x86/ARM/MIPS的交互式反汇编程序， 生成语法着色缩进的伪代码

x86/ARM/MIPS的交互式反汇编程序， 生成语法着色缩进的伪代码

PLASMA

The old project name was Reverse.

PLASMA is an interactive disassembler. It can generate a more readable assembly (pseudo code) with colored syntax. You can write scripts with the available Python api (see an example below). The project is still in big development.

wiki : TODO list and some documentation.

It supports :

architectures : x86{64}, ARM, MIPS{64} (partially for ARM and MIPS)formats : ELF, PE, RAW

Warning: until structures and type definitions are not implemented, the database compatibility could be broken.

Requirements

python >= 3.4capstone, tested with 4.0-alpha5python-pyelftoolspefile + python3-futurepython-msgpack >= 0.4.6c++filt (available in the binutils Linux package)terminal should support UTF8 and 256 colors (if not, use the option --nocolor)

Optional :

python-qt4 used for the memory mapkeystone for the script asm.py

Installation

./install.sh

Or if you have already installed requirements with the previous command:

./install.sh --update

Check tests :

make....................................................................................84/84 tests passed successfully in 2.777975sanalyzer tests......

Pseudo-decompilation of functions

$ plasma -i tests/server.bin>> v main# you can press tab to show the pseudo decompilation# | to split the window# See the command help for all shortcuts

Take the control of the flow graph by inverting conditional jumps:

Scripting (Python API)

See more on the wiki for the API.

Some examples (these scripts are placed in plasma/scripts) :

$ plasma -i FILEplasma> py !strings.py # print all stringsplasma> py !xrefsto.py FUNCTION # xdot call graphplasma> py !crypto.py # detect some crypto constantsplasma> py !asm.py CODE # assemble with keystoneplasma> py !disasm.py HEX_STRING # disassemble a buffer

版权声明：本文内容由网络用户投稿，版权归原作者所有，本站不拥有其著作权，亦不承担相应法律责任。如果您发现本站中有涉嫌抄袭或描述失实的内容，请联系我们jiasou666@gmail.com 处理，核实后本网站将在24小时内删除侵权内容。