CPU¶

CPUContextBase¶

This is the base mix-in class when defining new CPUs to support.

class revenge.cpu.contexts.CPUContextBase(process, diff=None, **registers)[source]¶

Bases: object

property changed_registers¶

What registers were changed with this step?

Type: list

pc¶

sp¶

CPUContext¶

The CPUContext represents the state of the CPU. The following is the base generator of contexts.

revenge.cpu.contexts.CPUContext(process, *args, **kwargs)[source]¶

x64¶

class revenge.cpu.contexts.x64.X64Context(process, diff=None, **registers)[source]¶

Bases: revenge.cpu.contexts.CPUContextBase

REGS = ['rip', 'rsp', 'rbp', 'rax', 'rbx', 'rcx', 'rdx', 'rsi', 'rdi', 'r8', 'r9', 'r10', 'r11', 'r12', 'r13', 'r14', 'r15']¶

REGS_ALL = {'ah': '(self.rax>>8) & 0xff', 'al': 'self.rax & 0xff', 'ax': 'self.rax & 0xffff', 'bh': '(self.rbx>>8) & 0xff', 'bl': 'self.rbx & 0xff', 'bp': 'self.rbp & 0xffff', 'bpl': 'self.rbp & 0xff', 'bx': 'self.rbx & 0xffff', 'ch': '(self.rcx>>8) & 0xff', 'cl': 'self.rcx & 0xff', 'cx': 'self.rcx & 0xffff', 'dh': '(self.rdx>>8) & 0xff', 'di': 'self.rdi & 0xffff', 'dil': 'self.rdi & 0xff', 'dl': 'self.rdx & 0xff', 'dx': 'self.rdx & 0xffff', 'eax': 'self.rax & 0xffffffff', 'ebp': 'self.rbp & 0xffffffff', 'ebx': 'self.rbx & 0xffffffff', 'ecx': 'self.rcx & 0xffffffff', 'edi': 'self.rdi & 0xffffffff', 'edx': 'self.rdx & 0xffffffff', 'esi': 'self.rsi & 0xffffffff', 'esp': 'self.rsp & 0xffffffff', 'ip': 'self.rip', 'r10': 'self.r10', 'r10b': 'self.r10 & 0xff', 'r10d': 'self.r10 & 0xffffffff', 'r10w': 'self.r10 & 0xffff', 'r11': 'self.r11', 'r11b': 'self.r11 & 0xff', 'r11d': 'self.r11 & 0xffffffff', 'r11w': 'self.r11 & 0xffff', 'r12': 'self.r12', 'r12b': 'self.r12 & 0xff', 'r12d': 'self.r12 & 0xffffffff', 'r12w': 'self.r12 & 0xffff', 'r13': 'self.r13', 'r13b': 'self.r13 & 0xff', 'r13d': 'self.r13 & 0xffffffff', 'r13w': 'self.r13 & 0xffff', 'r14': 'self.r14', 'r14b': 'self.r14 & 0xff', 'r14d': 'self.r14 & 0xffffffff', 'r14w': 'self.r14 & 0xffff', 'r15': 'self.r15', 'r15b': 'self.r15 & 0xff', 'r15d': 'self.r15 & 0xffffffff', 'r15w': 'self.r15 & 0xffff', 'r8': 'self.r8', 'r8b': 'self.r8 & 0xff', 'r8d': 'self.r8 & 0xffffffff', 'r8w': 'self.r8 & 0xffff', 'r9': 'self.r9', 'r9b': 'self.r9 & 0xff', 'r9d': 'self.r9 & 0xffffffff', 'r9w': 'self.r9 & 0xffff', 'rax': 'self.rax', 'rbp': 'self.rbp', 'rbx': 'self.rbx', 'rcx': 'self.rcx', 'rdi': 'self.rdi', 'rdx': 'self.rdx', 'rip': 'self.rip', 'rsi': 'self.rsi', 'rsp': 'self.rsp', 'si': 'self.rsi & 0xffff', 'sil': 'self.rsi & 0xff', 'sp': 'self.rsp & 0xffff', 'spl': 'self.rsp & 0xff'}¶

r10¶

r11¶

r12¶

r13¶

r14¶

r15¶

r8¶

r9¶

rax¶

rbp¶

rbx¶

rcx¶

rdi¶

rdx¶

rip¶

rsi¶

rsp¶

x86¶

class revenge.cpu.contexts.x86.X86Context(process, diff=None, **registers)[source]¶

Bases: revenge.cpu.contexts.CPUContextBase

REGS = ['eip', 'esp', 'ebp', 'eax', 'ebx', 'ecx', 'edx', 'esi', 'edi']¶

REGS_ALL = {'ah': '(self.eax>>8) & 0xff', 'al': 'self.eax & 0xff', 'ax': 'self.eax & 0xffff', 'bh': '(self.ebx>>8) & 0xff', 'bl': 'self.ebx & 0xff', 'bp': 'self.ebp & 0xffff', 'bpl': 'self.ebp & 0xff', 'bx': 'self.ebx & 0xffff', 'ch': '(self.ecx>>8) & 0xff', 'cl': 'self.ecx & 0xff', 'cx': 'self.ecx & 0xffff', 'dh': '(self.edx>>8) & 0xff', 'di': 'self.edi & 0xffff', 'dil': 'self.edi & 0xff', 'dl': 'self.edx & 0xff', 'dx': 'self.edx & 0xffff', 'eax': 'self.eax', 'ebp': 'self.ebp', 'ebx': 'self.ebx', 'ecx': 'self.ecx', 'edi': 'self.edi', 'edx': 'self.edx', 'eip': 'self.eip', 'esi': 'self.esi', 'esp': 'self.esp', 'ip': 'self.eip', 'si': 'self.esi & 0xffff', 'sil': 'self.esi & 0xff', 'sp': 'self.esp & 0xffff', 'spl': 'self.esp & 0xff'}¶

eax¶

ebp¶

ebx¶

ecx¶

edi¶

edx¶

eip¶

esi¶

esp¶

arm¶

class revenge.cpu.contexts.arm.ARMContext(process, diff=None, **registers)[source]¶

Bases: revenge.cpu.contexts.CPUContextBase

REGS = ['pc', 'sp', 'r0', 'r1', 'r2', 'r3', 'r4', 'r5', 'r6', 'r7', 'r8', 'r9', 'r10', 'r11', 'r12', 'lr']¶

REGS_ALL = {}¶

lr¶

pc¶

r0¶

r1¶

r10¶

r11¶

r12¶

r2¶

r3¶

r4¶

r5¶

r6¶

r7¶

r8¶

r9¶

sp¶

Assembly¶

Abstraction for the assembly instructions.

Assembly Instruction¶

class revenge.cpu.AssemblyInstruction(process, address=None)[source]¶

Bases: object

Represents an assembly instruction.

property address¶

Address where this instruction is located.

Type: Pointer

property address_next¶

Address of instruction following this one.

Type: Pointer

property args_str¶

Operation arguments as a string.

Type: str

property args_str_resolved¶

Attempt to resolve addresses in the args str into symbols.

Type: str

classmethod from_frida_dict(process, d)[source]¶: Builds this assembly instruction from a frida dictionary, ala Instruction.parse()

property groups¶

List of descriptive groups that this instruction belongs to.

Type: list

property mnemonic¶

Operation mnemonic.

Type: str

property operands¶

List of operands.

Type: list

property registers_read¶

List of registers that are read by this instruction.

Type: list

property registers_written¶

List of registers written by this instruction.

Type: list

property size¶

Size of this instruction in bytes.

Type: int

Assembly Block¶

class revenge.cpu.assembly.instruction.AssemblyBlock(process, address)[source]¶

Bases: object

Represents an assembly block.