Difference between revisions of "Lua:splitDisassembledString"
Jump to navigation
Jump to search
(Created page with ''''function''' splitDisassembledString(''DisassembledString'') Slipts a disassembler string, returning 4 strings. The address, bytes, opcode and extra field. To be used with ret…') |
(→Related Functions) |
||
| (7 intermediate revisions by the same user not shown) | |||
| Line 1: | Line 1: | ||
| − | '''function''' splitDisassembledString(''DisassembledString'') | + | [[Category:Lua]] |
| + | '''function''' splitDisassembledString(''DisassembledString'') ''':''' (string, string, string, string '''-''' nil) | ||
Slipts a disassembler string, returning 4 strings. The address, bytes, opcode and extra field. | Slipts a disassembler string, returning 4 strings. The address, bytes, opcode and extra field. | ||
| Line 26: | Line 27: | ||
| − | == | + | Code: |
| − | + | local addr = getAddress('Tutorial-x86_64.exe+164A7') | |
| − | + | local disassStr = disassemble(addr) | |
| + | local extraField, opcode, bytes, address = splitDisassembledString(disassStr) | ||
| + | for i = 1, 10 do | ||
| + | local a = getNameFromAddress(address) or address | ||
| + | local b = bytes .. string.rep(' ', 20 - #bytes) | ||
| + | local o = opcode .. string.rep(' ', 30 - #opcode) | ||
| + | print(string.format('%s: %s - %s %s', a, b, o, extraField)) | ||
| + | addr = addr + getInstructionSize(addr) | ||
| + | disassStr = disassemble(addr) | ||
| + | extraField, opcode, bytes, address = splitDisassembledString(disassStr) | ||
| + | end | ||
| + | Output: | ||
| + | Tutorial-x86_64.exe+164A7: 48 63 40 3C - movsxd rax,dword ptr [rax+3C] | ||
| + | Tutorial-x86_64.exe+164AB: 48 8D 04 03 - lea rax,[rbx+rax] | ||
| + | Tutorial-x86_64.exe+164AF: 48 8B 40 60 - mov rax,[rax+60] | ||
| + | Tutorial-x86_64.exe+164B3: 90 - nop | ||
| + | Tutorial-x86_64.exe+164B4: 48 8D 64 24 20 - lea rsp,[rsp+20] | ||
| + | Tutorial-x86_64.exe+164B9: 5B - pop rbx | ||
| + | Tutorial-x86_64.exe+164BA: C3 - ret | ||
| + | Tutorial-x86_64.exe+164BB: 00 00 - add [rax],al | ||
| + | Tutorial-x86_64.exe+164BD: 00 00 - add [rax],al | ||
| + | Tutorial-x86_64.exe+164BF: 00 53 48 - add [rbx+48],dl | ||
| + | |||
| + | |||
| + | {{LuaSeeAlso}} | ||
=== Related Functions === | === Related Functions === | ||
| − | * [[disassemble]] | + | * [[Lua:disassemble|disassemble]] |
| − | * [[getInstructionSize]] | + | * [[Lua:getInstructionSize|getInstructionSize]] |
| − | * [[getPreviousOpcode]] | + | * [[Lua:getPreviousOpcode|getPreviousOpcode]] |
| − | * [[AOBScan]] | + | * [[Lua:AOBScan|AOBScan]] |
| − | * [[autoAssemble]] | + | * [[Lua:autoAssemble|autoAssemble]] |
| − | * [[readBytes]] | + | * [[Lua:readBytes|readBytes]] |
| − | * [[readPointer]] | + | * [[Lua:readPointer|readPointer]] |
| − | * [[writeBytes]] | + | * [[Lua:writeBytes|writeBytes]] |
| − | * [[ | + | * [[Lua:readBytesLocal|readBytesLocal]] |
| − | + | * [[Lua:readPointerLocal|readPointerLocal]] | |
| − | * [[readPointerLocal]] | + | * [[Lua:writeBytesLocal|writeBytesLocal]] |
| − | * [[writeBytesLocal]] | + | * [[Lua:wordToByteTable|wordToByteTable]] |
| − | * [[wordToByteTable]] | + | * [[Lua:dwordToByteTable|dwordToByteTable]] |
| − | * [[dwordToByteTable]] | + | * [[Lua:qwordToByteTable|qwordToByteTable]] |
| − | * [[qwordToByteTable]] | + | * [[Lua:floatToByteTable|floatToByteTable]] |
| − | * [[floatToByteTable]] | + | * [[Lua:doubleToByteTable|doubleToByteTable]] |
| − | * [[doubleToByteTable]] | + | * [[Lua:stringToByteTable|stringToByteTable]] |
| − | * [[stringToByteTable]] | + | * [[Lua:wideStringToByteTable|wideStringToByteTable]] |
| − | * [[wideStringToByteTable]] | + | * [[Lua:byteTableToWord|byteTableToWord]] |
| − | * [[byteTableToWord]] | + | * [[Lua:byteTableToDword|byteTableToDword]] |
| − | * [[byteTableToDword]] | + | * [[Lua:byteTableToQword|byteTableToQword]] |
| − | * [[byteTableToQword]] | + | * [[Lua:byteTableToFloat|byteTableToFloat]] |
| − | * [[byteTableToFloat]] | + | * [[Lua:byteTableToDouble|byteTableToDouble]] |
| − | * [[byteTableToDouble]] | + | * [[Lua:byteTableToString|byteTableToString]] |
| − | * [[byteTableToString]] | + | * [[Lua:byteTableToWideString|byteTableToWideString]] |
| − | * [[byteTableToWideString]] | ||
Latest revision as of 01:18, 25 January 2018
function splitDisassembledString(DisassembledString) : (string, string, string, string - nil)
Slipts a disassembler string, returning 4 strings. The address, bytes, opcode and extra field. To be used with return from disassemble.
Function Parameters[edit]
| Parameter | Type | Description |
|---|---|---|
| DisassembledString | string | The disassembled string to split |
Examples[edit]
local addr = getAddress('00123ABC')
local disassStr = disassemble(addr)
local extraField, opcode, bytes, address = splitDisassembledString(disassStr)
local addr_2 = addr + getInstructionSize(addr)
local disassStr_2 = disassemble(addr)
local extraField_2, opcode_2, bytes_2, address_2 = splitDisassembledString(disassStr)
Code:
local addr = getAddress('Tutorial-x86_64.exe+164A7')
local disassStr = disassemble(addr)
local extraField, opcode, bytes, address = splitDisassembledString(disassStr)
for i = 1, 10 do
local a = getNameFromAddress(address) or address
local b = bytes .. string.rep(' ', 20 - #bytes)
local o = opcode .. string.rep(' ', 30 - #opcode)
print(string.format('%s: %s - %s %s', a, b, o, extraField))
addr = addr + getInstructionSize(addr)
disassStr = disassemble(addr)
extraField, opcode, bytes, address = splitDisassembledString(disassStr)
end
Output:
Tutorial-x86_64.exe+164A7: 48 63 40 3C - movsxd rax,dword ptr [rax+3C] Tutorial-x86_64.exe+164AB: 48 8D 04 03 - lea rax,[rbx+rax] Tutorial-x86_64.exe+164AF: 48 8B 40 60 - mov rax,[rax+60] Tutorial-x86_64.exe+164B3: 90 - nop Tutorial-x86_64.exe+164B4: 48 8D 64 24 20 - lea rsp,[rsp+20] Tutorial-x86_64.exe+164B9: 5B - pop rbx Tutorial-x86_64.exe+164BA: C3 - ret Tutorial-x86_64.exe+164BB: 00 00 - add [rax],al Tutorial-x86_64.exe+164BD: 00 00 - add [rax],al Tutorial-x86_64.exe+164BF: 00 53 48 - add [rbx+48],dl
See also[edit]
Related Functions[edit]
- disassemble
- getInstructionSize
- getPreviousOpcode
- AOBScan
- autoAssemble
- readBytes
- readPointer
- writeBytes
- readBytesLocal
- readPointerLocal
- writeBytesLocal
- wordToByteTable
- dwordToByteTable
- qwordToByteTable
- floatToByteTable
- doubleToByteTable
- stringToByteTable
- wideStringToByteTable
- byteTableToWord
- byteTableToDword
- byteTableToQword
- byteTableToFloat
- byteTableToDouble
- byteTableToString
- byteTableToWideString
