It is currently Sat Jan 23, 2021 3:01 am

All times are UTC + 1 hour




Post new topic Reply to topic  [ 4 posts ] 
Author Message
 Post subject: diStorm 3.3 - Powerful Disassembler Library For Intel/AMD64
PostPosted: Thu Dec 03, 2015 2:11 am 
Offline
User
User

Joined: Tue Dec 16, 2014 3:44 am
Posts: 13
Powerful Disassembler Library For AMD64

A lightweight, Easy-to-Use and Fast Disassembler/Decomposer Library for x86/AMD64.

A Decomposer means that you get a binary structure that describes an instruction rather than textual representation.

diStorm3 includes the following new features:
Quote:
Access to CPU flags that were affected by the instruction.
New API for instruction decomposition.
Basic Flow Control analysis support.
AVX and FMA instruction sets support.
Complete documentation and code samples.
Some bug fixes and massive code refactoring.

diStorm3 also supports:
Quote:
Minimal API for decode and decompose, no initialization is required.
Decode modes: 16, 32 and 64 bits.
Instruction Sets: FPU, MMX, SSE, SSE2, SSE3, SSSE3, SSE4,
3DNow! (w/ extensions), new x86-64, VMX and AMD's SVM.

Reentrancy (multi-threaded).
Platform independent - Windows, Linux and Mac. Little/big endianity. User/kernel mode.
Different compilers (GCC, MSVC). Can be used either statically or dynamically.
Java and Python wrappers.

diStorm3 is dual-licensed under the GPL (http://www.gnu.org/licenses/gpl.html) and a commercial license.

source:
github (too big to post here > 60000) = https://github.com/ToniPB/distorm-PB

Image

Dis_Test1.pb
Code:
XIncludeFile #PB_Compiler_FilePath + "TestHelper.pbi"

Procedure Do_Distorm_Test1()
  Protected res.l
  Protected Dim decodedInstructions._DISTORM_DecodedInst(1000)
  Protected decodedInstructionsCount.l = 0
  Protected i.l = 0
  Protected offset.q = 0
  Protected max_instructions.l = 1000
 
 
  Protected *code = ?test_data1_start
  Protected codeLen.l = ?test_data1_end - ?test_data1_start
 
  res = distorm_decode64(offset, *code, codeLen, #DISTORM_Decode32Bits, @decodedInstructions(), max_instructions, @decodedInstructionsCount)
 
  PrintN("")
 
  If res = #DISTORM_DECRES_SUCCESS
    Protected de_text.s = ""
   
    For i.l = 0 To decodedInstructionsCount - 1
      de_text = Distorm_InstructionString(@decodedInstructions(i))
     
      PrintN(de_text)
     
    Next i
  Else
    PrintN("Decoding Failed")
  EndIf
 
 ;SetClipboardText( Distorm_CreateInstructionStringFromArray(decodedInstructions(), decodedInstructionsCount))
 
  DataSection
    test_data1_start: ; 11 bytes
    Data.a $55, $8B, $EC, $8B, $45, $08, $03, $45, $0C, $C9, $C3
    test_data1_end:
  EndDataSection

EndProcedure

If OpenConsole()
  PrintN("diStorm version: "+GetDistormVersionString())
  PrintN("")
 
  Do_Distorm_Test1()
 
  PrintN("")
  PrintN("Press enter to continue")
  PrintN("")
  Input()
 
  CloseConsole()
EndIf


Top
 Profile  
Reply with quote  
 Post subject: Re: diStorm 3.3 - Powerful Disassembler Library For Intel/AM
PostPosted: Thu Dec 03, 2015 10:42 pm 
Offline
Addict
Addict
User avatar

Joined: Sat Aug 15, 2009 6:59 pm
Posts: 1260
Cool stuff, thx.
I am using BeaEngine. The "decomposer" is very usefull for automatic code analysis for hooking and stuff. BeaEngine also offers this functionality.


Top
 Profile  
Reply with quote  
 Post subject: Re: diStorm 3.3 - Powerful Disassembler Library For Intel/AM
PostPosted: Mon May 02, 2016 11:03 pm 
Offline
New User
New User

Joined: Sun Apr 24, 2016 2:07 pm
Posts: 6
Will definetely check it out :)


Top
 Profile  
Reply with quote  
 Post subject: Re: diStorm 3.3 - Powerful Disassembler Library For Intel/AM
PostPosted: Sat May 07, 2016 7:02 pm 
Offline
New User
New User

Joined: Sun Apr 24, 2016 2:07 pm
Posts: 6
thx for ur pm much appreciated :)


Top
 Profile  
Reply with quote  
Display posts from previous:  Sort by  
Post new topic Reply to topic  [ 4 posts ] 

All times are UTC + 1 hour


Who is online

Users browsing this forum: No registered users and 2 guests


You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum

Search for:
Jump to:  

 


Powered by phpBB © 2008 phpBB Group
subSilver+ theme by Canver Software, sponsor Sanal Modifiye