腹黒い茶 => YSITD: var list64 = ['rax', 'rcx', 'rdx', 'rbx', 'rsp', 'rbp', 'rsi', 'rdi'] var list32 = ['eax', 'ecx', 'edx', 'ebx', 'esp', 'ebp', 'esi', 'edi'] var list16 = ['ax', 'cx', 'dx', 'bx', 'sp', 'bp', 'si', 'di'] var list8 = ['al', 'cl', 'dl', 'bl', 'spl', 'bpl', 'sil', 'dil'] function extend_op(o) { var new_op_codes = [] if (o.extend_set != null) { for (var i in o.extend_set) { var op_code = o.extend_set[i] var op = Object.assign({}, o) op.op_list = Object.assign([], o.op_list) op.op_list[op.extend_loc] -= 0 - i op.log = op.log.replace(/%reg/, op_code) new_op_codes.push(op) } } else { new_op_codes = [ o ] } return new_op_codes } function btoc(b) { return b.map(b=>String.fromCharCode(b)).join('') } function ctob(c) { return Array.from(c).map(c=>c.charCodeAt(0)) } function hexString(b) { return hex(b.charCodeAt(0)) } function hex(c) { return '0x' + (c < 0x10 ? '0' + c.toString(0x10) : c.toString(0x10)) } var op_code = [ {op_list:[0x50], extend_set: list64, extend_loc: 0, log: 'push %reg', comment: 'push r64', handler: 'push_single_main64', data_bytes: 0}, {op_list:[0x58], extend_set: list64, extend_loc: 0, log: 'pop %reg', comment: 'pop r64', handler: 'pop_single_main64', data_bytes: 0}, {op_list:[0xb0], extend_set: list8, extend_loc: 0, log: 'mov %reg, %value', comment: 'mov r8, const8', handler: 'mov_single_main8', data_bytes: 1}, {op_list:[0x66,0xb8], extend_set: list16, extend_loc: 1, log: 'mov %reg, %value', comment: 'mov r16, const16', handler: 'mov_single_main16', data_bytes: 2}, {op_list:[0x66,0xc7,0xc0], extend_set: list16, extend_loc: 2, log: 'mov %reg, %value', comment: 'mov r16, const16', handler: 'mov_single_main16', data_bytes: 2}, {op_list:[0xb8], extend_set: list32, extend_loc: 0, log: 'mov %reg, %value', comment: 'mov r32, const32', handler: 'mov_single_main32', data_bytes: 4}, {op_list:[0xc7,0xc0], extend_set: list32, extend_loc: 1, log: 'mov %reg, %value', comment: 'mov r32, const32', handler: 'mov_single_main32', data_bytes: 4}, {op_list:[0x48,0xc7,0xc0], extend_set: list64, extend_loc: 2, log: 'mov %reg, %value', comment: 'mov r64, const32', handler: 'mov_single_main64', data_bytes: 4}, {op_list:[0x48,0xb8], extend_set: list64, extend_loc: 1, log: 'mov %reg, %value', comment: 'movabs r64, const64', handler: 'mov_single_main64', data_bytes: 8}, {op_list:[0x90], extend_set: null, extend_loc: null, log: 'nop', comment: 'nop', handler: 'nop', data_bytes: 0}, {op_list:[0x0f,0x05], extend_set: null, extend_loc: null, log: 'syscall', comment: 'syscall', handler: 'syscall', data_bytes: 0}, ].map(extend_op).flat() var code = "\x90\x55\x90\x59\x90\x0f\x05\xb0\x01\xbf\x02\x00\x00\x00\x0f\x05" #5cf60c2a8093912c9090db2f

腹黒い茶 says to YSITD

var list64 = ['rax', 'rcx', 'rdx', 'rbx', 'rsp', 'rbp', 'rsi', 'rdi'] var list32 = ['eax', 'ecx', 'edx', 'ebx', 'esp', 'ebp', 'esi', 'edi'] var list16 = ['ax', 'cx', 'dx', 'bx', 'sp', 'bp', 'si', 'di'] var list8 = ['al', 'cl', 'dl', 'bl', 'spl', 'bpl', 'sil', 'dil'] function extend_op(o) { var new_op_codes = [] if (o.extend_set != null) { for (var i in o.extend_set) { var op_code = o.extend_set[i] var op = Object.assign({}, o) op.op_list = Object.assign([], o.op_list) op.op_list[op.extend_loc] -= 0 - i op.log = op.log.replace(/%reg/, op_code) new_op_codes.push(op) } } else { new_op_codes = [ o ] } return new_op_codes } function btoc(b) { return b.map(b=>String.fromCharCode(b)).join('') } function ctob(c) { return Array.from(c).map(c=>c.charCodeAt(0)) } function hexString(b) { return hex(b.charCodeAt(0)) } function hex(c) { return '0x' + (c < 0x10 ? '0' + c.toString(0x10) : c.toString(0x10)) } var op_code = [ {op_list:[0x50], extend_set: list64, extend_loc: 0, log: 'push %reg', comment: 'push r64', handler: 'push_single_main64', data_bytes: 0}, {op_list:[0x58], extend_set: list64, extend_loc: 0, log: 'pop %reg', comment: 'pop r64', handler: 'pop_single_main64', data_bytes: 0}, {op_list:[0xb0], extend_set: list8, extend_loc: 0, log: 'mov %reg, %value', comment: 'mov r8, const8', handler: 'mov_single_main8', data_bytes: 1}, {op_list:[0x66,0xb8], extend_set: list16, extend_loc: 1, log: 'mov %reg, %value', comment: 'mov r16, const16', handler: 'mov_single_main16', data_bytes: 2}, {op_list:[0x66,0xc7,0xc0], extend_set: list16, extend_loc: 2, log: 'mov %reg, %value', comment: 'mov r16, const16', handler: 'mov_single_main16', data_bytes: 2}, {op_list:[0xb8], extend_set: list32, extend_loc: 0, log: 'mov %reg, %value', comment: 'mov r32, const32', handler: 'mov_single_main32', data_bytes: 4}, {op_list:[0xc7,0xc0], extend_set: list32, extend_loc: 1, log: 'mov %reg, %value', comment: 'mov r32, const32', handler: 'mov_single_main32', data_bytes: 4}, {op_list:[0x48,0xc7,0xc0], extend_set: list64, extend_loc: 2, log: 'mov %reg, %value', comment: 'mov r64, const32', handler: 'mov_single_main64', data_bytes: 4}, {op_list:[0x48,0xb8], extend_set: list64, extend_loc: 1, log: 'mov %reg, %value', comment: 'movabs r64, const64', handler: 'mov_single_main64', data_bytes: 8}, {op_list:[0x90], extend_set: null, extend_loc: null, log: 'nop', comment: 'nop', handler: 'nop', data_bytes: 0}, {op_list:[0x0f,0x05], extend_set: null, extend_loc: null, log: 'syscall', comment: 'syscall', handler: 'syscall', data_bytes: 0}, ].map(extend_op).flat() var code = "\x90\x55\x90\x59\x90\x0f\x05\xb0\x01\xbf\x02\x00\x00\x00\x0f\x05"

at Tue, Jun 4, 2019 2:14 PM