| 限定符和类型 | 类和说明 |
|---|---|
class |
AbstractEmulator<T extends NewFileIO>
abstract emulator
Created by zhkl0228 on 2017/5/2.
|
| 限定符和类型 | 方法和说明 |
|---|---|
abstract Number |
Symbol.call(Emulator<?> emulator,
Object... args) |
abstract int |
Module.callEntry(Emulator<?> emulator,
String... args) |
abstract Number |
Module.callFunction(Emulator<?> emulator,
long offset,
Object... args) |
Number |
Module.callFunction(Emulator<?> emulator,
String symbolName,
Object... args) |
com.sun.jna.Pointer |
Symbol.createPointer(Emulator<?> emulator) |
static Number |
Module.emulateFunction(Emulator<?> emulator,
long address,
Object... args) |
long |
Svc.handle(Emulator<?> emulator) |
void |
Svc.handlePostCallback(Emulator<?> emulator) |
void |
Svc.handlePreCallback(Emulator<?> emulator) |
void |
ModuleListener.onLoaded(Emulator<?> emulator,
Module module) |
void |
LibraryResolver.onSetToLoader(Emulator<?> emulator) |
LibraryFile |
LibraryResolver.resolveLibrary(Emulator<?> emulator,
String libraryName) |
| 构造器和说明 |
|---|
AssemblyCodeDumper(Emulator<?> emulator,
long begin,
long end,
TraceCodeListener listener) |
| 限定符和类型 | 接口和说明 |
|---|---|
interface |
ARMEmulator<T extends NewFileIO>
arm emulator
Created by zhkl0228 on 2017/5/2.
|
| 限定符和类型 | 类和说明 |
|---|---|
class |
AbstractARM64Emulator<T extends NewFileIO> |
class |
AbstractARMEmulator<T extends NewFileIO> |
| 限定符和类型 | 字段和说明 |
|---|---|
protected Emulator<?> |
AbstractARMDebugger.emulator |
protected Emulator<?> |
TraceFunctionCall.emulator |
| 限定符和类型 | 方法和说明 |
|---|---|
static String |
ARM.assembleDetail(Emulator<?> emulator,
capstone.api.Instruction ins,
long address,
boolean thumb,
boolean current,
int maxLengthLibraryName) |
static RegContext |
RegContext.backupContext(Emulator<?> emulator,
int... regs) |
void |
AbstractARMDebugger.disassembleBlock(Emulator<?> emulator,
long address,
boolean thumb) |
static Module |
AbstractARMDebugger.findModuleByAddress(Emulator<?> emulator,
long address) |
long |
Arm64Hook.handle(Emulator<?> emulator) |
long |
ArmHook.handle(Emulator<?> emulator) |
void |
Arm64Hook.handlePostCallback(Emulator<?> emulator) |
void |
ThumbSvc.handlePostCallback(Emulator<?> emulator) |
void |
ArmSvc.handlePostCallback(Emulator<?> emulator) |
void |
ArmHook.handlePostCallback(Emulator<?> emulator) |
void |
Arm64Svc.handlePostCallback(Emulator<?> emulator) |
void |
ThumbSvc.handlePreCallback(Emulator<?> emulator) |
void |
ArmSvc.handlePreCallback(Emulator<?> emulator) |
void |
Arm64Svc.handlePreCallback(Emulator<?> emulator) |
protected abstract HookStatus |
Arm64Hook.hook(Emulator<?> emulator) |
protected abstract HookStatus |
ArmHook.hook(Emulator<?> emulator) |
static void |
ARM.initArgs(Emulator<?> emulator,
boolean padding,
Number... arguments) |
protected abstract void |
AbstractARMDebugger.loop(Emulator<?> emulator,
long address,
int size,
DebugRunnable<?> runnable) |
static HookStatus |
HookStatus.LR(Emulator<?> emulator,
long returnValue) |
static HookStatus |
HookStatus.RET(Emulator<?> emulator,
long pc) |
static void |
ARM.showRegs(Emulator<?> emulator,
int[] regs) |
static void |
ARM.showRegs64(Emulator<?> emulator,
int[] regs) |
static void |
ARM.showThumbRegs(Emulator<?> emulator) |
static void |
InlineHook.simpleArmHook(Emulator<?> emulator,
long address,
HookCallback callback)
只能hook arm指令:STMFD SP!
|
static void |
InlineHook.simpleThumbHook(Emulator<?> emulator,
long address,
HookCallback callback)
只能hook thumb指令: PUSH {R4-R7,LR},即函数入口
|
String |
FunctionCall.toReadableString(Emulator<?> emulator) |
| 构造器和说明 |
|---|
AbstractARMDebugger(Emulator<?> emulator) |
ARMSvcMemory(long base,
int size,
Emulator<?> emulator) |
| 限定符和类型 | 方法和说明 |
|---|---|
static Backend |
BackendFactory.createBackend(Emulator<?> emulator,
boolean is64Bit,
Collection<BackendFactory> backendFactories) |
protected abstract Backend |
BackendFactory.newBackendInternal(Emulator<?> emulator,
boolean is64Bit) |
| 限定符和类型 | 字段和说明 |
|---|---|
protected Emulator<?> |
BaseRegisterContext.emulator |
| 构造器和说明 |
|---|
BackendArm32RegisterContext(Backend backend,
Emulator<?> emulator) |
BackendArm64RegisterContext(Backend backend,
Emulator<?> emulator) |
| 限定符和类型 | 方法和说明 |
|---|---|
boolean |
DebugListener.canDebug(Emulator<?> emulator,
CodeHistory currentCode) |
void |
Debugger.disassembleBlock(Emulator<?> emulator,
long address,
boolean thumb) |
protected void |
AbstractDebugServer.loop(Emulator<?> emulator,
long address,
int size,
DebugRunnable<?> runnable) |
abstract void |
FunctionCallListener.onCall(Emulator<?> emulator,
long callerAddress,
long functionAddress) |
void |
FunctionCallListener.onDebugPopFunction(Emulator<?> emulator,
long address,
FunctionCall call) |
void |
FunctionCallListener.onDebugPushFunction(Emulator<?> emulator,
FunctionCall call) |
boolean |
BreakPointCallback.onHit(Emulator<?> emulator,
long address)
当断点被触发时回调
|
protected abstract void |
AbstractDebugServer.onHitBreakPoint(Emulator<?> emulator,
long address) |
abstract void |
FunctionCallListener.postCall(Emulator<?> emulator,
long callerAddress,
long functionAddress,
Number[] args) |
| 构造器和说明 |
|---|
AbstractDebugServer(Emulator<?> emulator) |
| 限定符和类型 | 方法和说明 |
|---|---|
protected void |
GdbStub.onHitBreakPoint(Emulator<?> emulator,
long address) |
| 构造器和说明 |
|---|
GdbStub(Emulator<?> emulator) |
| 限定符和类型 | 方法和说明 |
|---|---|
protected void |
AndroidServer.onHitBreakPoint(Emulator<?> emulator,
long address) |
void |
AndroidServer.onLoaded(Emulator<?> emulator,
Module module) |
abstract byte[] |
DebuggerEvent.pack(Emulator<?> emulator) |
| 构造器和说明 |
|---|
AndroidServer(Emulator<?> emulator,
byte protocolVersion) |
| 限定符和类型 | 方法和说明 |
|---|---|
byte[] |
AttachExecutableEvent.pack(Emulator<?> emulator) |
byte[] |
LoadModuleEvent.pack(Emulator<?> emulator) |
byte[] |
DetachEvent.pack(Emulator<?> emulator) |
byte[] |
LoadExecutableEvent.pack(Emulator<?> emulator) |
| 限定符和类型 | 字段和说明 |
|---|---|
protected Emulator<T> |
BaseFileSystem.emulator |
| 限定符和类型 | 方法和说明 |
|---|---|
int |
FileIO.fcntl(Emulator<?> emulator,
int cmd,
long arg) |
int |
AbstractFileIO.fcntl(Emulator<?> emulator,
int cmd,
long arg) |
int |
FileIO.ioctl(Emulator<?> emulator,
long request,
long argp) |
int |
AbstractFileIO.ioctl(Emulator<?> emulator,
long request,
long argp) |
long |
FileIO.mmap2(Emulator<?> emulator,
long addr,
int aligned,
int prot,
int offset,
int length) |
long |
AbstractFileIO.mmap2(Emulator<?> emulator,
long addr,
int aligned,
int prot,
int offset,
int length) |
FileResult<T> |
IOResolver.resolve(Emulator<T> emulator,
String pathname,
int oflags) |
| 构造器和说明 |
|---|
BaseFileSystem(Emulator<T> emulator,
File rootDir) |
| 限定符和类型 | 字段和说明 |
|---|---|
protected Emulator<?> |
BaseHook.emulator |
| 限定符和类型 | 方法和说明 |
|---|---|
HookStatus |
ReplaceCallback.onCall(Emulator<?> emulator,
HookContext context,
long originFunction) |
HookStatus |
ReplaceCallback.onCall(Emulator<?> emulator,
long originFunction) |
int |
HookCallback.onHook(Emulator<?> emulator) |
void |
InterceptCallback.onIntercept(Emulator<?> emulator) |
void |
ReplaceCallback.postCall(Emulator<?> emulator,
HookContext context) |
| 构造器和说明 |
|---|
BaseHook(Emulator<?> emulator,
String libName) |
| 限定符和类型 | 方法和说明 |
|---|---|
abstract void |
InstrumentCallback.dbiCall(Emulator<?> emulator,
T ctx,
HookEntryInfo info) |
static Dobby |
Dobby.getInstance(Emulator<?> emulator) |
static HookZz |
HookZz.getInstance(Emulator<?> emulator) |
void |
WrapCallback.postCall(Emulator<?> emulator,
T ctx,
HookEntryInfo info) |
abstract void |
WrapCallback.preCall(Emulator<?> emulator,
T ctx,
HookEntryInfo info) |
| 限定符和类型 | 方法和说明 |
|---|---|
static IWhale |
Whale.getInstance(Emulator<?> emulator) |
| 限定符和类型 | 方法和说明 |
|---|---|
void |
TraceCodeListener.onInstruction(Emulator<?> emulator,
long address,
capstone.api.Instruction insn) |
boolean |
TraceReadListener.onRead(Emulator<?> emulator,
long address,
byte[] data,
String hex) |
void |
TraceSystemMemoryWriteListener.onWrite(Emulator<?> emulator,
long address,
byte[] buf) |
boolean |
TraceWriteListener.onWrite(Emulator<?> emulator,
long address,
int size,
long value) |
| 限定符和类型 | 方法和说明 |
|---|---|
static MemoryBlock |
MemoryAllocBlock.malloc(Emulator<?> emulator,
Symbol malloc,
Symbol free,
int length) |
| 限定符和类型 | 方法和说明 |
|---|---|
static UnidbgPointer |
UnidbgPointer.pointer(Emulator<?> emulator,
long addr) |
static UnidbgPointer |
UnidbgPointer.pointer(Emulator<?> emulator,
Number number) |
static UnidbgPointer |
UnidbgPointer.register(Emulator<?> emulator,
int reg) |
| 构造器和说明 |
|---|
UnidbgStructure(Emulator<?> emulator,
byte[] data) |
| 限定符和类型 | 字段和说明 |
|---|---|
protected Emulator<T> |
AbstractLoader.emulator |
| 限定符和类型 | 方法和说明 |
|---|---|
abstract long |
InitFunction.call(Emulator<?> emulator) |
MainTask |
SyscallHandler.createSignalHandlerTask(Emulator<?> emulator,
int sig) |
protected long |
Dlfcn.dlsym(Emulator<?> emulator,
long handle,
String symbolName) |
void |
ModulePatcher.onLoaded(Emulator<?> emulator,
Module module) |
int |
SyscallHandler.open(Emulator<T> emulator,
String pathname,
int oflags) |
protected abstract void |
ModulePatcher.patch32(Emulator<?> emulator,
Module module) |
protected abstract void |
ModulePatcher.patch64(Emulator<?> emulator,
Module module) |
LibraryFile |
LibraryFile.resolveLibrary(Emulator<?> emulator,
String soName) |
| 构造器和说明 |
|---|
AbstractLoader(Emulator<T> emulator,
UnixSyscallHandler<T> syscallHandler) |
| 限定符和类型 | 方法和说明 |
|---|---|
protected UnidbgPointer |
BaseTask.allocateStack(Emulator<?> emulator) |
void |
RunnableTask.destroy(Emulator<?> emulator) |
void |
BaseTask.destroy(Emulator<?> emulator) |
void |
Waiter.onContinueRun(Emulator<?> emulator) |
void |
DestroyListener.onDestroy(Emulator<?> emulator) |
void |
RunnableTask.popContext(Emulator<?> emulator) |
void |
BaseTask.popContext(Emulator<?> emulator) |
FunctionCall |
RunnableTask.popFunction(Emulator<?> emulator,
long address) |
FunctionCall |
BaseTask.popFunction(Emulator<?> emulator,
long address) |
void |
RunnableTask.pushFunction(Emulator<?> emulator,
FunctionCall call) |
void |
BaseTask.pushFunction(Emulator<?> emulator,
FunctionCall call) |
void |
RunnableTask.restoreContext(Emulator<?> emulator) |
void |
BaseTask.restoreContext(Emulator<?> emulator) |
void |
RunnableTask.saveContext(Emulator<?> emulator) |
void |
BaseTask.saveContext(Emulator<?> emulator) |
boolean |
Task.setErrno(Emulator<?> emulator,
int errno) |
void |
RunnableTask.setResult(Emulator<?> emulator,
Number ret) |
void |
BaseTask.setResult(Emulator<?> emulator,
Number ret) |
void |
RunnableTask.setWaiter(Emulator<?> emulator,
Waiter waiter) |
void |
BaseTask.setWaiter(Emulator<?> emulator,
Waiter waiter) |
void |
ThreadContextSwitchException.syncReturnValue(Emulator<?> emulator) |
| 限定符和类型 | 方法和说明 |
|---|---|
protected int |
UnixSyscallHandler.bind(Emulator<?> emulator,
int sockfd,
com.sun.jna.Pointer addr,
int addrlen) |
protected int |
UnixSyscallHandler.close(Emulator<?> emulator,
int fd) |
protected int |
UnixSyscallHandler.connect(Emulator<?> emulator,
int sockfd,
com.sun.jna.Pointer addr,
int addrlen) |
protected Breaker |
UnixSyscallHandler.createBreaker(Emulator<?> emulator) |
protected abstract T |
UnixSyscallHandler.createDriverFileIO(Emulator<?> emulator,
int oflags,
String pathname) |
MainTask |
UnixSyscallHandler.createSignalHandlerTask(Emulator<?> emulator,
int sig) |
protected FileResult<T> |
UnixSyscallHandler.createTaskDir(Emulator<T> emulator,
int oflags,
String pathname) |
protected int |
UnixSyscallHandler.fcntl(Emulator<?> emulator,
int fd,
int cmd,
long arg) |
protected int |
UnixSyscallHandler.gettimeofday(Emulator<?> emulator,
com.sun.jna.Pointer tv,
com.sun.jna.Pointer tz) |
protected boolean |
UnixSyscallHandler.handleSyscall(Emulator<?> emulator,
int NR) |
protected boolean |
UnixSyscallHandler.handleUnknownSyscall(Emulator<?> emulator,
int NR)
handle unknown syscall
|
protected int |
UnixSyscallHandler.listen(Emulator<?> emulator,
int sockfd,
int backlog) |
void |
FileListener.onClose(Emulator<?> emulator,
FileIO io) |
void |
FileListener.onOpenSuccess(Emulator<?> emulator,
String pathname,
FileIO io) |
void |
FileListener.onRead(Emulator<?> emulator,
String pathname,
byte[] bytes) |
void |
FileListener.onWrite(Emulator<?> emulator,
String pathname,
byte[] bytes) |
int |
UnixSyscallHandler.open(Emulator<T> emulator,
String pathname,
int oflags) |
protected int |
UnixSyscallHandler.pread(Emulator<?> emulator,
int fd,
com.sun.jna.Pointer buffer,
int count,
long offset) |
protected int |
UnixSyscallHandler.read(Emulator<?> emulator,
int fd,
com.sun.jna.Pointer buffer,
int count) |
protected int |
UnixSyscallHandler.readlink(Emulator<?> emulator,
String path,
com.sun.jna.Pointer buf,
int bufSize) |
protected FileResult<T> |
UnixSyscallHandler.resolve(Emulator<T> emulator,
String pathname,
int oflags) |
protected int |
UnixSyscallHandler.sendto(Emulator<?> emulator,
int sockfd,
com.sun.jna.Pointer buf,
int len,
int flags,
com.sun.jna.Pointer dest_addr,
int addrlen) |
protected int |
UnixSyscallHandler.sigaction(Emulator<?> emulator,
int signum,
com.sun.jna.Pointer act,
com.sun.jna.Pointer oldact) |
protected int |
UnixSyscallHandler.sigaction(Emulator<?> emulator,
int signum,
com.sun.jna.Pointer act,
com.sun.jna.Pointer oldact,
int sizeOfSigAction) |
protected int |
UnixSyscallHandler.sigprocmask(Emulator<?> emulator,
int how,
com.sun.jna.Pointer set,
com.sun.jna.Pointer oldset) |
protected int |
UnixSyscallHandler.write(Emulator<?> emulator,
int fd,
com.sun.jna.Pointer buffer,
int count) |
| 限定符和类型 | 方法和说明 |
|---|---|
static StdString |
StdString.createStdString(Emulator<?> emulator,
com.sun.jna.Pointer pointer) |
static TimeSpec |
TimeSpec.createTimeSpec(Emulator<?> emulator,
com.sun.jna.Pointer ptr) |
byte[] |
StdString.getData(Emulator<?> emulator) |
com.sun.jna.Pointer |
StdString32.getDataPointer(Emulator<?> emulator) |
com.sun.jna.Pointer |
StdString64.getDataPointer(Emulator<?> emulator) |
abstract com.sun.jna.Pointer |
StdString.getDataPointer(Emulator<?> emulator) |
String |
StdString.getValue(Emulator<?> emulator) |
| 限定符和类型 | 字段和说明 |
|---|---|
protected Emulator<?> |
Unwinder.emulator |
| 限定符和类型 | 方法和说明 |
|---|---|
protected abstract Frame |
Unwinder.unw_step(Emulator<?> emulator,
Frame frame) |
protected Frame |
SimpleARM64Unwinder.unw_step(Emulator<?> emulator,
Frame frame) |
protected Frame |
SimpleARMUnwinder.unw_step(Emulator<?> emulator,
Frame frame) |
| 构造器和说明 |
|---|
SimpleARM64Unwinder(Emulator<?> emulator) |
SimpleARMUnwinder(Emulator<?> emulator) |
Unwinder(Emulator<?> emulator) |
| 限定符和类型 | 方法和说明 |
|---|---|
Number |
VirtualSymbol.call(Emulator<?> emulator,
Object... args) |
protected abstract void |
VirtualModule.onInitialize(Emulator<?> emulator,
T extra,
Map<String,UnidbgPointer> symbols) |
| 构造器和说明 |
|---|
VirtualModule(Emulator<?> emulator,
String name) |
VirtualModule(Emulator<?> emulator,
T extra,
String name) |
Copyright © 2022. All rights reserved.