x64dbg/x64dbg
x64dbg
/
x64dbg
1
0
Fork 0
Code Releases 5 Activity

DBG: Separate my analysis into analysis_nukem.cpp (along with command)

This commit is contained in:
Nukem 2015-07-11 16:41:00 -04:00
parent 28d8c90127
commit 4e41298bb4
7 changed files with 50 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

23
x64_dbg_dbg/analysis_nukem.cpp Normal file
View File

@ -0,0 +1,23 @@
#include "analysis_nukem.h"
#include "BasicBlock.h"
#include "LinearPass.h"
#include "FunctionPass.h"
#include "console.h"
void Analyse_nukem(uint base, uint size)
{
dputs("Starting analysis (Nukem)...");
DWORD ticks = GetTickCount();
uint end = base + size;
BBlockArray blocks;
LinearPass* pass1 = new LinearPass(base, end, blocks);
pass1->Analyse();
FunctionPass* pass2 = new FunctionPass(base, end, blocks);
pass2->Analyse();
dprintf("Analysis finished in %ums!\n", GetTickCount() - ticks);
}

5
x64_dbg_dbg/analysis_nukem.h Normal file
View File

@ -0,0 +1,5 @@
#pragma once
#include "_global.h"
void Analyse_nukem(uint base, uint size);

12
x64_dbg_dbg/instruction.cpp
View File

@ -28,6 +28,7 @@
#include "filereader.h"
#include "functionanalysis.h"
#include "controlflowanalysis.h"
#include "analysis_nukem.h"
static bool bRefinit = false;
@ -1899,6 +1900,17 @@ CMDRESULT cbInstrCapstone(int argc, char* argv[])
return STATUS_CONTINUE;
}
CMDRESULT cbInstrAnalyseNukem(int argc, char* argv[])
{
SELECTIONDATA sel;
GuiSelectionGet(GUI_DISASSEMBLY, &sel);
uint size = 0;
uint base = MemFindBaseAddr(sel.start, &size);
Analyse_nukem(base, size);
GuiUpdateAllViews();
return STATUS_CONTINUE;
}
CMDRESULT cbInstrAnalyse(int argc, char* argv[])
{
SELECTIONDATA sel;

1
x64_dbg_dbg/instruction.h
View File

@ -67,6 +67,7 @@ CMDRESULT cbInstrYaramod(int argc, char* argv[]);
CMDRESULT cbInstrLog(int argc, char* argv[]);
CMDRESULT cbInstrCapstone(int argc, char* argv[]);
CMDRESULT cbInstrAnalyseNukem(int argc, char* argv[]);
CMDRESULT cbInstrAnalyse(int argc, char* argv[]);
CMDRESULT cbInstrVisualize(int argc, char* argv[]);
CMDRESULT cbInstrMeminfo(int argc, char* argv[]);

1
x64_dbg_dbg/x64_dbg.cpp
View File

@ -189,6 +189,7 @@ static void registercommands()
dbgcmdnew("yara", cbInstrYara, true); //yara test command
dbgcmdnew("yaramod", cbInstrYaramod, true); //yara rule on module
dbgcmdnew("analyse\1analyze\1anal", cbInstrAnalyse, true); //secret analysis command
dbgcmdnew("analyse_nukem", cbInstrAnalyseNukem, true); //secret analysis command #2
//undocumented
dbgcmdnew("bench", cbDebugBenchmark, true); //benchmark test (readmem etc)

2
x64_dbg_dbg/x64_dbg_dbg.vcxproj
View File

@ -22,6 +22,7 @@
<ClCompile Include="addrinfo.cpp" />
<ClCompile Include="analysis.cpp" />
<ClCompile Include="AnalysisPass.cpp" />
<ClCompile Include="analysis_nukem.cpp" />
<ClCompile Include="assemble.cpp" />
<ClCompile Include="bookmark.cpp" />
<ClCompile Include="breakpoint.cpp" />
@ -86,6 +87,7 @@
<ClInclude Include="addrinfo.h" />
<ClInclude Include="analysis.h" />
<ClInclude Include="AnalysisPass.h" />
<ClInclude Include="analysis_nukem.h" />
<ClInclude Include="assemble.h" />
<ClInclude Include="BasicBlock.h" />
<ClInclude Include="bookmark.h" />

6
x64_dbg_dbg/x64_dbg_dbg.vcxproj.filters
View File

@ -273,6 +273,9 @@
<ClCompile Include="analysis.cpp">
<Filter>Source Files\Analysis</Filter>
</ClCompile>
<ClCompile Include="analysis_nukem.cpp">
<Filter>Source Files\Analysis</Filter>
</ClCompile>
</ItemGroup>
<ItemGroup>
<ClInclude Include="x64_dbg.h">
@ -626,5 +629,8 @@
<ClInclude Include="analysis.h">
<Filter>Header Files\Analysis</Filter>
</ClInclude>
<ClInclude Include="analysis_nukem.h">
<Filter>Header Files\Analysis</Filter>
</ClInclude>
</ItemGroup>
</Project>