This commit is contained in:
Nguyen Anh Quynh 2016-04-08 21:42:22 +08:00
commit 023e4375d0

View file

@ -19,10 +19,10 @@ var asm = strings.Join([]string{
func addHooks(mu uc.Unicorn) {
mu.HookAdd(uc.HOOK_BLOCK, func(mu uc.Unicorn, addr uint64, size uint32) {
fmt.Printf("Block: 0x%x, 0x%x\n", addr, size)
})
}, 1, 0)
mu.HookAdd(uc.HOOK_CODE, func(mu uc.Unicorn, addr uint64, size uint32) {
fmt.Printf("Code: 0x%x, 0x%x\n", addr, size)
})
}, 1, 0)
mu.HookAdd(uc.HOOK_MEM_READ|uc.HOOK_MEM_WRITE, func(mu uc.Unicorn, access int, addr uint64, size int, value int64) {
if access == uc.MEM_WRITE {
fmt.Printf("Mem write")
@ -30,7 +30,7 @@ func addHooks(mu uc.Unicorn) {
fmt.Printf("Mem read")
}
fmt.Printf(": @0x%x, 0x%x = 0x%x\n", addr, size, value)
})
}, 1, 0)
invalid := uc.HOOK_MEM_READ_INVALID | uc.HOOK_MEM_WRITE_INVALID | uc.HOOK_MEM_FETCH_INVALID
mu.HookAdd(invalid, func(mu uc.Unicorn, access int, addr uint64, size int, value int64) bool {
switch access {
@ -45,11 +45,11 @@ func addHooks(mu uc.Unicorn) {
}
fmt.Printf(": @0x%x, 0x%x = 0x%x\n", addr, size, value)
return false
})
}, 1, 0)
mu.HookAdd(uc.HOOK_INSN, func(mu uc.Unicorn) {
rax, _ := mu.RegRead(uc.X86_REG_RAX)
fmt.Printf("Syscall: %d\n", rax)
}, uc.X86_INS_SYSCALL)
}, 1, 0, uc.X86_INS_SYSCALL)
}
func run() error {