Exetools

Exetools (https://forum.exetools.com/index.php)
-   General Discussion (https://forum.exetools.com/forumdisplay.php?f=2)
-   -   C/C++ Library for Evaluate ASM Codes (https://forum.exetools.com/showthread.php?t=20154)

vic4key 05-17-2022 11:15
C/C++ Library for Evaluate ASM Codes
 
Hi everyone.

I'm looking for a tiny library (very tiny or lightweight library - because, it's just for simple instructions like the sample below) in C/C++ (or binding) that able to:
- Evaluate simple x86/x64 assembly codes (execute codes from a string to get output).
- Each asm instruction has callback or hook (at least memory access instruction, for several special purposes, E.g. using ReadProcessMemory to read memory from other process, etc).
Maybe a little bit like a VM.

Code:
MOV RAX,$INPUT
ADD RAX,8
MOV RAX,[RAX] # eg. memory access instruction
MOV $OUTPUT,RAX
Hint me. Thanks.

BlackWhite 07-13-2022 21:45
This may be what you want:
(1) Chinese introduction
https://tboox.org/cn/2016/07/26/x86-script-instruction-virtual-machine/
(2) Source code
https://github.com/tboox/vm86

chants 07-14-2022 11:15
If you are willing to do a bit of coding, ASMJit is a good choice. It's much powerful in capabilities than your needs, but flexible and let's you do anything including execute dynamically. It has an assembly parser called asmtk or the like. It's probably 30 lines of code to do everything you asked for that simple snippet. How inputs and outputs are dealt with would be the only tricky part...both parsing and binding it, but it's feasible

sendersu 07-15-2022 12:39
well-known x64dbg is using asmjit, some examples of usage over here
https://github.com/x64dbg/x64dbg/blob/development/src/dbg/assemble.cpp

vic4key 07-16-2022 02:37
Quote:
Originally Posted by sendersu (Post 125589)
well-known x64dbg is using asmjit, some examples of usage over here
https://github.com/x64dbg/x64dbg/blob/development/src/dbg/assemble.cpp
Thanks. I have checked x64dbg's source code before, and I found the file src/dbg/value.cpp#L1974 is the most similar to what I want.
I'd like to take advantage of the existing codes to avoid rewriting, but it's released under the GNU license, a bit inconvenient, although my software is open source.

vic4key 07-16-2022 02:55
@BlackWhite @chants I created the topic long time, no one answer, so I think it's being in the hell now and I didn't come back to see your answers. Thank you guys.

Quote:
Originally Posted by BlackWhite (Post 125584)
This may be what you want:
(1) Chinese introduction
https://tboox.org/cn/2016/07/26/x86-script-instruction-virtual-machine/
(2) Source code
https://github.com/tboox/vm86
Sadly, it is x86 only, not supported x64.

Quote:
Originally Posted by chants (Post 125587)
If you are willing to do a bit of coding, ASMJit is a good choice. It's much powerful in capabilities than your needs, but flexible and let's you do anything including execute dynamically. It has an assembly parser called asmtk or the like. It's probably 30 lines of code to do everything you asked for that simple snippet. How inputs and outputs are dealt with would be the only tricky part...both parsing and binding it, but it's feasible
Seems it did not satisfy "Each asm instruction has callback or hook (at least memory access instruction, for several special purposes, E.g. using ReadProcessMemory to read memory from other process, etc)". If not, hint me more please.

0xall0c 07-16-2022 19:08
you can use keystone https://github.com/keystone-engine/keystone for parsing the assembly and then use unicorn https://github.com/unicorn-engine/unicorn to execute the instructions, which have all the hooks you want on every instruction execution. if you want to emulate complete pe file then you can use qiling https://github.com/qilingframework/qiling.


All times are GMT +8. The time now is 19:40.

Powered by vBulletin® Version 3.8.8
Copyright ©2000 - 2024, vBulletin Solutions, Inc.
Always Your Best Friend: Aaron, JMI, ahmadmansoor, ZeNiX