I demoed the x86 32-bit emulator I have been working on. This emulator is a little different than most out there in that I wrote it in Python (with the help of eros/jt's py/libdasm). Also I make the CPU that executes autonomous and driven by user supplied "drivers". The Idea is that when you want to use the emulator in a particular application or specific purpose you can write a memory handler and cpu initialization class extending from the base. This allows much flexibility when using python and the cpu class. The CPU class does what can be expected from a processor including fetching and executing instructions, running instructions, updating flags/registers, querying and setting memory. The Emulator drivers purpose is to set up initial registers in the CPU and pass on execution requests. The memory management works by checking its cache for the requested memory address first and if that does not exist it will call the drivers memory class fetching the proper page. This method of caching memory allows the emulator to maintain a seperate collection of pages than the process and details on what has changed or flexibility for the user to control what they want to know. I demonstrated the pydbg driver and IDA driver for the emulator. Both allow the user to emulate instruction in their respective applications. In the case of pydbg the emulator can actually grab process memory since the debugged process has been paused. This is very powerful for reversing, or understand application logic when conducting vulnerability research. The IDA version can do the same in IDA Pro by mapping the .text section into the emulators memory cache for instruction fetching. The only drawback is the need to specify memory when an instruction needs it. This is one flaw with static analysis as process memory is usually dynamic and changes often. The IDA version will advance from current ScreenEA() until the user cancels. Updates and release of the emulator may be far off as I dont want to write 400+ instructions and Im sure there are a few bugs. If you are interested in talking design or ideas hit me up on openrce.org or gro.qhguac|yportni#gro.qhguac|yportni. peace bitches!
page revision: 0, last edited: 04 Feb 2007 13:14