Skip to content

Commit

Permalink
Initial commit.
Browse files Browse the repository at this point in the history
  • Loading branch information
@9ee1
9ee1 committed Apr 16, 2015
0 parents commit 4a87790
Show file tree
Hide file tree
Showing 53 changed files with 5,085 additions and 0 deletions.
4 changes: 4 additions & 0 deletions .gitignore
Original file line number Diff line number Diff line change
@@ -0,0 +1,4 @@
/*.sln.DotSettings.user
**/bin
**/obj
packages/
34 changes: 34 additions & 0 deletions Capstone.NET.sln
Original file line number Diff line number Diff line change
@@ -0,0 +1,34 @@

Microsoft Visual Studio Solution File, Format Version 12.00
# Visual Studio 2013
VisualStudioVersion = 12.0.31101.0
MinimumVisualStudioVersion = 10.0.40219.1
Project("{FAE04EC0-301F-11D3-BF4B-00C04F79EFBC}") = "Gee.External.Capstone", "Gee.External.Capstone\Gee.External.Capstone.csproj", "{1297DCEE-009D-4739-8124-3F064EA9EA10}"
EndProject
Project("{FAE04EC0-301F-11D3-BF4B-00C04F79EFBC}") = "Tests.Gee.External.Capstone", "Tests.Gee.External.Capstone\Tests.Gee.External.Capstone.csproj", "{7D755424-C594-4605-820D-9AF880E091BC}"
EndProject
Project("{FAE04EC0-301F-11D3-BF4B-00C04F79EFBC}") = "CapstoneCMD", "CapstoneCMD\CapstoneCMD.csproj", "{D1A6EC03-1420-4516-8548-4117A18DA8B3}"
EndProject
Global
GlobalSection(SolutionConfigurationPlatforms) = preSolution
Debug|Any CPU = Debug|Any CPU
Release|Any CPU = Release|Any CPU
EndGlobalSection
GlobalSection(ProjectConfigurationPlatforms) = postSolution
{1297DCEE-009D-4739-8124-3F064EA9EA10}.Debug|Any CPU.ActiveCfg = Debug|Any CPU
{1297DCEE-009D-4739-8124-3F064EA9EA10}.Debug|Any CPU.Build.0 = Debug|Any CPU
{1297DCEE-009D-4739-8124-3F064EA9EA10}.Release|Any CPU.ActiveCfg = Release|Any CPU
{1297DCEE-009D-4739-8124-3F064EA9EA10}.Release|Any CPU.Build.0 = Release|Any CPU
{7D755424-C594-4605-820D-9AF880E091BC}.Debug|Any CPU.ActiveCfg = Debug|Any CPU
{7D755424-C594-4605-820D-9AF880E091BC}.Debug|Any CPU.Build.0 = Debug|Any CPU
{7D755424-C594-4605-820D-9AF880E091BC}.Release|Any CPU.ActiveCfg = Release|Any CPU
{7D755424-C594-4605-820D-9AF880E091BC}.Release|Any CPU.Build.0 = Release|Any CPU
{D1A6EC03-1420-4516-8548-4117A18DA8B3}.Debug|Any CPU.ActiveCfg = Debug|Any CPU
{D1A6EC03-1420-4516-8548-4117A18DA8B3}.Debug|Any CPU.Build.0 = Debug|Any CPU
{D1A6EC03-1420-4516-8548-4117A18DA8B3}.Release|Any CPU.ActiveCfg = Release|Any CPU
{D1A6EC03-1420-4516-8548-4117A18DA8B3}.Release|Any CPU.Build.0 = Release|Any CPU
EndGlobalSection
GlobalSection(SolutionProperties) = preSolution
HideSolutionNode = FALSE
EndGlobalSection
EndGlobal
56 changes: 56 additions & 0 deletions CapstoneCMD/CapstoneCMD.csproj
Original file line number Diff line number Diff line change
@@ -0,0 +1,56 @@
<?xml version="1.0" encoding="utf-8"?>
<Project ToolsVersion="12.0" DefaultTargets="Build" xmlns="http://schemas.microsoft.com/developer/msbuild/2003">
<Import Project="$(MSBuildExtensionsPath)\$(MSBuildToolsVersion)\Microsoft.Common.props" Condition="Exists('$(MSBuildExtensionsPath)\$(MSBuildToolsVersion)\Microsoft.Common.props')" />
<PropertyGroup>
<Configuration Condition=" '$(Configuration)' == '' ">Debug</Configuration>
<Platform Condition=" '$(Platform)' == '' ">AnyCPU</Platform>
<ProjectGuid>{D1A6EC03-1420-4516-8548-4117A18DA8B3}</ProjectGuid>
<OutputType>Exe</OutputType>
<AppDesignerFolder>Properties</AppDesignerFolder>
<RootNamespace>CapstoneCMD</RootNamespace>
<AssemblyName>CapstoneCMD</AssemblyName>
<TargetFrameworkVersion>v4.5</TargetFrameworkVersion>
<FileAlignment>512</FileAlignment>
</PropertyGroup>
<PropertyGroup Condition=" '$(Configuration)|$(Platform)' == 'Debug|AnyCPU' ">
<PlatformTarget>AnyCPU</PlatformTarget>
<DebugSymbols>true</DebugSymbols>
<DebugType>full</DebugType>
<Optimize>false</Optimize>
<OutputPath>bin\Debug\</OutputPath>
<DefineConstants>DEBUG;TRACE</DefineConstants>
<ErrorReport>prompt</ErrorReport>
<WarningLevel>4</WarningLevel>
</PropertyGroup>
<PropertyGroup Condition=" '$(Configuration)|$(Platform)' == 'Release|AnyCPU' ">
<PlatformTarget>AnyCPU</PlatformTarget>
<DebugType>pdbonly</DebugType>
<Optimize>true</Optimize>
<OutputPath>bin\Release\</OutputPath>
<DefineConstants>TRACE</DefineConstants>
<ErrorReport>prompt</ErrorReport>
<WarningLevel>4</WarningLevel>
</PropertyGroup>
<ItemGroup>
<Reference Include="System" />
<Reference Include="System.Core" />
</ItemGroup>
<ItemGroup>
<Compile Include="Program.cs" />
<Compile Include="Properties\AssemblyInfo.cs" />
</ItemGroup>
<ItemGroup>
<ProjectReference Include="..\Gee.External.Capstone\Gee.External.Capstone.csproj">
<Project>{1297DCEE-009D-4739-8124-3F064EA9EA10}</Project>
<Name>Gee.External.Capstone</Name>
</ProjectReference>
</ItemGroup>
<Import Project="$(MSBuildToolsPath)\Microsoft.CSharp.targets" />
<!-- To modify your build process, add your task inside one of the targets below and uncomment it.
Other similar extension points exist, see Microsoft.Common.targets.
<Target Name="BeforeBuild">
</Target>
<Target Name="AfterBuild">
</Target>
-->
</Project>
110 changes: 110 additions & 0 deletions CapstoneCMD/Program.cs
Original file line number Diff line number Diff line change
@@ -0,0 +1,110 @@
using Gee.External.Capstone;
using System;

namespace CapstoneCMD {
/// <summary>
/// Main Program.
/// </summary>
internal static class Program {
/// <summary>
/// Run Main Program.
/// </summary>
/// <param name="args">
/// A collection of arguments passed from the command line.
/// </param>
internal static void Main(string[] args) {
// Create X86 Disassembler.
//
// Creating the disassembler in a "using" statement ensures that resources get cleaned up automatically
// when it is no longer needed.
using (var disassembler = CapstoneDisassembler.CreateX86Disassembler(DisassembleMode.Bit32)) {
// Enable Disassemble Details.
//
// Enables disassemble details, which are disabled by default, to provide more detailed information on
// disassembled binary code.
disassembler.EnableDetails = true;

// Set Disassembler's Syntax.
//
// Make the disassembler generate instructions in Intel syntax.
disassembler.Syntax = DisassembleSyntaxOptionValue.Intel;

// Disassemble All Binary Code.
//
// ...
var code = new byte[] {0x8d, 0x4c, 0x32, 0x08, 0x01, 0xd8, 0x81, 0xc6, 0x34, 0x12, 0x00, 0x00, 0x05, 0x23, 0x01, 0x00, 0x00, 0x36, 0x8b, 0x84, 0x91, 0x23, 0x01, 0x00, 0x00, 0x41, 0x8d, 0x84, 0x39, 0x89, 0x67, 0x00, 0x00, 0x8d, 0x87, 0x89, 0x67, 0x00, 0x00, 0xb4, 0xc6};
var instructions = disassembler.DisassembleAll(code);

// Loop Through Each Disassembled Instruction.
// ...
foreach (var instruction in instructions) {
Console.WriteLine("{0}: {1} ... {2} ... {3}", instruction.Address, instruction.Mnemonic, instruction.Operand, instruction.Id);

// Check if Instruction Has Architecture Independent Details.
//
// Will normally be available if CapstoneDisassembler.EnableDetails is "true".
if (instruction.IndependentDetail != null) {
Console.WriteLine("\t Groups: {0}", String.Join(",", instruction.IndependentDetail.Groups));
Console.WriteLine("\t Read Registers: {0}", String.Join(",", instruction.IndependentDetail.ReadRegisters));
Console.WriteLine("\t Written Registers: {0}", String.Join(",", instruction.IndependentDetail.WrittenRegisters));
}

// Check if Instruction Has Architecture Dependent Details.
//
// Will normally be available if CapstoneDisassembler.EnableDetails is "true". For this example,
// this is all X86 specific details since we created an X86 Disassembler.
if (instruction.ArchitectureDetail != null) {
Console.WriteLine("\t Address Size: {0}", instruction.ArchitectureDetail.AddressSize);
Console.WriteLine("\t AVX Code Condition: {0}", instruction.ArchitectureDetail.AvxCodeCondition);
Console.WriteLine("\t AVX Rounding Mode: {0}", instruction.ArchitectureDetail.AvxRoundingMode);
Console.WriteLine("\t Displacement: {0}", instruction.ArchitectureDetail.Displacement);
Console.WriteLine("\t ModRM: {0}", instruction.ArchitectureDetail.ModRm);

// Loop Through Instruction's Operands.
//
// ...
Console.WriteLine("\t Operands:");
foreach (var operand in instruction.ArchitectureDetail.Operands) {
Console.WriteLine("\t\t Operand Type: {0}", operand.Type);
switch (operand.Type) {
case X86InstructionOperandType.FloatingPoint:
Console.WriteLine("\t\t Operand Value: {0}", operand.FloatingPointValue);
Console.WriteLine();
break;
case X86InstructionOperandType.Immediate:
Console.WriteLine("\t\t Operand Value: {0}", operand.ImmediateValue);
Console.WriteLine();
break;
case X86InstructionOperandType.Memory:
Console.WriteLine("\t\t Operand Base Register: {0}", operand.MemoryValue.BaseRegister);
Console.WriteLine("\t\t Operand Displacement: {0}", operand.MemoryValue.Displacement);
Console.WriteLine("\t\t Operand Index Register: {0}", operand.MemoryValue.IndexRegister);
Console.WriteLine("\t\t Operand Index Register Scale: {0}", operand.MemoryValue.IndexRegisterScale);
Console.WriteLine("\t\t Operand Segment Register: {0}", operand.MemoryValue.SegmentRegister);
Console.WriteLine();
break;
case X86InstructionOperandType.Register:
Console.WriteLine("\t\t Operand Value: {0}", operand.RegisterValue);
Console.WriteLine();
break;
}
}

Console.WriteLine("\t OpCode: {0}", String.Join(",", instruction.ArchitectureDetail.OperationCode));
Console.WriteLine("\t Prefix: {0}", String.Join(",", instruction.ArchitectureDetail.Prefix));
Console.WriteLine("\t REX: {0}", instruction.ArchitectureDetail.Rex);
Console.WriteLine("\t SIB: {0}", instruction.ArchitectureDetail.Sib);
Console.WriteLine("\t SIB Base Register: {0}", instruction.ArchitectureDetail.SibBaseRegister);
Console.WriteLine("\t SIB Index Register: {0}", instruction.ArchitectureDetail.SibIndexRegister);
Console.WriteLine("\t SIB Scale: {0}", instruction.ArchitectureDetail.SibScale);
Console.WriteLine("\t SSE Code Condition: {0}", instruction.ArchitectureDetail.SseCodeCondition);
}

Console.WriteLine();
}
}

Console.ReadLine();
}
}
}
36 changes: 36 additions & 0 deletions CapstoneCMD/Properties/AssemblyInfo.cs
Original file line number Diff line number Diff line change
@@ -0,0 +1,36 @@
using System.Reflection;
using System.Runtime.CompilerServices;
using System.Runtime.InteropServices;

// General Information about an assembly is controlled through the following
// set of attributes. Change these attribute values to modify the information
// associated with an assembly.
[assembly: AssemblyTitle("Capstone.NET")]
[assembly: AssemblyDescription("Capstone.NET Example Application")]
[assembly: AssemblyConfiguration("")]
[assembly: AssemblyCompany("@9ee1")]
[assembly: AssemblyProduct("Capstone.NET")]
[assembly: AssemblyCopyright("Copyright 2015")]
[assembly: AssemblyTrademark("")]
[assembly: AssemblyCulture("")]

// Setting ComVisible to false makes the types in this assembly not visible
// to COM components. If you need to access a type in this assembly from
// COM, set the ComVisible attribute to true on that type.
[assembly: ComVisible(false)]

// The following GUID is for the ID of the typelib if this project is exposed to COM
[assembly: Guid("14586933-8765-48ea-8556-c95bf549e8c7")]

// Version information for an assembly consists of the following four values:
//
// Major Version
// Minor Version
// Build Number
// Revision
//
// You can specify all the values or you can default the Build and Revision Numbers
// by using the '*' as shown below:
// [assembly: AssemblyVersion("1.0.*")]
[assembly: AssemblyVersion("1.0.0.0")]
[assembly: AssemblyFileVersion("1.0.0.0")]
Loading

0 comments on commit 4a87790

Please sign in to comment.