Vic Posted May 17, 2022 Share Posted May 17, 2022 Hi everyone. I'm looking for a tiny library in C/C++ (or binding) that able to: - Evaluate simple x86/x64 assembly codes (execute codes from a string to get output). - Each asm instruction has callback or hook (at least memory access instruction, for several special purposes, E.g. using ReadProcessMemory to read memory from other process, etc). Maybe a little bit like a VM. MOV RAX,$INPUT ADD RAX,8 MOV RAX,[RAX] # eg. memory access instruction MOV $OUTPUT,RAX Hint me. Thanks. Link to comment
deepzero Posted May 17, 2022 Share Posted May 17, 2022 You are looking for an emulator. Check out e.g. https://www.unicorn-engine.org/ Link to comment
Vic Posted May 18, 2022 Author Share Posted May 18, 2022 It's not a tiny library. I think it is not needed to write many codes to evaluate a simple asm expression. Probably, anybody already wrote it. I'm searching more, or I will try to write it myself if not exists. Link to comment
deepzero Posted May 18, 2022 Share Posted May 18, 2022 Version 1 of the library has no dependency on QEMU, I think. You will find that x86 is surprisingly complex and your tiny library may not end up as tiny as you expect. 1 Link to comment
kao Posted May 19, 2022 Share Posted May 19, 2022 (edited) You should decide what exactly you want to have: 1) engine that supports all x86/64 instructions, all registers, flags and memory accesses. In that case, you're most likely looking for an assembler + emulator. NASM is quite nice opensource assembler, it takes text like "mov eax, 1234h" and produces x86/x64 code as bytes. https://github.com/netwide-assembler/nasm. Better known alternative is FASM - but it's written in assembly, so maintenance will be painful. Unicorn is an emulator - it takes bytes, disassembles them to x86/x64 code and then emulates it. You'll need a combination of both to achieve the desired result ("execute codes from a string to get output") 2) simple scripting engine which supports something-that-looks-like-x86-assembler, with a very limited set of instructions. Then take a look at ODBGScript sources, it's a good place to start. https://github.com/x64dbg/ODbgScript/blob/master/ODbgScript/OllyLang.cpp https://github.com/x64dbg/ODbgScript/blob/master/ODbgScript/OllyLangCommands.cpp Edited May 19, 2022 by kao Link to comment
Vic Posted May 21, 2022 Author Share Posted May 21, 2022 Sorry for slow reply. Case 2 is satisfied my expect. I have also thought about some open source like: - AsmJit at https://asmjit.com/ - OllyScript at http://www.openrce.org/downloads/details/182/OllyScript_Source_Code - x64dbg (ExpressionParser) at https://github.com/x64dbg/x64dbg/blob/c37a4867c93134368397e5c3c4b77136df6bab6e/src/dbg/expressionparser.cpp#L78 Probably I will look at several existing classes in these projects. They released under the GNU and ZLib license. Link to comment
Recommended Posts
Create an account or sign in to comment
You need to be a member in order to leave a comment
Create an account
Sign up for a new account in our community. It's easy!
Register a new accountSign in
Already have an account? Sign in here.
Sign In Now