Security of Information, Hacking, Offensive Security, Pentest, Open Source, Hackers Tools, etc etc...

Saturday, October 7, 2017

An Interactive Disassembler for x86/ARM/MIPS - Plasma


PLASMA is an interactive disassembler. It can generate a more readable assembly (pseudo code) with colored syntax. You can write scripts with the available Python api (see an example below). The project is still in big development.

wiki : TODO list and some documentation.

It supports :
  • architectures : x86{64}, ARM, MIPS{64} (partially for ARM and MIPS)
  • formats : ELF, PE, RAW
Warning: until structures and type definitions are not implemented, the database compatibility could be broken.

Requirements
Optional :
  • python-qt4 used for the memory map
  • keystone for the script asm.py

Installation
./install.sh
Or if you have already installed requirements with the previous command :
./install.sh --update
Check tests :
make
....................................................................................
84/84 tests passed successfully in 2.777975s
analyzer tests...
...

Pseudo-decompilation of functions
$ plasma -i tests/server.bin
>> v main
# you can press tab to show the pseudo decompilation
# | to split the window
# See the command help for all shortcuts

Qt memory map (memmap)
The image is actually static.

Scripting (Python API)
See more on the wiki for the API.
Some examples (these scripts are placed in plasma/scripts) :
$ plasma -i FILE
plasma> py !strings.py             # print all strings
plasma> py !xrefsto.py FUNCTION    # xdot call graph
plasma> py !crypto.py              # detect some crypto constants
plasma> py !asm.py CODE            # assemble with keystone
plasma> py !disasm.py HEX_STRING   # disassemble a buffer


Share:

0 comentários:

Post a Comment

Copyright © Offensive Sec 3.0 | Powered by OffensiveSec
Design by OffSec | Theme by Nasa Records | Distributed By Pirate Edition