zelos.emulator.x86 module

class zelos.emulator.x86.x86EmuHelper(unicorn_engine, state)

Bases: zelos.emulator.base.IEmuHelper

ip_reg = 'eip'
sp_reg = 'esp'
fp_reg = 'ebp'
regmap = {'ah': 1, 'al': 2, 'ax': 3, 'bh': 4, 'bl': 5, 'bp': 6, 'bpl': 7, 'bx': 8, 'ch': 9, 'cl': 10, 'cr0': 50, 'cr1': 51, 'cr10': 60, 'cr11': 61, 'cr12': 62, 'cr13': 63, 'cr14': 64, 'cr15': 65, 'cr2': 52, 'cr3': 53, 'cr4': 54, 'cr5': 55, 'cr6': 56, 'cr7': 57, 'cr8': 58, 'cr9': 59, 'cs': 11, 'cx': 12, 'dh': 13, 'di': 14, 'dil': 15, 'dl': 16, 'dr0': 66, 'dr1': 67, 'dr10': 76, 'dr11': 77, 'dr12': 78, 'dr13': 79, 'dr14': 80, 'dr15': 81, 'dr2': 68, 'dr3': 69, 'dr4': 70, 'dr5': 71, 'dr6': 72, 'dr7': 73, 'dr8': 74, 'dr9': 75, 'ds': 17, 'dx': 18, 'eax': 19, 'ebp': 20, 'ebx': 21, 'ecx': 22, 'edi': 23, 'edx': 24, 'eip': 26, 'eiz': 27, 'es': 28, 'esi': 29, 'esp': 30, 'flags': 25, 'fp0': 82, 'fp1': 83, 'fp2': 84, 'fp3': 85, 'fp4': 86, 'fp5': 87, 'fp6': 88, 'fp7': 89, 'fpsw': 31, 'fs': 32, 'gdtr': 243, 'gs': 33, 'ip': 34, 'k0': 90, 'k1': 91, 'k2': 92, 'k3': 93, 'k4': 94, 'k5': 95, 'k6': 96, 'k7': 97, 'mm0': 98, 'mm1': 99, 'mm2': 100, 'mm3': 101, 'mm4': 102, 'mm5': 103, 'mm6': 104, 'mm7': 105, 'r10': 108, 'r10b': 220, 'r10d': 228, 'r10w': 236, 'r11': 109, 'r11b': 221, 'r11d': 229, 'r11w': 237, 'r12': 110, 'r12b': 222, 'r12d': 230, 'r12w': 238, 'r13': 111, 'r13b': 223, 'r13d': 231, 'r13w': 239, 'r14': 112, 'r14b': 224, 'r14d': 232, 'r14w': 240, 'r15': 113, 'r15b': 225, 'r15d': 233, 'r15w': 241, 'r8': 106, 'r8b': 218, 'r8d': 226, 'r8w': 234, 'r9': 107, 'r9b': 219, 'r9d': 227, 'r9w': 235, 'rax': 35, 'rbp': 36, 'rbx': 37, 'rcx': 38, 'rdi': 39, 'rdx': 40, 'rip': 41, 'riz': 42, 'rsi': 43, 'rsp': 44, 'si': 45, 'sil': 46, 'sp': 47, 'spl': 48, 'ss': 49, 'st(0)': 114, 'st(1)': 115, 'st(2)': 116, 'st(3)': 117, 'st(4)': 118, 'st(5)': 119, 'st(6)': 120, 'st(7)': 121, 'xmm0': 122, 'xmm1': 123, 'xmm10': 132, 'xmm11': 133, 'xmm12': 134, 'xmm13': 135, 'xmm14': 136, 'xmm15': 137, 'xmm16': 138, 'xmm17': 139, 'xmm18': 140, 'xmm19': 141, 'xmm2': 124, 'xmm20': 142, 'xmm21': 143, 'xmm22': 144, 'xmm23': 145, 'xmm24': 146, 'xmm25': 147, 'xmm26': 148, 'xmm27': 149, 'xmm28': 150, 'xmm29': 151, 'xmm3': 125, 'xmm30': 152, 'xmm31': 153, 'xmm4': 126, 'xmm5': 127, 'xmm6': 128, 'xmm7': 129, 'xmm8': 130, 'xmm9': 131, 'ymm0': 154, 'ymm1': 155, 'ymm10': 164, 'ymm11': 165, 'ymm12': 166, 'ymm13': 167, 'ymm14': 168, 'ymm15': 169, 'ymm16': 170, 'ymm17': 171, 'ymm18': 172, 'ymm19': 173, 'ymm2': 156, 'ymm20': 174, 'ymm21': 175, 'ymm22': 176, 'ymm23': 177, 'ymm24': 178, 'ymm25': 179, 'ymm26': 180, 'ymm27': 181, 'ymm28': 182, 'ymm29': 183, 'ymm3': 157, 'ymm30': 184, 'ymm31': 185, 'ymm4': 158, 'ymm5': 159, 'ymm6': 160, 'ymm7': 161, 'ymm8': 162, 'ymm9': 163, 'zmm0': 186, 'zmm1': 187, 'zmm10': 196, 'zmm11': 197, 'zmm12': 198, 'zmm13': 199, 'zmm14': 200, 'zmm15': 201, 'zmm16': 202, 'zmm17': 203, 'zmm18': 204, 'zmm19': 205, 'zmm2': 188, 'zmm20': 206, 'zmm21': 207, 'zmm22': 208, 'zmm23': 209, 'zmm24': 210, 'zmm25': 211, 'zmm26': 212, 'zmm27': 213, 'zmm28': 214, 'zmm29': 215, 'zmm3': 189, 'zmm30': 216, 'zmm31': 217, 'zmm4': 190, 'zmm5': 191, 'zmm6': 192, 'zmm7': 193, 'zmm8': 194, 'zmm9': 195}
imp_regs = ['eax', 'ebx', 'ecx', 'edx', 'esi', 'edi', 'ebp', 'esp', 'eip', 'flags']
msr_read(msr_id)
msr_write(msr_id, value)
class zelos.emulator.x86.x86_64EmuHelper(unicorn_engine, state)

Bases: zelos.emulator.base.IEmuHelper

ip_reg = 'rip'
sp_reg = 'rsp'
fp_reg = 'rbp'
regmap = {'ah': 1, 'al': 2, 'ax': 3, 'bh': 4, 'bl': 5, 'bp': 6, 'bpl': 7, 'bx': 8, 'ch': 9, 'cl': 10, 'cr0': 50, 'cr1': 51, 'cr10': 60, 'cr11': 61, 'cr12': 62, 'cr13': 63, 'cr14': 64, 'cr15': 65, 'cr2': 52, 'cr3': 53, 'cr4': 54, 'cr5': 55, 'cr6': 56, 'cr7': 57, 'cr8': 58, 'cr9': 59, 'cs': 11, 'cx': 12, 'dh': 13, 'di': 14, 'dil': 15, 'dl': 16, 'dr0': 66, 'dr1': 67, 'dr10': 76, 'dr11': 77, 'dr12': 78, 'dr13': 79, 'dr14': 80, 'dr15': 81, 'dr2': 68, 'dr3': 69, 'dr4': 70, 'dr5': 71, 'dr6': 72, 'dr7': 73, 'dr8': 74, 'dr9': 75, 'ds': 17, 'dx': 18, 'eax': 19, 'ebp': 20, 'ebx': 21, 'ecx': 22, 'edi': 23, 'edx': 24, 'eip': 26, 'eiz': 27, 'es': 28, 'esi': 29, 'esp': 30, 'flags': 25, 'fp0': 82, 'fp1': 83, 'fp2': 84, 'fp3': 85, 'fp4': 86, 'fp5': 87, 'fp6': 88, 'fp7': 89, 'fpsw': 31, 'fs': 32, 'gdtr': 243, 'gs': 33, 'ip': 34, 'k0': 90, 'k1': 91, 'k2': 92, 'k3': 93, 'k4': 94, 'k5': 95, 'k6': 96, 'k7': 97, 'mm0': 98, 'mm1': 99, 'mm2': 100, 'mm3': 101, 'mm4': 102, 'mm5': 103, 'mm6': 104, 'mm7': 105, 'r10': 108, 'r10b': 220, 'r10d': 228, 'r10w': 236, 'r11': 109, 'r11b': 221, 'r11d': 229, 'r11w': 237, 'r12': 110, 'r12b': 222, 'r12d': 230, 'r12w': 238, 'r13': 111, 'r13b': 223, 'r13d': 231, 'r13w': 239, 'r14': 112, 'r14b': 224, 'r14d': 232, 'r14w': 240, 'r15': 113, 'r15b': 225, 'r15d': 233, 'r15w': 241, 'r8': 106, 'r8b': 218, 'r8d': 226, 'r8w': 234, 'r9': 107, 'r9b': 219, 'r9d': 227, 'r9w': 235, 'rax': 35, 'rbp': 36, 'rbx': 37, 'rcx': 38, 'rdi': 39, 'rdx': 40, 'rip': 41, 'riz': 42, 'rsi': 43, 'rsp': 44, 'si': 45, 'sil': 46, 'sp': 47, 'spl': 48, 'ss': 49, 'st(0)': 114, 'st(1)': 115, 'st(2)': 116, 'st(3)': 117, 'st(4)': 118, 'st(5)': 119, 'st(6)': 120, 'st(7)': 121, 'xmm0': 122, 'xmm1': 123, 'xmm10': 132, 'xmm11': 133, 'xmm12': 134, 'xmm13': 135, 'xmm14': 136, 'xmm15': 137, 'xmm16': 138, 'xmm17': 139, 'xmm18': 140, 'xmm19': 141, 'xmm2': 124, 'xmm20': 142, 'xmm21': 143, 'xmm22': 144, 'xmm23': 145, 'xmm24': 146, 'xmm25': 147, 'xmm26': 148, 'xmm27': 149, 'xmm28': 150, 'xmm29': 151, 'xmm3': 125, 'xmm30': 152, 'xmm31': 153, 'xmm4': 126, 'xmm5': 127, 'xmm6': 128, 'xmm7': 129, 'xmm8': 130, 'xmm9': 131, 'ymm0': 154, 'ymm1': 155, 'ymm10': 164, 'ymm11': 165, 'ymm12': 166, 'ymm13': 167, 'ymm14': 168, 'ymm15': 169, 'ymm16': 170, 'ymm17': 171, 'ymm18': 172, 'ymm19': 173, 'ymm2': 156, 'ymm20': 174, 'ymm21': 175, 'ymm22': 176, 'ymm23': 177, 'ymm24': 178, 'ymm25': 179, 'ymm26': 180, 'ymm27': 181, 'ymm28': 182, 'ymm29': 183, 'ymm3': 157, 'ymm30': 184, 'ymm31': 185, 'ymm4': 158, 'ymm5': 159, 'ymm6': 160, 'ymm7': 161, 'ymm8': 162, 'ymm9': 163, 'zmm0': 186, 'zmm1': 187, 'zmm10': 196, 'zmm11': 197, 'zmm12': 198, 'zmm13': 199, 'zmm14': 200, 'zmm15': 201, 'zmm16': 202, 'zmm17': 203, 'zmm18': 204, 'zmm19': 205, 'zmm2': 188, 'zmm20': 206, 'zmm21': 207, 'zmm22': 208, 'zmm23': 209, 'zmm24': 210, 'zmm25': 211, 'zmm26': 212, 'zmm27': 213, 'zmm28': 214, 'zmm29': 215, 'zmm3': 189, 'zmm30': 216, 'zmm31': 217, 'zmm4': 190, 'zmm5': 191, 'zmm6': 192, 'zmm7': 193, 'zmm8': 194, 'zmm9': 195}
imp_regs = ['rax', 'rbx', 'rcx', 'rdx', 'rsi', 'rdi', 'rbp', 'rsp', 'rip', 'flags']
msr_read(msr_id)
msr_write(msr_id, value)