From 91cf527253d80d3b2abd8f9f224a57baf104022c Mon Sep 17 00:00:00 2001 From: JoYo <> Date: Sun, 24 Feb 2019 06:18:46 +0000 Subject: [PATCH] better logging for disasssembler --- sins/disassemble.py | 10 +++++++++- sins/orm.py | 9 ++++----- 2 files changed, 13 insertions(+), 6 deletions(-) diff --git a/sins/disassemble.py b/sins/disassemble.py index 0e0d085..9f8d3a2 100644 --- a/sins/disassemble.py +++ b/sins/disassemble.py @@ -4,10 +4,18 @@ import json capstone = Cs(CS_ARCH_X86, CS_MODE_64) -def disasm(shellcode: bytes)->str: +def disasm(shellcode: bytes)->list: opcodes = list() for opcode in capstone.disasm(shellcode, 0): opcodes.append([opcode.mnemonic, opcode.op_str]) return opcodes + +def objdump(shellcode: bytes)->str: + opcodes = str() + + for opcode in capstone.disasm(shellcode, 0): + opcodes += f'{opcode.mnemonic} {opcode.op_str}' + + return opcodes diff --git a/sins/orm.py b/sins/orm.py index 609f524..9399c54 100644 --- a/sins/orm.py +++ b/sins/orm.py @@ -8,7 +8,7 @@ from sqlalchemy.orm import Session, relationship, backref from sqlalchemy.orm.collections import attribute_mapped_collection import json -from .disassemble import disasm +from .disassemble import objdump now = '{0:%Y%m%dT%H%M%S}'.format(datetime.utcnow()) Base = declarative_base() @@ -29,7 +29,7 @@ class ScrapNode(Base): mtime = Column(DateTime, onupdate=datetime.utcnow) parent_id = Column(Integer, ForeignKey(id)) checksum = Column(String) - disasm = Column(String) + objdump = Column(String) image = Column(LargeBinary) children = relationship( @@ -43,18 +43,17 @@ class ScrapNode(Base): self.image = child self.length = len(child) self.sha1sum - self.disasm = str(disasm(child)) + self.objdump = objdump(child) def __repr__(self): values = { 'checksum': self.checksum, 'length': self.length, - 'disasm': self.disasm, 'parent_id': self.parent_id, 'id': self.id, } - return json.dumps(values, indent=1) + return f'{values}\n{self.objdump}' @property def sha1sum(self):