Difference between revisions of "Lua:splitDisassembledString"
Jump to navigation
Jump to search
(→Related Functions) |
|||
(2 intermediate revisions by the same user not shown) | |||
Line 53: | Line 53: | ||
− | + | {{LuaSeeAlso}} | |
− | |||
− | |||
=== Related Functions === | === Related Functions === | ||
− | * [[disassemble]] | + | * [[Lua:disassemble|disassemble]] |
− | * [[getInstructionSize]] | + | * [[Lua:getInstructionSize|getInstructionSize]] |
− | * [[getPreviousOpcode]] | + | * [[Lua:getPreviousOpcode|getPreviousOpcode]] |
− | * [[AOBScan]] | + | * [[Lua:AOBScan|AOBScan]] |
− | * [[autoAssemble]] | + | * [[Lua:autoAssemble|autoAssemble]] |
− | * [[readBytes]] | + | * [[Lua:readBytes|readBytes]] |
− | * [[readPointer]] | + | * [[Lua:readPointer|readPointer]] |
− | * [[writeBytes]] | + | * [[Lua:writeBytes|writeBytes]] |
− | * [[readBytesLocal]] | + | * [[Lua:readBytesLocal|readBytesLocal]] |
− | * [[readPointerLocal]] | + | * [[Lua:readPointerLocal|readPointerLocal]] |
− | * [[writeBytesLocal]] | + | * [[Lua:writeBytesLocal|writeBytesLocal]] |
− | * [[wordToByteTable]] | + | * [[Lua:wordToByteTable|wordToByteTable]] |
− | * [[dwordToByteTable]] | + | * [[Lua:dwordToByteTable|dwordToByteTable]] |
− | * [[qwordToByteTable]] | + | * [[Lua:qwordToByteTable|qwordToByteTable]] |
− | * [[floatToByteTable]] | + | * [[Lua:floatToByteTable|floatToByteTable]] |
− | * [[doubleToByteTable]] | + | * [[Lua:doubleToByteTable|doubleToByteTable]] |
− | * [[stringToByteTable]] | + | * [[Lua:stringToByteTable|stringToByteTable]] |
− | * [[wideStringToByteTable]] | + | * [[Lua:wideStringToByteTable|wideStringToByteTable]] |
− | * [[byteTableToWord]] | + | * [[Lua:byteTableToWord|byteTableToWord]] |
− | * [[byteTableToDword]] | + | * [[Lua:byteTableToDword|byteTableToDword]] |
− | * [[byteTableToQword]] | + | * [[Lua:byteTableToQword|byteTableToQword]] |
− | * [[byteTableToFloat]] | + | * [[Lua:byteTableToFloat|byteTableToFloat]] |
− | * [[byteTableToDouble]] | + | * [[Lua:byteTableToDouble|byteTableToDouble]] |
− | * [[byteTableToString]] | + | * [[Lua:byteTableToString|byteTableToString]] |
− | * [[byteTableToWideString]] | + | * [[Lua:byteTableToWideString|byteTableToWideString]] |
Latest revision as of 01:18, 25 January 2018
function splitDisassembledString(DisassembledString) : (string, string, string, string - nil)
Slipts a disassembler string, returning 4 strings. The address, bytes, opcode and extra field. To be used with return from disassemble.
Function Parameters[edit]
Parameter | Type | Description |
---|---|---|
DisassembledString | string | The disassembled string to split |
Examples[edit]
local addr = getAddress('00123ABC') local disassStr = disassemble(addr) local extraField, opcode, bytes, address = splitDisassembledString(disassStr) local addr_2 = addr + getInstructionSize(addr) local disassStr_2 = disassemble(addr) local extraField_2, opcode_2, bytes_2, address_2 = splitDisassembledString(disassStr)
Code:
local addr = getAddress('Tutorial-x86_64.exe+164A7') local disassStr = disassemble(addr) local extraField, opcode, bytes, address = splitDisassembledString(disassStr) for i = 1, 10 do local a = getNameFromAddress(address) or address local b = bytes .. string.rep(' ', 20 - #bytes) local o = opcode .. string.rep(' ', 30 - #opcode) print(string.format('%s: %s - %s %s', a, b, o, extraField)) addr = addr + getInstructionSize(addr) disassStr = disassemble(addr) extraField, opcode, bytes, address = splitDisassembledString(disassStr) end
Output:
Tutorial-x86_64.exe+164A7: 48 63 40 3C - movsxd rax,dword ptr [rax+3C] Tutorial-x86_64.exe+164AB: 48 8D 04 03 - lea rax,[rbx+rax] Tutorial-x86_64.exe+164AF: 48 8B 40 60 - mov rax,[rax+60] Tutorial-x86_64.exe+164B3: 90 - nop Tutorial-x86_64.exe+164B4: 48 8D 64 24 20 - lea rsp,[rsp+20] Tutorial-x86_64.exe+164B9: 5B - pop rbx Tutorial-x86_64.exe+164BA: C3 - ret Tutorial-x86_64.exe+164BB: 00 00 - add [rax],al Tutorial-x86_64.exe+164BD: 00 00 - add [rax],al Tutorial-x86_64.exe+164BF: 00 53 48 - add [rbx+48],dl
See also[edit]
Related Functions[edit]
- disassemble
- getInstructionSize
- getPreviousOpcode
- AOBScan
- autoAssemble
- readBytes
- readPointer
- writeBytes
- readBytesLocal
- readPointerLocal
- writeBytesLocal
- wordToByteTable
- dwordToByteTable
- qwordToByteTable
- floatToByteTable
- doubleToByteTable
- stringToByteTable
- wideStringToByteTable
- byteTableToWord
- byteTableToDword
- byteTableToQword
- byteTableToFloat
- byteTableToDouble
- byteTableToString
- byteTableToWideString