- Added detect for Python 2/3 so the correct iteritems()/iter is called.

- Renamed 'id' variable use (which is a built-in) to my_id.
- Small formatting changes to make it more PEP compliant.

bindings/python/sample_network_auditing.py

@@ -7,7 +7,14 @@ from unicorn import *
 from unicorn.x86_const import *
 import struct
 import uuid
-import random
+
+# Python 2/3 Compat without installing six
+DEAD_PYTHON = False
+import sys
+
+if sys.version_info[0] < 3:
+    DEAD_PYTHON = True
+    print("Python 2.x is dead. Start thinking about migrating to 3.x. https://wiki.python.org/moin/Python2orPython3")
 
 SIZE_REG = 4
 SOCKETCALL_MAX_ARGS = 3
@@ -51,6 +58,7 @@ X86_REVERSE_TCP_2 = b"\x31\xc0\x31\xdb\x31\xc9\x31\xd2\xb0\x66\xb3\x01\x51\x6a\x
 # memory address where emulation starts
 ADDRESS = 0x1000000
 
+
 # supported classes
 class IdGenerator:
     def __init__(self):
@@ -63,6 +71,7 @@ class IdGenerator:
 
         return next_id
 
+
 class LogChain:
     def __init__(self):
         self.__chains = {}
@@ -72,11 +81,11 @@ class LogChain:
         self.__chains = {}
         self.__linking_fds = {}
 
-    def create_chain(self, id):
-        if not self.__chains.has_key(id):
-            self.__chains[id] = []
+    def create_chain(self, my_id):
+        if not my_id in self.__chains:
+            self.__chains[my_id] = []
         else:
-            print("LogChain: id %d existed" % id)        
+            print("LogChain: id %d existed" % my_id)
 
     def add_log(self, id, msg):
         fd = self.get_original_fd(id)
@@ -87,18 +96,23 @@ class LogChain:
             print("LogChain: id %d doesn't exist" % id)
 
     def link_fd(self, from_fd, to_fd):
-        if not self.__linking_fds.has_key(to_fd):
+        if not to_fd in self.__linking_fds:
             self.__linking_fds[to_fd] = []
 
         self.__linking_fds[to_fd].append(from_fd)
 
     def get_original_fd(self, fd):
-        if self.__chains.has_key(fd):
+        if fd in self.__chains:
             return fd
 
+        if DEAD_PYTHON:
             for orig_fd, links in self.__linking_fds.iteritems():
                 if fd in links:
                     return orig_fd
+        else:
+            for orig_fd, links in self.__linking_fds.items():
+                if fd in links:
+                    return orig_fd
 
         return None
 
@@ -108,10 +122,16 @@ class LogChain:
 | START REPORT |
 ----------------
 """)
-        for id, logs in self.__chains.iteritems():            
-            print("---- START FD(%d) ----" % id)
+        if DEAD_PYTHON:
+            for my_id, logs in self.__chains.iteritems():
+                print("---- START FD(%d) ----" % my_id)
                 print("\n".join(logs))
-            print("---- END FD(%d) ----" % id)
+                print("---- END FD(%d) ----" % my_id)
+        else:
+            for my_id, logs in self.__chains.items():
+                print("---- START FD(%d) ----" % my_id)
+                print("\n".join(logs))
+                print("---- END FD(%d) ----" % my_id)
 
         print("""
 --------------
@@ -119,10 +139,9 @@ class LogChain:
 --------------
 """)
 
+
 # end supported classes
 
-id_gen = IdGenerator()
-fd_chains = LogChain()
 
 # utilities
 def bin_to_ipv4(ip):
@@ -132,6 +151,7 @@ def bin_to_ipv4(ip):
         (ip & 0xff00) >> 8,
         (ip & 0xff))
 
+
 def read_string(uc, addr):
     ret = ""
 
@@ -140,11 +160,12 @@ def read_string(uc, addr):
 
     while c != 0x0:
         ret += chr(c)
-        c = uc.mem_read(addr+read_bytes, 1)[0]
+        c = uc.mem_read(addr + read_bytes, 1)[0]
         read_bytes += 1
 
     return ret
 
+
 def parse_sock_address(sock_addr):
     sin_family, = struct.unpack("<h", sock_addr[:2])
 
@@ -154,22 +175,28 @@ def parse_sock_address(sock_addr):
     elif sin_family == 6:  # AF_INET6
         return ""
 
+
 def print_sockcall(msg):
     print(">>> SOCKCALL %s" % msg)
+
+
 # end utilities
 
 # callback for tracing instructions
 def hook_code(uc, address, size, user_data):
-    print(">>> Tracing instruction at 0x%x, instruction size = 0x%x" %(address, size))
+    print(">>> Tracing instruction at 0x%x, instruction size = 0x%x" % (address, size))
     # read this instruction code from memory
     tmp = uc.mem_read(address, size)
-    print(">>> Instruction code at [0x%x] =" %(address), end="")
+    print(">>> Instruction code at [0x%x] =" % (address), end="")
     for i in tmp:
-        print(" %x" %i, end="")
+        print(" %x" % i, end="")
     print("")
 
+
 # callback for tracing Linux interrupt
 def hook_intr(uc, intno, user_data):
+    global id_gen
+
     # only handle Linux syscall
     if intno != 0x80:
         return
@@ -249,8 +276,8 @@ def hook_intr(uc, intno, user_data):
             13: 2  # sys_shutdown
         }
 
-        buf = uc.mem_read(args, SOCKETCALL_NUM_ARGS[call]*SIZE_REG)        
-        args = struct.unpack("<" + "I"*SOCKETCALL_NUM_ARGS[call], buf)
+        buf = uc.mem_read(args, SOCKETCALL_NUM_ARGS[call] * SIZE_REG)
+        args = struct.unpack("<" + "I" * SOCKETCALL_NUM_ARGS[call], buf)
 
         # int sys_socketcall(int call, unsigned long *args)
         if call == 1:  # sys_socket
@@ -350,8 +377,11 @@ def hook_intr(uc, intno, user_data):
             fd_chains.add_log(fd, msg)
             print_sockcall(msg)
 
+
 # Test X86 32 bit
 def test_i386(code):
+    global fd_chains
+
     fd_chains.clean()
     print("Emulate i386 code")
     try:
@@ -384,9 +414,13 @@ def test_i386(code):
 
     fd_chains.print_report()
 
+
+# Globals
+fd_chains = LogChain()
+id_gen = IdGenerator()
+
 if __name__ == '__main__':
     test_i386(X86_SEND_ETCPASSWD)
     test_i386(X86_BIND_TCP)
     test_i386(X86_REVERSE_TCP)
     test_i386(X86_REVERSE_TCP_2)
-