = 97
MIPS_REG_W1 = 98
MIPS_REG_W2 = 99
MIPS_REG_W3 = 100
MIPS_REG_W4 = 101
MIPS_REG_W5 = 102
MIPS_REG_W6 = 103
MIPS_REG_W7 = 104
MIPS_REG_W8 = 105
MIPS_REG_W9 = 106
MIPS_REG_W10 = 107
MIPS_REG_W11 = 108
MIPS_REG_W12 = 109
MIPS_REG_W13 = 110
MIPS_REG_W14 = 111
MIPS_REG_W15 = 112
MIPS_REG_W16 = 113
MIPS_REG_W17 = 114
MIPS_REG_W18 = 115
MIPS_REG_W19 = 116
MIPS_REG_W20 = 117
MIPS_REG_W21 = 118
MIPS_REG_W22 = 119
MIPS_REG_W23 = 120
MIPS_REG_W24 = 121
MIPS_REG_W25 = 122
MIPS_REG_W26 = 123
MIPS_REG_W27 = 124
MIPS_REG_W28 = 125
MIPS_REG_W29 = 126
MIPS_REG_W30 = 127
MIPS_REG_W31 = 128
MIPS_REG_HI = 129
MIPS_REG_LO = 130
MIPS_REG_P0 = 131
MIPS_REG_P1 = 132
MIPS_REG_P2 = 133
MIPS_REG_MPL0 = 134
MIPS_REG_MPL1 = 135
MIPS_REG_MPL2 = 136
MIPS_REG_ENDING = 137
MIPS_REG_ZERO = MIPS_REG_0
MIPS_REG_AT = MIPS_REG_1
MIPS_REG_V0 = MIPS_REG_2
MIPS_REG_V1 = MIPS_REG_3
MIPS_REG_A0 = MIPS_REG_4
MIPS_REG_A1 = MIPS_REG_5
MIPS_REG_A2 = MIPS_REG_6
MIPS_REG_A3 = MIPS_REG_7
MIPS_REG_T0 = MIPS_REG_8
MIPS_REG_T1 = MIPS_REG_9
MIPS_REG_T2 = MIPS_REG_10
MIPS_REG_T3 = MIPS_REG_11
MIPS_REG_T4 = MIPS_REG_12
MIPS_REG_T5 = MIPS_REG_13
MIPS_REG_T6 = MIPS_REG_14
MIPS_REG_T7 = MIPS_REG_15
MIPS_REG_S0 = MIPS_REG_16
MIPS_REG_S1 = MIPS_REG_17
MIPS_REG_S2 = MIPS_REG_18
MIPS_REG_S3 = MIPS_REG_19
MIPS_REG_S4 = MIPS_REG_20
MIPS_REG_S5 = MIPS_REG_21
MIPS_REG_S6 = MIPS_REG_22
MIPS_REG_S7 = MIPS_REG_23
MIPS_REG_T8 = MIPS_REG_24
MIPS_REG_T9 = MIPS_REG_25
MIPS_REG_K0 = MIPS_REG_26
MIPS_REG_K1 = MIPS_REG_27
MIPS_REG_GP = MIPS_REG_28
MIPS_REG_SP = MIPS_REG_29
MIPS_REG_FP = MIPS_REG_30
MIPS_REG_S8 = MIPS_REG_30
MIPS_REG_RA = MIPS_REG_31
MIPS_REG_HI0 = MIPS_REG_AC0
MIPS_REG_HI1 = MIPS_REG_AC1
MIPS_REG_HI2 = MIPS_REG_AC2
MIPS_REG_HI3 = MIPS_REG_AC3
MIPS_REG_LO0 = MIPS_REG_HI0
MIPS_REG_LO1 = MIPS_REG_HI1
MIPS_REG_LO2 = MIPS_REG_HI2
MIPS_REG_LO3 = MIPS_REG_HI3
MIPS_INS_INVALID = 0
MIPS_INS_ABSQ_S = 1
MIPS_INS_ADD = 2
MIPS_INS_ADDIUPC = 3
MIPS_INS_ADDIUR1SP = 4
MIPS_INS_ADDIUR2 = 5
MIPS_INS_ADDIUS5 = 6
MIPS_INS_ADDIUSP = 7
MIPS_INS_ADDQH = 8
MIPS_INS_ADDQH_R = 9
MIPS_INS_ADDQ = 10
MIPS_INS_ADDQ_S = 11
MIPS_INS_ADDSC = 12
MIPS_INS_ADDS_A = 13
MIPS_INS_ADDS_S = 14
MIPS_INS_ADDS_U = 15
MIPS_INS_ADDU16 = 16
MIPS_INS_ADDUH = 17
MIPS_INS_ADDUH_R = 18
MIPS_INS_ADDU = 19
MIPS_INS_ADDU_S = 20
MIPS_INS_ADDVI = 21
MIPS_INS_ADDV = 22
MIPS_INS_ADDWC = 23
MIPS_INS_ADD_A = 24
MIPS_INS_ADDI = 25
MIPS_INS_ADDIU = 26
MIPS_INS_ALIGN = 27
MIPS_INS_ALUIPC = 28
MIPS_INS_AND = 29
MIPS_INS_AND16 = 30
MIPS_INS_ANDI16 = 31
MIPS_INS_ANDI = 32
MIPS_INS_APPEND = 33
MIPS_INS_ASUB_S = 34
MIPS_INS_ASUB_U = 35
MIPS_INS_AUI = 36
MIPS_INS_AUIPC = 37
MIPS_INS_AVER_S = 38
MIPS_INS_AVER_U = 39
MIPS_INS_AVE_S = 40
MIPS_INS_AVE_U = 41
MIPS_INS_B16 = 42
MIPS_INS_BADDU = 43
MIPS_INS_BAL = 44
MIPS_INS_BALC = 45
MIPS_INS_BALIGN = 46
MIPS_INS_BBIT0 = 47
MIPS_INS_BBIT032 = 48
MIPS_INS_BBIT1 = 49
MIPS_INS_BBIT132 = 50
MIPS_INS_BC = 51
MIPS_INS_BC0F = 52
MIPS_INS_BC0FL = 53
MIPS_INS_BC0T = 54
MIPS_INS_BC0TL = 55
MIPS_INS_BC1EQZ = 56
MIPS_INS_BC1F = 57
MIPS_INS_BC1FL = 58
MIPS_INS_BC1NEZ = 59
MIPS_INS_BC1T = 60
MIPS_INS_BC1TL = 61
MIPS_INS_BC2EQZ = 62
MIPS_INS_BC2F = 63
MIPS_INS_BC2FL = 64
MIPS_INS_BC2NEZ = 65
MIPS_INS_BC2T = 66
MIPS_INS_BC2TL = 67
MIPS_INS_BC3F = 68
MIPS_INS_BC3FL = 69
MIPS_INS_BC3T = 70
MIPS_INS_BC3TL = 71
MIPS_INS_BCLRI = 72
MIPS_INS_BCLR = 73
MIPS_INS_BEQ = 74
MIPS_INS_BEQC = 75
MIPS_INS_BEQL = 76
MIPS_INS_BEQZ16 = 77
MIPS_INS_BEQZALC = 78
MIPS_INS_BEQZC = 79
MIPS_INS_BGEC = 80
MIPS_INS_BGEUC = 81
MIPS_INS_BGEZ = 82
MIPS_INS_BGEZAL = 83
MIPS_INS_BGEZALC = 84
MIPS_INS_BGEZALL = 85
MIPS_INS_BGEZALS = 86
MIPS_INS_BGEZC = 87
MIPS_INS_BGEZL = 88
MIPS_INS_BGTZ = 89
MIPS_INS_BGTZALC = 90
MIPS_INS_BGTZC = 91
MIPS_INS_BGTZL = 92
MIPS_INS_BINSLI = 93
MIPS_INS_BINSL = 94
MIPS_INS_BINSRI = 95
MIPS_INS_BINSR = 96
MIPS_INS_BITREV = 97
MIPS_INS_BITSWAP = 98
MIPS_INS_BLEZ = 99
MIPS_INS_BLEZALC = 100
MIPS_INS_BLEZC = 101
MIPS_INS_BLEZL = 102
MIPS_INS_BLTC = 103
MIPS_INS_BLTUC = 104
MIPS_INS_BLTZ = 105
MIPS_INS_BLTZAL = 106
MIPS_INS_BLTZALC = 107
MIPS_INS_BLTZALL = 108
MIPS_INS_BLTZALS = 109
MIPS_INS_BLTZC = 110
MIPS_INS_BLTZL = 111
MIPS_INS_BMNZI = 112
MIPS_INS_BMNZ = 113
MIPS_INS_BMZI = 114
MIPS_INS_BMZ = 115
MIPS_INS_BNE = 116
MIPS_INS_BNEC = 117
MIPS_INS_BNEGI = 118
MIPS_INS_BNEG = 119
MIPS_INS_BNEL = 120
MIPS_INS_BNEZ16 = 121
MIPS_INS_BNEZALC = 122
MIPS_INS_BNEZC = 123
MIPS_INS_BNVC = 124
MIPS_INS_BNZ = 125
MIPS_INS_BOVC = 126
MIPS_INS_BPOSGE32 = 127
MIPS_INS_BREAK = 128
MIPS_INS_BREAK16 = 129
MIPS_INS_BSELI = 130
MIPS_INS_BSEL = 131
MIPS_INS_BSETI = 132
MIPS_INS_BSET = 133
MIPS_INS_BZ = 134
MIPS_INS_BEQZ = 135
MIPS_INS_B = 136
MIPS_INS_BNEZ = 137
MIPS_INS_BTEQZ = 138
MIPS_INS_BTNEZ = 139
MIPS_INS_CACHE = 140
MIPS_INS_CEIL = 141
MIPS_INS_CEQI = 142
MIPS_INS_CEQ = 143
MIPS_INS_CFC1 = 144
MIPS_INS_CFCMSA = 145
MIPS_INS_CINS = 146
MIPS_INS_CINS32 = 147
MIPS_INS_CLASS = 148
MIPS_INS_CLEI_S = 149
MIPS_INS_CLEI_U = 150
MIPS_INS_CLE_S = 151
MIPS_INS_CLE_U = 152
MIPS_INS_CLO = 153
MIPS_INS_CLTI_S = 154
MIPS_INS_CLTI_U = 155
MIPS_INS_CLT_S = 156
MIPS_INS_CLT_U = 157
MIPS_INS_CLZ = 158
MIPS_INS_CMPGDU = 159
MIPS_INS_CMPGU = 160
MIPS_INS_CMPU = 161
MIPS_INS_CMP = 162
MIPS_INS_COPY_S = 163
MIPS_INS_COPY_U = 164
MIPS_INS_CTC1 = 165
MIPS_INS_CTCMSA = 166
MIPS_INS_CVT = 167
MIPS_INS_C = 168
MIPS_INS_CMPI = 169
MIPS_INS_DADD = 170
MIPS_INS_DADDI = 171
MIPS_INS_DADDIU = 172
MIPS_INS_DADDU = 173
MIPS_INS_DAHI = 174
MIPS_INS_DALIGN = 175
MIPS_INS_DATI = 176
MIPS_INS_DAUI = 177
MIPS_INS_DBITSWAP = 178
MIPS_INS_DCLO = 179
MIPS_INS_DCLZ = 180
MIPS_INS_DDIV = 181
MIPS_INS_DDIVU = 182
MIPS_INS_DERET = 183
MIPS_INS_DEXT = 184
MIPS_INS_DEXTM = 185
MIPS_INS_DEXTU = 186
MIPS_INS_DI = 187
MIPS_INS_DINS = 188
MIPS_INS_DINSM = 189
MIPS_INS_DINSU = 190
MIPS_INS_DIV = 191
MIPS_INS_DIVU = 192
MIPS_INS_DIV_S = 193
MIPS_INS_DIV_U = 194
MIPS_INS_DLSA = 195
MIPS_INS_DMFC0 = 196
MIPS_INS_DMFC1 = 197
MIPS_INS_DMFC2 = 198
MIPS_INS_DMOD = 199
MIPS_INS_DMODU = 200
MIPS_INS_DMTC0 = 201
MIPS_INS_DMTC1 = 202
MIPS_INS_DMTC2 = 203
MIPS_INS_DMUH = 204
MIPS_INS_DMUHU = 205
MIPS_INS_DMUL = 206
MIPS_INS_DMULT = 207
MIPS_INS_DMULTU = 208
MIPS_INS_DMULU = 209
MIPS_INS_DOTP_S = 210
MIPS_INS_DOTP_U = 211
MIPS_INS_DPADD_S = 212
MIPS_INS_DPADD_U = 213
MIPS_INS_DPAQX_SA = 214
MIPS_INS_DPAQX_S = 215
MIPS_INS_DPAQ_SA = 216
MIPS_INS_DPAQ_S = 217
MIPS_INS_DPAU = 218
MIPS_INS_DPAX = 219
MIPS_INS_DPA = 220
MIPS_INS_DPOP = 221
MIPS_INS_DPSQX_SA = 222
MIPS_INS_DPSQX_S = 223
MIPS_INS_DPSQ_SA = 224
MIPS_INS_DPSQ_S = 225
MIPS_INS_DPSUB_S = 226
MIPS_INS_DPSUB_U = 227
MIPS_INS_DPSU = 228
MIPS_INS_DPSX = 229
MIPS_INS_DPS = 230
MIPS_INS_DROTR = 231
MIPS_INS_DROTR32 = 232
MIPS_INS_DROTRV = 233
MIPS_INS_DSBH = 234
MIPS_INS_DSHD = 235
MIPS_INS_DSLL = 236
MIPS_INS_DSLL32 = 237
MIPS_INS_DSLLV = 238
MIPS_INS_DSRA = 239
MIPS_INS_DSRA32 = 240
MIPS_INS_DSRAV = 241
MIPS_INS_DSRL = 242
MIPS_INS_DSRL32 = 243
MIPS_INS_DSRLV = 244
MIPS_INS_DSUB = 245
MIPS_INS_DSUBU = 246
MIPS_INS_EHB = 247
MIPS_INS_EI = 248
MIPS_INS_ERET = 249
MIPS_INS_EXT = 250
MIPS_INS_EXTP = 251
MIPS_INS_EXTPDP = 252
MIPS_INS_EXTPDPV = 253
MIPS_INS_EXTPV = 254
MIPS_INS_EXTRV_RS = 255
MIPS_INS_EXTRV_R = 256
MIPS_INS_EXTRV_S = 257
MIPS_INS_EXTRV = 258
MIPS_INS_EXTR_RS = 259
MIPS_INS_EXTR_R = 260
MIPS_INS_EXTR_S = 261
MIPS_INS_EXTR = 262
MIPS_INS_EXTS = 263
MIPS_INS_EXTS32 = 264
MIPS_INS_ABS = 265
MIPS_INS_FADD = 266
MIPS_INS_FCAF = 267
MIPS_INS_FCEQ = 268
MIPS_INS_FCLASS = 269
MIPS_INS_FCLE = 270
MIPS_INS_FCLT = 271
MIPS_INS_FCNE = 272
MIPS_INS_FCOR = 273
MIPS_INS_FCUEQ = 274
MIPS_INS_FCULE = 275
MIPS_INS_FCULT = 276
MIPS_INS_FCUNE = 277
MIPS_INS_FCUN = 278
MIPS_INS_FDIV = 279
MIPS_INS_FEXDO = 280
MIPS_INS_FEXP2 = 281
MIPS_INS_FEXUPL = 282
MIPS_INS_FEXUPR = 283
MIPS_INS_FFINT_S = 284
MIPS_INS_FFINT_U = 285
MIPS_INS_FFQL = 286
MIPS_INS_FFQR = 287
MIPS_INS_FILL = 288
MIPS_INS_FLOG2 = 289
MIPS_INS_FLOOR = 290
MIPS_INS_FMADD = 291
MIPS_INS_FMAX_A = 292
MIPS_INS_FMAX = 293
MIPS_INS_FMIN_A = 294
MIPS_INS_FMIN = 295
MIPS_INS_MOV = 296
MIPS_INS_FMSUB = 297
MIPS_INS_FMUL = 298
MIPS_INS_MUL = 299
MIPS_INS_NEG = 300
MIPS_INS_FRCP = 301
MIPS_INS_FRINT = 302
MIPS_INS_FRSQRT = 303
MIPS_INS_FSAF = 304
MIPS_INS_FSEQ = 305
MIPS_INS_FSLE = 306
MIPS_INS_FSLT = 307
MIPS_INS_FSNE = 308
MIPS_INS_FSOR = 309
MIPS_INS_FSQRT = 310
MIPS_INS_SQRT = 311
MIPS_INS_FSUB = 312
MIPS_INS_SUB = 313
MIPS_INS_FSUEQ = 314
MIPS_INS_FSULE = 315
MIPS_INS_FSULT = 316
MIPS_INS_FSUNE = 317
MIPS_INS_FSUN = 318
MIPS_INS_FTINT_S = 319
MIPS_INS_FTINT_U = 320
MIPS_INS_FTQ = 321
MIPS_INS_FTRUNC_S = 322
MIPS_INS_FTRUNC_U = 323
MIPS_INS_HADD_S = 324
MIPS_INS_HADD_U = 325
MIPS_INS_HSUB_S = 326
MIPS_INS_HSUB_U = 327
MIPS_INS_ILVEV = 328
MIPS_INS_ILVL = 329
MIPS_INS_ILVOD = 330
MIPS_INS_ILVR = 331
MIPS_INS_INS = 332
MIPS_INS_INSERT = 333
MIPS_INS_INSV = 334
MIPS_INS_INSVE = 335
MIPS_INS_J = 336
MIPS_INS_JAL = 337
MIPS_INS_JALR = 338
MIPS_INS_JALRS16 = 339
MIPS_INS_JALRS = 340
MIPS_INS_JALS = 341
MIPS_INS_JALX = 342
MIPS_INS_JIALC = 343
MIPS_INS_JIC = 344
MIPS_INS_JR = 345
MIPS_INS_JR16 = 346
MIPS_INS_JRADDIUSP = 347
MIPS_INS_JRC = 348
MIPS_INS_JALRC = 349
MIPS_INS_LB = 350
MIPS_INS_LBU16 = 351
MIPS_INS_LBUX = 352
MIPS_INS_LBU = 353
MIPS_INS_LD = 354
MIPS_INS_LDC1 = 355
MIPS_INS_LDC2 = 356
MIPS_INS_LDC3 = 357
MIPS_INS_LDI = 358
MIPS_INS_LDL = 359
MIPS_INS_LDPC = 360
MIPS_INS_LDR = 361
MIPS_INS_LDXC1 = 362
MIPS_INS_LH = 363
MIPS_INS_LHU16 = 364
MIPS_INS_LHX = 365
MIPS_INS_LHU = 366
MIPS_INS_LI16 = 367
MIPS_INS_LL = 368
MIPS_INS_LLD = 369
MIPS_INS_LSA = 370
MIPS_INS_LUXC1 = 371
MIPS_INS_LUI = 372
MIPS_INS_LW = 373
MIPS_INS_LW16 = 374
MIPS_INS_LWC1 = 375
MIPS_INS_LWC2 = 376
MIPS_INS_LWC3 = 377
MIPS_INS_LWL = 378
MIPS_INS_LWM16 = 379
MIPS_INS_LWM32 = 380
MIPS_INS_LWPC = 381
MIPS_INS_LWP = 382
MIPS_INS_LWR = 383
MIPS_INS_LWUPC = 384
MIPS_INS_LWU = 385
MIPS_INS_LWX = 386
MIPS_INS_LWXC1 = 387
MIPS_INS_LWXS = 388
MIPS_INS_LI = 389
MIPS_INS_MADD = 390
MIPS_INS_MADDF = 391
MIPS_INS_MADDR_Q = 392
MIPS_INS_MADDU = 393
MIPS_INS_MADDV = 394
MIPS_INS_MADD_Q = 395
MIPS_INS_MAQ_SA = 396
MIPS_INS_MAQ_S = 397
MIPS_INS_MAXA = 398
MIPS_INS_MAXI_S = 399
MIPS_INS_MAXI_U = 400
MIPS_INS_MAX_A = 401
MIPS_INS_MAX = 402
MIPS_INS_MAX_S = 403
MIPS_INS_MAX_U = 404
MIPS_INS_MFC0 = 405
MIPS_INS_MFC1 = 406
MIPS_INS_MFC2 = 407
MIPS_INS_MFHC1 = 408
MIPS_INS_MFHI = 409
MIPS_INS_MFLO = 410
MIPS_INS_MINA = 411
MIPS_INS_MINI_S = 412
MIPS_INS_MINI_U = 413
MIPS_INS_MIN_A = 414
MIPS_INS_MIN = 415
MIPS_INS_MIN_S = 416
MIPS_INS_MIN_U = 417
MIPS_INS_MOD = 418
MIPS_INS_MODSUB = 419
MIPS_INS_MODU = 420
MIPS_INS_MOD_S = 421
MIPS_INS_MOD_U = 422
MIPS_INS_MOVE = 423
MIPS_INS_MOVEP = 424
MIPS_INS_MOVF = 425
MIPS_INS_MOVN = 426
MIPS_INS_MOVT = 427
MIPS_INS_MOVZ = 428
MIPS_INS_MSUB = 429
MIPS_INS_MSUBF = 430
MIPS_INS_MSUBR_Q = 431
MIPS_INS_MSUBU = 432
MIPS_INS_MSUBV = 433
MIPS_INS_MSUB_Q = 434
MIPS_INS_MTC0 = 435
MIPS_INS_MTC1 = 436
MIPS_INS_MTC2 = 437
MIPS_INS_MTHC1 = 438
MIPS_INS_MTHI = 439
MIPS_INS_MTHLIP = 440
MIPS_INS_MTLO = 441
MIPS_INS_MTM0 = 442
MIPS_INS_MTM1 = 443
MIPS_INS_MTM2 = 444
MIPS_INS_MTP0 = 445
MIPS_INS_MTP1 = 446
MIPS_INS_MTP2 = 447
MIPS_INS_MUH = 448
MIPS_INS_MUHU = 449
MIPS_INS_MULEQ_S = 450
MIPS_INS_MULEU_S = 451
MIPS_INS_MULQ_RS = 452
MIPS_INS_MULQ_S = 453
MIPS_INS_MULR_Q = 454
MIPS_INS_MULSAQ_S = 455
MIPS_INS_MULSA = 456
MIPS_INS_MULT = 457
MIPS_INS_MULTU = 458
MIPS_INS_MULU = 459
MIPS_INS_MULV = 460
MIPS_INS_MUL_Q = 461
MIPS_INS_MUL_S = 462
MIPS_INS_NLOC = 463
MIPS_INS_NLZC = 464
MIPS_INS_NMADD = 465
MIPS_INS_NMSUB = 466
MIPS_INS_NOR = 467
MIPS_INS_NORI = 468
MIPS_INS_NOT16 = 469
MIPS_INS_NOT = 470
MIPS_INS_OR = 471
MIPS_INS_OR16 = 472
MIPS_INS_ORI = 473
MIPS_INS_PACKRL = 474
MIPS_INS_PAUSE = 475
MIPS_INS_PCKEV = 476
MIPS_INS_PCKOD = 477
MIPS_INS_PCNT = 478
MIPS_INS_PICK = 479
MIPS_INS_POP = 480
MIPS_INS_PRECEQU = 481
MIPS_INS_PRECEQ = 482
MIPS_INS_PRECEU = 483
MIPS_INS_PRECRQU_S = 484
MIPS_INS_PRECRQ = 485
MIPS_INS_PRECRQ_RS = 486
MIPS_INS_PRECR = 487
MIPS_INS_PRECR_SRA = 488
MIPS_INS_PRECR_SRA_R = 489
MIPS_INS_PREF = 490
MIPS_INS_PREPEND = 491
MIPS_INS_RADDU = 492
MIPS_INS_RDDSP = 493
MIPS_INS_RDHWR = 494
MIPS_INS_REPLV = 495
MIPS_INS_REPL = 496
MIPS_INS_RINT = 497
MIPS_INS_ROTR = 498
MIPS_INS_ROTRV = 499
MIPS_INS_ROUND = 500
MIPS_INS_SAT_S = 501
MIPS_INS_SAT_U = 502
MIPS_INS_SB = 503
MIPS_INS_SB16 = 504
MIPS_INS_SC = 505
MIPS_INS_SCD = 506
MIPS_INS_SD = 507
MIPS_INS_SDBBP = 508
MIPS_INS_SDBBP16 = 509
MIPS_INS_SDC1 = 510
MIPS_INS_SDC2 = 511
MIPS_INS_SDC3 = 512
MIPS_INS_SDL = 513
MIPS_INS_SDR = 514
MIPS_INS_SDXC1 = 515
MIPS_INS_SEB = 516
MIPS_INS_SEH = 517
MIPS_INS_SELEQZ = 518
MIPS_INS_SELNEZ = 519
MIPS_INS_SEL = 520
MIPS_INS_SEQ = 521
MIPS_INS_SEQI = 522
MIPS_INS_SH = 523
MIPS_INS_SH16 = 524
MIPS_INS_SHF = 525
MIPS_INS_SHILO = 526
MIPS_INS_SHILOV = 527
MIPS_INS_SHLLV = 528
MIPS_INS_SHLLV_S = 529
MIPS_INS_SHLL = 530
MIPS_INS_SHLL_S = 531
MIPS_INS_SHRAV = 532
MIPS_INS_SHRAV_R = 533
MIPS_INS_SHRA = 534
MIPS_INS_SHRA_R = 535
MIPS_INS_SHRLV = 536
MIPS_INS_SHRL = 537
MIPS_INS_SLDI = 538
MIPS_INS_SLD = 539
MIPS_INS_SLL = 540
MIPS_INS_SLL16 = 541
MIPS_INS_SLLI = 542
MIPS_INS_SLLV = 543
MIPS_INS_SLT = 544
MIPS_INS_SLTI = 545
MIPS_INS_SLTIU = 546
MIPS_INS_SLTU = 547
MIPS_INS_SNE = 548
MIPS_INS_SNEI = 549
MIPS_INS_SPLATI = 550
MIPS_INS_SPLAT = 551
MIPS_INS_SRA = 552
MIPS_INS_SRAI = 553
MIPS_INS_SRARI = 554
MIPS_INS_SRAR = 555
MIPS_INS_SRAV = 556
MIPS_INS_SRL = 557
MIPS_INS_SRL16 = 558
MIPS_INS_SRLI = 559
MIPS_INS_SRLRI = 560
MIPS_INS_SRLR = 561
MIPS_INS_SRLV = 562
MIPS_INS_SSNOP = 563
MIPS_INS_ST = 564
MIPS_INS_SUBQH = 565
MIPS_INS_SUBQH_R = 566
MIPS_INS_SUBQ = 567
MIPS_INS_SUBQ_S = 568
MIPS_INS_SUBSUS_U = 569
MIPS_INS_SUBSUU_S = 570
MIPS_INS_SUBS_S = 571
MIPS_INS_SUBS_U = 572
MIPS_INS_SUBU16 = 573
MIPS_INS_SUBUH = 574
MIPS_INS_SUBUH_R = 575
MIPS_INS_SUBU = 576
MIPS_INS_SUBU_S = 577
MIPS_INS_SUBVI = 578
MIPS_INS_SUBV = 579
MIPS_INS_SUXC1 = 580
MIPS_INS_SW = 581
MIPS_INS_SW16 = 582
MIPS_INS_SWC1 = 583
MIPS_INS_SWC2 = 584
MIPS_INS_SWC3 = 585
MIPS_INS_SWL = 586
MIPS_INS_SWM16 = 587
MIPS_INS_SWM32 = 588
MIPS_INS_SWP = 589
MIPS_INS_SWR = 590
MIPS_INS_SWXC1 = 591
MIPS_INS_SYNC = 592
MIPS_INS_SYNCI = 593
MIPS_INS_SYSCALL = 594
MIPS_INS_TEQ = 595
MIPS_INS_TEQI = 596
MIPS_INS_TGE = 597
MIPS_INS_TGEI = 598
MIPS_INS_TGEIU = 599
MIPS_INS_TGEU = 600
MIPS_INS_TLBP = 601
MIPS_INS_TLBR = 602
MIPS_INS_TLBWI = 603
MIPS_INS_TLBWR = 604
MIPS_INS_TLT = 605
MIPS_INS_TLTI = 606
MIPS_INS_TLTIU = 607
MIPS_INS_TLTU = 608
MIPS_INS_TNE = 609
MIPS_INS_TNEI = 610
MIPS_INS_TRUNC = 611
MIPS_INS_V3MULU = 612
MIPS_INS_VMM0 = 613
MIPS_INS_VMULU = 614
MIPS_INS_VSHF = 615
MIPS_INS_WAIT = 616
MIPS_INS_WRDSP = 617
MIPS_INS_WSBH = 618
MIPS_INS_XOR = 619
MIPS_INS_XOR16 = 620
MIPS_INS_XORI = 621
# some alias instructions
MIPS_INS_NOP = 622
MIPS_INS_NEGU = 623
# special instructions
MIPS_INS_JALR_HB = 624
MIPS_INS_JR_HB = 625
MIPS_INS_ENDING = 626
MIPS_GRP_INVALID = 0
MIPS_GRP_JUMP = 1
MIPS_GRP_CALL = 2
MIPS_GRP_RET = 3
MIPS_GRP_INT = 4
MIPS_GRP_IRET = 5
MIPS_GRP_PRIVILEGE = 6
MIPS_GRP_BRANCH_RELATIVE = 7
MIPS_GRP_BITCOUNT = 128
MIPS_GRP_DSP = 129
MIPS_GRP_DSPR2 = 130
MIPS_GRP_FPIDX = 131
MIPS_GRP_MSA = 132
MIPS_GRP_MIPS32R2 = 133
MIPS_GRP_MIPS64 = 134
MIPS_GRP_MIPS64R2 = 135
MIPS_GRP_SEINREG = 136
MIPS_GRP_STDENC = 137
MIPS_GRP_SWAP = 138
MIPS_GRP_MICROMIPS = 139
MIPS_GRP_MIPS16MODE = 140
MIPS_GRP_FP64BIT = 141
MIPS_GRP_NONANSFPMATH = 142
MIPS_GRP_NOTFP64BIT = 143
MIPS_GRP_NOTINMICROMIPS = 144
MIPS_GRP_NOTNACL = 145
MIPS_GRP_NOTMIPS32R6 = 146
MIPS_GRP_NOTMIPS64R6 = 147
MIPS_GRP_CNMIPS = 148
MIPS_GRP_MIPS32 = 149
MIPS_GRP_MIPS32R6 = 150
MIPS_GRP_MIPS64R6 = 151
MIPS_GRP_MIPS2 = 152
MIPS_GRP_MIPS3 = 153
MIPS_GRP_MIPS3_32 = 154
MIPS_GRP_MIPS3_32R2 = 155
MIPS_GRP_MIPS4_32 = 156
MIPS_GRP_MIPS4_32R2 = 157
MIPS_GRP_MIPS5_32R2 = 158
MIPS_GRP_GP32BIT = 159
MIPS_GRP_GP64BIT = 160
MIPS_GRP_ENDING = 161

45
white_patch_detect/capstone-master/bindings/python/capstone/mos65xx.py Normal file
View File

@@ -0,0 +1,45 @@
# Capstone Python bindings, by Nguyen Anh Quynnh <aquynh@gmail.com>
import ctypes
from . import copy_ctypes_list
from .mos65xx_const import *
# define the API
class MOS65xxOpValue(ctypes.Union):
_fields_ = (
('reg', ctypes.c_uint),
('imm', ctypes.c_uint8),
('mem', ctypes.c_uint16),
)
class MOS65xxOp(ctypes.Structure):
_fields_ = (
('type', ctypes.c_uint),
('value', MOS65xxOpValue),
)
@property
def imm(self):
return self.value.imm
@property
def reg(self):
return self.value.reg
@property
def mem(self):
return self.value.mem
class CsMOS65xx(ctypes.Structure):
_fields_ = (
('am', ctypes.c_uint),
('modifies_flags', ctypes.c_uint8),
('op_count', ctypes.c_uint8),
('operands', MOS65xxOp * 3),
)
def get_arch_info(a):
return (a.am, a.modifies_flags, copy_ctypes_list(a.operands[:a.op_count]))

96
white_patch_detect/capstone-master/bindings/python/capstone/mos65xx_const.py Normal file
View File

@@ -0,0 +1,96 @@
# For Capstone Engine. AUTO-GENERATED FILE, DO NOT EDIT [mos65xx_const.py]
MOS65XX_REG_INVALID = 0
MOS65XX_REG_ACC = 1
MOS65XX_REG_X = 2
MOS65XX_REG_Y = 3
MOS65XX_REG_P = 4
MOS65XX_REG_SP = 5
MOS65XX_REG_ENDING = 6
MOS65XX_AM_NONE = 0
MOS65XX_AM_IMP = 1
MOS65XX_AM_ACC = 2
MOS65XX_AM_ABS = 3
MOS65XX_AM_ZP = 4
MOS65XX_AM_IMM = 5
MOS65XX_AM_ABSX = 6
MOS65XX_AM_ABSY = 7
MOS65XX_AM_INDX = 8
MOS65XX_AM_INDY = 9
MOS65XX_AM_ZPX = 10
MOS65XX_AM_ZPY = 11
MOS65XX_AM_REL = 12
MOS65XX_AM_IND = 13
MOS65XX_INS_INVALID = 0
MOS65XX_INS_ADC = 1
MOS65XX_INS_AND = 2
MOS65XX_INS_ASL = 3
MOS65XX_INS_BCC = 4
MOS65XX_INS_BCS = 5
MOS65XX_INS_BEQ = 6
MOS65XX_INS_BIT = 7
MOS65XX_INS_BMI = 8
MOS65XX_INS_BNE = 9
MOS65XX_INS_BPL = 10
MOS65XX_INS_BRK = 11
MOS65XX_INS_BVC = 12
MOS65XX_INS_BVS = 13
MOS65XX_INS_CLC = 14
MOS65XX_INS_CLD = 15
MOS65XX_INS_CLI = 16
MOS65XX_INS_CLV = 17
MOS65XX_INS_CMP = 18
MOS65XX_INS_CPX = 19
MOS65XX_INS_CPY = 20
MOS65XX_INS_DEC = 21
MOS65XX_INS_DEX = 22
MOS65XX_INS_DEY = 23
MOS65XX_INS_EOR = 24
MOS65XX_INS_INC = 25
MOS65XX_INS_INX = 26
MOS65XX_INS_INY = 27
MOS65XX_INS_JMP = 28
MOS65XX_INS_JSR = 29
MOS65XX_INS_LDA = 30
MOS65XX_INS_LDX = 31
MOS65XX_INS_LDY = 32
MOS65XX_INS_LSR = 33
MOS65XX_INS_NOP = 34
MOS65XX_INS_ORA = 35
MOS65XX_INS_PHA = 36
MOS65XX_INS_PLA = 37
MOS65XX_INS_PHP = 38
MOS65XX_INS_PLP = 39
MOS65XX_INS_ROL = 40
MOS65XX_INS_ROR = 41
MOS65XX_INS_RTI = 42
MOS65XX_INS_RTS = 43
MOS65XX_INS_SBC = 44
MOS65XX_INS_SEC = 45
MOS65XX_INS_SED = 46
MOS65XX_INS_SEI = 47
MOS65XX_INS_STA = 48
MOS65XX_INS_STX = 49
MOS65XX_INS_STY = 50
MOS65XX_INS_TAX = 51
MOS65XX_INS_TAY = 52
MOS65XX_INS_TSX = 53
MOS65XX_INS_TXA = 54
MOS65XX_INS_TXS = 55
MOS65XX_INS_TYA = 56
MOS65XX_INS_ENDING = 57
MOS65XX_GRP_INVALID = 0
MOS65XX_GRP_JUMP = 1
MOS65XX_GRP_CALL = 2
MOS65XX_GRP_RET = 3
MOS65XX_GRP_IRET = 5
MOS65XX_GRP_BRANCH_RELATIVE = 6
MOS65XX_GRP_ENDING = 7
MOS65XX_OP_INVALID = 0
MOS65XX_OP_REG = 1
MOS65XX_OP_IMM = 2
MOS65XX_OP_MEM = 3

63
white_patch_detect/capstone-master/bindings/python/capstone/ppc.py Normal file
View File

@@ -0,0 +1,63 @@
# Capstone Python bindings, by Nguyen Anh Quynnh <aquynh@gmail.com>
import ctypes
from . import copy_ctypes_list
from .ppc_const import *
# define the API
class PpcOpMem(ctypes.Structure):
_fields_ = (
('base', ctypes.c_uint),
('disp', ctypes.c_int32),
)
class PpcOpCrx(ctypes.Structure):
_fields_ = (
('scale', ctypes.c_uint),
('reg', ctypes.c_uint),
('cond', ctypes.c_uint),
)
class PpcOpValue(ctypes.Union):
_fields_ = (
('reg', ctypes.c_uint),
('imm', ctypes.c_int64),
('mem', PpcOpMem),
('crx', PpcOpCrx),
)
class PpcOp(ctypes.Structure):
_fields_ = (
('type', ctypes.c_uint),
('value', PpcOpValue),
)
@property
def imm(self):
return self.value.imm
@property
def reg(self):
return self.value.reg
@property
def mem(self):
return self.value.mem
@property
def crx(self):
return self.value.crx
class CsPpc(ctypes.Structure):
_fields_ = (
('bc', ctypes.c_uint),
('bh', ctypes.c_uint),
('update_cr0', ctypes.c_bool),
('op_count', ctypes.c_uint8),
('operands', PpcOp * 8),
)
def get_arch_info(a):
return (a.bc, a.bh, a.update_cr0, copy_ctypes_list(a.operands[:a.op_count]))

1365
white_patch_detect/capstone-master/bindings/python/capstone/ppc_const.py Normal file
View File

File diff suppressed because it is too large Load Diff

51
white_patch_detect/capstone-master/bindings/python/capstone/sparc.py Normal file
View File

@@ -0,0 +1,51 @@
# Capstone Python bindings, by Nguyen Anh Quynnh <aquynh@gmail.com>
import ctypes
from . import copy_ctypes_list
from .sparc_const import *
# define the API
class SparcOpMem(ctypes.Structure):
_fields_ = (
('base', ctypes.c_uint8),
('index', ctypes.c_uint8),
('disp', ctypes.c_int32),
)
class SparcOpValue(ctypes.Union):
_fields_ = (
('reg', ctypes.c_uint),
('imm', ctypes.c_int64),
('mem', SparcOpMem),
)
class SparcOp(ctypes.Structure):
_fields_ = (
('type', ctypes.c_uint),
('value', SparcOpValue),
)
@property
def imm(self):
return self.value.imm
@property
def reg(self):
return self.value.reg
@property
def mem(self):
return self.value.mem
class CsSparc(ctypes.Structure):
_fields_ = (
('cc', ctypes.c_uint),
('hint', ctypes.c_uint),
('op_count', ctypes.c_uint8),
('operands', SparcOp * 4),
)
def get_arch_info(a):
return (a.cc, a.hint, copy_ctypes_list(a.operands[:a.op_count]))

429
white_patch_detect/capstone-master/bindings/python/capstone/sparc_const.py Normal file
View File

@@ -0,0 +1,429 @@
# For Capstone Engine. AUTO-GENERATED FILE, DO NOT EDIT [sparc_const.py]
SPARC_CC_INVALID = 0
SPARC_CC_ICC_A = 8+256
SPARC_CC_ICC_N = 0+256
SPARC_CC_ICC_NE = 9+256
SPARC_CC_ICC_E = 1+256
SPARC_CC_ICC_G = 10+256
SPARC_CC_ICC_LE = 2+256
SPARC_CC_ICC_GE = 11+256
SPARC_CC_ICC_L = 3+256
SPARC_CC_ICC_GU = 12+256
SPARC_CC_ICC_LEU = 4+256
SPARC_CC_ICC_CC = 13+256
SPARC_CC_ICC_CS = 5+256
SPARC_CC_ICC_POS = 14+256
SPARC_CC_ICC_NEG = 6+256
SPARC_CC_ICC_VC = 15+256
SPARC_CC_ICC_VS = 7+256
SPARC_CC_FCC_A = 8+16+256
SPARC_CC_FCC_N = 0+16+256
SPARC_CC_FCC_U = 7+16+256
SPARC_CC_FCC_G = 6+16+256
SPARC_CC_FCC_UG = 5+16+256
SPARC_CC_FCC_L = 4+16+256
SPARC_CC_FCC_UL = 3+16+256
SPARC_CC_FCC_LG = 2+16+256
SPARC_CC_FCC_NE = 1+16+256
SPARC_CC_FCC_E = 9+16+256
SPARC_CC_FCC_UE = 10+16+256
SPARC_CC_FCC_GE = 11+16+256
SPARC_CC_FCC_UGE = 12+16+256
SPARC_CC_FCC_LE = 13+16+256
SPARC_CC_FCC_ULE = 14+16+256
SPARC_CC_FCC_O = 15+16+256
SPARC_HINT_INVALID = 0
SPARC_HINT_A = 1<<0
SPARC_HINT_PT = 1<<1
SPARC_HINT_PN = 1<<2
SPARC_OP_INVALID = 0
SPARC_OP_REG = 1
SPARC_OP_IMM = 2
SPARC_OP_MEM = 3
SPARC_REG_INVALID = 0
SPARC_REG_F0 = 1
SPARC_REG_F1 = 2
SPARC_REG_F2 = 3
SPARC_REG_F3 = 4
SPARC_REG_F4 = 5
SPARC_REG_F5 = 6
SPARC_REG_F6 = 7
SPARC_REG_F7 = 8
SPARC_REG_F8 = 9
SPARC_REG_F9 = 10
SPARC_REG_F10 = 11
SPARC_REG_F11 = 12
SPARC_REG_F12 = 13
SPARC_REG_F13 = 14
SPARC_REG_F14 = 15
SPARC_REG_F15 = 16
SPARC_REG_F16 = 17
SPARC_REG_F17 = 18
SPARC_REG_F18 = 19
SPARC_REG_F19 = 20
SPARC_REG_F20 = 21
SPARC_REG_F21 = 22
SPARC_REG_F22 = 23
SPARC_REG_F23 = 24
SPARC_REG_F24 = 25
SPARC_REG_F25 = 26
SPARC_REG_F26 = 27
SPARC_REG_F27 = 28
SPARC_REG_F28 = 29
SPARC_REG_F29 = 30
SPARC_REG_F30 = 31
SPARC_REG_F31 = 32
SPARC_REG_F32 = 33
SPARC_REG_F34 = 34
SPARC_REG_F36 = 35
SPARC_REG_F38 = 36
SPARC_REG_F40 = 37
SPARC_REG_F42 = 38
SPARC_REG_F44 = 39
SPARC_REG_F46 = 40
SPARC_REG_F48 = 41
SPARC_REG_F50 = 42
SPARC_REG_F52 = 43
SPARC_REG_F54 = 44
SPARC_REG_F56 = 45
SPARC_REG_F58 = 46
SPARC_REG_F60 = 47
SPARC_REG_F62 = 48
SPARC_REG_FCC0 = 49
SPARC_REG_FCC1 = 50
SPARC_REG_FCC2 = 51
SPARC_REG_FCC3 = 52
SPARC_REG_FP = 53
SPARC_REG_G0 = 54
SPARC_REG_G1 = 55
SPARC_REG_G2 = 56
SPARC_REG_G3 = 57
SPARC_REG_G4 = 58
SPARC_REG_G5 = 59
SPARC_REG_G6 = 60
SPARC_REG_G7 = 61
SPARC_REG_I0 = 62
SPARC_REG_I1 = 63
SPARC_REG_I2 = 64
SPARC_REG_I3 = 65
SPARC_REG_I4 = 66
SPARC_REG_I5 = 67
SPARC_REG_I7 = 68
SPARC_REG_ICC = 69
SPARC_REG_L0 = 70
SPARC_REG_L1 = 71
SPARC_REG_L2 = 72
SPARC_REG_L3 = 73
SPARC_REG_L4 = 74
SPARC_REG_L5 = 75
SPARC_REG_L6 = 76
SPARC_REG_L7 = 77
SPARC_REG_O0 = 78
SPARC_REG_O1 = 79
SPARC_REG_O2 = 80
SPARC_REG_O3 = 81
SPARC_REG_O4 = 82
SPARC_REG_O5 = 83
SPARC_REG_O7 = 84
SPARC_REG_SP = 85
SPARC_REG_Y = 86
SPARC_REG_XCC = 87
SPARC_REG_ENDING = 88
SPARC_REG_O6 = SPARC_REG_SP
SPARC_REG_I6 = SPARC_REG_FP
SPARC_INS_INVALID = 0
SPARC_INS_ADDCC = 1
SPARC_INS_ADDX = 2
SPARC_INS_ADDXCC = 3
SPARC_INS_ADDXC = 4
SPARC_INS_ADDXCCC = 5
SPARC_INS_ADD = 6
SPARC_INS_ALIGNADDR = 7
SPARC_INS_ALIGNADDRL = 8
SPARC_INS_ANDCC = 9
SPARC_INS_ANDNCC = 10
SPARC_INS_ANDN = 11
SPARC_INS_AND = 12
SPARC_INS_ARRAY16 = 13
SPARC_INS_ARRAY32 = 14
SPARC_INS_ARRAY8 = 15
SPARC_INS_B = 16
SPARC_INS_JMP = 17
SPARC_INS_BMASK = 18
SPARC_INS_FB = 19
SPARC_INS_BRGEZ = 20
SPARC_INS_BRGZ = 21
SPARC_INS_BRLEZ = 22
SPARC_INS_BRLZ = 23
SPARC_INS_BRNZ = 24
SPARC_INS_BRZ = 25
SPARC_INS_BSHUFFLE = 26
SPARC_INS_CALL = 27
SPARC_INS_CASX = 28
SPARC_INS_CAS = 29
SPARC_INS_CMASK16 = 30
SPARC_INS_CMASK32 = 31
SPARC_INS_CMASK8 = 32
SPARC_INS_CMP = 33
SPARC_INS_EDGE16 = 34
SPARC_INS_EDGE16L = 35
SPARC_INS_EDGE16LN = 36
SPARC_INS_EDGE16N = 37
SPARC_INS_EDGE32 = 38
SPARC_INS_EDGE32L = 39
SPARC_INS_EDGE32LN = 40
SPARC_INS_EDGE32N = 41
SPARC_INS_EDGE8 = 42
SPARC_INS_EDGE8L = 43
SPARC_INS_EDGE8LN = 44
SPARC_INS_EDGE8N = 45
SPARC_INS_FABSD = 46
SPARC_INS_FABSQ = 47
SPARC_INS_FABSS = 48
SPARC_INS_FADDD = 49
SPARC_INS_FADDQ = 50
SPARC_INS_FADDS = 51
SPARC_INS_FALIGNDATA = 52
SPARC_INS_FAND = 53
SPARC_INS_FANDNOT1 = 54
SPARC_INS_FANDNOT1S = 55
SPARC_INS_FANDNOT2 = 56
SPARC_INS_FANDNOT2S = 57
SPARC_INS_FANDS = 58
SPARC_INS_FCHKSM16 = 59
SPARC_INS_FCMPD = 60
SPARC_INS_FCMPEQ16 = 61
SPARC_INS_FCMPEQ32 = 62
SPARC_INS_FCMPGT16 = 63
SPARC_INS_FCMPGT32 = 64
SPARC_INS_FCMPLE16 = 65
SPARC_INS_FCMPLE32 = 66
SPARC_INS_FCMPNE16 = 67
SPARC_INS_FCMPNE32 = 68
SPARC_INS_FCMPQ = 69
SPARC_INS_FCMPS = 70
SPARC_INS_FDIVD = 71
SPARC_INS_FDIVQ = 72
SPARC_INS_FDIVS = 73
SPARC_INS_FDMULQ = 74
SPARC_INS_FDTOI = 75
SPARC_INS_FDTOQ = 76
SPARC_INS_FDTOS = 77
SPARC_INS_FDTOX = 78
SPARC_INS_FEXPAND = 79
SPARC_INS_FHADDD = 80
SPARC_INS_FHADDS = 81
SPARC_INS_FHSUBD = 82
SPARC_INS_FHSUBS = 83
SPARC_INS_FITOD = 84
SPARC_INS_FITOQ = 85
SPARC_INS_FITOS = 86
SPARC_INS_FLCMPD = 87
SPARC_INS_FLCMPS = 88
SPARC_INS_FLUSHW = 89
SPARC_INS_FMEAN16 = 90
SPARC_INS_FMOVD = 91
SPARC_INS_FMOVQ = 92
SPARC_INS_FMOVRDGEZ = 93
SPARC_INS_FMOVRQGEZ = 94
SPARC_INS_FMOVRSGEZ = 95
SPARC_INS_FMOVRDGZ = 96
SPARC_INS_FMOVRQGZ = 97
SPARC_INS_FMOVRSGZ = 98
SPARC_INS_FMOVRDLEZ = 99
SPARC_INS_FMOVRQLEZ = 100
SPARC_INS_FMOVRSLEZ = 101
SPARC_INS_FMOVRDLZ = 102
SPARC_INS_FMOVRQLZ = 103
SPARC_INS_FMOVRSLZ = 104
SPARC_INS_FMOVRDNZ = 105
SPARC_INS_FMOVRQNZ = 106
SPARC_INS_FMOVRSNZ = 107
SPARC_INS_FMOVRDZ = 108
SPARC_INS_FMOVRQZ = 109
SPARC_INS_FMOVRSZ = 110
SPARC_INS_FMOVS = 111
SPARC_INS_FMUL8SUX16 = 112
SPARC_INS_FMUL8ULX16 = 113
SPARC_INS_FMUL8X16 = 114
SPARC_INS_FMUL8X16AL = 115
SPARC_INS_FMUL8X16AU = 116
SPARC_INS_FMULD = 117
SPARC_INS_FMULD8SUX16 = 118
SPARC_INS_FMULD8ULX16 = 119
SPARC_INS_FMULQ = 120
SPARC_INS_FMULS = 121
SPARC_INS_FNADDD = 122
SPARC_INS_FNADDS = 123
SPARC_INS_FNAND = 124
SPARC_INS_FNANDS = 125
SPARC_INS_FNEGD = 126
SPARC_INS_FNEGQ = 127
SPARC_INS_FNEGS = 128
SPARC_INS_FNHADDD = 129
SPARC_INS_FNHADDS = 130
SPARC_INS_FNOR = 131
SPARC_INS_FNORS = 132
SPARC_INS_FNOT1 = 133
SPARC_INS_FNOT1S = 134
SPARC_INS_FNOT2 = 135
SPARC_INS_FNOT2S = 136
SPARC_INS_FONE = 137
SPARC_INS_FONES = 138
SPARC_INS_FOR = 139
SPARC_INS_FORNOT1 = 140
SPARC_INS_FORNOT1S = 141
SPARC_INS_FORNOT2 = 142
SPARC_INS_FORNOT2S = 143
SPARC_INS_FORS = 144
SPARC_INS_FPACK16 = 145
SPARC_INS_FPACK32 = 146
SPARC_INS_FPACKFIX = 147
SPARC_INS_FPADD16 = 148
SPARC_INS_FPADD16S = 149
SPARC_INS_FPADD32 = 150
SPARC_INS_FPADD32S = 151
SPARC_INS_FPADD64 = 152
SPARC_INS_FPMERGE = 153
SPARC_INS_FPSUB16 = 154
SPARC_INS_FPSUB16S = 155
SPARC_INS_FPSUB32 = 156
SPARC_INS_FPSUB32S = 157
SPARC_INS_FQTOD = 158
SPARC_INS_FQTOI = 159
SPARC_INS_FQTOS = 160
SPARC_INS_FQTOX = 161
SPARC_INS_FSLAS16 = 162
SPARC_INS_FSLAS32 = 163
SPARC_INS_FSLL16 = 164
SPARC_INS_FSLL32 = 165
SPARC_INS_FSMULD = 166
SPARC_INS_FSQRTD = 167
SPARC_INS_FSQRTQ = 168
SPARC_INS_FSQRTS = 169
SPARC_INS_FSRA16 = 170
SPARC_INS_FSRA32 = 171
SPARC_INS_FSRC1 = 172
SPARC_INS_FSRC1S = 173
SPARC_INS_FSRC2 = 174
SPARC_INS_FSRC2S = 175
SPARC_INS_FSRL16 = 176
SPARC_INS_FSRL32 = 177
SPARC_INS_FSTOD = 178
SPARC_INS_FSTOI = 179
SPARC_INS_FSTOQ = 180
SPARC_INS_FSTOX = 181
SPARC_INS_FSUBD = 182
SPARC_INS_FSUBQ = 183
SPARC_INS_FSUBS = 184
SPARC_INS_FXNOR = 185
SPARC_INS_FXNORS = 186
SPARC_INS_FXOR = 187
SPARC_INS_FXORS = 188
SPARC_INS_FXTOD = 189
SPARC_INS_FXTOQ = 190
SPARC_INS_FXTOS = 191
SPARC_INS_FZERO = 192
SPARC_INS_FZEROS = 193
SPARC_INS_JMPL = 194
SPARC_INS_LDD = 195
SPARC_INS_LD = 196
SPARC_INS_LDQ = 197
SPARC_INS_LDSB = 198
SPARC_INS_LDSH = 199
SPARC_INS_LDSW = 200
SPARC_INS_LDUB = 201
SPARC_INS_LDUH = 202
SPARC_INS_LDX = 203
SPARC_INS_LZCNT = 204
SPARC_INS_MEMBAR = 205
SPARC_INS_MOVDTOX = 206
SPARC_INS_MOV = 207
SPARC_INS_MOVRGEZ = 208
SPARC_INS_MOVRGZ = 209
SPARC_INS_MOVRLEZ = 210
SPARC_INS_MOVRLZ = 211
SPARC_INS_MOVRNZ = 212
SPARC_INS_MOVRZ = 213
SPARC_INS_MOVSTOSW = 214
SPARC_INS_MOVSTOUW = 215
SPARC_INS_MULX = 216
SPARC_INS_NOP = 217
SPARC_INS_ORCC = 218
SPARC_INS_ORNCC = 219
SPARC_INS_ORN = 220
SPARC_INS_OR = 221
SPARC_INS_PDIST = 222
SPARC_INS_PDISTN = 223
SPARC_INS_POPC = 224
SPARC_INS_RD = 225
SPARC_INS_RESTORE = 226
SPARC_INS_RETT = 227
SPARC_INS_SAVE = 228
SPARC_INS_SDIVCC = 229
SPARC_INS_SDIVX = 230
SPARC_INS_SDIV = 231
SPARC_INS_SETHI = 232
SPARC_INS_SHUTDOWN = 233
SPARC_INS_SIAM = 234
SPARC_INS_SLLX = 235
SPARC_INS_SLL = 236
SPARC_INS_SMULCC = 237
SPARC_INS_SMUL = 238
SPARC_INS_SRAX = 239
SPARC_INS_SRA = 240
SPARC_INS_SRLX = 241
SPARC_INS_SRL = 242
SPARC_INS_STBAR = 243
SPARC_INS_STB = 244
SPARC_INS_STD = 245
SPARC_INS_ST = 246
SPARC_INS_STH = 247
SPARC_INS_STQ = 248
SPARC_INS_STX = 249
SPARC_INS_SUBCC = 250
SPARC_INS_SUBX = 251
SPARC_INS_SUBXCC = 252
SPARC_INS_SUB = 253
SPARC_INS_SWAP = 254
SPARC_INS_TADDCCTV = 255
SPARC_INS_TADDCC = 256
SPARC_INS_T = 257
SPARC_INS_TSUBCCTV = 258
SPARC_INS_TSUBCC = 259
SPARC_INS_UDIVCC = 260
SPARC_INS_UDIVX = 261
SPARC_INS_UDIV = 262
SPARC_INS_UMULCC = 263
SPARC_INS_UMULXHI = 264
SPARC_INS_UMUL = 265
SPARC_INS_UNIMP = 266
SPARC_INS_FCMPED = 267
SPARC_INS_FCMPEQ = 268
SPARC_INS_FCMPES = 269
SPARC_INS_WR = 270
SPARC_INS_XMULX = 271
SPARC_INS_XMULXHI = 272
SPARC_INS_XNORCC = 273
SPARC_INS_XNOR = 274
SPARC_INS_XORCC = 275
SPARC_INS_XOR = 276
SPARC_INS_RET = 277
SPARC_INS_RETL = 278
SPARC_INS_ENDING = 279
SPARC_GRP_INVALID = 0
SPARC_GRP_JUMP = 1
SPARC_GRP_HARDQUAD = 128
SPARC_GRP_V9 = 129
SPARC_GRP_VIS = 130
SPARC_GRP_VIS2 = 131
SPARC_GRP_VIS3 = 132
SPARC_GRP_32BIT = 133
SPARC_GRP_64BIT = 134
SPARC_GRP_ENDING = 135

51
white_patch_detect/capstone-master/bindings/python/capstone/systemz.py Normal file
View File

@@ -0,0 +1,51 @@
# Capstone Python bindings, by Nguyen Anh Quynnh <aquynh@gmail.com>
import ctypes
from . import copy_ctypes_list
from .sysz_const import *
# define the API
class SyszOpMem(ctypes.Structure):
_fields_ = (
('base', ctypes.c_uint8),
('index', ctypes.c_uint8),
('length', ctypes.c_uint64),
('disp', ctypes.c_int64),
)
class SyszOpValue(ctypes.Union):
_fields_ = (
('reg', ctypes.c_uint),
('imm', ctypes.c_int64),
('mem', SyszOpMem),
)
class SyszOp(ctypes.Structure):
_fields_ = (
('type', ctypes.c_uint),
('value', SyszOpValue),
)
@property
def imm(self):
return self.value.imm
@property
def reg(self):
return self.value.reg
@property
def mem(self):
return self.value.mem
class CsSysz(ctypes.Structure):
_fields_ = (
('cc', ctypes.c_uint),
('op_count', ctypes.c_uint8),
('operands', SyszOp * 6),
)
def get_arch_info(a):
return (a.cc, copy_ctypes_list(a.operands[:a.op_count]))

2523
white_patch_detect/capstone-master/bindings/python/capstone/sysz_const.py Normal file
View File

File diff suppressed because it is too large Load Diff

66
white_patch_detect/capstone-master/bindings/python/capstone/tms320c64x.py Normal file
View File

@@ -0,0 +1,66 @@
# Capstone Python bindings, by Fotis Loukos <me@fotisl.com>
import ctypes, copy
from .tms320c64x_const import *
# define the API
class TMS320C64xOpMem(ctypes.Structure):
_fields_ = (
('base', ctypes.c_int),
('disp', ctypes.c_int),
('unit', ctypes.c_int),
('scaled', ctypes.c_int),
('disptype', ctypes.c_int),
('direction', ctypes.c_int),
('modify', ctypes.c_int),
)
class TMS320C64xOpValue(ctypes.Union):
_fields_ = (
('reg', ctypes.c_uint),
('imm', ctypes.c_int32),
('mem', TMS320C64xOpMem),
)
class TMS320C64xCondition(ctypes.Structure):
_fields_ = (
('reg', ctypes.c_uint),
('zero', ctypes.c_uint),
)
class TMS320C64xFunctionalUnit(ctypes.Structure):
_fields_ = (
('unit', ctypes.c_uint),
('side', ctypes.c_uint),
('crosspath', ctypes.c_uint),
)
class TMS320C64xOp(ctypes.Structure):
_fields_ = (
('type', ctypes.c_uint),
('value', TMS320C64xOpValue),
)
@property
def imm(self):
return self.value.imm
@property
def reg(self):
return self.value.reg
@property
def mem(self):
return self.value.mem
class CsTMS320C64x(ctypes.Structure):
_fields_ = (
('op_count', ctypes.c_uint8),
('operands', TMS320C64xOp * 8),
('condition', TMS320C64xCondition),
('funit', TMS320C64xFunctionalUnit),
('parallel', ctypes.c_uint),
)
def get_arch_info(a):
return (a.condition, a.funit, a.parallel, copy.deepcopy(a.operands[:a.op_count]))

277
white_patch_detect/capstone-master/bindings/python/capstone/tms320c64x_const.py Normal file
View File

@@ -0,0 +1,277 @@
# For Capstone Engine. AUTO-GENERATED FILE, DO NOT EDIT [tms320c64x_const.py]
TMS320C64X_OP_INVALID = 0
TMS320C64X_OP_REG = 1
TMS320C64X_OP_IMM = 2
TMS320C64X_OP_MEM = 3
TMS320C64X_OP_REGPAIR = 64
TMS320C64X_MEM_DISP_INVALID = 0
TMS320C64X_MEM_DISP_CONSTANT = 1
TMS320C64X_MEM_DISP_REGISTER = 2
TMS320C64X_MEM_DIR_INVALID = 0
TMS320C64X_MEM_DIR_FW = 1
TMS320C64X_MEM_DIR_BW = 2
TMS320C64X_MEM_MOD_INVALID = 0
TMS320C64X_MEM_MOD_NO = 1
TMS320C64X_MEM_MOD_PRE = 2
TMS320C64X_MEM_MOD_POST = 3
TMS320C64X_REG_INVALID = 0
TMS320C64X_REG_AMR = 1
TMS320C64X_REG_CSR = 2
TMS320C64X_REG_DIER = 3
TMS320C64X_REG_DNUM = 4
TMS320C64X_REG_ECR = 5
TMS320C64X_REG_GFPGFR = 6
TMS320C64X_REG_GPLYA = 7
TMS320C64X_REG_GPLYB = 8
TMS320C64X_REG_ICR = 9
TMS320C64X_REG_IER = 10
TMS320C64X_REG_IERR = 11
TMS320C64X_REG_ILC = 12
TMS320C64X_REG_IRP = 13
TMS320C64X_REG_ISR = 14
TMS320C64X_REG_ISTP = 15
TMS320C64X_REG_ITSR = 16
TMS320C64X_REG_NRP = 17
TMS320C64X_REG_NTSR = 18
TMS320C64X_REG_REP = 19
TMS320C64X_REG_RILC = 20
TMS320C64X_REG_SSR = 21
TMS320C64X_REG_TSCH = 22
TMS320C64X_REG_TSCL = 23
TMS320C64X_REG_TSR = 24
TMS320C64X_REG_A0 = 25
TMS320C64X_REG_A1 = 26
TMS320C64X_REG_A2 = 27
TMS320C64X_REG_A3 = 28
TMS320C64X_REG_A4 = 29
TMS320C64X_REG_A5 = 30
TMS320C64X_REG_A6 = 31
TMS320C64X_REG_A7 = 32
TMS320C64X_REG_A8 = 33
TMS320C64X_REG_A9 = 34
TMS320C64X_REG_A10 = 35
TMS320C64X_REG_A11 = 36
TMS320C64X_REG_A12 = 37
TMS320C64X_REG_A13 = 38
TMS320C64X_REG_A14 = 39
TMS320C64X_REG_A15 = 40
TMS320C64X_REG_A16 = 41
TMS320C64X_REG_A17 = 42
TMS320C64X_REG_A18 = 43
TMS320C64X_REG_A19 = 44
TMS320C64X_REG_A20 = 45
TMS320C64X_REG_A21 = 46
TMS320C64X_REG_A22 = 47
TMS320C64X_REG_A23 = 48
TMS320C64X_REG_A24 = 49
TMS320C64X_REG_A25 = 50
TMS320C64X_REG_A26 = 51
TMS320C64X_REG_A27 = 52
TMS320C64X_REG_A28 = 53
TMS320C64X_REG_A29 = 54
TMS320C64X_REG_A30 = 55
TMS320C64X_REG_A31 = 56
TMS320C64X_REG_B0 = 57
TMS320C64X_REG_B1 = 58
TMS320C64X_REG_B2 = 59
TMS320C64X_REG_B3 = 60
TMS320C64X_REG_B4 = 61
TMS320C64X_REG_B5 = 62
TMS320C64X_REG_B6 = 63
TMS320C64X_REG_B7 = 64
TMS320C64X_REG_B8 = 65
TMS320C64X_REG_B9 = 66
TMS320C64X_REG_B10 = 67
TMS320C64X_REG_B11 = 68
TMS320C64X_REG_B12 = 69
TMS320C64X_REG_B13 = 70
TMS320C64X_REG_B14 = 71
TMS320C64X_REG_B15 = 72
TMS320C64X_REG_B16 = 73
TMS320C64X_REG_B17 = 74
TMS320C64X_REG_B18 = 75
TMS320C64X_REG_B19 = 76
TMS320C64X_REG_B20 = 77
TMS320C64X_REG_B21 = 78
TMS320C64X_REG_B22 = 79
TMS320C64X_REG_B23 = 80
TMS320C64X_REG_B24 = 81
TMS320C64X_REG_B25 = 82
TMS320C64X_REG_B26 = 83
TMS320C64X_REG_B27 = 84
TMS320C64X_REG_B28 = 85
TMS320C64X_REG_B29 = 86
TMS320C64X_REG_B30 = 87
TMS320C64X_REG_B31 = 88
TMS320C64X_REG_PCE1 = 89
TMS320C64X_REG_ENDING = 90
TMS320C64X_REG_EFR = TMS320C64X_REG_ECR
TMS320C64X_REG_IFR = TMS320C64X_REG_ISR
TMS320C64X_INS_INVALID = 0
TMS320C64X_INS_ABS = 1
TMS320C64X_INS_ABS2 = 2
TMS320C64X_INS_ADD = 3
TMS320C64X_INS_ADD2 = 4
TMS320C64X_INS_ADD4 = 5
TMS320C64X_INS_ADDAB = 6
TMS320C64X_INS_ADDAD = 7
TMS320C64X_INS_ADDAH = 8
TMS320C64X_INS_ADDAW = 9
TMS320C64X_INS_ADDK = 10
TMS320C64X_INS_ADDKPC = 11
TMS320C64X_INS_ADDU = 12
TMS320C64X_INS_AND = 13
TMS320C64X_INS_ANDN = 14
TMS320C64X_INS_AVG2 = 15
TMS320C64X_INS_AVGU4 = 16
TMS320C64X_INS_B = 17
TMS320C64X_INS_BDEC = 18
TMS320C64X_INS_BITC4 = 19
TMS320C64X_INS_BNOP = 20
TMS320C64X_INS_BPOS = 21
TMS320C64X_INS_CLR = 22
TMS320C64X_INS_CMPEQ = 23
TMS320C64X_INS_CMPEQ2 = 24
TMS320C64X_INS_CMPEQ4 = 25
TMS320C64X_INS_CMPGT = 26
TMS320C64X_INS_CMPGT2 = 27
TMS320C64X_INS_CMPGTU4 = 28
TMS320C64X_INS_CMPLT = 29
TMS320C64X_INS_CMPLTU = 30
TMS320C64X_INS_DEAL = 31
TMS320C64X_INS_DOTP2 = 32
TMS320C64X_INS_DOTPN2 = 33
TMS320C64X_INS_DOTPNRSU2 = 34
TMS320C64X_INS_DOTPRSU2 = 35
TMS320C64X_INS_DOTPSU4 = 36
TMS320C64X_INS_DOTPU4 = 37
TMS320C64X_INS_EXT = 38
TMS320C64X_INS_EXTU = 39
TMS320C64X_INS_GMPGTU = 40
TMS320C64X_INS_GMPY4 = 41
TMS320C64X_INS_LDB = 42
TMS320C64X_INS_LDBU = 43
TMS320C64X_INS_LDDW = 44
TMS320C64X_INS_LDH = 45
TMS320C64X_INS_LDHU = 46
TMS320C64X_INS_LDNDW = 47
TMS320C64X_INS_LDNW = 48
TMS320C64X_INS_LDW = 49
TMS320C64X_INS_LMBD = 50
TMS320C64X_INS_MAX2 = 51
TMS320C64X_INS_MAXU4 = 52
TMS320C64X_INS_MIN2 = 53
TMS320C64X_INS_MINU4 = 54
TMS320C64X_INS_MPY = 55
TMS320C64X_INS_MPY2 = 56
TMS320C64X_INS_MPYH = 57
TMS320C64X_INS_MPYHI = 58
TMS320C64X_INS_MPYHIR = 59
TMS320C64X_INS_MPYHL = 60
TMS320C64X_INS_MPYHLU = 61
TMS320C64X_INS_MPYHSLU = 62
TMS320C64X_INS_MPYHSU = 63
TMS320C64X_INS_MPYHU = 64
TMS320C64X_INS_MPYHULS = 65
TMS320C64X_INS_MPYHUS = 66
TMS320C64X_INS_MPYLH = 67
TMS320C64X_INS_MPYLHU = 68
TMS320C64X_INS_MPYLI = 69
TMS320C64X_INS_MPYLIR = 70
TMS320C64X_INS_MPYLSHU = 71
TMS320C64X_INS_MPYLUHS = 72
TMS320C64X_INS_MPYSU = 73
TMS320C64X_INS_MPYSU4 = 74
TMS320C64X_INS_MPYU = 75
TMS320C64X_INS_MPYU4 = 76
TMS320C64X_INS_MPYUS = 77
TMS320C64X_INS_MVC = 78
TMS320C64X_INS_MVD = 79
TMS320C64X_INS_MVK = 80
TMS320C64X_INS_MVKL = 81
TMS320C64X_INS_MVKLH = 82
TMS320C64X_INS_NOP = 83
TMS320C64X_INS_NORM = 84
TMS320C64X_INS_OR = 85
TMS320C64X_INS_PACK2 = 86
TMS320C64X_INS_PACKH2 = 87
TMS320C64X_INS_PACKH4 = 88
TMS320C64X_INS_PACKHL2 = 89
TMS320C64X_INS_PACKL4 = 90
TMS320C64X_INS_PACKLH2 = 91
TMS320C64X_INS_ROTL = 92
TMS320C64X_INS_SADD = 93
TMS320C64X_INS_SADD2 = 94
TMS320C64X_INS_SADDU4 = 95
TMS320C64X_INS_SADDUS2 = 96
TMS320C64X_INS_SAT = 97
TMS320C64X_INS_SET = 98
TMS320C64X_INS_SHFL = 99
TMS320C64X_INS_SHL = 100
TMS320C64X_INS_SHLMB = 101
TMS320C64X_INS_SHR = 102
TMS320C64X_INS_SHR2 = 103
TMS320C64X_INS_SHRMB = 104
TMS320C64X_INS_SHRU = 105
TMS320C64X_INS_SHRU2 = 106
TMS320C64X_INS_SMPY = 107
TMS320C64X_INS_SMPY2 = 108
TMS320C64X_INS_SMPYH = 109
TMS320C64X_INS_SMPYHL = 110
TMS320C64X_INS_SMPYLH = 111
TMS320C64X_INS_SPACK2 = 112
TMS320C64X_INS_SPACKU4 = 113
TMS320C64X_INS_SSHL = 114
TMS320C64X_INS_SSHVL = 115
TMS320C64X_INS_SSHVR = 116
TMS320C64X_INS_SSUB = 117
TMS320C64X_INS_STB = 118
TMS320C64X_INS_STDW = 119
TMS320C64X_INS_STH = 120
TMS320C64X_INS_STNDW = 121
TMS320C64X_INS_STNW = 122
TMS320C64X_INS_STW = 123
TMS320C64X_INS_SUB = 124
TMS320C64X_INS_SUB2 = 125
TMS320C64X_INS_SUB4 = 126
TMS320C64X_INS_SUBAB = 127
TMS320C64X_INS_SUBABS4 = 128
TMS320C64X_INS_SUBAH = 129
TMS320C64X_INS_SUBAW = 130
TMS320C64X_INS_SUBC = 131
TMS320C64X_INS_SUBU = 132
TMS320C64X_INS_SWAP4 = 133
TMS320C64X_INS_UNPKHU4 = 134
TMS320C64X_INS_UNPKLU4 = 135
TMS320C64X_INS_XOR = 136
TMS320C64X_INS_XPND2 = 137
TMS320C64X_INS_XPND4 = 138
TMS320C64X_INS_IDLE = 139
TMS320C64X_INS_MV = 140
TMS320C64X_INS_NEG = 141
TMS320C64X_INS_NOT = 142
TMS320C64X_INS_SWAP2 = 143
TMS320C64X_INS_ZERO = 144
TMS320C64X_INS_ENDING = 145
TMS320C64X_GRP_INVALID = 0
TMS320C64X_GRP_JUMP = 1
TMS320C64X_GRP_FUNIT_D = 128
TMS320C64X_GRP_FUNIT_L = 129
TMS320C64X_GRP_FUNIT_M = 130
TMS320C64X_GRP_FUNIT_S = 131
TMS320C64X_GRP_FUNIT_NO = 132
TMS320C64X_GRP_ENDING = 133
TMS320C64X_FUNIT_INVALID = 0
TMS320C64X_FUNIT_D = 1
TMS320C64X_FUNIT_L = 2
TMS320C64X_FUNIT_M = 3
TMS320C64X_FUNIT_S = 4
TMS320C64X_FUNIT_NO = 5

85
white_patch_detect/capstone-master/bindings/python/capstone/x86.py Normal file
View File

@@ -0,0 +1,85 @@
# Capstone Python bindings, by Nguyen Anh Quynnh <aquynh@gmail.com>
import ctypes
from . import copy_ctypes_list
from .x86_const import *
# define the API
class X86OpMem(ctypes.Structure):
_fields_ = (
('segment', ctypes.c_uint),
('base', ctypes.c_uint),
('index', ctypes.c_uint),
('scale', ctypes.c_int),
('disp', ctypes.c_int64),
)
class X86OpValue(ctypes.Union):
_fields_ = (
('reg', ctypes.c_uint),
('imm', ctypes.c_int64),
('mem', X86OpMem),
)
class X86Op(ctypes.Structure):
_fields_ = (
('type', ctypes.c_uint),
('value', X86OpValue),
('size', ctypes.c_uint8),
('access', ctypes.c_uint8),
('avx_bcast', ctypes.c_uint),
('avx_zero_opmask', ctypes.c_bool),
)
@property
def imm(self):
return self.value.imm
@property
def reg(self):
return self.value.reg
@property
def mem(self):
return self.value.mem
class CsX86Encoding(ctypes.Structure):
_fields_ = (
('modrm_offset', ctypes.c_uint8),
('disp_offset', ctypes.c_uint8),
('disp_size', ctypes.c_uint8),
('imm_offset', ctypes.c_uint8),
('imm_size', ctypes.c_uint8),
)
class CsX86(ctypes.Structure):
_fields_ = (
('prefix', ctypes.c_uint8 * 4),
('opcode', ctypes.c_uint8 * 4),
('rex', ctypes.c_uint8),
('addr_size', ctypes.c_uint8),
('modrm', ctypes.c_uint8),
('sib', ctypes.c_uint8),
('disp', ctypes.c_int64),
('sib_index', ctypes.c_uint),
('sib_scale', ctypes.c_int8),
('sib_base', ctypes.c_uint),
('xop_cc', ctypes.c_uint),
('sse_cc', ctypes.c_uint),
('avx_cc', ctypes.c_uint),
('avx_sae', ctypes.c_bool),
('avx_rm', ctypes.c_uint),
('eflags', ctypes.c_uint64),
('op_count', ctypes.c_uint8),
('operands', X86Op * 8),
('encoding', CsX86Encoding),
)
def get_arch_info(a):
return (a.prefix[:], a.opcode[:], a.rex, a.addr_size, \
a.modrm, a.sib, a.disp, a.sib_index, a.sib_scale, \
a.sib_base, a.xop_cc, a.sse_cc, a.avx_cc, a.avx_sae, a.avx_rm, a.eflags, \
a.encoding.modrm_offset, a.encoding.disp_offset, a.encoding.disp_size, a.encoding.imm_offset, a.encoding.imm_size, \
copy_ctypes_list(a.operands[:a.op_count]))

1962
white_patch_detect/capstone-master/bindings/python/capstone/x86_const.py Normal file
View File

File diff suppressed because it is too large Load Diff

50
white_patch_detect/capstone-master/bindings/python/capstone/xcore.py Normal file
View File

@@ -0,0 +1,50 @@
# Capstone Python bindings, by Nguyen Anh Quynnh <aquynh@gmail.com>
import ctypes
from . import copy_ctypes_list
from .xcore_const import *
# define the API
class XcoreOpMem(ctypes.Structure):
_fields_ = (
('base', ctypes.c_uint8),
('index', ctypes.c_uint8),
('disp', ctypes.c_int32),
('direct', ctypes.c_int),
)
class XcoreOpValue(ctypes.Union):
_fields_ = (
('reg', ctypes.c_uint),
('imm', ctypes.c_int32),
('mem', XcoreOpMem),
)
class XcoreOp(ctypes.Structure):
_fields_ = (
('type', ctypes.c_uint),
('value', XcoreOpValue),
)
@property
def imm(self):
return self.value.imm
@property
def reg(self):
return self.value.reg
@property
def mem(self):
return self.value.mem
class CsXcore(ctypes.Structure):
_fields_ = (
('op_count', ctypes.c_uint8),
('operands', XcoreOp * 8),
)
def get_arch_info(a):
return (copy_ctypes_list(a.operands[:a.op_count]))

161
white_patch_detect/capstone-master/bindings/python/capstone/xcore_const.py Normal file
View File

@@ -0,0 +1,161 @@
# For Capstone Engine. AUTO-GENERATED FILE, DO NOT EDIT [xcore_const.py]
XCORE_OP_INVALID = 0
XCORE_OP_REG = 1
XCORE_OP_IMM = 2
XCORE_OP_MEM = 3
XCORE_REG_INVALID = 0
XCORE_REG_CP = 1
XCORE_REG_DP = 2
XCORE_REG_LR = 3
XCORE_REG_SP = 4
XCORE_REG_R0 = 5
XCORE_REG_R1 = 6
XCORE_REG_R2 = 7
XCORE_REG_R3 = 8
XCORE_REG_R4 = 9
XCORE_REG_R5 = 10
XCORE_REG_R6 = 11
XCORE_REG_R7 = 12
XCORE_REG_R8 = 13
XCORE_REG_R9 = 14
XCORE_REG_R10 = 15
XCORE_REG_R11 = 16
XCORE_REG_PC = 17
XCORE_REG_SCP = 18
XCORE_REG_SSR = 19
XCORE_REG_ET = 20
XCORE_REG_ED = 21
XCORE_REG_SED = 22
XCORE_REG_KEP = 23
XCORE_REG_KSP = 24
XCORE_REG_ID = 25
XCORE_REG_ENDING = 26
XCORE_INS_INVALID = 0
XCORE_INS_ADD = 1
XCORE_INS_ANDNOT = 2
XCORE_INS_AND = 3
XCORE_INS_ASHR = 4
XCORE_INS_BAU = 5
XCORE_INS_BITREV = 6
XCORE_INS_BLA = 7
XCORE_INS_BLAT = 8
XCORE_INS_BL = 9
XCORE_INS_BF = 10
XCORE_INS_BT = 11
XCORE_INS_BU = 12
XCORE_INS_BRU = 13
XCORE_INS_BYTEREV = 14
XCORE_INS_CHKCT = 15
XCORE_INS_CLRE = 16
XCORE_INS_CLRPT = 17
XCORE_INS_CLRSR = 18
XCORE_INS_CLZ = 19
XCORE_INS_CRC8 = 20
XCORE_INS_CRC32 = 21
XCORE_INS_DCALL = 22
XCORE_INS_DENTSP = 23
XCORE_INS_DGETREG = 24
XCORE_INS_DIVS = 25
XCORE_INS_DIVU = 26
XCORE_INS_DRESTSP = 27
XCORE_INS_DRET = 28
XCORE_INS_ECALLF = 29
XCORE_INS_ECALLT = 30
XCORE_INS_EDU = 31
XCORE_INS_EEF = 32
XCORE_INS_EET = 33
XCORE_INS_EEU = 34
XCORE_INS_ENDIN = 35
XCORE_INS_ENTSP = 36
XCORE_INS_EQ = 37
XCORE_INS_EXTDP = 38
XCORE_INS_EXTSP = 39
XCORE_INS_FREER = 40
XCORE_INS_FREET = 41
XCORE_INS_GETD = 42
XCORE_INS_GET = 43
XCORE_INS_GETN = 44
XCORE_INS_GETR = 45
XCORE_INS_GETSR = 46
XCORE_INS_GETST = 47
XCORE_INS_GETTS = 48
XCORE_INS_INCT = 49
XCORE_INS_INIT = 50
XCORE_INS_INPW = 51
XCORE_INS_INSHR = 52
XCORE_INS_INT = 53
XCORE_INS_IN = 54
XCORE_INS_KCALL = 55
XCORE_INS_KENTSP = 56
XCORE_INS_KRESTSP = 57
XCORE_INS_KRET = 58
XCORE_INS_LADD = 59
XCORE_INS_LD16S = 60
XCORE_INS_LD8U = 61
XCORE_INS_LDA16 = 62
XCORE_INS_LDAP = 63
XCORE_INS_LDAW = 64
XCORE_INS_LDC = 65
XCORE_INS_LDW = 66
XCORE_INS_LDIVU = 67
XCORE_INS_LMUL = 68
XCORE_INS_LSS = 69
XCORE_INS_LSUB = 70
XCORE_INS_LSU = 71
XCORE_INS_MACCS = 72
XCORE_INS_MACCU = 73
XCORE_INS_MJOIN = 74
XCORE_INS_MKMSK = 75
XCORE_INS_MSYNC = 76
XCORE_INS_MUL = 77
XCORE_INS_NEG = 78
XCORE_INS_NOT = 79
XCORE_INS_OR = 80
XCORE_INS_OUTCT = 81
XCORE_INS_OUTPW = 82
XCORE_INS_OUTSHR = 83
XCORE_INS_OUTT = 84
XCORE_INS_OUT = 85
XCORE_INS_PEEK = 86
XCORE_INS_REMS = 87
XCORE_INS_REMU = 88
XCORE_INS_RETSP = 89
XCORE_INS_SETCLK = 90
XCORE_INS_SET = 91
XCORE_INS_SETC = 92
XCORE_INS_SETD = 93
XCORE_INS_SETEV = 94
XCORE_INS_SETN = 95
XCORE_INS_SETPSC = 96
XCORE_INS_SETPT = 97
XCORE_INS_SETRDY = 98
XCORE_INS_SETSR = 99
XCORE_INS_SETTW = 100
XCORE_INS_SETV = 101
XCORE_INS_SEXT = 102
XCORE_INS_SHL = 103
XCORE_INS_SHR = 104
XCORE_INS_SSYNC = 105
XCORE_INS_ST16 = 106
XCORE_INS_ST8 = 107
XCORE_INS_STW = 108
XCORE_INS_SUB = 109
XCORE_INS_SYNCR = 110
XCORE_INS_TESTCT = 111
XCORE_INS_TESTLCL = 112
XCORE_INS_TESTWCT = 113
XCORE_INS_TSETMR = 114
XCORE_INS_START = 115
XCORE_INS_WAITEF = 116
XCORE_INS_WAITET = 117
XCORE_INS_WAITEU = 118
XCORE_INS_XOR = 119
XCORE_INS_ZEXT = 120
XCORE_INS_ENDING = 121
XCORE_GRP_INVALID = 0
XCORE_GRP_JUMP = 1
XCORE_GRP_ENDING = 2

0
white_patch_detect/capstone-master/bindings/python/prebuilt/.gitkeep Normal file
View File

1
white_patch_detect/capstone-master/bindings/python/pyx/README Normal file
View File

@@ -0,0 +1 @@
This directory contains Cython files.

72
white_patch_detect/capstone-master/bindings/python/pyx/ccapstone.pxd Normal file
View File

@@ -0,0 +1,72 @@
# By Dang Hoang Vu <danghvu@gmail.com>, 2014
from libcpp cimport bool
from libc.stdint cimport uint8_t, uint64_t, uint16_t
cdef extern from "<capstone/capstone.h>":
ctypedef size_t csh
ctypedef enum cs_mode:
pass
ctypedef enum cs_arch:
pass
ctypedef struct cs_detail:
pass
ctypedef struct cs_insn:
unsigned int id
uint64_t address
uint16_t size
uint8_t bytes[24]
char mnemonic[32]
char op_str[160]
cs_detail *detail
ctypedef enum cs_err:
pass
ctypedef enum cs_opt_type:
pass
unsigned int cs_version(int *major, int *minor)
bool cs_support(int arch)
cs_err cs_open(cs_arch arch, cs_mode mode, csh *handle)
cs_err cs_close(csh *handle)
cs_err cs_errno(csh handle)
size_t cs_disasm(csh handle,
const uint8_t *code, size_t code_size,
uint64_t address,
size_t count,
cs_insn **insn)
cs_err cs_option(csh handle, cs_opt_type type, size_t value)
void cs_free(cs_insn *insn, size_t count)
const char *cs_reg_name(csh handle, unsigned int reg_id)
const char *cs_insn_name(csh handle, unsigned int insn_id)
const char *cs_group_name(csh handle, unsigned int group_id)
bool cs_insn_group(csh handle, cs_insn *insn, unsigned int group_id)
bool cs_reg_read(csh handle, cs_insn *insn, unsigned int reg_id)
bool cs_reg_write(csh handle, cs_insn *insn, unsigned int reg_id)
int cs_op_count(csh handle, cs_insn *insn, unsigned int op_type)
cs_err cs_regs_access(csh handle, cs_insn *insn, uint16_t *regs_read, uint8_t *read_count, uint16_t *regs_write, uint8_t *write_count)
int cs_op_index(csh handle, cs_insn *insn, unsigned int op_type,
unsigned int position)

2
white_patch_detect/capstone-master/bindings/python/setup.cfg Normal file
View File

@@ -0,0 +1,2 @@
[bdist_wheel]
universal = 1

289
white_patch_detect/capstone-master/bindings/python/setup.py Normal file
View File

@@ -0,0 +1,289 @@
#!/usr/bin/env python
import glob
import os
import shutil
import sys
import platform
from distutils import log
from setuptools import setup
from distutils.util import get_platform
from distutils.command.build import build
from distutils.command.sdist import sdist
from setuptools.command.bdist_egg import bdist_egg
SYSTEM = sys.platform
# adapted from commit e504b81 of Nguyen Tan Cong
# Reference: https://docs.python.org/2/library/platform.html#cross-platform
IS_64BITS = sys.maxsize > 2**32
# are we building from the repository or from a source distribution?
ROOT_DIR = os.path.dirname(os.path.realpath(__file__))
LIBS_DIR = os.path.join(ROOT_DIR, 'capstone', 'lib')
HEADERS_DIR = os.path.join(ROOT_DIR, 'capstone', 'include')
SRC_DIR = os.path.join(ROOT_DIR, 'src')
BUILD_DIR = SRC_DIR if os.path.exists(SRC_DIR) else os.path.join(ROOT_DIR, '../..')
# Parse version from pkgconfig.mk
VERSION_DATA = {}
with open(os.path.join(BUILD_DIR, 'pkgconfig.mk')) as fp:
lines = fp.readlines()
for line in lines:
line = line.strip()
if len(line) == 0:
continue
if line.startswith('#'):
continue
if '=' not in line:
continue
k, v = line.split('=', 1)
k = k.strip()
v = v.strip()
if len(k) == 0 or len(v) == 0:
continue
VERSION_DATA[k] = v
if 'PKG_MAJOR' not in VERSION_DATA or \
'PKG_MINOR' not in VERSION_DATA or \
'PKG_EXTRA' not in VERSION_DATA:
raise Exception("Malformed pkgconfig.mk")
if 'PKG_TAG' in VERSION_DATA:
VERSION = '{PKG_MAJOR}.{PKG_MINOR}.{PKG_EXTRA}.{PKG_TAG}'.format(**VERSION_DATA)
else:
VERSION = '{PKG_MAJOR}.{PKG_MINOR}.{PKG_EXTRA}'.format(**VERSION_DATA)
if SYSTEM == 'darwin':
VERSIONED_LIBRARY_FILE = "libcapstone.{PKG_MAJOR}.dylib".format(**VERSION_DATA)
LIBRARY_FILE = "libcapstone.dylib"
STATIC_LIBRARY_FILE = 'libcapstone.a'
elif SYSTEM in ('win32', 'cygwin'):
VERSIONED_LIBRARY_FILE = "capstone.dll"
LIBRARY_FILE = "capstone.dll"
STATIC_LIBRARY_FILE = None
else:
VERSIONED_LIBRARY_FILE = "libcapstone.so.{PKG_MAJOR}".format(**VERSION_DATA)
LIBRARY_FILE = "libcapstone.so"
STATIC_LIBRARY_FILE = 'libcapstone.a'
def clean_bins():
shutil.rmtree(LIBS_DIR, ignore_errors=True)
shutil.rmtree(HEADERS_DIR, ignore_errors=True)
def copy_sources():
"""Copy the C sources into the source directory.
This rearranges the source files under the python distribution
directory.
"""
src = []
try:
shutil.rmtree("src/")
except (IOError, OSError):
pass
shutil.copytree(os.path.join(BUILD_DIR, "arch"), os.path.join(SRC_DIR, "arch"))
shutil.copytree(os.path.join(BUILD_DIR, "include"), os.path.join(SRC_DIR, "include"))
src.extend(glob.glob(os.path.join(BUILD_DIR, "*.[ch]")))
src.extend(glob.glob(os.path.join(BUILD_DIR, "*.mk")))
src.extend(glob.glob(os.path.join(BUILD_DIR, "Makefile")))
src.extend(glob.glob(os.path.join(BUILD_DIR, "LICENSE*")))
src.extend(glob.glob(os.path.join(BUILD_DIR, "README")))
src.extend(glob.glob(os.path.join(BUILD_DIR, "*.TXT")))
src.extend(glob.glob(os.path.join(BUILD_DIR, "RELEASE_NOTES")))
src.extend(glob.glob(os.path.join(BUILD_DIR, "make.sh")))
src.extend(glob.glob(os.path.join(BUILD_DIR, "CMakeLists.txt")))
src.extend(glob.glob(os.path.join(BUILD_DIR, "pkgconfig.mk")))
for filename in src:
outpath = os.path.join(SRC_DIR, os.path.basename(filename))
log.info("%s -> %s" % (filename, outpath))
shutil.copy(filename, outpath)
def build_libraries():
"""
Prepare the capstone directory for a binary distribution or installation.
Builds shared libraries and copies header files.
Will use a src/ dir if one exists in the current directory, otherwise assumes it's in the repo
"""
cwd = os.getcwd()
clean_bins()
os.mkdir(HEADERS_DIR)
os.mkdir(LIBS_DIR)
# copy public headers
shutil.copytree(os.path.join(BUILD_DIR, 'include', 'capstone'), os.path.join(HEADERS_DIR, 'capstone'))
# if prebuilt libraries are available, use those and cancel build
if os.path.exists(os.path.join(ROOT_DIR, 'prebuilt', LIBRARY_FILE)) and \
(not STATIC_LIBRARY_FILE or os.path.exists(os.path.join(ROOT_DIR, 'prebuilt', STATIC_LIBRARY_FILE))):
shutil.copy(os.path.join(ROOT_DIR, 'prebuilt', LIBRARY_FILE), LIBS_DIR)
if STATIC_LIBRARY_FILE is not None:
shutil.copy(os.path.join(ROOT_DIR, 'prebuilt', STATIC_LIBRARY_FILE), LIBS_DIR)
return
os.chdir(BUILD_DIR)
# platform description refers at https://docs.python.org/2/library/sys.html#sys.platform
if SYSTEM == "win32":
# Windows build: this process requires few things:
# - CMake + MSVC installed
# - Run this command in an environment setup for MSVC
if not os.path.exists("build"): os.mkdir("build")
os.chdir("build")
# Do not build tests & static library
os.system('cmake -DCMAKE_BUILD_TYPE=RELEASE -DCAPSTONE_BUILD_TESTS=0 -DCAPSTONE_BUILD_STATIC=0 -G "NMake Makefiles" ..')
os.system("nmake")
elif "bsd" in SYSTEM:
# *BSD distinguishes make (BSD) vs gmake (GNU). Use cmake + bsd make :-)
if not os.path.exists("build"): os.mkdir("build")
os.chdir("build")
# Do not build tests & static library
os.system('cmake -DCMAKE_BUILD_TYPE=RELEASE -DCAPSTONE_BUILD_TESTS=0 -DCAPSTONE_BUILD_STATIC=0 ..')
os.system("make")
else: # Unix incl. cygwin
os.system("CAPSTONE_BUILD_CORE_ONLY=yes bash ./make.sh")
shutil.copy(VERSIONED_LIBRARY_FILE, os.path.join(LIBS_DIR, LIBRARY_FILE))
# only copy static library if it exists (it's a build option)
if STATIC_LIBRARY_FILE and os.path.exists(STATIC_LIBRARY_FILE):
shutil.copy(STATIC_LIBRARY_FILE, LIBS_DIR)
os.chdir(cwd)
class custom_sdist(sdist):
def run(self):
clean_bins()
copy_sources()
return sdist.run(self)
class custom_build(build):
def run(self):
if 'LIBCAPSTONE_PATH' in os.environ:
log.info('Skipping building C extensions since LIBCAPSTONE_PATH is set')
else:
log.info('Building C extensions')
build_libraries()
return build.run(self)
class custom_bdist_egg(bdist_egg):
def run(self):
self.run_command('build')
return bdist_egg.run(self)
def dummy_src():
return []
cmdclass = {}
cmdclass['build'] = custom_build
cmdclass['sdist'] = custom_sdist
cmdclass['bdist_egg'] = custom_bdist_egg
try:
from setuptools.command.develop import develop
class custom_develop(develop):
def run(self):
log.info("Building C extensions")
build_libraries()
return develop.run(self)
cmdclass['develop'] = custom_develop
except ImportError:
print("Proper 'develop' support unavailable.")
if 'bdist_wheel' in sys.argv and '--plat-name' not in sys.argv:
idx = sys.argv.index('bdist_wheel') + 1
sys.argv.insert(idx, '--plat-name')
name = get_platform()
if 'linux' in name:
# linux_* platform tags are disallowed because the python ecosystem is fubar
# linux builds should be built in the centos 6 vm for maximum compatibility
# see https://github.com/pypa/manylinux
# see also https://github.com/angr/angr-dev/blob/master/bdist.sh and
# https://www.python.org/dev/peps/pep-0599/
sys.argv.insert(idx + 1, 'manylinux2014_' + platform.machine())
else:
# https://www.python.org/dev/peps/pep-0425/
sys.argv.insert(idx + 1, name.replace('.', '_').replace('-', '_'))
long_desc = '''
Capstone is a disassembly framework with the target of becoming the ultimate
disasm engine for binary analysis and reversing in the security community.
Created by Nguyen Anh Quynh, then developed and maintained by a small community,
Capstone offers some unparalleled features:
- Support multiple hardware architectures: ARM, ARM64 (ARMv8), Mips, PPC, Sparc,
SystemZ, XCore and X86 (including X86_64).
- Having clean/simple/lightweight/intuitive architecture-neutral API.
- Provide details on disassembled instruction (called "decomposer" by others).
- Provide semantics of the disassembled instruction, such as list of implicit
registers read & written.
- Implemented in pure C language, with lightweight wrappers for C++, C#, Go,
Java, NodeJS, Ocaml, Python, Ruby & Vala ready (available in main code,
or provided externally by the community).
- Native support for all popular platforms: Windows, Mac OSX, iOS, Android,
Linux, *BSD, Solaris, etc.
- Thread-safe by design.
- Special support for embedding into firmware or OS kernel.
- High performance & suitable for malware analysis (capable of handling various
X86 malware tricks).
- Distributed under the open source BSD license.
Further information is available at http://www.capstone-engine.org
[License]
This project is released under the BSD license. If you redistribute the binary
or source code of Capstone, please attach file LICENSE.TXT with your products.
'''
setup(
provides=['capstone'],
packages=['capstone'],
name='capstone',
version=VERSION,
author='Nguyen Anh Quynh',
author_email='aquynh@gmail.com',
description='Capstone disassembly engine',
long_description=long_desc,
long_description_content_type="text/markdown",
url='https://www.capstone-engine.org',
python_requires='>=2.7, !=3.0.*, !=3.1.*, !=3.2.*, !=3.3.*',
classifiers=[
'Development Status :: 5 - Production/Stable',
'Intended Audience :: Developers',
'Topic :: Software Development :: Build Tools',
'License :: OSI Approved :: BSD License',
'Programming Language :: Python :: 2',
'Programming Language :: Python :: 2.7',
'Programming Language :: Python :: 3',
],
requires=['ctypes'],
cmdclass=cmdclass,
zip_safe=True,
include_package_data=True,
is_pure=False,
package_data={
"capstone": ["lib/*", "include/capstone/*"],
}
)

144
white_patch_detect/capstone-master/bindings/python/setup_cython.py Normal file
View File

@@ -0,0 +1,144 @@
import os
import sys
import shutil
from distutils import log
from distutils.core import setup
from distutils.extension import Extension
from distutils.command.build import build
from Cython.Distutils import build_ext
SYSTEM = sys.platform
VERSION = '4.0.0'
# adapted from commit e504b81 of Nguyen Tan Cong
# Reference: https://docs.python.org/2/library/platform.html#cross-platform
IS_64BITS = sys.maxsize > 2**32
# are we building from the repository or from a source distribution?
ROOT_DIR = os.path.dirname(os.path.realpath(__file__))
LIBS_DIR = os.path.join(ROOT_DIR, 'pyx', 'lib')
HEADERS_DIR = os.path.join(ROOT_DIR, 'pyx', 'include')
SRC_DIR = os.path.join(ROOT_DIR, 'src')
BUILD_DIR = SRC_DIR if os.path.exists(SRC_DIR) else os.path.join(ROOT_DIR, '../..')
PYPACKAGE_DIR = os.path.join(ROOT_DIR, 'capstone')
CYPACKAGE_DIR = os.path.join(ROOT_DIR, 'pyx')
if SYSTEM == 'darwin':
VERSIONED_LIBRARY_FILE = "libcapstone.4.dylib"
LIBRARY_FILE = "libcapstone.dylib"
STATIC_LIBRARY_FILE = 'libcapstone.a'
elif SYSTEM in ('win32', 'cygwin'):
VERSIONED_LIBRARY_FILE = "capstone.dll"
LIBRARY_FILE = "capstone.dll"
STATIC_LIBRARY_FILE = None
else:
VERSIONED_LIBRARY_FILE = "libcapstone.so.4"
LIBRARY_FILE = "libcapstone.so"
STATIC_LIBRARY_FILE = 'libcapstone.a'
compile_args = ['-O3', '-fomit-frame-pointer', '-I' + HEADERS_DIR]
link_args = ['-L' + LIBS_DIR]
ext_module_names = ['arm', 'arm_const', 'arm64', 'arm64_const', 'm68k', 'm68k_const', 'm680x', 'm680x_const', 'mips', 'mips_const', 'ppc', 'ppc_const', 'x86', 'x86_const', 'sparc', 'sparc_const', 'systemz', 'sysz_const', 'xcore', 'xcore_const', 'tms320c64x', 'tms320c64x_const', 'evm', 'evm_const' ]
ext_modules = [Extension("capstone.ccapstone",
["pyx/ccapstone.pyx"],
libraries=["capstone"],
extra_compile_args=compile_args,
extra_link_args=link_args)]
ext_modules += [Extension("capstone.%s" % name,
["pyx/%s.pyx" % name],
extra_compile_args=compile_args,
extra_link_args=link_args)
for name in ext_module_names]
def clean_bins():
shutil.rmtree(LIBS_DIR, ignore_errors=True)
shutil.rmtree(HEADERS_DIR, ignore_errors=True)
def copy_pysources():
for fname in os.listdir(PYPACKAGE_DIR):
if not fname.endswith('.py'):
continue
if fname == '__init__.py':
shutil.copy(os.path.join(PYPACKAGE_DIR, fname), os.path.join(CYPACKAGE_DIR, fname))
else:
shutil.copy(os.path.join(PYPACKAGE_DIR, fname), os.path.join(CYPACKAGE_DIR, fname + 'x'))
def build_libraries():
"""
Prepare the capstone directory for a binary distribution or installation.
Builds shared libraries and copies header files.
Will use a src/ dir if one exists in the current directory, otherwise assumes it's in the repo
"""
cwd = os.getcwd()
clean_bins()
os.mkdir(HEADERS_DIR)
os.mkdir(LIBS_DIR)
# copy public headers
shutil.copytree(os.path.join(BUILD_DIR, 'include', 'capstone'), os.path.join(HEADERS_DIR, 'capstone'))
os.chdir(BUILD_DIR)
# platform description refers at https://docs.python.org/2/library/sys.html#sys.platform
if SYSTEM == "win32":
# Windows build: this process requires few things:
# - CMake + MSVC installed
# - Run this command in an environment setup for MSVC
if not os.path.exists("build"): os.mkdir("build")
os.chdir("build")
# Do not build tests & static library
os.system('cmake -DCMAKE_BUILD_TYPE=RELEASE -DCAPSTONE_BUILD_TESTS=0 -DCAPSTONE_BUILD_STATIC=0 -G "NMake Makefiles" ..')
os.system("nmake")
else: # Unix incl. cygwin
os.system("CAPSTONE_BUILD_CORE_ONLY=yes bash ./make.sh")
shutil.copy(VERSIONED_LIBRARY_FILE, os.path.join(LIBS_DIR, LIBRARY_FILE))
if STATIC_LIBRARY_FILE: shutil.copy(STATIC_LIBRARY_FILE, LIBS_DIR)
os.chdir(cwd)
class custom_build(build):
def run(self):
log.info('Copying python sources')
copy_pysources()
log.info('Building C extensions')
build_libraries()
return build.run(self)
# clean package directory first
#import os.path, shutil, sys
#for f in sys.path:
# if f.endswith('packages'):
# pkgdir = os.path.join(f, 'capstone')
# #print(pkgdir)
# try:
# shutil.rmtree(pkgdir)
# except:
# pass
setup(
provides = ['capstone'],
package_dir = {'capstone' : 'pyx'},
packages = ['capstone'],
name = 'capstone',
version = VERSION,
cmdclass = {'build_ext': build_ext, 'build': custom_build},
ext_modules = ext_modules,
author = 'Nguyen Anh Quynh',
author_email = 'aquynh@gmail.com',
description = 'Capstone disassembly engine',
url = 'http://www.capstone-engine.org',
classifiers = [
'License :: OSI Approved :: BSD License',
'Programming Language :: Python :: 2',
],
include_package_data=True,
package_data={
"capstone": ["lib/*", "include/capstone/*"],
}
)

22
white_patch_detect/capstone-master/bindings/python/test_all.py Normal file
View File

@@ -0,0 +1,22 @@
#!/usr/bin/env python
import test_basic, test_arm, test_arm64, test_detail, test_lite, test_m68k, test_mips, \
test_ppc, test_x86, test_skipdata, test_sparc, test_systemz, test_tms320c64x, test_customized_mnem, \
test_m680x, test_mos65xx
test_basic.test_class()
test_arm.test_class()
test_arm64.test_class()
test_detail.test_class()
test_lite.test_class()
test_m68k.test_class()
test_mips.test_class()
test_mos65xx.test_class()
test_ppc.test_class()
test_sparc.test_class()
test_systemz.test_class()
test_x86.test_class()
test_tms320c64x.test_class()
test_m680x.test_class()
test_skipdata.test_class()
test_customized_mnem.test()

151
white_patch_detect/capstone-master/bindings/python/test_arm.py Normal file
View File

@@ -0,0 +1,151 @@
#!/usr/bin/env python
# Capstone Python bindings, by Nguyen Anh Quynnh <aquynh@gmail.com>
from __future__ import print_function
from capstone import *
from capstone.arm import *
from xprint import to_hex, to_x_32
ARM_CODE = b"\x86\x48\x60\xf4\xED\xFF\xFF\xEB\x04\xe0\x2d\xe5\x00\x00\x00\x00\xe0\x83\x22\xe5\xf1\x02\x03\x0e\x00\x00\xa0\xe3\x02\x30\xc1\xe7\x00\x00\x53\xe3\x00\x02\x01\xf1\x05\x40\xd0\xe8\xf4\x80\x00\x00"
ARM_CODE2 = b"\xd1\xe8\x00\xf0\xf0\x24\x04\x07\x1f\x3c\xf2\xc0\x00\x00\x4f\xf0\x00\x01\x46\x6c"
THUMB_CODE = b"\x70\x47\x00\xf0\x10\xe8\xeb\x46\x83\xb0\xc9\x68\x1f\xb1\x30\xbf\xaf\xf3\x20\x84\x52\xf8\x23\xf0"
THUMB_CODE2 = b"\x4f\xf0\x00\x01\xbd\xe8\x00\x88\xd1\xe8\x00\xf0\x18\xbf\xad\xbf\xf3\xff\x0b\x0c\x86\xf3\x00\x89\x80\xf3\x00\x8c\x4f\xfa\x99\xf6\xd0\xff\xa2\x01"
THUMB_MCLASS = b"\xef\xf3\x02\x80"
ARMV8 = b"\xe0\x3b\xb2\xee\x42\x00\x01\xe1\x51\xf0\x7f\xf5"
all_tests = (
(CS_ARCH_ARM, CS_MODE_ARM, ARM_CODE, "ARM", None),
(CS_ARCH_ARM, CS_MODE_THUMB, THUMB_CODE, "Thumb", None),
(CS_ARCH_ARM, CS_MODE_THUMB, ARM_CODE2, "Thumb-mixed", None),
(CS_ARCH_ARM, CS_MODE_THUMB, THUMB_CODE2, "Thumb-2 & register named with numbers", CS_OPT_SYNTAX_NOREGNAME),
(CS_ARCH_ARM, CS_MODE_THUMB + CS_MODE_MCLASS, THUMB_MCLASS, "Thumb-MClass", None),
(CS_ARCH_ARM, CS_MODE_ARM + CS_MODE_V8, ARMV8, "Arm-V8", None),
)
def print_insn_detail(insn):
# print address, mnemonic and operands
print("0x%x:\t%s\t%s" % (insn.address, insn.mnemonic, insn.op_str))
# "data" instruction generated by SKIPDATA option has no detail
if insn.id == 0:
return
if len(insn.operands) > 0:
print("\top_count: %u" % len(insn.operands))
c = 0
for i in insn.operands:
if i.type == ARM_OP_REG:
print("\t\toperands[%u].type: REG = %s" % (c, insn.reg_name(i.reg)))
if i.type == ARM_OP_IMM:
print("\t\toperands[%u].type: IMM = 0x%s" % (c, to_x_32(i.imm)))
if i.type == ARM_OP_PIMM:
print("\t\toperands[%u].type: P-IMM = %u" % (c, i.imm))
if i.type == ARM_OP_CIMM:
print("\t\toperands[%u].type: C-IMM = %u" % (c, i.imm))
if i.type == ARM_OP_FP:
print("\t\toperands[%u].type: FP = %f" % (c, i.fp))
if i.type == ARM_OP_SYSREG:
print("\t\toperands[%u].type: SYSREG = %u" % (c, i.reg))
if i.type == ARM_OP_SETEND:
if i.setend == ARM_SETEND_BE:
print("\t\toperands[%u].type: SETEND = be" % c)
else:
print("\t\toperands[%u].type: SETEND = le" % c)
if i.type == ARM_OP_MEM:
print("\t\toperands[%u].type: MEM" % c)
if i.mem.base != 0:
print("\t\t\toperands[%u].mem.base: REG = %s" \
% (c, insn.reg_name(i.mem.base)))
if i.mem.index != 0:
print("\t\t\toperands[%u].mem.index: REG = %s" \
% (c, insn.reg_name(i.mem.index)))
if i.mem.scale != 1:
print("\t\t\toperands[%u].mem.scale: %u" \
% (c, i.mem.scale))
if i.mem.disp != 0:
print("\t\t\toperands[%u].mem.disp: 0x%s" \
% (c, to_x_32(i.mem.disp)))
if i.mem.lshift != 0:
print("\t\t\toperands[%u].mem.lshift: 0x%s" \
% (c, to_x_32(i.mem.lshift)))
if i.neon_lane != -1:
print("\t\toperands[%u].neon_lane = %u" % (c, i.neon_lane))
if i.access == CS_AC_READ:
print("\t\toperands[%u].access: READ\n" % (c))
elif i.access == CS_AC_WRITE:
print("\t\toperands[%u].access: WRITE\n" % (c))
elif i.access == CS_AC_READ | CS_AC_WRITE:
print("\t\toperands[%u].access: READ | WRITE\n" % (c))
if i.shift.type != ARM_SFT_INVALID and i.shift.value:
print("\t\t\tShift: %u = %u" \
% (i.shift.type, i.shift.value))
if i.vector_index != -1:
print("\t\t\toperands[%u].vector_index = %u" %(c, i.vector_index))
if i.subtracted:
print("\t\t\toperands[%u].subtracted = True" %c)
c += 1
if insn.update_flags:
print("\tUpdate-flags: True")
if insn.writeback:
print("\tWrite-back: True")
if not insn.cc in [ARM_CC_AL, ARM_CC_INVALID]:
print("\tCode condition: %u" % insn.cc)
if insn.cps_mode:
print("\tCPSI-mode: %u" %(insn.cps_mode))
if insn.cps_flag:
print("\tCPSI-flag: %u" %(insn.cps_flag))
if insn.vector_data:
print("\tVector-data: %u" %(insn.vector_data))
if insn.vector_size:
print("\tVector-size: %u" %(insn.vector_size))
if insn.usermode:
print("\tUser-mode: True")
if insn.mem_barrier:
print("\tMemory-barrier: %u" %(insn.mem_barrier))
(regs_read, regs_write) = insn.regs_access()
if len(regs_read) > 0:
print("\tRegisters read:", end="")
for r in regs_read:
print(" %s" %(insn.reg_name(r)), end="")
print("")
if len(regs_write) > 0:
print("\tRegisters modified:", end="")
for r in regs_write:
print(" %s" %(insn.reg_name(r)), end="")
print("")
# ## Test class Cs
def test_class():
for (arch, mode, code, comment, syntax) in all_tests:
print("*" * 16)
print("Platform: %s" % comment)
print("Code: %s" % to_hex(code))
print("Disasm:")
try:
md = Cs(arch, mode)
if syntax is not None:
md.syntax = syntax
md.detail = True
for insn in md.disasm(code, 0x80001000):
print_insn_detail(insn)
print ()
except CsError as e:
print("ERROR: %s" % e)
if __name__ == '__main__':
test_class()

129
white_patch_detect/capstone-master/bindings/python/test_arm64.py Normal file
View File

@@ -0,0 +1,129 @@
#!/usr/bin/env python
# Capstone Python bindings, by Nguyen Anh Quynnh <aquynh@gmail.com>
from __future__ import print_function
from capstone import *
from capstone.arm64 import *
from xprint import to_hex, to_x
ARM64_CODE = b"\x09\x00\x38\xd5\xbf\x40\x00\xd5\x0c\x05\x13\xd5\x20\x50\x02\x0e\x20\xe4\x3d\x0f\x00\x18\xa0\x5f\xa2\x00\xae\x9e\x9f\x37\x03\xd5\xbf\x33\x03\xd5\xdf\x3f\x03\xd5\x21\x7c\x02\x9b\x21\x7c\x00\x53\x00\x40\x21\x4b\xe1\x0b\x40\xb9\x20\x04\x81\xda\x20\x08\x02\x8b\x10\x5b\xe8\x3c"
all_tests = (
(CS_ARCH_ARM64, CS_MODE_ARM, ARM64_CODE, "ARM-64"),
)
def print_insn_detail(insn):
# print address, mnemonic and operands
print("0x%x:\t%s\t%s" % (insn.address, insn.mnemonic, insn.op_str))
# "data" instruction generated by SKIPDATA option has no detail
if insn.id == 0:
return
if len(insn.operands) > 0:
print("\top_count: %u" % len(insn.operands))
c = -1
for i in insn.operands:
c += 1
if i.type == ARM64_OP_REG:
print("\t\toperands[%u].type: REG = %s" % (c, insn.reg_name(i.reg)))
if i.type == ARM64_OP_IMM:
print("\t\toperands[%u].type: IMM = 0x%s" % (c, to_x(i.imm)))
if i.type == ARM64_OP_CIMM:
print("\t\toperands[%u].type: C-IMM = %u" % (c, i.imm))
if i.type == ARM64_OP_FP:
print("\t\toperands[%u].type: FP = %f" % (c, i.fp))
if i.type == ARM64_OP_MEM:
print("\t\toperands[%u].type: MEM" % c)
if i.mem.base != 0:
print("\t\t\toperands[%u].mem.base: REG = %s" \
% (c, insn.reg_name(i.mem.base)))
if i.mem.index != 0:
print("\t\t\toperands[%u].mem.index: REG = %s" \
% (c, insn.reg_name(i.mem.index)))
if i.mem.disp != 0:
print("\t\t\toperands[%u].mem.disp: 0x%s" \
% (c, to_x(i.mem.disp)))
if i.type == ARM64_OP_REG_MRS:
print("\t\toperands[%u].type: REG_MRS = 0x%x" % (c, i.reg))
if i.type == ARM64_OP_REG_MSR:
print("\t\toperands[%u].type: REG_MSR = 0x%x" % (c, i.reg))
if i.type == ARM64_OP_PSTATE:
print("\t\toperands[%u].type: PSTATE = 0x%x" % (c, i.pstate))
if i.type == ARM64_OP_SYS:
print("\t\toperands[%u].type: SYS = 0x%x" % (c, i.sys))
if i.type == ARM64_OP_PREFETCH:
print("\t\toperands[%u].type: PREFETCH = 0x%x" % (c, i.prefetch))
if i.type == ARM64_OP_BARRIER:
print("\t\toperands[%u].type: BARRIER = 0x%x" % (c, i.barrier))
if i.shift.type != ARM64_SFT_INVALID and i.shift.value:
print("\t\t\tShift: type = %u, value = %u" % (i.shift.type, i.shift.value))
if i.ext != ARM64_EXT_INVALID:
print("\t\t\tExt: %u" % i.ext)
if i.vas != ARM64_VAS_INVALID:
print("\t\t\tVector Arrangement Specifier: 0x%x" % i.vas)
if i.vess != ARM64_VESS_INVALID:
print("\t\t\tVector Element Size Specifier: %u" % i.vess)
if i.vector_index != -1:
print("\t\t\tVector Index: %u" % i.vector_index)
if i.access == CS_AC_READ:
print("\t\toperands[%u].access: READ\n" % (c))
elif i.access == CS_AC_WRITE:
print("\t\toperands[%u].access: WRITE\n" % (c))
elif i.access == CS_AC_READ | CS_AC_WRITE:
print("\t\toperands[%u].access: READ | WRITE\n" % (c))
if insn.writeback:
print("\tWrite-back: True")
if not insn.cc in [ARM64_CC_AL, ARM64_CC_INVALID]:
print("\tCode-condition: %u" % insn.cc)
if insn.update_flags:
print("\tUpdate-flags: True")
(regs_read, regs_write) = insn.regs_access()
if len(regs_read) > 0:
print("\tRegisters read:", end="")
for r in regs_read:
print(" %s" %(insn.reg_name(r)), end="")
print("")
if len(regs_write) > 0:
print("\tRegisters modified:", end="")
for r in regs_write:
print(" %s" %(insn.reg_name(r)), end="")
print("")
# ## Test class Cs
def test_class():
for (arch, mode, code, comment) in all_tests:
print("*" * 16)
print("Platform: %s" % comment)
print("Code: %s" % to_hex(code))
print("Disasm:")
try:
md = Cs(arch, mode)
md.detail = True
for insn in md.disasm(code, 0x2c):
print_insn_detail(insn)
print ()
print("0x%x:\n" % (insn.address + insn.size))
except CsError as e:
print("ERROR: %s" % e)
if __name__ == '__main__':
test_class()

107
white_patch_detect/capstone-master/bindings/python/test_basic.py Normal file
View File

@@ -0,0 +1,107 @@
#!/usr/bin/env python
# Capstone Python bindings, by Nguyen Anh Quynnh <aquynh@gmail.com>
from __future__ import print_function
from capstone import *
import binascii
import sys
from xprint import to_hex
_python3 = sys.version_info.major == 3
X86_CODE16 = b"\x8d\x4c\x32\x08\x01\xd8\x81\xc6\x34\x12\x00\x00"
X86_CODE32 = b"\xba\xcd\xab\x00\x00\x8d\x4c\x32\x08\x01\xd8\x81\xc6\x34\x12\x00\x00"
X86_CODE64 = b"\x55\x48\x8b\x05\xb8\x13\x00\x00"
ARM_CODE = b"\xED\xFF\xFF\xEB\x04\xe0\x2d\xe5\x00\x00\x00\x00\xe0\x83\x22\xe5\xf1\x02\x03\x0e\x00\x00\xa0\xe3\x02\x30\xc1\xe7\x00\x00\x53\xe3"
ARM_CODE2 = b"\x10\xf1\x10\xe7\x11\xf2\x31\xe7\xdc\xa1\x2e\xf3\xe8\x4e\x62\xf3"
THUMB_CODE = b"\x70\x47\xeb\x46\x83\xb0\xc9\x68"
THUMB_CODE2 = b"\x4f\xf0\x00\x01\xbd\xe8\x00\x88\xd1\xe8\x00\xf0"
THUMB_MCLASS = b"\xef\xf3\x02\x80"
ARMV8 = b"\xe0\x3b\xb2\xee\x42\x00\x01\xe1\x51\xf0\x7f\xf5"
MIPS_CODE = b"\x0C\x10\x00\x97\x00\x00\x00\x00\x24\x02\x00\x0c\x8f\xa2\x00\x00\x34\x21\x34\x56"
MIPS_CODE2 = b"\x56\x34\x21\x34\xc2\x17\x01\x00"
MIPS_32R6M = b"\x00\x07\x00\x07\x00\x11\x93\x7c\x01\x8c\x8b\x7c\x00\xc7\x48\xd0"
MIPS_32R6 = b"\xec\x80\x00\x19\x7c\x43\x22\xa0"
ARM64_CODE = b"\x21\x7c\x02\x9b\x21\x7c\x00\x53\x00\x40\x21\x4b\xe1\x0b\x40\xb9"
PPC_CODE = b"\x80\x20\x00\x00\x80\x3f\x00\x00\x10\x43\x23\x0e\xd0\x44\x00\x80\x4c\x43\x22\x02\x2d\x03\x00\x80\x7c\x43\x20\x14\x7c\x43\x20\x93\x4f\x20\x00\x21\x4c\xc8\x00\x21"
PPC_CODE2 = b"\x10\x60\x2a\x10\x10\x64\x28\x88\x7c\x4a\x5d\x0f"
SPARC_CODE = b"\x80\xa0\x40\x02\x85\xc2\x60\x08\x85\xe8\x20\x01\x81\xe8\x00\x00\x90\x10\x20\x01\xd5\xf6\x10\x16\x21\x00\x00\x0a\x86\x00\x40\x02\x01\x00\x00\x00\x12\xbf\xff\xff\x10\xbf\xff\xff\xa0\x02\x00\x09\x0d\xbf\xff\xff\xd4\x20\x60\x00\xd4\x4e\x00\x16\x2a\xc2\x80\x03"
SPARCV9_CODE = b"\x81\xa8\x0a\x24\x89\xa0\x10\x20\x89\xa0\x1a\x60\x89\xa0\x00\xe0"
SYSZ_CODE = b"\xed\x00\x00\x00\x00\x1a\x5a\x0f\x1f\xff\xc2\x09\x80\x00\x00\x00\x07\xf7\xeb\x2a\xff\xff\x7f\x57\xe3\x01\xff\xff\x7f\x57\xeb\x00\xf0\x00\x00\x24\xb2\x4f\x00\x78"
XCORE_CODE = b"\xfe\x0f\xfe\x17\x13\x17\xc6\xfe\xec\x17\x97\xf8\xec\x4f\x1f\xfd\xec\x37\x07\xf2\x45\x5b\xf9\xfa\x02\x06\x1b\x10"
M68K_CODE = b"\xd4\x40\x87\x5a\x4e\x71\x02\xb4\xc0\xde\xc0\xde\x5c\x00\x1d\x80\x71\x12\x01\x23\xf2\x3c\x44\x22\x40\x49\x0e\x56\x54\xc5\xf2\x3c\x44\x00\x44\x7a\x00\x00\xf2\x00\x0a\x28\x4E\xB9\x00\x00\x00\x12\x4E\x75"
TMS320C64X_CODE = b"\x01\xac\x88\x40\x81\xac\x88\x43\x00\x00\x00\x00\x02\x90\x32\x96\x02\x80\x46\x9e\x05\x3c\x83\xe6\x0b\x0c\x8b\x24"
M680X_CODE = b"\x06\x10\x19\x1a\x55\x1e\x01\x23\xe9\x31\x06\x34\x55\xa6\x81\xa7\x89\x7f\xff\xa6\x9d\x10\x00\xa7\x91\xa6\x9f\x10\x00\x11\xac\x99\x10\x00\x39"
all_tests = (
(CS_ARCH_X86, CS_MODE_16, X86_CODE16, "X86 16bit (Intel syntax)", None),
(CS_ARCH_X86, CS_MODE_32, X86_CODE32, "X86 32bit (ATT syntax)", CS_OPT_SYNTAX_ATT),
(CS_ARCH_X86, CS_MODE_32, X86_CODE32, "X86 32 (Intel syntax)", None),
(CS_ARCH_X86, CS_MODE_32, X86_CODE32, "X86 32 (MASM syntax)", CS_OPT_SYNTAX_MASM),
(CS_ARCH_X86, CS_MODE_64, X86_CODE64, "X86 64 (Intel syntax)", None),
(CS_ARCH_ARM, CS_MODE_ARM, ARM_CODE, "ARM", None),
(CS_ARCH_ARM, CS_MODE_THUMB, THUMB_CODE2, "THUMB-2", None),
(CS_ARCH_ARM, CS_MODE_ARM, ARM_CODE2, "ARM: Cortex-A15 + NEON", None),
(CS_ARCH_ARM, CS_MODE_THUMB, THUMB_CODE, "THUMB", None),
(CS_ARCH_ARM, CS_MODE_THUMB + CS_MODE_MCLASS, THUMB_MCLASS, "Thumb-MClass", None),
(CS_ARCH_ARM, CS_MODE_ARM + CS_MODE_V8, ARMV8, "Arm-V8", None),
(CS_ARCH_MIPS, CS_MODE_MIPS32 + CS_MODE_BIG_ENDIAN, MIPS_CODE, "MIPS-32 (Big-endian)", None),
(CS_ARCH_MIPS, CS_MODE_MIPS64 + CS_MODE_LITTLE_ENDIAN, MIPS_CODE2, "MIPS-64-EL (Little-endian)", None),
(CS_ARCH_MIPS, CS_MODE_MIPS32R6 + CS_MODE_MICRO + CS_MODE_BIG_ENDIAN, MIPS_32R6M, "MIPS-32R6 | Micro (Big-endian)", None),
(CS_ARCH_MIPS, CS_MODE_MIPS32R6 + CS_MODE_BIG_ENDIAN, MIPS_32R6, "MIPS-32R6 (Big-endian)", None),
(CS_ARCH_ARM64, CS_MODE_ARM, ARM64_CODE, "ARM-64", None),
(CS_ARCH_PPC, CS_MODE_BIG_ENDIAN, PPC_CODE, "PPC-64", None),
(CS_ARCH_PPC, CS_MODE_BIG_ENDIAN, PPC_CODE, "PPC-64, print register with number only", CS_OPT_SYNTAX_NOREGNAME),
(CS_ARCH_PPC, CS_MODE_BIG_ENDIAN + CS_MODE_QPX, PPC_CODE2, "PPC-64 + QPX", CS_OPT_SYNTAX_NOREGNAME),
(CS_ARCH_SPARC, CS_MODE_BIG_ENDIAN, SPARC_CODE, "Sparc", None),
(CS_ARCH_SPARC, CS_MODE_BIG_ENDIAN + CS_MODE_V9, SPARCV9_CODE, "SparcV9", None),
(CS_ARCH_SYSZ, 0, SYSZ_CODE, "SystemZ", None),
(CS_ARCH_XCORE, 0, XCORE_CODE, "XCore", None),
(CS_ARCH_M68K, CS_MODE_BIG_ENDIAN | CS_MODE_M68K_040, M68K_CODE, "M68K (68040)", None),
(CS_ARCH_TMS320C64X, 0, TMS320C64X_CODE, "TMS320C64x", None),
(CS_ARCH_M680X, CS_MODE_M680X_6809, M680X_CODE, "M680X_M6809", None),
)
# ## Test cs_disasm_quick()
def test_cs_disasm_quick():
for arch, mode, code, comment, syntax in all_tests:
print('*' * 40)
print("Platform: %s" % comment)
print("Disasm:"),
print(to_hex(code))
for insn in cs_disasm_quick(arch, mode, code, 0x1000):
print("0x%x:\t%s\t%s" % (insn.address, insn.mnemonic, insn.op_str))
print()
# ## Test class Cs
def test_class():
for arch, mode, code, comment, syntax in all_tests:
print('*' * 16)
print("Platform: %s" % comment)
print("Code: %s" % to_hex(code))
print("Disasm:")
try:
md = Cs(arch, mode)
if syntax is not None:
md.syntax = syntax
for insn in md.disasm(code, 0x1000):
# bytes = binascii.hexlify(insn.bytes)
# print("0x%x:\t%s\t%s\t// hex-code: %s" %(insn.address, insn.mnemonic, insn.op_str, bytes))
print("0x%x:\t%s\t%s" % (insn.address, insn.mnemonic, insn.op_str))
print("0x%x:" % (insn.address + insn.size))
print()
except CsError as e:
print("ERROR: %s" % e)
# test_cs_disasm_quick()
# print ("*" * 40)
if __name__ == '__main__':
test_class()

40
white_patch_detect/capstone-master/bindings/python/test_customized_mnem.py Normal file
View File

@@ -0,0 +1,40 @@
#!/usr/bin/env python
# Capstone Python bindings, by Nguyen Anh Quynnh <aquynh@gmail.com>
from __future__ import print_function
from capstone import *
from capstone.x86 import *
from xprint import to_hex
X86_CODE32 = b"\x75\x01"
def print_insn(md, code):
print("%s\t" % to_hex(code, False), end="")
for insn in md.disasm(code, 0x1000):
print("\t%s\t%s\n" % (insn.mnemonic, insn.op_str))
def test():
try:
md = Cs(CS_ARCH_X86, CS_MODE_32)
print("Disassemble X86 code with default instruction mnemonic")
print_insn(md, X86_CODE32)
print("Now customize engine to change mnemonic from 'JNE' to 'JNZ'")
md.mnemonic_setup(X86_INS_JNE, "jnz")
print_insn(md, X86_CODE32)
print("Reset engine to use the default mnemonic")
md.mnemonic_setup(X86_INS_JNE, None)
print_insn(md, X86_CODE32)
except CsError as e:
print("ERROR: %s" % e)
if __name__ == '__main__':
test()

108
white_patch_detect/capstone-master/bindings/python/test_detail.py Normal file
View File

@@ -0,0 +1,108 @@
#!/usr/bin/env python
# Capstone Python bindings, by Nguyen Anh Quynnh <aquynh@gmail.com>
from __future__ import print_function
from capstone import *
X86_CODE16 = b"\x8d\x4c\x32\x08\x01\xd8\x81\xc6\x34\x12\x00\x00"
X86_CODE32 = b"\x8d\x4c\x32\x08\x01\xd8\x81\xc6\x34\x12\x00\x00"
X86_CODE64 = b"\x55\x48\x8b\x05\xb8\x13\x00\x00"
ARM_CODE = b"\xED\xFF\xFF\xEB\x04\xe0\x2d\xe5\x00\x00\x00\x00\xe0\x83\x22\xe5\xf1\x02\x03\x0e\x00\x00\xa0\xe3\x02\x30\xc1\xe7\x00\x00\x53\xe3"
ARM_CODE2 = b"\x10\xf1\x10\xe7\x11\xf2\x31\xe7\xdc\xa1\x2e\xf3\xe8\x4e\x62\xf3"
THUMB_CODE = b"\x70\x47\xeb\x46\x83\xb0\xc9\x68"
THUMB_CODE2 = b"\x4f\xf0\x00\x01\xbd\xe8\x00\x88"
THUMB_MCLASS = b"\xef\xf3\x02\x80"
ARMV8 = b"\xe0\x3b\xb2\xee\x42\x00\x01\xe1\x51\xf0\x7f\xf5"
MIPS_CODE = b"\x0C\x10\x00\x97\x00\x00\x00\x00\x24\x02\x00\x0c\x8f\xa2\x00\x00\x34\x21\x34\x56"
MIPS_CODE2 = b"\x56\x34\x21\x34\xc2\x17\x01\x00"
MIPS_32R6M = b"\x00\x07\x00\x07\x00\x11\x93\x7c\x01\x8c\x8b\x7c\x00\xc7\x48\xd0"
MIPS_32R6 = b"\xec\x80\x00\x19\x7c\x43\x22\xa0"
ARM64_CODE = b"\x09\x00\x38\xd5\xbf\x40\x00\xd5\x0c\x05\x13\xd5\x20\x50\x02\x0e\x20\xe4\x3d\x0f\x00\x18\xa0\x5f\xa2\x00\xae\x9e\x9f\x37\x03\xd5\xbf\x33\x03\xd5\xdf\x3f\x03\xd5\x21\x7c\x02\x9b\x21\x7c\x00\x53\x00\x40\x21\x4b\xe1\x0b\x40\xb9\x20\x04\x81\xda\x20\x08\x02\x8b\x10\x5b\xe8\x3c"
PPC_CODE = b"\x80\x20\x00\x00\x80\x3f\x00\x00\x10\x43\x23\x0e\xd0\x44\x00\x80\x4c\x43\x22\x02\x2d\x03\x00\x80\x7c\x43\x20\x14\x7c\x43\x20\x93\x4f\x20\x00\x21\x4c\xc8\x00\x21"
PPC_CODE2 = b"\x10\x60\x2a\x10\x10\x64\x28\x88\x7c\x4a\x5d\x0f"
SPARC_CODE = b"\x80\xa0\x40\x02\x85\xc2\x60\x08\x85\xe8\x20\x01\x81\xe8\x00\x00\x90\x10\x20\x01\xd5\xf6\x10\x16\x21\x00\x00\x0a\x86\x00\x40\x02\x01\x00\x00\x00\x12\xbf\xff\xff\x10\xbf\xff\xff\xa0\x02\x00\x09\x0d\xbf\xff\xff\xd4\x20\x60\x00\xd4\x4e\x00\x16\x2a\xc2\x80\x03"
SPARCV9_CODE = b"\x81\xa8\x0a\x24\x89\xa0\x10\x20\x89\xa0\x1a\x60\x89\xa0\x00\xe0"
SYSZ_CODE = b"\xed\x00\x00\x00\x00\x1a\x5a\x0f\x1f\xff\xc2\x09\x80\x00\x00\x00\x07\xf7\xeb\x2a\xff\xff\x7f\x57\xe3\x01\xff\xff\x7f\x57\xeb\x00\xf0\x00\x00\x24\xb2\x4f\x00\x78"
XCORE_CODE = b"\xfe\x0f\xfe\x17\x13\x17\xc6\xfe\xec\x17\x97\xf8\xec\x4f\x1f\xfd\xec\x37\x07\xf2\x45\x5b\xf9\xfa\x02\x06\x1b\x10"
M68K_CODE = b"\xd4\x40\x87\x5a\x4e\x71\x02\xb4\xc0\xde\xc0\xde\x5c\x00\x1d\x80\x71\x12\x01\x23\xf2\x3c\x44\x22\x40\x49\x0e\x56\x54\xc5\xf2\x3c\x44\x00\x44\x7a\x00\x00\xf2\x00\x0a\x28\x4E\xB9\x00\x00\x00\x12\x4E\x75"
M680X_CODE = b"\x06\x10\x19\x1a\x55\x1e\x01\x23\xe9\x31\x06\x34\x55\xa6\x81\xa7\x89\x7f\xff\xa6\x9d\x10\x00\xa7\x91\xa6\x9f\x10\x00\x11\xac\x99\x10\x00\x39"
all_tests = (
(CS_ARCH_X86, CS_MODE_16, X86_CODE16, "X86 16bit (Intel syntax)", None),
(CS_ARCH_X86, CS_MODE_32, X86_CODE32, "X86 32bit (ATT syntax)", CS_OPT_SYNTAX_ATT),
(CS_ARCH_X86, CS_MODE_32, X86_CODE32, "X86 32 (Intel syntax)", None),
(CS_ARCH_X86, CS_MODE_64, X86_CODE64, "X86 64 (Intel syntax)", None),
(CS_ARCH_ARM, CS_MODE_ARM, ARM_CODE, "ARM", None),
(CS_ARCH_ARM, CS_MODE_ARM, ARM_CODE2, "ARM: Cortex-A15 + NEON", None),
(CS_ARCH_ARM, CS_MODE_THUMB, THUMB_CODE, "THUMB", None),
(CS_ARCH_ARM, CS_MODE_THUMB, THUMB_CODE2, "THUMB-2", None),
(CS_ARCH_ARM, CS_MODE_THUMB + CS_MODE_MCLASS, THUMB_MCLASS, "Thumb-MClass", None),
(CS_ARCH_ARM, CS_MODE_ARM + CS_MODE_V8, ARMV8, "Arm-V8", None),
(CS_ARCH_ARM64, CS_MODE_ARM, ARM64_CODE, "ARM-64", None),
(CS_ARCH_MIPS, CS_MODE_MIPS32 + CS_MODE_BIG_ENDIAN, MIPS_CODE, "MIPS-32 (Big-endian)", None),
(CS_ARCH_MIPS, CS_MODE_MIPS64 + CS_MODE_LITTLE_ENDIAN, MIPS_CODE2, "MIPS-64-EL (Little-endian)", None),
(CS_ARCH_MIPS, CS_MODE_MIPS32R6 + CS_MODE_MICRO + CS_MODE_BIG_ENDIAN, MIPS_32R6M, "MIPS-32R6 | Micro (Big-endian)", None),
(CS_ARCH_MIPS, CS_MODE_MIPS32R6 + CS_MODE_BIG_ENDIAN, MIPS_32R6, "MIPS-32R6 (Big-endian)", None),
(CS_ARCH_PPC, CS_MODE_BIG_ENDIAN, PPC_CODE, "PPC-64", None),
(CS_ARCH_PPC, CS_MODE_BIG_ENDIAN + CS_MODE_QPX, PPC_CODE2, "PPC-64 + QPX", None),
(CS_ARCH_SPARC, CS_MODE_BIG_ENDIAN, SPARC_CODE, "Sparc", None),
(CS_ARCH_SPARC, CS_MODE_BIG_ENDIAN + CS_MODE_V9, SPARCV9_CODE, "SparcV9", None),
(CS_ARCH_SYSZ, 0, SYSZ_CODE, "SystemZ", None),
(CS_ARCH_XCORE, 0, XCORE_CODE, "XCore", None),
(CS_ARCH_M68K, CS_MODE_BIG_ENDIAN | CS_MODE_M68K_040, M68K_CODE, "M68K (68040)", None),
(CS_ARCH_M680X, CS_MODE_M680X_6809, M680X_CODE, "M680X_M6809", None),
)
def print_detail(insn):
print("0x%x:\t%s\t%s // insn-ID: %u, insn-mnem: %s" \
% (insn.address, insn.mnemonic, insn.op_str, insn.id, \
insn.insn_name()))
# "data" instruction generated by SKIPDATA option has no detail
if insn.id == 0:
return
if len(insn.regs_read) > 0:
print("\tImplicit registers read: ", end=''),
for m in insn.regs_read:
print("%s " % insn.reg_name(m), end=''),
print()
if len(insn.regs_write) > 0:
print("\tImplicit registers modified: ", end=''),
for m in insn.regs_write:
print("%s " % insn.reg_name(m), end=''),
print()
if len(insn.groups) > 0:
print("\tThis instruction belongs to groups: ", end=''),
for m in insn.groups:
print("%s " % insn.group_name(m), end=''),
print()
# ## Test class Cs
def test_class():
for (arch, mode, code, comment, syntax) in all_tests:
print('*' * 40)
print("Platform: %s" % comment)
print("Disasm:")
try:
md = Cs(arch, mode)
md.detail = True
if syntax is not None:
md.syntax = syntax
for insn in md.disasm(code, 0x1000):
print_detail(insn)
print()
except CsError as e:
print("ERROR: %s" % e)
if __name__ == '__main__':
test_class()

23
white_patch_detect/capstone-master/bindings/python/test_evm.py Normal file
View File

@@ -0,0 +1,23 @@
#!/usr/bin/env python
# Capstone Python bindings, by Nguyen Anh Quynnh <aquynh@gmail.com>
from __future__ import print_function
from capstone import *
cs = Cs(CS_ARCH_EVM, 0)
cs.detail = True
for i in cs.disasm("\x60\x61\x55", 0x100):
print("0x%x:\t%s\t%s" %(i.address, i.mnemonic, i.op_str))
if i.pop > 0:
print("\tPop: %u" %i.pop)
if i.push > 0:
print("\tPush: %u" %i.push)
if i.fee > 0:
print("\tGas fee: %u" %i.fee)
if len(i.groups) > 0:
print("\tThis instruction belongs to groups: ", end=''),
for m in i.groups:
print("%s " % i.group_name(m), end=''),
print()

99
white_patch_detect/capstone-master/bindings/python/test_lite.py Normal file
View File

@@ -0,0 +1,99 @@
#!/usr/bin/env python
# Capstone Python bindings, by Nguyen Anh Quynnh <aquynh@gmail.com>
from __future__ import print_function
from capstone import *
from xprint import to_hex
X86_CODE16 = b"\x8d\x4c\x32\x08\x01\xd8\x81\xc6\x34\x12\x00\x00"
X86_CODE32 = b"\xba\xcd\xab\x00\x00\x8d\x4c\x32\x08\x01\xd8\x81\xc6\x34\x12\x00\x00"
X86_CODE64 = b"\x55\x48\x8b\x05\xb8\x13\x00\x00"
ARM_CODE = b"\xED\xFF\xFF\xEB\x04\xe0\x2d\xe5\x00\x00\x00\x00\xe0\x83\x22\xe5\xf1\x02\x03\x0e\x00\x00\xa0\xe3\x02\x30\xc1\xe7\x00\x00\x53\xe3"
ARM_CODE2 = b"\x10\xf1\x10\xe7\x11\xf2\x31\xe7\xdc\xa1\x2e\xf3\xe8\x4e\x62\xf3"
THUMB_CODE = b"\x70\x47\xeb\x46\x83\xb0\xc9\x68"
THUMB_CODE2 = b"\x4f\xf0\x00\x01\xbd\xe8\x00\x88\xd1\xe8\x00\xf0"
THUMB_MCLASS = b"\xef\xf3\x02\x80"
ARMV8 = b"\xe0\x3b\xb2\xee\x42\x00\x01\xe1\x51\xf0\x7f\xf5"
MIPS_CODE = b"\x0C\x10\x00\x97\x00\x00\x00\x00\x24\x02\x00\x0c\x8f\xa2\x00\x00\x34\x21\x34\x56"
MIPS_CODE2 = b"\x56\x34\x21\x34\xc2\x17\x01\x00"
MIPS_32R6M = b"\x00\x07\x00\x07\x00\x11\x93\x7c\x01\x8c\x8b\x7c\x00\xc7\x48\xd0"
MIPS_32R6 = b"\xec\x80\x00\x19\x7c\x43\x22\xa0"
ARM64_CODE = b"\x21\x7c\x02\x9b\x21\x7c\x00\x53\x00\x40\x21\x4b\xe1\x0b\x40\xb9"
PPC_CODE = b"\x80\x20\x00\x00\x80\x3f\x00\x00\x10\x43\x23\x0e\xd0\x44\x00\x80\x4c\x43\x22\x02\x2d\x03\x00\x80\x7c\x43\x20\x14\x7c\x43\x20\x93\x4f\x20\x00\x21\x4c\xc8\x00\x21"
PPC_CODE2 = b"\x10\x60\x2a\x10\x10\x64\x28\x88\x7c\x4a\x5d\x0f"
SPARC_CODE = b"\x80\xa0\x40\x02\x85\xc2\x60\x08\x85\xe8\x20\x01\x81\xe8\x00\x00\x90\x10\x20\x01\xd5\xf6\x10\x16\x21\x00\x00\x0a\x86\x00\x40\x02\x01\x00\x00\x00\x12\xbf\xff\xff\x10\xbf\xff\xff\xa0\x02\x00\x09\x0d\xbf\xff\xff\xd4\x20\x60\x00\xd4\x4e\x00\x16\x2a\xc2\x80\x03"
SPARCV9_CODE = b"\x81\xa8\x0a\x24\x89\xa0\x10\x20\x89\xa0\x1a\x60\x89\xa0\x00\xe0"
SYSZ_CODE = b"\xed\x00\x00\x00\x00\x1a\x5a\x0f\x1f\xff\xc2\x09\x80\x00\x00\x00\x07\xf7\xeb\x2a\xff\xff\x7f\x57\xe3\x01\xff\xff\x7f\x57\xeb\x00\xf0\x00\x00\x24\xb2\x4f\x00\x78"
XCORE_CODE = b"\xfe\x0f\xfe\x17\x13\x17\xc6\xfe\xec\x17\x97\xf8\xec\x4f\x1f\xfd\xec\x37\x07\xf2\x45\x5b\xf9\xfa\x02\x06\x1b\x10"
M68K_CODE = b"\xd4\x40\x87\x5a\x4e\x71\x02\xb4\xc0\xde\xc0\xde\x5c\x00\x1d\x80\x71\x12\x01\x23\xf2\x3c\x44\x22\x40\x49\x0e\x56\x54\xc5\xf2\x3c\x44\x00\x44\x7a\x00\x00\xf2\x00\x0a\x28\x4E\xB9\x00\x00\x00\x12\x4E\x75"
M680X_CODE = b"\x06\x10\x19\x1a\x55\x1e\x01\x23\xe9\x31\x06\x34\x55\xa6\x81\xa7\x89\x7f\xff\xa6\x9d\x10\x00\xa7\x91\xa6\x9f\x10\x00\x11\xac\x99\x10\x00\x39"
all_tests = (
(CS_ARCH_X86, CS_MODE_16, X86_CODE16, "X86 16bit (Intel syntax)", None),
(CS_ARCH_X86, CS_MODE_32, X86_CODE32, "X86 32bit (ATT syntax)", CS_OPT_SYNTAX_ATT),
(CS_ARCH_X86, CS_MODE_32, X86_CODE32, "X86 32 (Intel syntax)", None),
(CS_ARCH_X86, CS_MODE_32, X86_CODE32, "X86 32 (MASM syntax)", CS_OPT_SYNTAX_MASM),
(CS_ARCH_X86, CS_MODE_64, X86_CODE64, "X86 64 (Intel syntax)", None),
(CS_ARCH_ARM, CS_MODE_ARM, ARM_CODE, "ARM", None),
(CS_ARCH_ARM, CS_MODE_THUMB, THUMB_CODE2, "THUMB-2", None),
(CS_ARCH_ARM, CS_MODE_ARM, ARM_CODE2, "ARM: Cortex-A15 + NEON", None),
(CS_ARCH_ARM, CS_MODE_THUMB, THUMB_CODE, "THUMB", None),
(CS_ARCH_ARM, CS_MODE_THUMB + CS_MODE_MCLASS, THUMB_MCLASS, "Thumb-MClass", None),
(CS_ARCH_ARM, CS_MODE_ARM + CS_MODE_V8, ARMV8, "Arm-V8", None),
(CS_ARCH_MIPS, CS_MODE_MIPS32 + CS_MODE_BIG_ENDIAN, MIPS_CODE, "MIPS-32 (Big-endian)", None),
(CS_ARCH_MIPS, CS_MODE_MIPS64 + CS_MODE_LITTLE_ENDIAN, MIPS_CODE2, "MIPS-64-EL (Little-endian)", None),
(CS_ARCH_MIPS, CS_MODE_MIPS32R6 + CS_MODE_MICRO + CS_MODE_BIG_ENDIAN, MIPS_32R6M, "MIPS-32R6 | Micro (Big-endian)", None),
(CS_ARCH_MIPS, CS_MODE_MIPS32R6 + CS_MODE_BIG_ENDIAN, MIPS_32R6, "MIPS-32R6 (Big-endian)", None),
(CS_ARCH_ARM64, CS_MODE_ARM, ARM64_CODE, "ARM-64", None),
(CS_ARCH_PPC, CS_MODE_BIG_ENDIAN, PPC_CODE, "PPC-64", None),
(CS_ARCH_PPC, CS_MODE_BIG_ENDIAN, PPC_CODE, "PPC-64, print register with number only", CS_OPT_SYNTAX_NOREGNAME),
(CS_ARCH_PPC, CS_MODE_BIG_ENDIAN + CS_MODE_QPX, PPC_CODE2, "PPC-64 + QPX", CS_OPT_SYNTAX_NOREGNAME),
(CS_ARCH_SPARC, CS_MODE_BIG_ENDIAN, SPARC_CODE, "Sparc", None),
(CS_ARCH_SPARC, CS_MODE_BIG_ENDIAN + CS_MODE_V9, SPARCV9_CODE, "SparcV9", None),
(CS_ARCH_SYSZ, 0, SYSZ_CODE, "SystemZ", None),
(CS_ARCH_XCORE, 0, XCORE_CODE, "XCore", None),
(CS_ARCH_M68K, CS_MODE_BIG_ENDIAN | CS_MODE_M68K_040, M68K_CODE, "M68K (68040)", None),
(CS_ARCH_M680X, CS_MODE_M680X_6809, M680X_CODE, "M680X_M6809", None),
)
# ## Test cs_disasm_quick()
def test_cs_disasm_quick():
for (arch, mode, code, comment, syntax) in all_tests:
print('*' * 40)
print("Platform: %s" % comment)
print("Disasm:"),
print(to_hex(code))
for (addr, size, mnemonic, op_str) in cs_disasm_lite(arch, mode, code, 0x1000):
print("0x%x:\t%s\t%s" % (addr, mnemonic, op_str))
print()
# ## Test class Cs
def test_class():
for (arch, mode, code, comment, syntax) in all_tests:
print('*' * 16)
print("Platform: %s" % comment)
print("Code: %s" % to_hex(code))
print("Disasm:")
try:
md = Cs(arch, mode)
if syntax is not None:
md.syntax = syntax
for (addr, size, mnemonic, op_str) in md.disasm_lite(code, 0x1000):
print("0x%x:\t%s\t%s" % (addr, mnemonic, op_str))
print("0x%x:" % (addr + size))
print()
except CsError as e:
print("ERROR: %s" % e)
# test_cs_disasm_quick()
# print "*" * 40
if __name__ == '__main__':
test_class()

159
white_patch_detect/capstone-master/bindings/python/test_m680x.py Normal file
View File

@@ -0,0 +1,159 @@
#!/usr/bin/env python
# Capstone Python bindings, by Wolfgang Schwotzer <wolfgang.schwotzer@gmx.net>
from __future__ import print_function
import sys
from capstone import *
from capstone.m680x import *
_python3 = sys.version_info.major == 3
s_access = (
"UNCHANGED", "READ", "WRITE", "READ | WRITE",
)
M6800_CODE = b"\x01\x09\x36\x64\x7f\x74\x10\x00\x90\x10\xA4\x10\xb6\x10\x00\x39"
M6801_CODE = b"\x04\x05\x3c\x3d\x38\x93\x10\xec\x10\xed\x10\x39"
M6805_CODE = b"\x04\x7f\x00\x17\x22\x28\x00\x2e\x00\x40\x42\x5a\x70\x8e\x97\x9c\xa0\x15\xad\x00\xc3\x10\x00\xda\x12\x34\xe5\x7f\xfe"
M6808_CODE = b"\x31\x22\x00\x35\x22\x45\x10\x00\x4b\x00\x51\x10\x52\x5e\x22\x62\x65\x12\x34\x72\x84\x85\x86\x87\x8a\x8b\x8c\x94\x95\xa7\x10\xaf\x10\x9e\x60\x7f\x9e\x6b\x7f\x00\x9e\xd6\x10\x00\x9e\xe6\x7f"
HCS08_CODE = b"\x32\x10\x00\x9e\xae\x9e\xce\x7f\x9e\xbe\x10\x00\x9e\xfe\x7f\x3e\x10\x00\x9e\xf3\x7f\x96\x10\x00\x9e\xff\x7f\x82"
HD6301_CODE = b"\x6b\x10\x00\x71\x10\x00\x72\x10\x10\x39"
M6809_CODE = b"\x06\x10\x19\x1a\x55\x1e\x01\x23\xe9\x31\x06\x34\x55\xa6\x81\xa7\x89\x7f\xff\xa6\x9d\x10\x00\xa7\x91\xa6\x9f\x10\x00\x11\xac\x99\x10\x00\x39\xA6\x07\xA6\x27\xA6\x47\xA6\x67\xA6\x0F\xA6\x10\xA6\x80\xA6\x81\xA6\x82\xA6\x83\xA6\x84\xA6\x85\xA6\x86\xA6\x88\x7F\xA6\x88\x80\xA6\x89\x7F\xFF\xA6\x89\x80\x00\xA6\x8B\xA6\x8C\x10\xA6\x8D\x10\x00\xA6\x91\xA6\x93\xA6\x94\xA6\x95\xA6\x96\xA6\x98\x7F\xA6\x98\x80\xA6\x99\x7F\xFF\xA6\x99\x80\x00\xA6\x9B\xA6\x9C\x10\xA6\x9D\x10\x00\xA6\x9F\x10\x00"
M6811_CODE = b"\x02\x03\x12\x7f\x10\x00\x13\x99\x08\x00\x14\x7f\x02\x15\x7f\x01\x1e\x7f\x20\x00\x8f\xcf\x18\x08\x18\x30\x18\x3c\x18\x67\x18\x8c\x10\x00\x18\x8f\x18\xce\x10\x00\x18\xff\x10\x00\x1a\xa3\x7f\x1a\xac\x1a\xee\x7f\x1a\xef\x7f\xcd\xac\x7f"
CPU12_CODE = b"\x00\x04\x01\x00\x0c\x00\x80\x0e\x00\x80\x00\x11\x1e\x10\x00\x80\x00\x3b\x4a\x10\x00\x04\x4b\x01\x04\x4f\x7f\x80\x00\x8f\x10\x00\xb7\x52\xb7\xb1\xa6\x67\xa6\xfe\xa6\xf7\x18\x02\xe2\x30\x39\xe2\x10\x00\x18\x0c\x30\x39\x10\x00\x18\x11\x18\x12\x10\x00\x18\x19\x00\x18\x1e\x00\x18\x3e\x18\x3f\x00"
HD6309_CODE = b"\x01\x10\x10\x62\x10\x10\x7b\x10\x10\x00\xcd\x49\x96\x02\xd2\x10\x30\x23\x10\x38\x10\x3b\x10\x53\x10\x5d\x11\x30\x43\x10\x11\x37\x25\x10\x11\x38\x12\x11\x39\x23\x11\x3b\x34\x11\x8e\x10\x00\x11\xaf\x10\x11\xab\x10\x11\xf6\x80\x00"
all_tests = (
(CS_ARCH_M680X, CS_MODE_M680X_6301, HD6301_CODE, "M680X_HD6301", None),
(CS_ARCH_M680X, CS_MODE_M680X_6309, HD6309_CODE, "M680X_HD6309", None),
(CS_ARCH_M680X, CS_MODE_M680X_6800, M6800_CODE, "M680X_M6800", None),
(CS_ARCH_M680X, CS_MODE_M680X_6801, M6801_CODE, "M680X_M6801", None),
(CS_ARCH_M680X, CS_MODE_M680X_6805, M6805_CODE, "M680X_M68HC05", None),
(CS_ARCH_M680X, CS_MODE_M680X_6808, M6808_CODE, "M680X_M68HC08", None),
(CS_ARCH_M680X, CS_MODE_M680X_6809, M6809_CODE, "M680X_M6809", None),
(CS_ARCH_M680X, CS_MODE_M680X_6811, M6811_CODE, "M680X_M68HC11", None),
(CS_ARCH_M680X, CS_MODE_M680X_CPU12, CPU12_CODE, "M680X_CPU12", None),
(CS_ARCH_M680X, CS_MODE_M680X_HCS08, HCS08_CODE, "M680X_HCS08", None),
)
# print hex dump from string all upper case
def to_hex_uc(string):
if _python3:
return " ".join("0x%02X" % c for c in string)
else:
return " ".join("0x%02X" % ord(c) for c in string)
# print short hex dump from byte array all upper case
def to_hex_short_uc(byte_array):
return "".join("%02X" % b for b in byte_array)
def print_insn_detail(insn):
# print address, mnemonic and operands
#print("0x%x:\t%s\t%s\t%s" % (insn.address, binascii.hexlify(bytearray(insn.bytes)), \
print("0x%04X: %s\t%s\t%s" % (insn.address, to_hex_short_uc(insn.bytes), \
insn.mnemonic, insn.op_str))
# "data" instruction generated by SKIPDATA option has no detail
if insn.id == 0:
return
if len(insn.operands) > 0:
print("\top_count: %u" % len(insn.operands))
c = 0
for i in insn.operands:
if i.type == M680X_OP_REGISTER:
comment = "";
if (((c == 0) and (insn.flags & M680X_FIRST_OP_IN_MNEM)) or
((c == 1) and (insn.flags & M680X_SECOND_OP_IN_MNEM))):
comment = " (in mnemonic)";
print("\t\toperands[%u].type: REGISTER = %s%s" % (c,
insn.reg_name(i.reg), comment))
if i.type == M680X_OP_CONSTANT:
print("\t\toperands[%u].type: CONSTANT = %u" % (c, i.const_val))
if i.type == M680X_OP_IMMEDIATE:
print("\t\toperands[%u].type: IMMEDIATE = #%d" % (c, i.imm))
if i.type == M680X_OP_DIRECT:
print("\t\toperands[%u].type: DIRECT = 0x%02X" % (c, i.direct_addr))
if i.type == M680X_OP_EXTENDED:
if i.ext.indirect:
indirect = "INDIRECT"
else:
indirect = ""
print("\t\toperands[%u].type: EXTENDED %s = 0x%04X" % (c, indirect, i.ext.address))
if i.type == M680X_OP_RELATIVE:
print("\t\toperands[%u].type: RELATIVE = 0x%04X" % (c, i.rel.address))
if i.type == M680X_OP_INDEXED:
if (i.idx.flags & M680X_IDX_INDIRECT):
indirect = " INDIRECT"
else:
indirect = ""
print("\t\toperands[%u].type: INDEXED%s" % (c, indirect))
if i.idx.base_reg != M680X_REG_INVALID:
print("\t\t\tbase register: %s" % insn.reg_name(i.idx.base_reg))
if i.idx.offset_reg != M680X_REG_INVALID:
print("\t\t\toffset register: %s" % insn.reg_name(i.idx.offset_reg))
if (i.idx.offset_bits != 0) and (i.idx.offset_reg == M680X_REG_INVALID) and (i.idx.inc_dec == 0):
print("\t\t\toffset: %u" % i.idx.offset)
if i.idx.base_reg == M680X_REG_PC:
print("\t\t\toffset address: 0x%04X" % i.idx.offset_addr)
print("\t\t\toffset bits: %u" % i.idx.offset_bits)
if i.idx.inc_dec != 0:
if i.idx.flags & M680X_IDX_POST_INC_DEC:
s_post_pre = "post"
else:
s_post_pre = "pre"
if i.idx.inc_dec > 0:
s_inc_dec = "increment"
else:
s_inc_dec = "decrement"
print("\t\t\t%s %s: %d" %
(s_post_pre, s_inc_dec, abs(i.idx.inc_dec)))
if (i.size != 0):
print("\t\t\tsize: %d" % i.size)
if (i.access != CS_AC_INVALID):
print("\t\t\taccess: %s" % s_access[i.access])
c += 1
(regs_read, regs_write) = insn.regs_access()
if len(regs_read) > 0:
print("\tRegisters read:", end="")
for r in regs_read:
print(" %s" %(insn.reg_name(r)), end="")
print("")
if len(regs_write) > 0:
print("\tRegisters modified:", end="")
for r in regs_write:
print(" %s" %(insn.reg_name(r)), end="")
print("")
if len(insn.groups) > 0:
print("\tgroups_count: %u" % len(insn.groups))
# ## Test class Cs
def test_class():
for (arch, mode, code, comment, syntax) in all_tests:
print("*" * 20)
print("Platform: %s" % comment)
print("Code: %s" % to_hex_uc(code))
print("Disasm:")
try:
md = Cs(arch, mode)
if syntax is not None:
md.syntax = syntax
md.detail = True
for insn in md.disasm(code, 0x1000):
print_insn_detail(insn)
print ()
except CsError as e:
print("ERROR: %s" % e)
if __name__ == '__main__':
test_class()

120
white_patch_detect/capstone-master/bindings/python/test_m68k.py Normal file
View File

@@ -0,0 +1,120 @@
#!/usr/bin/env python
# Capstone Python bindings, by Nicolas PLANEL <nplanel@gmail.com>
from __future__ import print_function
from capstone import *
from capstone.m68k import *
from xprint import to_hex, to_x
M68K_CODE = b"\x4c\x00\x54\x04\x48\xe7\xe0\x30\x4c\xdf\x0c\x07\xd4\x40\x87\x5a\x4e\x71\x02\xb4\xc0\xde\xc0\xde\x5c\x00\x1d\x80\x71\x12\x01\x23\xf2\x3c\x44\x22\x40\x49\x0e\x56\x54\xc5\xf2\x3c\x44\x00\x44\x7a\x00\x00\xf2\x00\x0a\x28\x4e\xb9\x00\x00\x00\x12\x4e\x75"
all_tests = (
(CS_ARCH_M68K, CS_MODE_BIG_ENDIAN | CS_MODE_M68K_040, M68K_CODE, "M68K"),
)
s_addressing_modes = {
0: "<invalid mode>",
1: "Register Direct - Data",
2: "Register Direct - Address",
3: "Register Indirect - Address",
4: "Register Indirect - Address with Postincrement",
5: "Register Indirect - Address with Predecrement",
6: "Register Indirect - Address with Displacement",
7: "Address Register Indirect With Index - 8-bit displacement",
8: "Address Register Indirect With Index - Base displacement",
9: "Memory indirect - Postindex",
10: "Memory indirect - Preindex",
11: "Program Counter Indirect - with Displacement",
12: "Program Counter Indirect with Index - with 8-Bit Displacement",
13: "Program Counter Indirect with Index - with Base Displacement",
14: "Program Counter Memory Indirect - Postindexed",
15: "Program Counter Memory Indirect - Preindexed",
16: "Absolute Data Addressing - Short",
17: "Absolute Data Addressing - Long",
18: "Immediate value",
19: "Branch Displacement",
}
def print_read_write_regs(insn):
for m in insn.regs_read:
print("\treading from reg: %s" % insn.reg_name(m))
for m in insn.regs_write:
print("\twriting to reg: %s" % insn.reg_name(m))
def print_insn_detail(insn):
if len(insn.operands) > 0:
print("\top_count: %u" % (len(insn.operands)))
print("\tgroups_count: %u" % len(insn.groups))
print_read_write_regs(insn)
for i, op in enumerate(insn.operands):
if op.type == M68K_OP_REG:
print("\t\toperands[%u].type: REG = %s" % (i, insn.reg_name(op.reg)))
elif op.type == M68K_OP_IMM:
print("\t\toperands[%u].type: IMM = 0x%x" % (i, op.imm & 0xffffffff))
elif op.type == M68K_OP_MEM:
print("\t\toperands[%u].type: MEM" % (i))
if op.mem.base_reg != M68K_REG_INVALID:
print("\t\t\toperands[%u].mem.base: REG = %s" % (i, insn.reg_name(op.mem.base_reg)))
if op.mem.index_reg != M68K_REG_INVALID:
print("\t\t\toperands[%u].mem.index: REG = %s" % (i, insn.reg_name(op.mem.index_reg)))
mem_index_str = "w"
if op.mem.index_size > 0:
mem_index_str = "l"
print("\t\t\toperands[%u].mem.index: size = %s" % (i, mem_index_str))
if op.mem.disp != 0:
print("\t\t\toperands[%u].mem.disp: 0x%x" % (i, op.mem.disp))
if op.mem.scale != 0:
print("\t\t\toperands[%u].mem.scale: %d" % (i, op.mem.scale))
print("\t\taddress mode: %s" % (s_addressing_modes[op.address_mode]))
elif op.type == M68K_OP_FP_SINGLE:
print("\t\toperands[%u].type: FP_SINGLE" % i)
print("\t\toperands[%u].simm: %f", i, op.simm)
elif op.type == M68K_OP_FP_DOUBLE:
print("\t\toperands[%u].type: FP_DOUBLE" % i)
print("\t\toperands[%u].dimm: %lf", i, op.dimm)
elif op.type == M68K_OP_BR_DISP:
print("\t\toperands[%u].br_disp.disp: 0x%x" % (i, op.br_disp.disp))
print("\t\toperands[%u].br_disp.disp_size: %d" % (i, op.br_disp.disp_size))
print()
# ## Test class Cs
def test_class():
address = 0x01000
for (arch, mode, code, comment) in all_tests:
print("*" * 16)
print("Platform: %s" % comment)
print("Code: %s " % to_hex(code))
print("Disasm:")
try:
md = Cs(arch, mode)
md.detail = True
last_address = 0
for insn in md.disasm(code, address):
last_address = insn.address + insn.size
print("0x%x:\t%s\t%s" % (insn.address, insn.mnemonic, insn.op_str))
print_insn_detail(insn)
print("0x%x:\n" % (last_address))
except CsError as e:
print("ERROR: %s" % e.__str__())
if __name__ == '__main__':
test_class()

71
white_patch_detect/capstone-master/bindings/python/test_mips.py Normal file
View File

@@ -0,0 +1,71 @@
#!/usr/bin/env python
# Capstone Python bindings, by Nguyen Anh Quynnh <aquynh@gmail.com>
from __future__ import print_function
from capstone import *
from capstone.mips import *
from xprint import to_hex, to_x
MIPS_CODE = b"\x0C\x10\x00\x97\x00\x00\x00\x00\x24\x02\x00\x0c\x8f\xa2\x00\x00\x34\x21\x34\x56"
MIPS_CODE2 = b"\x56\x34\x21\x34\xc2\x17\x01\x00"
MIPS_32R6M = b"\x00\x07\x00\x07\x00\x11\x93\x7c\x01\x8c\x8b\x7c\x00\xc7\x48\xd0"
MIPS_32R6 = b"\xec\x80\x00\x19\x7c\x43\x22\xa0"
all_tests = (
(CS_ARCH_MIPS, CS_MODE_MIPS32 + CS_MODE_BIG_ENDIAN, MIPS_CODE, "MIPS-32 (Big-endian)"),
(CS_ARCH_MIPS, CS_MODE_MIPS64 + CS_MODE_LITTLE_ENDIAN, MIPS_CODE2, "MIPS-64-EL (Little-endian)"),
(CS_ARCH_MIPS, CS_MODE_MIPS32R6 + CS_MODE_MICRO + CS_MODE_BIG_ENDIAN, MIPS_32R6M, "MIPS-32R6 | Micro (Big-endian)"),
(CS_ARCH_MIPS, CS_MODE_MIPS32R6 + CS_MODE_BIG_ENDIAN, MIPS_32R6, "MIPS-32R6 (Big-endian)"),
)
def print_insn_detail(insn):
# print address, mnemonic and operands
print("0x%x:\t%s\t%s" % (insn.address, insn.mnemonic, insn.op_str))
# "data" instruction generated by SKIPDATA option has no detail
if insn.id == 0:
return
if len(insn.operands) > 0:
print("\top_count: %u" % len(insn.operands))
c = -1
for i in insn.operands:
c += 1
if i.type == MIPS_OP_REG:
print("\t\toperands[%u].type: REG = %s" % (c, insn.reg_name(i.reg)))
if i.type == MIPS_OP_IMM:
print("\t\toperands[%u].type: IMM = 0x%s" % (c, to_x(i.imm)))
if i.type == MIPS_OP_MEM:
print("\t\toperands[%u].type: MEM" % c)
if i.mem.base != 0:
print("\t\t\toperands[%u].mem.base: REG = %s" \
% (c, insn.reg_name(i.mem.base)))
if i.mem.disp != 0:
print("\t\t\toperands[%u].mem.disp: 0x%s" \
% (c, to_x(i.mem.disp)))
# ## Test class Cs
def test_class():
for (arch, mode, code, comment) in all_tests:
print("*" * 16)
print("Platform: %s" % comment)
print("Code: %s" % to_hex(code))
print("Disasm:")
try:
md = Cs(arch, mode)
md.detail = True
for insn in md.disasm(code, 0x1000):
print_insn_detail(insn)
print()
print("0x%x:\n" % (insn.address + insn.size))
except CsError as e:
print("ERROR: %s" % e)
if __name__ == '__main__':
test_class()

71
white_patch_detect/capstone-master/bindings/python/test_mos65xx.py Normal file
View File

@@ -0,0 +1,71 @@
#!/usr/bin/env python
# Capstone Python bindings, by Sebastian Macke <Sebastian Macke>
from __future__ import print_function
from capstone import *
from capstone.mos65xx import *
from xprint import to_hex, to_x
MOS65XX_CODE = b"\x0d\x34\x12\x00\x81\x65\x6c\x01\x00\x85\xFF\x10\x00\x19\x42\x42\x00\x49\x42"
address_modes=[
'No address mode',
'implied addressing (no addressing mode)',
'accumulator addressing',
'absolute addressing',
'zeropage addressing',
'8 Bit immediate value',
'indexed absolute addressing by the X index register',
'indexed absolute addressing by the Y index register',
'indexed indirect addressing by the X index register',
'indirect indexed addressing by the Y index register',
'indexed zeropage addressing by the X index register',
'indexed zeropage addressing by the Y index register',
'relative addressing used by branches',
'absolute indirect addressing'
];
def print_insn_detail(insn):
# print address, mnemonic and operands
print("0x%x:\t%s\t%s" % (insn.address, insn.mnemonic, insn.op_str))
# "data" instruction generated by SKIPDATA option has no detail
if insn.id == 0:
return
print("\taddress mode: %s" % (address_modes[insn.am]))
print("\tmodifies flags: %s" % ('true' if insn.modifies_flags != 0 else 'false'))
if len(insn.operands) > 0:
print("\top_count: %u" % len(insn.operands))
c = -1
for i in insn.operands:
c += 1
if i.type == MOS65XX_OP_REG:
print("\t\toperands[%u].type: REG = %s" % (c, insn.reg_name(i.reg)))
if i.type == MOS65XX_OP_IMM:
print("\t\toperands[%u].type: IMM = 0x%s" % (c, to_x(i.imm)))
if i.type == MOS65XX_OP_MEM:
print("\t\toperands[%u].type: MEM = 0x%s" % (c, to_x(i.mem)))
# ## Test class Cs
def test_class():
print("*" * 16)
print("Platform: %s" % "MOS65XX")
print("Code: %s" % to_hex(MOS65XX_CODE))
print("Disasm:")
try:
md = Cs(CS_ARCH_MOS65XX, 0)
md.detail = True
for insn in md.disasm(MOS65XX_CODE, 0x1000):
print_insn_detail(insn)
print()
print("0x%x:\n" % (insn.address + insn.size))
except CsError as e:
print("ERROR: %s" % e)
if __name__ == '__main__':
test_class()

83
white_patch_detect/capstone-master/bindings/python/test_ppc.py Normal file
View File

@@ -0,0 +1,83 @@
#!/usr/bin/env python
# Capstone Python bindings, by Nguyen Anh Quynnh <aquynh@gmail.com>
from __future__ import print_function
from capstone import *
from capstone.ppc import *
from xprint import to_hex, to_x_32
PPC_CODE = b"\x43\x20\x0c\x07\x41\x56\xff\x17\x80\x20\x00\x00\x80\x3f\x00\x00\x10\x43\x23\x0e\xd0\x44\x00\x80\x4c\x43\x22\x02\x2d\x03\x00\x80\x7c\x43\x20\x14\x7c\x43\x20\x93\x4f\x20\x00\x21\x4c\xc8\x00\x21\x40\x82\x00\x14"
PPC_CODE2 = b"\x10\x60\x2a\x10\x10\x64\x28\x88\x7c\x4a\x5d\x0f"
all_tests = (
(CS_ARCH_PPC, CS_MODE_BIG_ENDIAN, PPC_CODE, "PPC-64"),
(CS_ARCH_PPC, CS_MODE_BIG_ENDIAN + CS_MODE_QPX, PPC_CODE2, "PPC-64 + QPX"),
)
def print_insn_detail(insn):
# print address, mnemonic and operands
print("0x%x:\t%s\t%s" % (insn.address, insn.mnemonic, insn.op_str))
# "data" instruction generated by SKIPDATA option has no detail
if insn.id == 0:
return
if len(insn.operands) > 0:
print("\top_count: %u" % len(insn.operands))
c = 0
for i in insn.operands:
if i.type == PPC_OP_REG:
print("\t\toperands[%u].type: REG = %s" % (c, insn.reg_name(i.reg)))
if i.type == PPC_OP_IMM:
print("\t\toperands[%u].type: IMM = 0x%s" % (c, to_x_32(i.imm)))
if i.type == PPC_OP_MEM:
print("\t\toperands[%u].type: MEM" % c)
if i.mem.base != 0:
print("\t\t\toperands[%u].mem.base: REG = %s" \
% (c, insn.reg_name(i.mem.base)))
if i.mem.disp != 0:
print("\t\t\toperands[%u].mem.disp: 0x%s" \
% (c, to_x_32(i.mem.disp)))
if i.type == PPC_OP_CRX:
print("\t\toperands[%u].type: CRX" % c)
print("\t\t\toperands[%u].crx.scale: = %u" \
% (c, i.crx.scale))
if i.crx.reg != 0:
print("\t\t\toperands[%u].crx.reg: REG = %s" \
% (c, insn.reg_name(i.crx.reg)))
if i.crx.cond != 0:
print("\t\t\toperands[%u].crx.cond: 0x%x" \
% (c, i.crx.cond))
c += 1
if insn.bc:
print("\tBranch code: %u" % insn.bc)
if insn.bh:
print("\tBranch hint: %u" % insn.bh)
if insn.update_cr0:
print("\tUpdate-CR0: True")
# ## Test class Cs
def test_class():
for (arch, mode, code, comment) in all_tests:
print("*" * 16)
print("Platform: %s" % comment)
print("Code: %s" % to_hex(code))
print("Disasm:")
try:
md = Cs(arch, mode)
md.detail = True
for insn in md.disasm(code, 0x1000):
print_insn_detail(insn)
print ()
print("0x%x:\n" % (insn.address + insn.size))
except CsError as e:
print("ERROR: %s" % e)
if __name__ == '__main__':
test_class()

73
white_patch_detect/capstone-master/bindings/python/test_skipdata.py Normal file
View File

@@ -0,0 +1,73 @@
#!/usr/bin/env python
# Capstone Python bindings, by Nguyen Anh Quynnh <aquynh@gmail.com>
from __future__ import print_function
from capstone import *
import binascii
from xprint import to_hex
X86_CODE32 = b"\x8d\x4c\x32\x08\x01\xd8\x81\xc6\x34\x12\x00\x00\x00\x91\x92"
RANDOM_CODE = b"\xed\x00\x00\x00\x00\x1a\x5a\x0f\x1f\xff\xc2\x09\x80\x00\x00\x00\x07\xf7\xeb\x2a\xff\xff\x7f\x57\xe3\x01\xff\xff\x7f\x57\xeb\x00\xf0\x00\x00\x24\xb2\x4f\x00\x78"
all_tests = (
(CS_ARCH_X86, CS_MODE_32, X86_CODE32, "X86 32 (Intel syntax)", None),
(CS_ARCH_ARM, CS_MODE_ARM, RANDOM_CODE, "Arm", None),
)
# Sample callback for SKIPDATA option
def testcb(buffer, size, offset, userdata):
# always skip 2 bytes of data
return 2
# ## Test class Cs
def test_class():
for (arch, mode, code, comment, syntax) in all_tests:
print('*' * 16)
print("Platform: %s" %comment)
print("Code: %s" % to_hex(code))
print("Disasm:")
try:
md = Cs(arch, mode)
if syntax is not None:
md.syntax = syntax
md.skipdata = True
# Default "data" instruction's name is ".byte". To rename it to "db", just use
# the code below.
md.skipdata_setup = ("db", None, None)
# NOTE: This example ignores SKIPDATA's callback (first None) & user_data (second None)
# Can also use dedicated setter
#md.skipdata_mnem = 'db'
# To customize the SKIPDATA callback, use the line below.
#md.skipdata_setup = (".db", testcb, None)
# Or use dedicated setter with custom parameter
#md.skipdata_callback = (testcb, 42)
# Or provide just a function
#md.skipdata_callback = testcb
# Note that reading this property will always return a tuple
#assert md.skipdata_callback == (testcb, None)
for insn in md.disasm(code, 0x1000):
#bytes = binascii.hexlify(insn.bytes)
#print("0x%x:\t%s\t%s\t// hex-code: %s" %(insn.address, insn.mnemonic, insn.op_str, bytes))
print("0x%x:\t%s\t%s" % (insn.address, insn.mnemonic, insn.op_str))
print("0x%x:" % (insn.address + insn.size))
print
except CsError as e:
print("ERROR: %s" % e)
if __name__ == '__main__':
test_class()

75
white_patch_detect/capstone-master/bindings/python/test_sparc.py Normal file
View File

@@ -0,0 +1,75 @@
#!/usr/bin/env python
# Capstone Python bindings, by Nguyen Anh Quynnh <aquynh@gmail.com>
from __future__ import print_function
from capstone import *
from capstone.sparc import *
from xprint import to_hex, to_x_32
SPARC_CODE = b"\x80\xa0\x40\x02\x85\xc2\x60\x08\x85\xe8\x20\x01\x81\xe8\x00\x00\x90\x10\x20\x01\xd5\xf6\x10\x16\x21\x00\x00\x0a\x86\x00\x40\x02\x01\x00\x00\x00\x12\xbf\xff\xff\x10\xbf\xff\xff\xa0\x02\x00\x09\x0d\xbf\xff\xff\xd4\x20\x60\x00\xd4\x4e\x00\x16\x2a\xc2\x80\x03"
SPARCV9_CODE = b"\x81\xa8\x0a\x24\x89\xa0\x10\x20\x89\xa0\x1a\x60\x89\xa0\x00\xe0"
all_tests = (
(CS_ARCH_SPARC, CS_MODE_BIG_ENDIAN, SPARC_CODE, "Sparc"),
(CS_ARCH_SPARC, CS_MODE_BIG_ENDIAN+CS_MODE_V9, SPARCV9_CODE, "SparcV9"),
)
def print_insn_detail(insn):
# print address, mnemonic and operands
print("0x%x:\t%s\t%s" % (insn.address, insn.mnemonic, insn.op_str))
# "data" instruction generated by SKIPDATA option has no detail
if insn.id == 0:
return
if len(insn.operands) > 0:
print("\top_count: %u" % len(insn.operands))
c = 0
for i in insn.operands:
if i.type == SPARC_OP_REG:
print("\t\toperands[%u].type: REG = %s" % (c, insn.reg_name(i.reg)))
if i.type == SPARC_OP_IMM:
print("\t\toperands[%u].type: IMM = 0x%s" % (c, to_x_32(i.imm)))
if i.type == SPARC_OP_MEM:
print("\t\toperands[%u].type: MEM" % c)
if i.mem.base != 0:
print("\t\t\toperands[%u].mem.base: REG = %s" \
% (c, insn.reg_name(i.mem.base)))
if i.mem.index != 0:
print("\t\t\toperands[%u].mem.index: REG = %s" \
% (c, insn.reg_name(i.mem.index)))
if i.mem.disp != 0:
print("\t\t\toperands[%u].mem.disp: 0x%s" \
% (c, to_x_32(i.mem.disp)))
c += 1
if insn.cc:
print("\tCode condition: %u" % insn.cc)
if insn.hint:
print("\tHint code: %u" % insn.hint)
# ## Test class Cs
def test_class():
for (arch, mode, code, comment) in all_tests:
print("*" * 16)
print("Platform: %s" % comment)
print("Code: %s" % to_hex(code))
print("Disasm:")
try:
md = Cs(arch, mode)
md.detail = True
for insn in md.disasm(code, 0x1000):
print_insn_detail(insn)
print ()
print("0x%x:\n" % (insn.address + insn.size))
except CsError as e:
print("ERROR: %s" %e)
if __name__ == '__main__':
test_class()

77
white_patch_detect/capstone-master/bindings/python/test_systemz.py Normal file
View File

@@ -0,0 +1,77 @@
#!/usr/bin/env python
# Capstone Python bindings, by Nguyen Anh Quynnh <aquynh@gmail.com>
from __future__ import print_function
from capstone import *
from capstone.systemz import *
from xprint import to_x, to_hex
SYSZ_CODE = b"\xed\x00\x00\x00\x00\x1a\x5a\x0f\x1f\xff\xc2\x09\x80\x00\x00\x00\x07\xf7\xeb\x2a\xff\xff\x7f\x57\xe3\x01\xff\xff\x7f\x57\xeb\x00\xf0\x00\x00\x24\xb2\x4f\x00\x78\xec\x18\x00\x00\xc1\x7f"
all_tests = (
(CS_ARCH_SYSZ, 0, SYSZ_CODE, "SystemZ"),
)
def print_insn_detail(insn):
# print address, mnemonic and operands
print("0x%x:\t%s\t%s" % (insn.address, insn.mnemonic, insn.op_str))
# "data" instruction generated by SKIPDATA option has no detail
if insn.id == 0:
return
if len(insn.operands) > 0:
print("\top_count: %u" % len(insn.operands))
c = 0
for i in insn.operands:
if i.type == SYSZ_OP_REG:
print("\t\toperands[%u].type: REG = %s" % (c, insn.reg_name(i.reg)))
if i.type == SYSZ_OP_ACREG:
print("\t\toperands[%u].type: ACREG = %u" % (c, i.reg))
if i.type == SYSZ_OP_IMM:
print("\t\toperands[%u].type: IMM = 0x%s" % (c, to_x(i.imm)))
if i.type == SYSZ_OP_MEM:
print("\t\toperands[%u].type: MEM" % c)
if i.mem.base != 0:
print("\t\t\toperands[%u].mem.base: REG = %s" \
% (c, insn.reg_name(i.mem.base)))
if i.mem.index != 0:
print("\t\t\toperands[%u].mem.index: REG = %s" \
% (c, insn.reg_name(i.mem.index)))
if i.mem.length != 0:
print("\t\t\toperands[%u].mem.length: 0x%s" \
% (c, to_x(i.mem.length)))
if i.mem.disp != 0:
print("\t\t\toperands[%u].mem.disp: 0x%s" \
% (c, to_x(i.mem.disp)))
c += 1
if insn.cc:
print("\tConditional code: %u" % insn.cc)
# ## Test class Cs
def test_class():
for (arch, mode, code, comment) in all_tests:
print("*" * 16)
print("Platform: %s" %comment)
print("Code: %s" % to_hex(code))
print("Disasm:")
try:
md = Cs(arch, mode)
md.detail = True
for insn in md.disasm(code, 0x1000):
print_insn_detail(insn)
print ()
print("0x%x:\n" % (insn.address + insn.size))
except CsError as e:
print("ERROR: %s" %e)
if __name__ == '__main__':
test_class()

93
white_patch_detect/capstone-master/bindings/python/test_tms320c64x.py Normal file
View File

@@ -0,0 +1,93 @@
#!/usr/bin/env python
# Capstone Python bindings, by Fotis Loukos <me@fotisl.com>
from __future__ import print_function
from capstone import *
from capstone.tms320c64x import *
from xprint import to_x, to_hex, to_x_32
TMS320C64X_CODE = b"\x01\xac\x88\x40\x81\xac\x88\x43\x00\x00\x00\x00\x02\x90\x32\x96\x02\x80\x46\x9e\x05\x3c\x83\xe6\x0b\x0c\x8b\x24"
all_tests = (
(CS_ARCH_TMS320C64X, 0, TMS320C64X_CODE, "TMS320C64x"),
)
def print_insn_detail(insn):
# print address, mnemonic and operands
print("0x%x:\t%s\t%s" % (insn.address, insn.mnemonic, insn.op_str))
# "data" instruction generated by SKIPDATA option has no detail
if insn.id == 0:
return
if len(insn.operands) > 0:
print("\top_count: %u" % len(insn.operands))
c = 0
for i in insn.operands:
if i.type == TMS320C64X_OP_REG:
print("\t\toperands[%u].type: REG = %s" % (c, insn.reg_name(i.reg)))
if i.type == TMS320C64X_OP_IMM:
print("\t\toperands[%u].type: IMM = 0x%s" % (c, to_x(i.imm)))
if i.type == TMS320C64X_OP_MEM:
print("\t\toperands[%u].type: MEM" % c)
if i.mem.base != 0:
print("\t\t\toperands[%u].mem.base: REG = %s" \
% (c, insn.reg_name(i.mem.base)))
if i.mem.disptype == TMS320C64X_MEM_DISP_INVALID:
print("\t\t\toperands[%u].mem.disptype: Invalid" % (c))
print("\t\t\toperands[%u].mem.disp: 0x%s" \
% (c, to_x(i.mem.disp)))
if i.mem.disptype == TMS320C64X_MEM_DISP_CONSTANT:
print("\t\t\toperands[%u].mem.disptype: Constant" % (c))
print("\t\t\toperands[%u].mem.disp: 0x%s" \
% (c, to_x(i.mem.disp)))
if i.mem.disptype == TMS320C64X_MEM_DISP_REGISTER:
print("\t\t\toperands[%u].mem.disptype: Register" % (c))
print("\t\t\toperands[%u].mem.disp: %s" \
% (c, insn.reg_name(i.mem.disp)))
print("\t\t\toperands[%u].mem.unit: %u" % (c, i.mem.unit))
if i.mem.direction == TMS320C64X_MEM_DIR_INVALID:
print("\t\t\toperands[%u].mem.direction: Invalid" % (c))
if i.mem.direction == TMS320C64X_MEM_DIR_FW:
print("\t\t\toperands[%u].mem.direction: Forward" % (c))
if i.mem.direction == TMS320C64X_MEM_DIR_BW:
print("\t\t\toperands[%u].mem.direction: Backward" % (c))
if i.mem.modify == TMS320C64X_MEM_MOD_INVALID:
print("\t\t\toperands[%u].mem.modify: Invalid" % (c))
if i.mem.modify == TMS320C64X_MEM_MOD_NO:
print("\t\t\toperands[%u].mem.modify: No" % (c))
if i.mem.modify == TMS320C64X_MEM_MOD_PRE:
print("\t\t\toperands[%u].mem.modify: Pre" % (c))
if i.mem.modify == TMS320C64X_MEM_MOD_POST:
print("\t\t\toperands[%u].mem.modify: Post" % (c))
print("\t\t\toperands[%u].mem.scaled: %u" % (c, i.mem.scaled))
if i.type == TMS320C64X_OP_REGPAIR:
print("\t\toperands[%u].type: REGPAIR = %s:%s" % (c, insn.reg_name(i.reg + 1), insn.reg_name(i.reg)))
c += 1
# ## Test class Cs
def test_class():
for (arch, mode, code, comment) in all_tests:
print("*" * 16)
print("Platform: %s" %comment)
print("Code: %s" % to_hex(code))
print("Disasm:")
try:
md = Cs(arch, mode)
md.detail = True
for insn in md.disasm(code, 0x1000):
print_insn_detail(insn)
print ()
print("0x%x:\n" % (insn.address + insn.size))
except CsError as e:
print("ERROR: %s" %e)
if __name__ == '__main__':
test_class()

292
white_patch_detect/capstone-master/bindings/python/test_x86.py Normal file
View File

@@ -0,0 +1,292 @@
#!/usr/bin/env python
# Capstone Python bindings, by Nguyen Anh Quynnh <aquynh@gmail.com>
from __future__ import print_function
from capstone import *
from capstone.x86 import *
from xprint import to_hex, to_x, to_x_32
X86_CODE64 = b"\x55\x48\x8b\x05\xb8\x13\x00\x00\xe9\xea\xbe\xad\xde\xff\x25\x23\x01\x00\x00\xe8\xdf\xbe\xad\xde\x74\xff"
X86_CODE16 = b"\x8d\x4c\x32\x08\x01\xd8\x81\xc6\x34\x12\x00\x00\x05\x23\x01\x00\x00\x36\x8b\x84\x91\x23\x01\x00\x00\x41\x8d\x84\x39\x89\x67\x00\x00\x8d\x87\x89\x67\x00\x00\xb4\xc6\x66\xe9\xb8\x00\x00\x00\x67\xff\xa0\x23\x01\x00\x00\x66\xe8\xcb\x00\x00\x00\x74\xfc"
X86_CODE32 = b"\x8d\x4c\x32\x08\x01\xd8\x81\xc6\x34\x12\x00\x00\x05\x23\x01\x00\x00\x36\x8b\x84\x91\x23\x01\x00\x00\x41\x8d\x84\x39\x89\x67\x00\x00\x8d\x87\x89\x67\x00\x00\xb4\xc6\xe9\xea\xbe\xad\xde\xff\xa0\x23\x01\x00\x00\xe8\xdf\xbe\xad\xde\x74\xff"
all_tests = (
(CS_ARCH_X86, CS_MODE_16, X86_CODE16, "X86 16bit (Intel syntax)", None),
(CS_ARCH_X86, CS_MODE_32, X86_CODE32, "X86 32 (AT&T syntax)", CS_OPT_SYNTAX_ATT),
(CS_ARCH_X86, CS_MODE_32, X86_CODE32, "X86 32 (Intel syntax)", None),
(CS_ARCH_X86, CS_MODE_64, X86_CODE64, "X86 64 (Intel syntax)", None),
)
def get_eflag_name(eflag):
if eflag == X86_EFLAGS_UNDEFINED_OF:
return "UNDEF_OF"
elif eflag == X86_EFLAGS_UNDEFINED_SF:
return "UNDEF_SF"
elif eflag == X86_EFLAGS_UNDEFINED_ZF:
return "UNDEF_ZF"
elif eflag == X86_EFLAGS_MODIFY_AF:
return "MOD_AF"
elif eflag == X86_EFLAGS_UNDEFINED_PF:
return "UNDEF_PF"
elif eflag == X86_EFLAGS_MODIFY_CF:
return "MOD_CF"
elif eflag == X86_EFLAGS_MODIFY_SF:
return "MOD_SF"
elif eflag == X86_EFLAGS_MODIFY_ZF:
return "MOD_ZF"
elif eflag == X86_EFLAGS_UNDEFINED_AF:
return "UNDEF_AF"
elif eflag == X86_EFLAGS_MODIFY_PF:
return "MOD_PF"
elif eflag == X86_EFLAGS_UNDEFINED_CF:
return "UNDEF_CF"
elif eflag == X86_EFLAGS_MODIFY_OF:
return "MOD_OF"
elif eflag == X86_EFLAGS_RESET_OF:
return "RESET_OF"
elif eflag == X86_EFLAGS_RESET_CF:
return "RESET_CF"
elif eflag == X86_EFLAGS_RESET_DF:
return "RESET_DF"
elif eflag == X86_EFLAGS_RESET_IF:
return "RESET_IF"
elif eflag == X86_EFLAGS_TEST_OF:
return "TEST_OF"
elif eflag == X86_EFLAGS_TEST_SF:
return "TEST_SF"
elif eflag == X86_EFLAGS_TEST_ZF:
return "TEST_ZF"
elif eflag == X86_EFLAGS_TEST_PF:
return "TEST_PF"
elif eflag == X86_EFLAGS_TEST_CF:
return "TEST_CF"
elif eflag == X86_EFLAGS_RESET_SF:
return "RESET_SF"
elif eflag == X86_EFLAGS_RESET_AF:
return "RESET_AF"
elif eflag == X86_EFLAGS_RESET_TF:
return "RESET_TF"
elif eflag == X86_EFLAGS_RESET_NT:
return "RESET_NT"
elif eflag == X86_EFLAGS_PRIOR_OF:
return "PRIOR_OF"
elif eflag == X86_EFLAGS_PRIOR_SF:
return "PRIOR_SF"
elif eflag == X86_EFLAGS_PRIOR_ZF:
return "PRIOR_ZF"
elif eflag == X86_EFLAGS_PRIOR_AF:
return "PRIOR_AF"
elif eflag == X86_EFLAGS_PRIOR_PF:
return "PRIOR_PF"
elif eflag == X86_EFLAGS_PRIOR_CF:
return "PRIOR_CF"
elif eflag == X86_EFLAGS_PRIOR_TF:
return "PRIOR_TF"
elif eflag == X86_EFLAGS_PRIOR_IF:
return "PRIOR_IF"
elif eflag == X86_EFLAGS_PRIOR_DF:
return "PRIOR_DF"
elif eflag == X86_EFLAGS_TEST_NT:
return "TEST_NT"
elif eflag == X86_EFLAGS_TEST_DF:
return "TEST_DF"
elif eflag == X86_EFLAGS_RESET_PF:
return "RESET_PF"
elif eflag == X86_EFLAGS_PRIOR_NT:
return "PRIOR_NT"
elif eflag == X86_EFLAGS_MODIFY_TF:
return "MOD_TF"
elif eflag == X86_EFLAGS_MODIFY_IF:
return "MOD_IF"
elif eflag == X86_EFLAGS_MODIFY_DF:
return "MOD_DF"
elif eflag == X86_EFLAGS_MODIFY_NT:
return "MOD_NT"
elif eflag == X86_EFLAGS_MODIFY_RF:
return "MOD_RF"
elif eflag == X86_EFLAGS_SET_CF:
return "SET_CF"
elif eflag == X86_EFLAGS_SET_DF:
return "SET_DF"
elif eflag == X86_EFLAGS_SET_IF:
return "SET_IF"
else:
return None
def print_insn_detail(mode, insn):
def print_string_hex(comment, str):
print(comment, end=' '),
for c in str:
print("0x%02x " % c, end=''),
print()
# print address, mnemonic and operands
print("0x%x:\t%s\t%s" % (insn.address, insn.mnemonic, insn.op_str))
# "data" instruction generated by SKIPDATA option has no detail
if insn.id == 0:
return
# print instruction prefix
print_string_hex("\tPrefix:", insn.prefix)
# print instruction's opcode
print_string_hex("\tOpcode:", insn.opcode)
# print operand's REX prefix (non-zero value is relavant for x86_64 instructions)
print("\trex: 0x%x" % (insn.rex))
# print operand's address size
print("\taddr_size: %u" % (insn.addr_size))
# print modRM byte
print("\tmodrm: 0x%x" % (insn.modrm))
# print modRM offset
if insn.modrm_offset != 0:
print("\tmodrm_offset: 0x%x" % (insn.modrm_offset))
# print displacement value
print("\tdisp: 0x%s" % to_x_32(insn.disp))
# print displacement offset (offset into instruction bytes)
if insn.disp_offset != 0:
print("\tdisp_offset: 0x%x" % (insn.disp_offset))
# print displacement size
if insn.disp_size != 0:
print("\tdisp_size: 0x%x" % (insn.disp_size))
# SIB is not available in 16-bit mode
if (mode & CS_MODE_16 == 0):
# print SIB byte
print("\tsib: 0x%x" % (insn.sib))
if (insn.sib):
if insn.sib_base != 0:
print("\t\tsib_base: %s" % (insn.reg_name(insn.sib_base)))
if insn.sib_index != 0:
print("\t\tsib_index: %s" % (insn.reg_name(insn.sib_index)))
if insn.sib_scale != 0:
print("\t\tsib_scale: %d" % (insn.sib_scale))
# XOP CC type
if insn.xop_cc != X86_XOP_CC_INVALID:
print("\txop_cc: %u" % (insn.xop_cc))
# SSE CC type
if insn.sse_cc != X86_SSE_CC_INVALID:
print("\tsse_cc: %u" % (insn.sse_cc))
# AVX CC type
if insn.avx_cc != X86_AVX_CC_INVALID:
print("\tavx_cc: %u" % (insn.avx_cc))
# AVX Suppress All Exception
if insn.avx_sae:
print("\tavx_sae: TRUE")
# AVX Rounding Mode type
if insn.avx_rm != X86_AVX_RM_INVALID:
print("\tavx_rm: %u" % (insn.avx_rm))
count = insn.op_count(X86_OP_IMM)
if count > 0:
print("\timm_count: %u" % count)
for i in range(count):
op = insn.op_find(X86_OP_IMM, i + 1)
print("\t\timms[%u]: 0x%s" % (i + 1, to_x(op.imm)))
if insn.imm_offset != 0:
print("\timm_offset: 0x%x" % (insn.imm_offset))
if insn.imm_size != 0:
print("\timm_size: 0x%x" % (insn.imm_size))
if len(insn.operands) > 0:
print("\top_count: %u" % len(insn.operands))
c = -1
for i in insn.operands:
c += 1
if i.type == X86_OP_REG:
print("\t\toperands[%u].type: REG = %s" % (c, insn.reg_name(i.reg)))
if i.type == X86_OP_IMM:
print("\t\toperands[%u].type: IMM = 0x%s" % (c, to_x(i.imm)))
if i.type == X86_OP_MEM:
print("\t\toperands[%u].type: MEM" % c)
if i.mem.segment != 0:
print("\t\t\toperands[%u].mem.segment: REG = %s" % (c, insn.reg_name(i.mem.segment)))
if i.mem.base != 0:
print("\t\t\toperands[%u].mem.base: REG = %s" % (c, insn.reg_name(i.mem.base)))
if i.mem.index != 0:
print("\t\t\toperands[%u].mem.index: REG = %s" % (c, insn.reg_name(i.mem.index)))
if i.mem.scale != 1:
print("\t\t\toperands[%u].mem.scale: %u" % (c, i.mem.scale))
if i.mem.disp != 0:
print("\t\t\toperands[%u].mem.disp: 0x%s" % (c, to_x(i.mem.disp)))
# AVX broadcast type
if i.avx_bcast != X86_AVX_BCAST_INVALID:
print("\t\toperands[%u].avx_bcast: %u" % (c, i.avx_bcast))
# AVX zero opmask {z}
if i.avx_zero_opmask:
print("\t\toperands[%u].avx_zero_opmask: TRUE" % (c))
print("\t\toperands[%u].size: %u" % (c, i.size))
if i.access == CS_AC_READ:
print("\t\toperands[%u].access: READ\n" % (c))
elif i.access == CS_AC_WRITE:
print("\t\toperands[%u].access: WRITE\n" % (c))
elif i.access == CS_AC_READ | CS_AC_WRITE:
print("\t\toperands[%u].access: READ | WRITE\n" % (c))
(regs_read, regs_write) = insn.regs_access()
if len(regs_read) > 0:
print("\tRegisters read:", end="")
for r in regs_read:
print(" %s" %(insn.reg_name(r)), end="")
print("")
if len(regs_write) > 0:
print("\tRegisters modified:", end="")
for r in regs_write:
print(" %s" %(insn.reg_name(r)), end="")
print("")
if insn.eflags:
updated_flags = []
for i in range(0,46):
if insn.eflags & (1 << i):
updated_flags.append(get_eflag_name(1 << i))
print("\tEFLAGS: %s" % (','.join(p for p in updated_flags)))
# ## Test class Cs
def test_class():
for (arch, mode, code, comment, syntax) in all_tests:
print("*" * 16)
print("Platform: %s" % comment)
print("Code: %s" % to_hex(code))
print("Disasm:")
try:
md = Cs(arch, mode)
md.detail = True
if syntax is not None:
md.syntax = syntax
for insn in md.disasm(code, 0x1000):
print_insn_detail(mode, insn)
print ()
print ("0x%x:\n" % (insn.address + insn.size))
except CsError as e:
print("ERROR: %s" % e)
if __name__ == '__main__':
test_class()

71
white_patch_detect/capstone-master/bindings/python/test_xcore.py Normal file
View File

@@ -0,0 +1,71 @@
#!/usr/bin/env python
# Capstone Python bindings, by Nguyen Anh Quynnh <aquynh@gmail.com>
from __future__ import print_function
from capstone import *
from capstone.xcore import *
from xprint import to_x, to_hex
XCORE_CODE = b"\xfe\x0f\xfe\x17\x13\x17\xc6\xfe\xec\x17\x97\xf8\xec\x4f\x1f\xfd\xec\x37\x07\xf2\x45\x5b\xf9\xfa\x02\x06\x1b\x10\x09\xfd\xec\xa7"
all_tests = (
(CS_ARCH_XCORE, 0, XCORE_CODE, "XCore"),
)
def print_insn_detail(insn):
# print address, mnemonic and operands
print("0x%x:\t%s\t%s" % (insn.address, insn.mnemonic, insn.op_str))
# "data" instruction generated by SKIPDATA option has no detail
if insn.id == 0:
return
if len(insn.operands) > 0:
print("\top_count: %u" % len(insn.operands))
c = 0
for i in insn.operands:
if i.type == XCORE_OP_REG:
print("\t\toperands[%u].type: REG = %s" % (c, insn.reg_name(i.reg)))
if i.type == XCORE_OP_IMM:
print("\t\toperands[%u].type: IMM = 0x%s" % (c, to_x(i.imm)))
if i.type == XCORE_OP_MEM:
print("\t\toperands[%u].type: MEM" % c)
if i.mem.base != 0:
print("\t\t\toperands[%u].mem.base: REG = %s" \
% (c, insn.reg_name(i.mem.base)))
if i.mem.index != 0:
print("\t\t\toperands[%u].mem.index: REG = %s" \
% (c, insn.reg_name(i.mem.index)))
if i.mem.disp != 0:
print("\t\t\toperands[%u].mem.disp: 0x%s" \
% (c, to_x(i.mem.disp)))
if i.mem.direct != 1:
print("\t\t\toperands[%u].mem.direct: -1" % c)
c += 1
# ## Test class Cs
def test_class():
for (arch, mode, code, comment) in all_tests:
print("*" * 16)
print("Platform: %s" %comment)
print("Code: %s" % to_hex(code))
print("Disasm:")
try:
md = Cs(arch, mode)
md.detail = True
for insn in md.disasm(code, 0x1000):
print_insn_detail(insn)
print ()
print("0x%x:\n" % (insn.address + insn.size))
except CsError as e:
print("ERROR: %s" %e)
if __name__ == '__main__':
test_class()

41
white_patch_detect/capstone-master/bindings/python/xprint.py Normal file
View File

@@ -0,0 +1,41 @@
#!/usr/bin/env python
# Capstone Python bindings, by Nguyen Anh Quynnh <aquynh@gmail.com>
from __future__ import print_function
import sys
_python3 = sys.version_info.major == 3
def to_hex(s, prefix_0x = True):
if _python3:
if prefix_0x:
return " ".join("0x{0:02x}".format(c) for c in s) # <-- Python 3 is OK
else:
return " ".join("{0:02x}".format(c) for c in s) # <-- Python 3 is OK
else:
if prefix_0x:
return " ".join("0x{0:02x}".format(ord(c)) for c in s)
else:
return " ".join("{0:02x}".format(ord(c)) for c in s)
def to_hex2(s):
if _python3:
r = "".join("{0:02x}".format(c) for c in s) # <-- Python 3 is OK
else:
r = "".join("{0:02x}".format(ord(c)) for c in s)
while r[0] == '0': r = r[1:]
return r
def to_x(s):
from struct import pack
if not s: return '0'
x = pack(">q", s)
while x[0] in ('\0', 0): x = x[1:]
return to_hex2(x)
def to_x_32(s):
from struct import pack
if not s: return '0'
x = pack(">i", s)
while x[0] in ('\0', 0): x = x[1:]
return to_hex2(x)