엄청난 툴이 나왔습니다..!!


최근에 멀티 아키텍쳐를 지원하는 opcode generator 를 만들고 있었는데 버그를 만나서 때려쳤는데 얼마 지나지 않아 Keystone 이라고 하는 어셈블러가 나왔네요.


프로젝트의 주소는 https://github.com/keystone-engine/keystone 에서 받고 빌드하실 수 있습니다...!!

공식 홈페이지의 주소는 http://www.keystone-engine.org/ 입니다.

깃에 써있는것을 보면..

Keystone is a lightweight multi-platform, multi-architecture assembler framework. It offers some unparalleled features:

  • Multi-architecture, with support for Arm, Arm64 (AArch64/Armv8), Hexagon, Mips, PowerPC, Sparc, SystemZ & X86 (include 16/32/64bit).
  • Clean/simple/lightweight/intuitive architecture-neutral API.
  • Implemented in C/C++ languages, with bindings for Python, NodeJS, Ruby, Go, Rust & Haskell available.
  • Native support for Windows & *nix (with Mac OSX, Linux, *BSD & Solaris confirmed).
  • Thread-safe by design.
  • Open source - with a dual license.

Keystone is based on LLVM, but it goes much further with a lot more to offer.

Further information is available at http://www.keystone-engine.org

이렇게 써있군요.

오픈소스에 멀티아키텍쳐 및 다양한 언어 지원!! 얼른 써봅시다

Git clone 으로 서버에 받고 나서 빌드 스크립트를 실행하기 전에 아래 Dependency 를 해결해줍시다.

sudo apt-get install cmake

그 이후 keystone의 루트 디렉터리에 build 라는 폴더를 만들고 이동합니다.

그리고 ../make-share.sh 스크립트를 실행해주면 알아서 make를 날려줍니다.

[sweetchip@ubuntu keystone]$ mkdir build

[sweetchip@ubuntu keystone]$ cd build/

[sweetchip@ubuntu build]$ l

[sweetchip@ubuntu build]$ ../make-share.sh 

+ [ -n  ]


-- The C compiler identification is GNU 5.3.1

-- The CXX compiler identification is GNU 5.3.1

-- Check for working C compiler: /usr/bin/cc

-- Check for working C compiler: /usr/bin/cc -- works

-- Detecting C compiler ABI info

-- Detecting C compiler ABI info - done

-- Detecting C compile features

-- Detecting C compile features - done

-- Check for working CXX compiler: /usr/bin/c++

-- Check for working CXX compiler: /usr/bin/c++ -- works

-- Detecting CXX compiler ABI info

-- Detecting CXX compiler ABI info - done

-- Detecting CXX compile features

-- Detecting CXX compile features - done

-- The ASM compiler identification is GNU


[ 98%] Linking CXX shared library ../lib/libkeystone.so

[ 98%] Built target keystone

Scanning dependencies of target kstool

[ 99%] Building CXX object kstool/CMakeFiles/kstool.dir/kstool.cpp.o

[100%] Linking CXX executable kstool

[100%] Built target kstool

make가 끝났으면 make install로 마무리 해줍니다.

[sweetchip@ubuntu build]$ sudo make install

[ 98%] Built target keystone

[100%] Built target kstool

Install the project...

-- Install configuration: "Release"

-- Installing: /usr/local/lib/pkgconfig/keystone.pc

-- Installing: /usr/local/include/keystone

-- Installing: /usr/local/include/keystone/x86.h

-- Installing: /usr/local/include/keystone/systemz.h

-- Installing: /usr/local/include/keystone/hexagon.h

-- Installing: /usr/local/include/keystone/sparc.h

-- Installing: /usr/local/include/keystone/arm64.h

-- Installing: /usr/local/include/keystone/ppc.h

-- Installing: /usr/local/include/keystone/mips.h

-- Installing: /usr/local/include/keystone/keystone.h

-- Installing: /usr/local/include/keystone/arm.h

-- Installing: /usr/local/lib/libkeystone.so.0

-- Installing: /usr/local/lib/libkeystone.so

-- Installing: /usr/local/bin/kstool

-- Set runtime path of "/usr/local/bin/kstool" to ""

자 이러면 설치 끝!

매우 쉽죠?

간단하게 사용해봅시다.

우선 커맨드라인으로 빠르게 보고싶다면..

[sweetchip@ubuntu build]$ kstool x32 "nop"

nop = [ 90 ]

[sweetchip@ubuntu build]$ kstool x32 "add eax, ebx"

add eax, ebx = [ 01 d8 ]

[sweetchip@ubuntu build]$ kstool arm "mov r1, r1"

mov r1, r1 = [ 01 10 a0 e1 ]

오홍.. 역시 기대한 대로 잘 나오는군요

Kstool v1.0 for Keystone Assembler Engine (www.keystone-engine.org)

By Nguyen Anh Quynh, 2016

Syntax: kstool <arch+mode> <assembly-string> or cat <asmfile> | kstool <arch+mode> 

The following <arch+mode> options are supported:

        x16:       X86 16bit, Intel syntax

        x32:       X86 32bit, Intel syntax

        x64:       X86 64bit, Intel syntax

        x16att:    X86 16bit, AT&T syntax

        x32att:    X86 32bit, AT&T syntax

        x64att:    X86 64bit, AT&T syntax

        x16nasm:   X86 16bit, NASM syntax

        x32nasm:   X86 32bit, NASM syntax

        x64nasm:   X86 64bit, NASM syntax

        arm:       ARM - little endian

        armbe:     ARM - big endian

        thumb:     Thumb - little endian

        thumbbe:   Thumb - big endian

        arm64:     AArch64

        hexagon:   Hexagon

        mips:      Mips - little endian

        mipsbe:    Mips - big endian

        mips64:    Mips64 - little endian

        mips64be:  Mips64 - big endian

        ppc32be:   PowerPC32 - big endian

        ppc64:     PowerPC64 - little endian

        ppc64be:   PowerPC64 - big endian

        sparc:     Sparc - little endian

        sparcbe:   Sparc - big endian

        sparc64:   Sparc64 - little endian

        sparc64be: Sparc64 - big endian

        systemz:   SystemZ (S390x)

위는 지원하는 목록입니다.

[sweetchip@ubuntu python]$ ls

keystone  LICENSE.TXT  Makefile  MANIFEST.in  README.md  sample.py  setup.py

[sweetchip@ubuntu python]$ sudo python setup.py install

running install

running build

running build_py

creating build


만약 python에서도 사용하고 싶다면 keystone/bindings/python/ 로 이동후에 설치해줍니다!

[sweetchip@ubuntu python]$ python sample.py 

add eax, ecx = [ 66 01 c8 ]

add eax, ecx = [ 01 c8 ]

add rax, rcx = [ 48 01 c8 ]

add %ecx, %eax = [ 01 c8 ]

add %rcx, %rax = [ 48 01 c8 ]

sub r1, r2, r5 = [ 05 10 42 e0 ]

sub r1, r2, r5 = [ e0 42 10 05 ]

movs r4, #0xf0 = [ f0 24 ]

movs r4, #0xf0 = [ 24 f0 ]

ldr w1, [sp, #0x8] = [ e1 0b 40 b9 ]

v23.w=vavg(v11.w,v2.w):rnd = [ d7 cb e2 1c ]

and $9, $6, $7 = [ 24 48 c7 00 ]

and $9, $6, $7 = [ 00 c7 48 24 ]

and $9, $6, $7 = [ 24 48 c7 00 ]

and $9, $6, $7 = [ 00 c7 48 24 ]

add 1, 2, 3 = [ 7c 22 1a 14 ]

add 1, 2, 3 = [ 14 1a 22 7c ]

add 1, 2, 3 = [ 7c 22 1a 14 ]

add %g1, %g2, %g3 = [ 02 40 00 86 ]

add %g1, %g2, %g3 = [ 86 00 40 02 ]

a %r0, 4095(%r15,%r1) = [ 5a 0f 1f ff ]

설치 후 sample.py를 실행시켜 제대로 작동하는지 확인하니 잘 나오네요.

이제 이걸로 뭘 할까나..
