Lua:splitDisassembledString
Jump to navigation
Jump to search
function splitDisassembledString(DisassembledString) : (string, string, string, string - nil)
Slipts a disassembler string, returning 4 strings. The address, bytes, opcode and extra field. To be used with return from disassemble.
Function Parameters
Parameter | Type | Description |
---|---|---|
DisassembledString | string | The disassembled string to split |
Examples
local addr = getAddress('00123ABC') local disassStr = disassemble(addr) local extraField, opcode, bytes, address = splitDisassembledString(disassStr) local addr_2 = addr + getInstructionSize(addr) local disassStr_2 = disassemble(addr) local extraField_2, opcode_2, bytes_2, address_2 = splitDisassembledString(disassStr)
Code:
local addr = getAddress('Tutorial-x86_64.exe+164A7') local disassStr = disassemble(addr) local extraField, opcode, bytes, address = splitDisassembledString(disassStr) for i = 1, 10 do local a = getNameFromAddress(address) or address local b = bytes .. string.rep(' ', 20 - #bytes) local o = opcode .. string.rep(' ', 30 - #opcode) print(string.format('%s: %s - %s %s', a, b, o, extraField)) addr = addr + getInstructionSize(addr) disassStr = disassemble(addr) extraField, opcode, bytes, address = splitDisassembledString(disassStr) end
Output:
Tutorial-x86_64.exe+164A7: 48 63 40 3C - movsxd rax,dword ptr [rax+3C] Tutorial-x86_64.exe+164AB: 48 8D 04 03 - lea rax,[rbx+rax] Tutorial-x86_64.exe+164AF: 48 8B 40 60 - mov rax,[rax+60] Tutorial-x86_64.exe+164B3: 90 - nop Tutorial-x86_64.exe+164B4: 48 8D 64 24 20 - lea rsp,[rsp+20] Tutorial-x86_64.exe+164B9: 5B - pop rbx Tutorial-x86_64.exe+164BA: C3 - ret Tutorial-x86_64.exe+164BB: 00 00 - add [rax],al Tutorial-x86_64.exe+164BD: 00 00 - add [rax],al Tutorial-x86_64.exe+164BF: 00 53 48 - add [rbx+48],dl
See also
Related Functions
- disassemble
- getInstructionSize
- getPreviousOpcode
- AOBScan
- autoAssemble
- readBytes
- readPointer
- writeBytes
- readBytesLocal
- readPointerLocal
- writeBytesLocal
- wordToByteTable
- dwordToByteTable
- qwordToByteTable
- floatToByteTable
- doubleToByteTable
- stringToByteTable
- wideStringToByteTable
- byteTableToWord
- byteTableToDword
- byteTableToQword
- byteTableToFloat
- byteTableToDouble
- byteTableToString
- byteTableToWideString