plasma-disassembler / plasma Goto Github PK

View Code? Open in Web Editor NEW

3.0K 149.0 278.0 2.6 MB

Plasma is an interactive disassembler for x86/ARM/MIPS. It can generates indented pseudo-code with colored syntax.

License: GNU General Public License v3.0

Shell 0.64% C 14.63% Python 84.03% Makefile 0.17% Assembly 0.45% Dockerfile 0.07%

reverse-engineering disassembler capstone x86 x86-64 mips arm

plasma's People

Contributors

Stargazers

Watchers

Forkers

capibara- idkwim akluth chubbymaggie d4nnyk caliskanfurkan wchen-r7 jasonfmorton dani0l ezhangle ababook dnet intermezzo-fr amesianx m4dm0nk ghost82 espreto sigma-random netantho tempbottle stef hotelzululima yd0str rojaster lucabongiorni kis2009dsh 0xf1sh firebitsbr dipsec songzhaochun thezawad kakkoroid code4bones imace hacklinux draekko eq4 peterdocter lb5tr moonight10 ali-zohrevand apcwowo johnjohnsp1 kaboramb pinperepette strazzere diggold 0x0mar 4sp1r3 jing-xie rolinston lovesuae fuyunv thomasking2014 skyroot defanlt r3dfo9 jokerni kh0d0r shark2016 jonasthambert wowot0u sego-dev bestpig redfast00 dividetoinfinity seth1002 keulraesik hyuni queenmarie galaris zzdyyy ith4cker ananyacleetus niuniulove sanketsudake vince06fr linhua55 smallcattom wuchuguang aisling-kells waterdr0p brock7 hkingz zhakui tvtritin bobbyzhu orcasauce zhangf911 rinack bluebear171 bruceleo1969 carinatt jeanpaulshapo cartertsai fleischkatapult pirogoeth cherry-wb ganinaleksei wxdublin

plasma's Issues

call *(exit) : not detected as "noreturn"

The analyzer must save any computed immediate values. Checking the immediate value is not sufficient, we can have : call *(rip + OFF) where rip + OFF = exit. This bug occurs often in PE.

This feature will be very useful to simulate the li instruction in MIPS. li is a pseudo instruction, it uses 2 other instructions (example ori + addiu).

error: capstone can't disassemble here

I keep getting this error:

me@my-pc:~/Documents$ plasma libg.so
error: capstone can't disassemble here
me@my-pc:~/Documents$ sudo plasma libg.so
error: capstone can't disassemble here
me@my-pc:~/Documents$

Please help?

Why not provide lua ?

exposing lua functions so that it can be controlled from lua.

jump ADDRESS | REGISTER: analyze value to generate a better flow graph ?

At the moment, the script fail when it encounters a jmp rax. The flow graph cannot be created.
GCC generate sometime a jmp rax when we use a switch :

switch (i) {
    case 1:
        printf("1\n");
        break;
    case 2:
        printf("2\n");
        break;
    case 3:
        printf("3\n");
        break;
    case 4:
        printf("4\n");
        break;
    case 5:
        printf("5\n");
        break;
}

`install.sh` fails to clone pefile

Looks like https://github.com/AndCycle/pefile was deleted.

ImportError: cannot import name 'lib'

I just finish the installation.
(./requirements.sh
python3 setup.py install)
However , there meet difficulty,:(

root@kali:~/reverse# reverse
Traceback (most recent call last):
File "/usr/local/bin/reverse", line 9, in
load_entry_point('reverse==1.0', 'console_scripts', 'reverse')()
File "/usr/lib/python3/dist-packages/pkg_resources.py", line 356, in load_entry_point
return get_distribution(dist).load_entry_point(group, name)
File "/usr/lib/python3/dist-packages/pkg_resources.py", line 2476, in load_entry_point
return ep.load()
File "/usr/lib/python3/dist-packages/pkg_resources.py", line 2190, in load
['name'])
File "/usr/local/lib/python3.4/dist-packages/reverse-1.0-py3.4.egg/reverse/main.py", line 22, in
File "/usr/local/lib/python3.4/dist-packages/reverse-1.0-py3.4.egg/reverse/lib/init.py", line 25, in
ImportError: cannot import name 'lib'

Dockerfile and Docker image

I see the Dockerfile, is there a Docker image in the hub?

TypeError exception randomly triggered when disassembling unexistant symbols

As reported in the subject.

$ python3 reverse.py /bin/ls -x asd
error: symbol asd not found
error: Try with --sym to see all symbols.
error: If you have set the option --dump or --calls you need to set
error: the option -x (see --help).
Exception ignored in: <bound method Cs.__del__ of <capstone.Cs object at 0x7f48d81a8d68>>
Traceback (most recent call last):
  File "/usr/local/lib/python3.4/dist-packages/capstone/__init__.py", line 696, in __del__
TypeError: 'NoneType' object is not callable

Another minor issue here: the --sym option does not exists, you may intend --symbol. Please note that the exception is randomly triggered (maybe 1 out of 5 executions). Let me know if can't reproduce it and need further information.

Bug with goto in a loop

#include <stdio.h>
#include <stdlib.h>
int main() {
    int i, j;
    if (i == 1) {
        printf("1\n");
        goto next;
    } else {
        printf("2\n");
    }
    while (i < 1) {
        printf("loop\n");
        if (j == 6) {
            printf("3\n");
        } else {
            printf("4\n");
        }
next:
        if (j == 5) {
            printf("5\n");
        } else {
            printf("6\n");
        }
        i++;
    }
    return 0;
}

When there is a "C-goto" which jump inside a loop, the program generate a wrong code.

bug: goto and loops

This generates a warning because the output was not completed.
103c97a

#include <stdio.h>
#include <stdlib.h>

int main() {
    int i, j, k;

    //for (i = 0 ; i < 100 ; i++) {
        printf("1\n");

        while (j < 20) {
            printf("2\n");
            if (j == 10) {
loop1:
                printf("3\n");
            }
            if (j == 15)
                goto loop2;
            j++;
        }

        printf("4\n");

        while (k < 30) {
            printf("5\n");
            if (k == 20) {
loop2:
                printf("6\n");
            }
            if (k == 25)
                goto loop1;
            k++;
        }
    //}

    return 0;
}

qt memory map : crash if multiple windows are opened

Fatal IO error: client killed

noreturn functions

During the decompilation, the tool can be lost if functions that never return are encountered. In particularly when the call was put in the middle of the function, the flow continue and it can generate unwanted loops.

2 solutions :

abort decompilation if too many loops have been computed
create a list of known noreturn functions, and propagate the flag if there are some wrappers. What to do with this simple example : eax = exit ... call eax ?

Loops wrongly marked as "false loops", deleting nodes from the AST

I discovered this during disassembly of an existing binary, but have been unsuccessful in producing C code that compiles to a program triggering the bug. Here is a piece of code that almost triggers it (all code is in https://github.com/jspam/plasma/tree/loop-issue/tests):

nestedloop7.c

#include <stdio.h>
#include <stdlib.h>

int main() {
    int i, j, k, l, m, n, o;

    while (i != 0) {
        if (j == 0) {
            if (k == 0) {
                while (l < 0) {
                    printf("4\n");
                }
            }
            printf("5\n");
        } else {
            printf("6\n");
            do {
              if (m < 0) {
                goto loop2end;
              }
            } while (n <= 0);

            while(o > 0) {
              printf("7\n");
loop2end:
              ;
            }

            printf("8\n");
        }
    }

    return 0;
}

This disassembles fine (nestedloop7-orig.bin, compiled with gcc 7.1.1), but when making the jump at 0x400549 go directly to the loop header (change the byte at offset 0x54A from 0x14 to 0x15, yielding nestedloop7.bin), as shown in the picture

the disassembly becomes:

function main (.text) {
    0x400507: push rbp
    0x400508: rbp = rsp
    0x40050b: rsp -= 32
    0x40050f: jmp 0x400570
}

Further investigation shows that the loop starting at 0x400560 is detected, however it is immediately discarded because block 0x400560 is still waiting for predecessor block 0x400551 which is not contained in the loop.

As a result, the loop detection wrongly marks some other blocks as loop headers. The false loop detection then marks many of these false loops, but also the real loop starting at 0x400570, which therefore does not show up in the disassembly.

set xref with [rip + DISP]

[rip + DISP] is only computed during the display, but not done by the analyzer.

GCC optimizations (-Os, -O2, -O3 but not -O1) cause KeyError

The file keyerror.c has the following contents:

int main(int argc, char **argv) {
    return 0;
}

I compiled several versions that only differ in optimization level:

$ gcc     keyerror.c -o keyerror-normal
$ gcc -O1 keyerror.c -o keyerror-o1
$ gcc -O2 keyerror.c -o keyerror-o2
$ gcc -O3 keyerror.c -o keyerror-o3
$ gcc -Os keyerror.c -o keyerror-os

The first two work like it should:

$ python3 reverse.py keyerror-normal
function main {
    0x4004b6: push rbp
    0x4004b7: rbp = rsp # mov rbp, rsp
    0x4004ba: var1 = edi # mov dword ptr [rbp - 4], edi
    0x4004bd: var2 = rsi # mov qword ptr [rbp - 0x10], rsi
    0x4004c1: eax = 0 # mov eax, 0
    0x4004c6: pop rbp
    0x4004c7: ret
}
$ python3 reverse.py keyerror-o1
function main {
    0x4004b6: eax = 0 # mov eax, 0
    0x4004bb: ret
}

However, the other three cause KeyError like below:

$ python3 reverse.py keyerror-o2
Traceback (most recent call last):
  File "reverse.py", line 122, in <module>
    gph = dis.extract_func(addr)
  File "/home/dnet/_projekt/reverse/lib/disassembler.py", line 195, in extract_func
    curr = self.code[addr]
KeyError: 4195264
$ python3 reverse.py keyerror-o3
Traceback (most recent call last):
  File "reverse.py", line 122, in <module>
    gph = dis.extract_func(addr)
  File "/home/dnet/_projekt/reverse/lib/disassembler.py", line 195, in extract_func
    curr = self.code[addr]
KeyError: 4195264
$ python3 reverse.py keyerror-os
Traceback (most recent call last):
  File "reverse.py", line 122, in <module>
    gph = dis.extract_func(addr)
  File "/home/dnet/_projekt/reverse/lib/disassembler.py", line 195, in extract_func
    curr = self.code[addr]
KeyError: 4195264

I zipped and uploaded the source file and the five binaries to http://vsza.hu/joelpx-reverse-issue-keyerror-20150318.zip

v command not working, 256 colors problem

Hello;
i have compiled plasma with all dependencies. I run plasma with your test binaries. And the "x" command works. Like i enter "x main" and enter, i see a good-looking disassembly.

Bu the the v command doesn't work, it gives a traceback error :
`# plasma -i /var/pisi/plasma-0.0-1/work/plasma-0.0/tests/server.bin
plasma> v main

Traceback (most recent call last):
File "/usr/lib/python3.4/site-packages/plasma/lib/ui/console.py", line 526, in exec_command
c.callback_exec(args)
File "/usr/lib/python3.4/site-packages/plasma/lib/ui/console.py", line 655, in exec_v
Visual(self.gctx, ctx, self.analyzer, self.api)
File "/usr/lib/python3.4/site-packages/plasma/lib/ui/visual.py", line 102, in __init
curses.init_pair(1, 253, 66) # for the highlight search
_curses.error: init_pair() returned ERR
plasma>`

Docker visual mode

When I use reverse in Docker, everything works, except visual mode. As soon as I use the 'v' command, it crashes. Will add the error later, but it has to do with curses.

MIPS add Pseudo-C for slt* instructions

diff --git a/plasma/lib/arch/mips/output.py b/plasma/lib/arch/mips/output.py
index 22b204b..67fa1fa 100644
--- a/plasma/lib/arch/mips/output.py
+++ b/plasma/lib/arch/mips/output.py
@@ -31,7 +31,7 @@ from capstone.mips import (MIPS_OP_IMM, MIPS_OP_MEM, MIPS_OP_REG,
 from plasma.lib.output import OutputAbs
 from plasma.lib.arch.mips.utils import (inst_symbol, is_call, is_jump, is_ret,
     is_uncond_jump, cond_symbol)
-
+from capstone.mips import (MIPS_INS_SLT, MIPS_INS_SLTI, MIPS_INS_SLTIU, MIPS_INS_SLTU)
 
 # ASSIGNMENT_OPS = {ARM_INS_EOR, ARM_INS_AND, ARM_INS_ORR}
 ASSIGNMENT_OPS = {}
@@ -67,7 +67,7 @@ INST_CHECK = {MIPS_INS_AND, MIPS_INS_SLL, MIPS_INS_SRA, MIPS_INS_SRL,
 ADD_CHECK = {MIPS_INS_ADD, MIPS_INS_ADDU, MIPS_INS_ADDIU}
 
 SUB_CHECK = {MIPS_INS_SUB, MIPS_INS_SUBU}
-
+SLT_CHECK = {MIPS_INS_SLT, MIPS_INS_SLTI, MIPS_INS_SLTIU, MIPS_INS_SLTU}
 
 class Output(OutputAbs):
     def _operand(self, i, num_op, hexa=False, show_deref=True,
@@ -176,6 +176,15 @@ class Output(OutputAbs):
                 self._operand(i, 0)
                 return
 
+            if i.id in SLT_CHECK:
+                self._operand(i, 0)
+                self._add(" = 1 if ")
+                self._operand(i, 1)
+                self._add(" < ")
+                self._operand(i, 2)
+                self._add(" else 0")
+                return
+
             if i.id == MIPS_INS_NEG:
                 self._operand(i, 0)
                 self._add(" = -")

Result:

    0x80000118: $v0 = 1 if $v0 < 33 else 0
    # 0x8000011c: bnez $v0, 0x80000168
    0x80000120: $v0 = 48
    if == 0 {

But ideally, it's better to do so:

    # 0x80000118: $v0 = 1 if $v0 < 33 else 0
    # 0x8000011c: bnez $v0, 0x80000168
    0x80000120: $v0 = 48
    if not ($v0 < 33) {

    # 0x80000118: $v0 = 1 if $v0 < 33 else 0
    # 0x8000011c: bnez $v0, 0x80000168
    0x80000120: $v0 = 48
    if $v0 >= 33 {

"vim dowhile1.bin.rev -S dowhile1.bin.vim" without color

hello,

"vim dowhile1.bin.rev -S dowhile1.bin.vim" output without color in vim. i there anything wrong i did?

dowhile1.bin.vim

syn keyword RevKeywords infiniteloop function goto if else loop and
syn keyword RevTypes int8_t int16_t int32_t int64_t

    syn match RevAddr "0x[0-9a-f]\+:"
    syn match RevComment "#.\+$"
    syn match RevInternComment ";.\+$"
    syn match RevVar "var[a-z0-9A-Z_]\+"
    syn match RevRetCall "ret\|call"

    syn match RevString "<[a-zA-Z_@]\+>"
    syn match RevString "\".\+\""
    syn match RevString "'.\+'"

    hi RevKeywords  ctermfg=161  cterm=bold  gui=bold  guifg=#d7005f
    hi RevTypes  ctermfg=81  guifg=#5fd7ff
    hi RevAddr  ctermfg=242  guifg=#6c6c6c
    hi RevComment  ctermfg=242  guifg=#6c6c6c
    hi RevInternComment  ctermfg=38  guifg=#00afd7
    hi RevString  ctermfg=144  guifg=#afaf87
    hi RevVar  ctermfg=208 cterm=bold  gui=bold  guifg=#ff8700
    hi RevRetCall  ctermfg=161  guifg=#d7005f

    syn match RevAddr_1 "0x400533:\?" containedin=RevComment

hi RevAddr_1 ctermfg=114 guifg=#87d787

big addresses are negative numbers

Curses issue?

This looks like a really cool project. However, after installing all the dependencies and then Plasma, running and then giving the command v main gives this:

Traceback (most recent call last):
                                    File "/usr/local/lib/python3.4/dist-packages/plasma-1.0-py3.4-linux-x86_64.egg/plasma/lib/ui/console.py", line 526, in exec_command
                                                                 c.callback_exec(args)
                                                                                        File "/usr/local/lib/python3.4/dist-packages/plasma-1.0-py3.4-linux-x86_64.egg/plasma/lib/ui/console.py", line 655, in __exec_v
       Visual(self.gctx, ctx, self.analyzer, self.api)
                                                        File "/usr/local/lib/python3.4/dist-packages/plasma-1.0-py3.4-linux-x86_64.egg/plasma/lib/ui/visual.py", line 102, in __init__
                                                                                curses.init_pair(1, 253, 66) # for the highlight search
                             _curses.error: init_pair() returned ERR

89/90 tests pass when trying to make - failed: gotoinloop19.bin

I ran the install.sh to create a makefile and when I try to make it every test passes except for this one. Here is the log I am given when I attempt to generate the makefile.

rm -f ./cs.o ./utils.o ./SStream.o ./MCInstrDesc.o ./MCRegisterInfo.o ./arch/ARM/ARMDisassembler.o ./arch/ARM/ARMInstPrinter.o ./arch/ARM/ARMMapping.o ./arch/ARM/ARMModule.o ./arch/AArch64/AArch64BaseInfo.o ./arch/AArch64/AArch64Disassembler.o ./arch/AArch64/AArch64InstPrinter.o ./arch/AArch64/AArch64Mapping.o ./arch/AArch64/AArch64Module.o ./arch/Mips/MipsDisassembler.o ./arch/Mips/MipsInstPrinter.o ./arch/Mips/MipsMapping.o ./arch/Mips/MipsModule.o ./arch/PowerPC/PPCDisassembler.o ./arch/PowerPC/PPCInstPrinter.o ./arch/PowerPC/PPCMapping.o ./arch/PowerPC/PPCModule.o ./arch/Sparc/SparcDisassembler.o ./arch/Sparc/SparcInstPrinter.o ./arch/Sparc/SparcMapping.o ./arch/Sparc/SparcModule.o ./arch/SystemZ/SystemZDisassembler.o ./arch/SystemZ/SystemZInstPrinter.o ./arch/SystemZ/SystemZMapping.o ./arch/SystemZ/SystemZModule.o ./arch/SystemZ/SystemZMCTargetDesc.o ./arch/X86/X86DisassemblerDecoder.o ./arch/X86/X86Disassembler.o ./arch/X86/X86IntelInstPrinter.o ./arch/X86/X86ATTInstPrinter.o ./arch/X86/X86Mapping.o ./arch/X86/X86Module.o ./arch/XCore/XCoreDisassembler.o ./arch/XCore/XCoreInstPrinter.o ./arch/XCore/XCoreMapping.o ./arch/XCore/XCoreModule.o ./MCInst.o
rm -f ./libcapstone.* ./capstone.pc
rm -f ./capstone.pc
make -C cstool clean
make[1]: Entering directory '/home/bob/dev/plasma/build/capstone_3.0.5-rc3/cstool'
rm -f -rf .o cstool
make[1]: Leaving directory '/home/bob/dev/plasma/build/capstone_3.0.5-rc3/cstool'
cd tests && make clean
make[1]: Entering directory '/home/bob/dev/plasma/build/capstone_3.0.5-rc3/tests'
rm -rf ./test_basic.o ./test_detail.o ./test_skipdata.o ./test_iter.o ./test_arm.o ./test_arm64.o ./test_mips.o ./test_ppc.o ./test_sparc.o ./test_systemz.o ./test_x86.o ./test_xcore.o ./test_basic ./test_detail ./test_skipdata ./test_iter ./test_arm ./test_arm64 ./test_mips ./test_ppc ./test_sparc ./test_systemz ./test_x86 ./test_xcore ./.exe ./.static ./libcapstone. ./capstone.*
make[1]: Leaving directory '/home/bob/dev/plasma/build/capstone_3.0.5-rc3/tests'
rm -f ./tests/libcapstone.so
cd bindings/python && make clean
make[1]: Entering directory '/home/bob/dev/plasma/build/capstone_3.0.5-rc3/bindings/python'
rm -rf build/ src/ dist/ .egg-info
rm -rf capstone/lib capstone/include pyx/lib pyx/include
rm -f pyx/.c pyx/init.py
for f in capstone/.py; do rm -f pyx/$(basename $f)x; done
rm -f MANIFEST
make[1]: Leaving directory '/home/bob/dev/plasma/build/capstone_3.0.5-rc3/bindings/python'
cd bindings/java && make clean
make[1]: Entering directory '/home/bob/dev/plasma/build/capstone_3.0.5-rc3/bindings/java'
rm -rf ./capstone/.class
rm -rf ./.class ./.log ./*.jar
make[1]: Leaving directory '/home/bob/dev/plasma/build/capstone_3.0.5-rc3/bindings/java'
cd bindings/ocaml && make clean
make[1]: Entering directory '/home/bob/dev/plasma/build/capstone_3.0.5-rc3/bindings/ocaml'
rm -f *.[oa] *.so *.cm[ixoa] *.cmxa .mli test_basic test_detail test_x86 test_arm test_arm64 test_mips test_ppc test_sparc test_systemz test_xcore
make[1]: Leaving directory '/home/bob/dev/plasma/build/capstone_3.0.5-rc3/bindings/ocaml'
CC cs.o
CC utils.o
CC SStream.o
CC MCInstrDesc.o
CC MCRegisterInfo.o
CC arch/ARM/ARMDisassembler.o
CC arch/ARM/ARMInstPrinter.o
CC arch/ARM/ARMMapping.o
CC arch/ARM/ARMModule.o
CC arch/AArch64/AArch64BaseInfo.o
CC arch/AArch64/AArch64Disassembler.o
CC arch/AArch64/AArch64InstPrinter.o
CC arch/AArch64/AArch64Mapping.o
CC arch/AArch64/AArch64Module.o
CC arch/Mips/MipsDisassembler.o
CC arch/Mips/MipsInstPrinter.o
CC arch/Mips/MipsMapping.o
CC arch/Mips/MipsModule.o
CC arch/PowerPC/PPCDisassembler.o
CC arch/PowerPC/PPCInstPrinter.o
CC arch/PowerPC/PPCMapping.o
CC arch/PowerPC/PPCModule.o
CC arch/Sparc/SparcDisassembler.o
CC arch/Sparc/SparcInstPrinter.o
CC arch/Sparc/SparcMapping.o
CC arch/Sparc/SparcModule.o
CC arch/SystemZ/SystemZDisassembler.o
CC arch/SystemZ/SystemZInstPrinter.o
CC arch/SystemZ/SystemZMapping.o
CC arch/SystemZ/SystemZModule.o
CC arch/SystemZ/SystemZMCTargetDesc.o
CC arch/X86/X86DisassemblerDecoder.o
CC arch/X86/X86Disassembler.o
CC arch/X86/X86IntelInstPrinter.o
CC arch/X86/X86ATTInstPrinter.o
CC arch/X86/X86Mapping.o
CC arch/X86/X86Module.o
CC arch/XCore/XCoreDisassembler.o
CC arch/XCore/XCoreInstPrinter.o
CC arch/XCore/XCoreMapping.o
CC arch/XCore/XCoreModule.o
CC MCInst.o
LINK libcapstone.so
AR libcapstone.a
GEN capstone.pc
make[1]: Entering directory '/home/bob/dev/plasma/build/capstone_3.0.5-rc3/cstool'
CC cstool_arm64.o
CC cstool_sparc.o
CC cstool_ppc.o
CC cstool_arm.o
CC cstool_xcore.o
CC cstool.o
CC cstool_x86.o
CC cstool_systemz.o
CC cstool_mips.o
LINK cstool
make[1]: Leaving directory '/home/bob/dev/plasma/build/capstone_3.0.5-rc3/cstool'
cd tests && make
make[1]: Entering directory '/home/bob/dev/plasma/build/capstone_3.0.5-rc3/tests'
CC test_basic.o
CC test_detail.o
CC test_skipdata.o
CC test_iter.o
CC test_arm.o
CC test_arm64.o
CC test_mips.o
CC test_ppc.o
CC test_sparc.o
CC test_systemz.o
CC test_x86.o
CC test_xcore.o
LINK test_basic
LINK test_basic.static
LINK test_detail
LINK test_detail.static
LINK test_skipdata
LINK test_skipdata.static
LINK test_iter
LINK test_iter.static
LINK test_arm
LINK test_arm.static
LINK test_arm64
LINK test_arm64.static
LINK test_mips
LINK test_mips.static
LINK test_ppc
LINK test_ppc.static
LINK test_sparc
LINK test_sparc.static
LINK test_systemz
LINK test_systemz.static
LINK test_x86
LINK test_x86.static
LINK test_xcore
LINK test_xcore.static
make[1]: Leaving directory '/home/bob/dev/plasma/build/capstone_3.0.5-rc3/tests'
install -m0755 ./libcapstone.so ./tests/
cd ./tests/ && mv libcapstone.so libcapstone.so.3 && ln -s libcapstone.so.3 libcapstone.so
mkdir -p /usr/lib
install -m0755 ./libcapstone.so /usr/lib
cd /usr/lib && mv libcapstone.so libcapstone.so.3 && ln -s libcapstone.so.3 libcapstone.so
install -m0644 ./libcapstone.a /usr/lib
mkdir -p /usr/include/capstone
install -m0644 include/.h /usr/include/capstone
mkdir -p /usr/lib/pkgconfig
install -m0644 ./capstone.pc /usr/lib/pkgconfig/
mkdir -p /usr/bin
install -m0755 cstool/cstool /usr/bin
rm -rf src/
if test -n ""; then
python3 setup.py build install --root="";
else
python3 setup.py build install;
fi
running build
Building C extensions
make[1]: Entering directory '/home/bob/dev/plasma/build/capstone_3.0.5-rc3'
make[1]: Nothing to be done for 'all'.
make[1]: Leaving directory '/home/bob/dev/plasma/build/capstone_3.0.5-rc3'
running build_py
creating build
creating build/lib
creating build/lib/capstone
copying capstone/arm64.py -> build/lib/capstone
copying capstone/sysz_const.py -> build/lib/capstone
copying capstone/mips.py -> build/lib/capstone
copying capstone/arm.py -> build/lib/capstone
copying capstone/init.py -> build/lib/capstone
copying capstone/ppc.py -> build/lib/capstone
copying capstone/ppc_const.py -> build/lib/capstone
copying capstone/sparc.py -> build/lib/capstone
copying capstone/x86.py -> build/lib/capstone
copying capstone/systemz.py -> build/lib/capstone
copying capstone/arm_const.py -> build/lib/capstone
copying capstone/xcore.py -> build/lib/capstone
copying capstone/arm64_const.py -> build/lib/capstone
copying capstone/xcore_const.py -> build/lib/capstone
copying capstone/sparc_const.py -> build/lib/capstone
copying capstone/mips_const.py -> build/lib/capstone
copying capstone/x86_const.py -> build/lib/capstone
running egg_info
creating capstone.egg-info
writing top-level names to capstone.egg-info/top_level.txt
writing capstone.egg-info/PKG-INFO
writing dependency_links to capstone.egg-info/dependency_links.txt
writing manifest file 'capstone.egg-info/SOURCES.txt'
reading manifest file 'capstone.egg-info/SOURCES.txt'
reading manifest template 'MANIFEST.in'
writing manifest file 'capstone.egg-info/SOURCES.txt'
creating build/lib/capstone/lib
copying capstone/lib/libcapstone.so -> build/lib/capstone/lib
copying capstone/lib/libcapstone.a -> build/lib/capstone/lib
creating build/lib/capstone/include
creating build/lib/capstone/include/capstone
copying capstone/include/capstone/systemz.h -> build/lib/capstone/include/capstone
copying capstone/include/capstone/platform.h -> build/lib/capstone/include/capstone
copying capstone/include/capstone/sparc.h -> build/lib/capstone/include/capstone
copying capstone/include/capstone/mips.h -> build/lib/capstone/include/capstone
copying capstone/include/capstone/capstone.h -> build/lib/capstone/include/capstone
copying capstone/include/capstone/arm64.h -> build/lib/capstone/include/capstone
copying capstone/include/capstone/xcore.h -> build/lib/capstone/include/capstone
copying capstone/include/capstone/arm.h -> build/lib/capstone/include/capstone
copying capstone/include/capstone/x86.h -> build/lib/capstone/include/capstone
copying capstone/include/capstone/ppc.h -> build/lib/capstone/include/capstone
running install
Checking .pth file support in /usr/local/lib/python3.5/dist-packages/
/usr/bin/python3 -E -c pass
TEST PASSED: /usr/local/lib/python3.5/dist-packages/ appears to support .pth files
running bdist_egg
installing library code to build/bdist.linux-x86_64/egg
running install_lib
creating build/bdist.linux-x86_64
creating build/bdist.linux-x86_64/egg
creating build/bdist.linux-x86_64/egg/capstone
copying build/lib/capstone/arm64.py -> build/bdist.linux-x86_64/egg/capstone
copying build/lib/capstone/sysz_const.py -> build/bdist.linux-x86_64/egg/capstone
copying build/lib/capstone/mips.py -> build/bdist.linux-x86_64/egg/capstone
copying build/lib/capstone/arm.py -> build/bdist.linux-x86_64/egg/capstone
copying build/lib/capstone/init.py -> build/bdist.linux-x86_64/egg/capstone
copying build/lib/capstone/ppc.py -> build/bdist.linux-x86_64/egg/capstone
copying build/lib/capstone/ppc_const.py -> build/bdist.linux-x86_64/egg/capstone
copying build/lib/capstone/sparc.py -> build/bdist.linux-x86_64/egg/capstone
copying build/lib/capstone/x86.py -> build/bdist.linux-x86_64/egg/capstone
copying build/lib/capstone/systemz.py -> build/bdist.linux-x86_64/egg/capstone
copying build/lib/capstone/arm_const.py -> build/bdist.linux-x86_64/egg/capstone
copying build/lib/capstone/xcore.py -> build/bdist.linux-x86_64/egg/capstone
copying build/lib/capstone/arm64_const.py -> build/bdist.linux-x86_64/egg/capstone
creating build/bdist.linux-x86_64/egg/capstone/include
creating build/bdist.linux-x86_64/egg/capstone/include/capstone
copying build/lib/capstone/include/capstone/systemz.h -> build/bdist.linux-x86_64/egg/capstone/include/capstone
copying build/lib/capstone/include/capstone/platform.h -> build/bdist.linux-x86_64/egg/capstone/include/capstone
copying build/lib/capstone/include/capstone/sparc.h -> build/bdist.linux-x86_64/egg/capstone/include/capstone
copying build/lib/capstone/include/capstone/mips.h -> build/bdist.linux-x86_64/egg/capstone/include/capstone
copying build/lib/capstone/include/capstone/capstone.h -> build/bdist.linux-x86_64/egg/capstone/include/capstone
copying build/lib/capstone/include/capstone/arm64.h -> build/bdist.linux-x86_64/egg/capstone/include/capstone
copying build/lib/capstone/include/capstone/xcore.h -> build/bdist.linux-x86_64/egg/capstone/include/capstone
copying build/lib/capstone/include/capstone/arm.h -> build/bdist.linux-x86_64/egg/capstone/include/capstone
copying build/lib/capstone/include/capstone/x86.h -> build/bdist.linux-x86_64/egg/capstone/include/capstone
copying build/lib/capstone/include/capstone/ppc.h -> build/bdist.linux-x86_64/egg/capstone/include/capstone
copying build/lib/capstone/xcore_const.py -> build/bdist.linux-x86_64/egg/capstone
copying build/lib/capstone/sparc_const.py -> build/bdist.linux-x86_64/egg/capstone
creating build/bdist.linux-x86_64/egg/capstone/lib
copying build/lib/capstone/lib/libcapstone.so -> build/bdist.linux-x86_64/egg/capstone/lib
copying build/lib/capstone/lib/libcapstone.a -> build/bdist.linux-x86_64/egg/capstone/lib
copying build/lib/capstone/mips_const.py -> build/bdist.linux-x86_64/egg/capstone
copying build/lib/capstone/x86_const.py -> build/bdist.linux-x86_64/egg/capstone
byte-compiling build/bdist.linux-x86_64/egg/capstone/arm64.py to arm64.cpython-35.pyc
byte-compiling build/bdist.linux-x86_64/egg/capstone/sysz_const.py to sysz_const.cpython-35.pyc
byte-compiling build/bdist.linux-x86_64/egg/capstone/mips.py to mips.cpython-35.pyc
byte-compiling build/bdist.linux-x86_64/egg/capstone/arm.py to arm.cpython-35.pyc
byte-compiling build/bdist.linux-x86_64/egg/capstone/init.py to init.cpython-35.pyc
byte-compiling build/bdist.linux-x86_64/egg/capstone/ppc.py to ppc.cpython-35.pyc
byte-compiling build/bdist.linux-x86_64/egg/capstone/ppc_const.py to ppc_const.cpython-35.pyc
byte-compiling build/bdist.linux-x86_64/egg/capstone/sparc.py to sparc.cpython-35.pyc
byte-compiling build/bdist.linux-x86_64/egg/capstone/x86.py to x86.cpython-35.pyc
byte-compiling build/bdist.linux-x86_64/egg/capstone/systemz.py to systemz.cpython-35.pyc
byte-compiling build/bdist.linux-x86_64/egg/capstone/arm_const.py to arm_const.cpython-35.pyc
byte-compiling build/bdist.linux-x86_64/egg/capstone/xcore.py to xcore.cpython-35.pyc
byte-compiling build/bdist.linux-x86_64/egg/capstone/arm64_const.py to arm64_const.cpython-35.pyc
byte-compiling build/bdist.linux-x86_64/egg/capstone/xcore_const.py to xcore_const.cpython-35.pyc
byte-compiling build/bdist.linux-x86_64/egg/capstone/sparc_const.py to sparc_const.cpython-35.pyc
byte-compiling build/bdist.linux-x86_64/egg/capstone/mips_const.py to mips_const.cpython-35.pyc
byte-compiling build/bdist.linux-x86_64/egg/capstone/x86_const.py to x86_const.cpython-35.pyc
creating build/bdist.linux-x86_64/egg/EGG-INFO
copying capstone.egg-info/PKG-INFO -> build/bdist.linux-x86_64/egg/EGG-INFO
copying capstone.egg-info/SOURCES.txt -> build/bdist.linux-x86_64/egg/EGG-INFO
copying capstone.egg-info/dependency_links.txt -> build/bdist.linux-x86_64/egg/EGG-INFO
copying capstone.egg-info/top_level.txt -> build/bdist.linux-x86_64/egg/EGG-INFO
copying capstone.egg-info/zip-safe -> build/bdist.linux-x86_64/egg/EGG-INFO
writing build/bdist.linux-x86_64/egg/EGG-INFO/native_libs.txt
creating dist
creating 'dist/capstone-3.0.5rc2-py3.5.egg' and adding 'build/bdist.linux-x86_64/egg' to it
removing 'build/bdist.linux-x86_64/egg' (and everything under it)
Processing capstone-3.0.5rc2-py3.5.egg
Removing /usr/local/lib/python3.5/dist-packages/capstone-3.0.5rc2-py3.5.egg
Copying capstone-3.0.5rc2-py3.5.egg to /usr/local/lib/python3.5/dist-packages
capstone 3.0.5rc2 is already the active version in easy-install.pth

Installed /usr/local/lib/python3.5/dist-packages/capstone-3.0.5rc2-py3.5.egg
Processing dependencies for capstone==3.0.5rc2
Finished processing dependencies for capstone==3.0.5rc2
Requirement already satisfied (use --upgrade to upgrade): pefile in /usr/local/lib/python3.5/dist-packages (from -r requirements.txt (line 1))
Requirement already satisfied (use --upgrade to upgrade): pyelftools in /usr/local/lib/python3.5/dist-packages (from -r requirements.txt (line 2))
Requirement already satisfied (use --upgrade to upgrade): msgpack-python>=0.4.6 in /usr/local/lib/python3.5/dist-packages (from -r requirements.txt (line 3))
Requirement already satisfied (use --upgrade to upgrade): future in /usr/local/lib/python3.5/dist-packages (from pefile->-r requirements.txt (line 1))
Requirement already satisfied (use --upgrade to upgrade): future in /usr/local/lib/python3.5/dist-packages
running build_ext
copying build/lib.linux-x86_64-3.5/plasma/lib/arch/x86/analyzer.cpython-35m-x86_64-linux-gnu.so -> plasma/lib/arch/x86
copying build/lib.linux-x86_64-3.5/plasma/lib/arch/mips/analyzer.cpython-35m-x86_64-linux-gnu.so -> plasma/lib/arch/mips
copying build/lib.linux-x86_64-3.5/plasma/lib/arch/arm/analyzer.cpython-35m-x86_64-linux-gnu.so -> plasma/lib/arch/arm
running install
Checking .pth file support in /usr/local/lib/python3.5/dist-packages/
/usr/bin/python3 -E -c pass
TEST PASSED: /usr/local/lib/python3.5/dist-packages/ appears to support .pth files
running bdist_egg
running egg_info
writing requirements to plasma.egg-info/requires.txt
writing top-level names to plasma.egg-info/top_level.txt
writing plasma.egg-info/PKG-INFO
writing entry points to plasma.egg-info/entry_points.txt
writing dependency_links to plasma.egg-info/dependency_links.txt
reading manifest file 'plasma.egg-info/SOURCES.txt'
writing manifest file 'plasma.egg-info/SOURCES.txt'
installing library code to build/bdist.linux-x86_64/egg
running install_lib
running build_py
running build_ext
creating build/bdist.linux-x86_64/egg
creating build/bdist.linux-x86_64/egg/plasma
copying build/lib.linux-x86_64-3.5/plasma/main.py -> build/bdist.linux-x86_64/egg/plasma
creating build/bdist.linux-x86_64/egg/plasma/scripts
copying build/lib.linux-x86_64-3.5/plasma/scripts/strings.py -> build/bdist.linux-x86_64/egg/plasma/scripts
copying build/lib.linux-x86_64-3.5/plasma/scripts/crypto.py -> build/bdist.linux-x86_64/egg/plasma/scripts
copying build/lib.linux-x86_64-3.5/plasma/scripts/disasm.py -> build/bdist.linux-x86_64/egg/plasma/scripts
copying build/lib.linux-x86_64-3.5/plasma/scripts/xrefsto.py -> build/bdist.linux-x86_64/egg/plasma/scripts
copying build/lib.linux-x86_64-3.5/plasma/scripts/asm.py -> build/bdist.linux-x86_64/egg/plasma/scripts
copying build/lib.linux-x86_64-3.5/plasma/init.py -> build/bdist.linux-x86_64/egg/plasma
creating build/bdist.linux-x86_64/egg/plasma/lib
copying build/lib.linux-x86_64-3.5/plasma/lib/memmap.py -> build/bdist.linux-x86_64/egg/plasma/lib
copying build/lib.linux-x86_64-3.5/plasma/lib/api.py -> build/bdist.linux-x86_64/egg/plasma/lib
creating build/bdist.linux-x86_64/egg/plasma/lib/fileformat
copying build/lib.linux-x86_64-3.5/plasma/lib/fileformat/binary.py -> build/bdist.linux-x86_64/egg/plasma/lib/fileformat
copying build/lib.linux-x86_64-3.5/plasma/lib/fileformat/pefile2.py -> build/bdist.linux-x86_64/egg/plasma/lib/fileformat
copying build/lib.linux-x86_64-3.5/plasma/lib/fileformat/elf.py -> build/bdist.linux-x86_64/egg/plasma/lib/fileformat
copying build/lib.linux-x86_64-3.5/plasma/lib/fileformat/init.py -> build/bdist.linux-x86_64/egg/plasma/lib/fileformat
creating build/bdist.linux-x86_64/egg/plasma/lib/fileformat/relocations
copying build/lib.linux-x86_64-3.5/plasma/lib/fileformat/relocations/arm64.py -> build/bdist.linux-x86_64/egg/plasma/lib/fileformat/relocations
copying build/lib.linux-x86_64-3.5/plasma/lib/fileformat/relocations/amd64.py -> build/bdist.linux-x86_64/egg/plasma/lib/fileformat/relocations
copying build/lib.linux-x86_64-3.5/plasma/lib/fileformat/relocations/defines.py -> build/bdist.linux-x86_64/egg/plasma/lib/fileformat/relocations
copying build/lib.linux-x86_64-3.5/plasma/lib/fileformat/relocations/ppc64.py -> build/bdist.linux-x86_64/egg/plasma/lib/fileformat/relocations
copying build/lib.linux-x86_64-3.5/plasma/lib/fileformat/relocations/mips.py -> build/bdist.linux-x86_64/egg/plasma/lib/fileformat/relocations
copying build/lib.linux-x86_64-3.5/plasma/lib/fileformat/relocations/arm.py -> build/bdist.linux-x86_64/egg/plasma/lib/fileformat/relocations
copying build/lib.linux-x86_64-3.5/plasma/lib/fileformat/relocations/init.py -> build/bdist.linux-x86_64/egg/plasma/lib/fileformat/relocations
copying build/lib.linux-x86_64-3.5/plasma/lib/fileformat/relocations/ppc.py -> build/bdist.linux-x86_64/egg/plasma/lib/fileformat/relocations
copying build/lib.linux-x86_64-3.5/plasma/lib/fileformat/relocations/mips64.py -> build/bdist.linux-x86_64/egg/plasma/lib/fileformat/relocations
copying build/lib.linux-x86_64-3.5/plasma/lib/fileformat/relocations/generic.py -> build/bdist.linux-x86_64/egg/plasma/lib/fileformat/relocations
copying build/lib.linux-x86_64-3.5/plasma/lib/fileformat/relocations/i386.py -> build/bdist.linux-x86_64/egg/plasma/lib/fileformat/relocations
copying build/lib.linux-x86_64-3.5/plasma/lib/fileformat/raw.py -> build/bdist.linux-x86_64/egg/plasma/lib/fileformat
copying build/lib.linux-x86_64-3.5/plasma/lib/fileformat/pe.py -> build/bdist.linux-x86_64/egg/plasma/lib/fileformat
copying build/lib.linux-x86_64-3.5/plasma/lib/graph.py -> build/bdist.linux-x86_64/egg/plasma/lib
copying build/lib.linux-x86_64-3.5/plasma/lib/colors.py -> build/bdist.linux-x86_64/egg/plasma/lib
copying build/lib.linux-x86_64-3.5/plasma/lib/analyzer.py -> build/bdist.linux-x86_64/egg/plasma/lib
copying build/lib.linux-x86_64-3.5/plasma/lib/init.py -> build/bdist.linux-x86_64/egg/plasma/lib
copying build/lib.linux-x86_64-3.5/plasma/lib/memory.py -> build/bdist.linux-x86_64/egg/plasma/lib
copying build/lib.linux-x86_64-3.5/plasma/lib/ast.py -> build/bdist.linux-x86_64/egg/plasma/lib
copying build/lib.linux-x86_64-3.5/plasma/lib/custom_colors.py -> build/bdist.linux-x86_64/egg/plasma/lib
copying build/lib.linux-x86_64-3.5/plasma/lib/consts.py -> build/bdist.linux-x86_64/egg/plasma/lib
copying build/lib.linux-x86_64-3.5/plasma/lib/utils.py -> build/bdist.linux-x86_64/egg/plasma/lib
copying build/lib.linux-x86_64-3.5/plasma/lib/exceptions.py -> build/bdist.linux-x86_64/egg/plasma/lib
copying build/lib.linux-x86_64-3.5/plasma/lib/generate_ast.py -> build/bdist.linux-x86_64/egg/plasma/lib
copying build/lib.linux-x86_64-3.5/plasma/lib/disassembler.py -> build/bdist.linux-x86_64/egg/plasma/lib
copying build/lib.linux-x86_64-3.5/plasma/lib/database.py -> build/bdist.linux-x86_64/egg/plasma/lib
creating build/bdist.linux-x86_64/egg/plasma/lib/ui
copying build/lib.linux-x86_64-3.5/plasma/lib/ui/listbox.py -> build/bdist.linux-x86_64/egg/plasma/lib/ui
copying build/lib.linux-x86_64-3.5/plasma/lib/ui/inlineed.py -> build/bdist.linux-x86_64/egg/plasma/lib/ui
copying build/lib.linux-x86_64-3.5/plasma/lib/ui/console.py -> build/bdist.linux-x86_64/egg/plasma/lib/ui
copying build/lib.linux-x86_64-3.5/plasma/lib/ui/init.py -> build/bdist.linux-x86_64/egg/plasma/lib/ui
copying build/lib.linux-x86_64-3.5/plasma/lib/ui/utils.py -> build/bdist.linux-x86_64/egg/plasma/lib/ui
copying build/lib.linux-x86_64-3.5/plasma/lib/ui/vim.py -> build/bdist.linux-x86_64/egg/plasma/lib/ui
copying build/lib.linux-x86_64-3.5/plasma/lib/ui/disasmbox.py -> build/bdist.linux-x86_64/egg/plasma/lib/ui
copying build/lib.linux-x86_64-3.5/plasma/lib/ui/widget.py -> build/bdist.linux-x86_64/egg/plasma/lib/ui
copying build/lib.linux-x86_64-3.5/plasma/lib/ui/window.py -> build/bdist.linux-x86_64/egg/plasma/lib/ui
copying build/lib.linux-x86_64-3.5/plasma/lib/ui/visual.py -> build/bdist.linux-x86_64/egg/plasma/lib/ui
creating build/bdist.linux-x86_64/egg/plasma/lib/arch
creating build/bdist.linux-x86_64/egg/plasma/lib/arch/arm
copying build/lib.linux-x86_64-3.5/plasma/lib/arch/arm/init.py -> build/bdist.linux-x86_64/egg/plasma/lib/arch/arm
copying build/lib.linux-x86_64-3.5/plasma/lib/arch/arm/analyzer.cpython-35m-x86_64-linux-gnu.so -> build/bdist.linux-x86_64/egg/plasma/lib/arch/arm
copying build/lib.linux-x86_64-3.5/plasma/lib/arch/arm/utils.py -> build/bdist.linux-x86_64/egg/plasma/lib/arch/arm
copying build/lib.linux-x86_64-3.5/plasma/lib/arch/arm/output.py -> build/bdist.linux-x86_64/egg/plasma/lib/arch/arm
copying build/lib.linux-x86_64-3.5/plasma/lib/arch/arm/process_ast.py -> build/bdist.linux-x86_64/egg/plasma/lib/arch/arm
creating build/bdist.linux-x86_64/egg/plasma/lib/arch/x86
copying build/lib.linux-x86_64-3.5/plasma/lib/arch/x86/init.py -> build/bdist.linux-x86_64/egg/plasma/lib/arch/x86
copying build/lib.linux-x86_64-3.5/plasma/lib/arch/x86/analyzer.cpython-35m-x86_64-linux-gnu.so -> build/bdist.linux-x86_64/egg/plasma/lib/arch/x86
copying build/lib.linux-x86_64-3.5/plasma/lib/arch/x86/utils.py -> build/bdist.linux-x86_64/egg/plasma/lib/arch/x86
copying build/lib.linux-x86_64-3.5/plasma/lib/arch/x86/output.py -> build/bdist.linux-x86_64/egg/plasma/lib/arch/x86
copying build/lib.linux-x86_64-3.5/plasma/lib/arch/x86/int80.py -> build/bdist.linux-x86_64/egg/plasma/lib/arch/x86
copying build/lib.linux-x86_64-3.5/plasma/lib/arch/x86/process_ast.py -> build/bdist.linux-x86_64/egg/plasma/lib/arch/x86
copying build/lib.linux-x86_64-3.5/plasma/lib/arch/init.py -> build/bdist.linux-x86_64/egg/plasma/lib/arch
creating build/bdist.linux-x86_64/egg/plasma/lib/arch/mips
copying build/lib.linux-x86_64-3.5/plasma/lib/arch/mips/init.py -> build/bdist.linux-x86_64/egg/plasma/lib/arch/mips
copying build/lib.linux-x86_64-3.5/plasma/lib/arch/mips/analyzer.cpython-35m-x86_64-linux-gnu.so -> build/bdist.linux-x86_64/egg/plasma/lib/arch/mips
copying build/lib.linux-x86_64-3.5/plasma/lib/arch/mips/utils.py -> build/bdist.linux-x86_64/egg/plasma/lib/arch/mips
copying build/lib.linux-x86_64-3.5/plasma/lib/arch/mips/output.py -> build/bdist.linux-x86_64/egg/plasma/lib/arch/mips
copying build/lib.linux-x86_64-3.5/plasma/lib/arch/mips/process_ast.py -> build/bdist.linux-x86_64/egg/plasma/lib/arch/mips
copying build/lib.linux-x86_64-3.5/plasma/lib/output.py -> build/bdist.linux-x86_64/egg/plasma/lib
byte-compiling build/bdist.linux-x86_64/egg/plasma/main.py to main.cpython-35.pyc
byte-compiling build/bdist.linux-x86_64/egg/plasma/scripts/strings.py to strings.cpython-35.pyc
byte-compiling build/bdist.linux-x86_64/egg/plasma/scripts/crypto.py to crypto.cpython-35.pyc
byte-compiling build/bdist.linux-x86_64/egg/plasma/scripts/disasm.py to disasm.cpython-35.pyc
byte-compiling build/bdist.linux-x86_64/egg/plasma/scripts/xrefsto.py to xrefsto.cpython-35.pyc
byte-compiling build/bdist.linux-x86_64/egg/plasma/scripts/asm.py to asm.cpython-35.pyc
byte-compiling build/bdist.linux-x86_64/egg/plasma/init.py to init.cpython-35.pyc
byte-compiling build/bdist.linux-x86_64/egg/plasma/lib/memmap.py to memmap.cpython-35.pyc
byte-compiling build/bdist.linux-x86_64/egg/plasma/lib/api.py to api.cpython-35.pyc
byte-compiling build/bdist.linux-x86_64/egg/plasma/lib/fileformat/binary.py to binary.cpython-35.pyc
byte-compiling build/bdist.linux-x86_64/egg/plasma/lib/fileformat/pefile2.py to pefile2.cpython-35.pyc
byte-compiling build/bdist.linux-x86_64/egg/plasma/lib/fileformat/elf.py to elf.cpython-35.pyc
byte-compiling build/bdist.linux-x86_64/egg/plasma/lib/fileformat/init.py to init.cpython-35.pyc
byte-compiling build/bdist.linux-x86_64/egg/plasma/lib/fileformat/relocations/arm64.py to arm64.cpython-35.pyc
byte-compiling build/bdist.linux-x86_64/egg/plasma/lib/fileformat/relocations/amd64.py to amd64.cpython-35.pyc
byte-compiling build/bdist.linux-x86_64/egg/plasma/lib/fileformat/relocations/defines.py to defines.cpython-35.pyc
byte-compiling build/bdist.linux-x86_64/egg/plasma/lib/fileformat/relocations/ppc64.py to ppc64.cpython-35.pyc
byte-compiling build/bdist.linux-x86_64/egg/plasma/lib/fileformat/relocations/mips.py to mips.cpython-35.pyc
byte-compiling build/bdist.linux-x86_64/egg/plasma/lib/fileformat/relocations/arm.py to arm.cpython-35.pyc
byte-compiling build/bdist.linux-x86_64/egg/plasma/lib/fileformat/relocations/init.py to init.cpython-35.pyc
byte-compiling build/bdist.linux-x86_64/egg/plasma/lib/fileformat/relocations/ppc.py to ppc.cpython-35.pyc
byte-compiling build/bdist.linux-x86_64/egg/plasma/lib/fileformat/relocations/mips64.py to mips64.cpython-35.pyc
byte-compiling build/bdist.linux-x86_64/egg/plasma/lib/fileformat/relocations/generic.py to generic.cpython-35.pyc
byte-compiling build/bdist.linux-x86_64/egg/plasma/lib/fileformat/relocations/i386.py to i386.cpython-35.pyc
byte-compiling build/bdist.linux-x86_64/egg/plasma/lib/fileformat/raw.py to raw.cpython-35.pyc
byte-compiling build/bdist.linux-x86_64/egg/plasma/lib/fileformat/pe.py to pe.cpython-35.pyc
byte-compiling build/bdist.linux-x86_64/egg/plasma/lib/graph.py to graph.cpython-35.pyc
byte-compiling build/bdist.linux-x86_64/egg/plasma/lib/colors.py to colors.cpython-35.pyc
byte-compiling build/bdist.linux-x86_64/egg/plasma/lib/analyzer.py to analyzer.cpython-35.pyc
byte-compiling build/bdist.linux-x86_64/egg/plasma/lib/init.py to init.cpython-35.pyc
byte-compiling build/bdist.linux-x86_64/egg/plasma/lib/memory.py to memory.cpython-35.pyc
byte-compiling build/bdist.linux-x86_64/egg/plasma/lib/ast.py to ast.cpython-35.pyc
byte-compiling build/bdist.linux-x86_64/egg/plasma/lib/custom_colors.py to custom_colors.cpython-35.pyc
byte-compiling build/bdist.linux-x86_64/egg/plasma/lib/consts.py to consts.cpython-35.pyc
byte-compiling build/bdist.linux-x86_64/egg/plasma/lib/utils.py to utils.cpython-35.pyc
byte-compiling build/bdist.linux-x86_64/egg/plasma/lib/exceptions.py to exceptions.cpython-35.pyc
byte-compiling build/bdist.linux-x86_64/egg/plasma/lib/generate_ast.py to generate_ast.cpython-35.pyc
byte-compiling build/bdist.linux-x86_64/egg/plasma/lib/disassembler.py to disassembler.cpython-35.pyc
byte-compiling build/bdist.linux-x86_64/egg/plasma/lib/database.py to database.cpython-35.pyc
byte-compiling build/bdist.linux-x86_64/egg/plasma/lib/ui/listbox.py to listbox.cpython-35.pyc
byte-compiling build/bdist.linux-x86_64/egg/plasma/lib/ui/inlineed.py to inlineed.cpython-35.pyc
byte-compiling build/bdist.linux-x86_64/egg/plasma/lib/ui/console.py to console.cpython-35.pyc
byte-compiling build/bdist.linux-x86_64/egg/plasma/lib/ui/init.py to init.cpython-35.pyc
byte-compiling build/bdist.linux-x86_64/egg/plasma/lib/ui/utils.py to utils.cpython-35.pyc
byte-compiling build/bdist.linux-x86_64/egg/plasma/lib/ui/vim.py to vim.cpython-35.pyc
byte-compiling build/bdist.linux-x86_64/egg/plasma/lib/ui/disasmbox.py to disasmbox.cpython-35.pyc
byte-compiling build/bdist.linux-x86_64/egg/plasma/lib/ui/widget.py to widget.cpython-35.pyc
byte-compiling build/bdist.linux-x86_64/egg/plasma/lib/ui/window.py to window.cpython-35.pyc
byte-compiling build/bdist.linux-x86_64/egg/plasma/lib/ui/visual.py to visual.cpython-35.pyc
byte-compiling build/bdist.linux-x86_64/egg/plasma/lib/arch/arm/init.py to init.cpython-35.pyc
byte-compiling build/bdist.linux-x86_64/egg/plasma/lib/arch/arm/utils.py to utils.cpython-35.pyc
byte-compiling build/bdist.linux-x86_64/egg/plasma/lib/arch/arm/output.py to output.cpython-35.pyc
byte-compiling build/bdist.linux-x86_64/egg/plasma/lib/arch/arm/process_ast.py to process_ast.cpython-35.pyc
byte-compiling build/bdist.linux-x86_64/egg/plasma/lib/arch/x86/init.py to init.cpython-35.pyc
byte-compiling build/bdist.linux-x86_64/egg/plasma/lib/arch/x86/utils.py to utils.cpython-35.pyc
byte-compiling build/bdist.linux-x86_64/egg/plasma/lib/arch/x86/output.py to output.cpython-35.pyc
byte-compiling build/bdist.linux-x86_64/egg/plasma/lib/arch/x86/int80.py to int80.cpython-35.pyc
byte-compiling build/bdist.linux-x86_64/egg/plasma/lib/arch/x86/process_ast.py to process_ast.cpython-35.pyc
byte-compiling build/bdist.linux-x86_64/egg/plasma/lib/arch/init.py to init.cpython-35.pyc
byte-compiling build/bdist.linux-x86_64/egg/plasma/lib/arch/mips/init.py to init.cpython-35.pyc
byte-compiling build/bdist.linux-x86_64/egg/plasma/lib/arch/mips/utils.py to utils.cpython-35.pyc
byte-compiling build/bdist.linux-x86_64/egg/plasma/lib/arch/mips/output.py to output.cpython-35.pyc
byte-compiling build/bdist.linux-x86_64/egg/plasma/lib/arch/mips/process_ast.py to process_ast.cpython-35.pyc
byte-compiling build/bdist.linux-x86_64/egg/plasma/lib/output.py to output.cpython-35.pyc
creating stub loader for plasma/lib/arch/x86/analyzer.cpython-35m-x86_64-linux-gnu.so
creating stub loader for plasma/lib/arch/mips/analyzer.cpython-35m-x86_64-linux-gnu.so
creating stub loader for plasma/lib/arch/arm/analyzer.cpython-35m-x86_64-linux-gnu.so
byte-compiling build/bdist.linux-x86_64/egg/plasma/lib/arch/x86/analyzer.py to analyzer.cpython-35.pyc
byte-compiling build/bdist.linux-x86_64/egg/plasma/lib/arch/mips/analyzer.py to analyzer.cpython-35.pyc
byte-compiling build/bdist.linux-x86_64/egg/plasma/lib/arch/arm/analyzer.py to analyzer.cpython-35.pyc
creating build/bdist.linux-x86_64/egg/EGG-INFO
copying plasma.egg-info/PKG-INFO -> build/bdist.linux-x86_64/egg/EGG-INFO
copying plasma.egg-info/SOURCES.txt -> build/bdist.linux-x86_64/egg/EGG-INFO
copying plasma.egg-info/dependency_links.txt -> build/bdist.linux-x86_64/egg/EGG-INFO
copying plasma.egg-info/entry_points.txt -> build/bdist.linux-x86_64/egg/EGG-INFO
copying plasma.egg-info/requires.txt -> build/bdist.linux-x86_64/egg/EGG-INFO
copying plasma.egg-info/top_level.txt -> build/bdist.linux-x86_64/egg/EGG-INFO
writing build/bdist.linux-x86_64/egg/EGG-INFO/native_libs.txt
creating 'dist/plasma-1.0-py3.5-linux-x86_64.egg' and adding 'build/bdist.linux-x86_64/egg' to it
removing 'build/bdist.linux-x86_64/egg' (and everything under it)
Processing plasma-1.0-py3.5-linux-x86_64.egg
removing '/usr/local/lib/python3.5/dist-packages/plasma-1.0-py3.5-linux-x86_64.egg' (and everything under it)
creating /usr/local/lib/python3.5/dist-packages/plasma-1.0-py3.5-linux-x86_64.egg
Extracting plasma-1.0-py3.5-linux-x86_64.egg to /usr/local/lib/python3.5/dist-packages
Removing plasma 1.0 from easy-install.pth file
plasma 1.0 is already the active version in easy-install.pth
Installing plasma script to /usr/local/bin

Installed /usr/local/lib/python3.5/dist-packages/plasma-1.0-py3.5-linux-x86_64.egg
Processing dependencies for plasma==1.0
Searching for msgpack-python==0.5.6
Best match: msgpack-python 0.5.6
Adding msgpack-python 0.5.6 to easy-install.pth file

Using /usr/local/lib/python3.5/dist-packages
Searching for pyelftools==0.24
Best match: pyelftools 0.24
pyelftools 0.24 is already the active version in easy-install.pth

Using /usr/local/lib/python3.5/dist-packages
Searching for pefile==2017.11.5
Best match: pefile 2017.11.5
pefile 2017.11.5 is already the active version in easy-install.pth

Using /usr/local/lib/python3.5/dist-packages
Searching for future==0.16.0
Best match: future 0.16.0
future 0.16.0 is already the active version in easy-install.pth
Installing futurize script to /usr/local/bin
Installing pasteurize script to /usr/local/bin

Using /usr/local/lib/python3.5/dist-packages
Finished processing dependencies for plasma==1.0

Anyone know what the issue might be?

Regression for visual mode

I just played around with reverse a little bit, pulled again and visual mode stopped working. For me, the regression is introduced by 77a5772.

Cool project! :)

daniel:reverse/ (detached*)$ git co 77a577241e5b88b3749b7b19845983abcd28449d
Vorherige Position von HEAD war df2144e... set address line after printing the label
HEAD ist jetzt bei 77a5772... add xrefs (command xrefs in the console and x in visual)
daniel:reverse/ (detached*)$ ./reverse.py -i tests/server.bin 
>> v
Traceback (most recent call last):
  File "./reverse.py", line 37, in <module>
    i = Console(ctx)
  File "/home/daniel/apps/reverse/lib/ui/console.py", line 414, in __init__
    rl.loop()
  File "/home/daniel/apps/reverse/lib/ui/readline.py", line 123, in loop
    self.process_key(ch)
  File "/home/daniel/apps/reverse/lib/ui/readline.py", line 133, in process_key
    self.mapping[ch]()
  File "/home/daniel/apps/reverse/lib/ui/readline.py", line 325, in k_enter
    self.callback_enter(self.line)
  File "/home/daniel/apps/reverse/lib/ui/console.py", line 565, in exec_command
    c.callback_exec(args)
  File "/home/daniel/apps/reverse/lib/ui/console.py", line 781, in __exec_v
    o = self.ctx.dis.dump_asm(self.ctx, NB_LINES_TO_DISASM)
  File "/home/daniel/apps/reverse/lib/disassembler.py", line 314, in dump_asm
    o._asm_inst(i)
  File "/home/daniel/apps/reverse/lib/output.py", line 535, in _asm_inst
    modified = self._sub_asm_inst(i, tab, prefix)
  File "/home/daniel/apps/reverse/lib/arch/x86/output.py", line 337, in _sub_asm_inst
    self._operand(i, 1)
  File "/home/daniel/apps/reverse/lib/arch/x86/output.py", line 84, in _operand
    force_dont_print_data=force_dont_print_data)
  File "/home/daniel/apps/reverse/lib/output.py", line 380, in _imm
    self._unk(imm)
  File "/home/daniel/apps/reverse/lib/output.py", line 175, in _unk
    self.token_lines[-1].append((s, COLOR_UNK.val, COLOR_UNK.bold))
NameError: name 'COLOR_UNK' is not defined

feature : implement stack memory access simulation

I found a function which starts and ends with :

lea ecx, dword ptr [esp + 4]                                   
and esp, 0xfffffff0
push dword ptr [ecx - 4]
push ebp
mov ebp, esp
push esi
push ebx
push ecx
sub esp, 0xcc
...
mov eax, 0
lea esp, dword ptr [ebp - 0xc]
add esp, 0                                                     
pop ecx
pop ebx
pop esi
pop ebp
lea esp, dword ptr [ecx - 4]
ret

The problem here is that the value of esp is pushed and then poped. For this case we should simulate stack memory access.

Disassembly fails on PE files

When trying a random PE file (I'm on Linux) the script fails with the following error message:

Traceback (most recent call last):
  File "/usr/bin/plasma", line 9, in <module>
    load_entry_point('plasma==1.0', 'console_scripts', 'plasma')()
  File "/usr/lib/python3.5/site-packages/plasma-1.0-py3.5.egg/plasma/main.py", line 44, in console_entry
    if not gctx.load_file():
  File "/usr/lib/python3.5/site-packages/plasma-1.0-py3.5.egg/plasma/lib/__init__.py", line 195, in load_file
    self.db)
  File "/usr/lib/python3.5/site-packages/plasma-1.0-py3.5.egg/plasma/lib/disassembler.py", line 77, in __init__
    self.binary.load_symbols()
  File "/usr/lib/python3.5/site-packages/plasma-1.0-py3.5.egg/plasma/lib/fileformat/binary.py", line 386, in load_symbols
    self.__demangle_symbols()
  File "/usr/lib/python3.5/site-packages/plasma-1.0-py3.5.egg/plasma/lib/fileformat/binary.py", line 353, in __demangle_symbols
    if n.startswith("_Z") or n.startswith("__Z"):
TypeError: startswith first arg must be bytes or a tuple of bytes, not str

Installed dependencies:

python 3.5.1
capstone 3.0.4
python-pyelftools 0.23
python-pefile 2016.3.4
python-msgpack 0.4.7
binutils 2.26

I don't think that it matters but I'm using Arch Linux on x86_64.

mips: fix prefetch instructions

analyzer: better heuristic of frame_size

Currently, the analyzer compute wrong variable offsets when the sp is modified, example :

mov rbx, [rsp] ; get one qword from rsp
push rax ; first arg of func
call func
; func should pop the arg
mov rbx, [rsp] ; the analyzer gives a different for this one

visual : deal with big data/strings when scroll up/down

When we scroll up, we can't know which referenced address is before. So we go through each previous bytes until we find a known address or when we saw 1024 bytes. The solution is to add an offset each 1024 bytes. See the comment in reverse.lib.disassembler.find_addr_before.

bug in pefile ?

The pefile library seems to be bugged. Sometimes the function pe.load_import_symbols fails because the internal function of pefile, parse_data_directories, throw an exception.

m68k support

Could someone implement m68k and apollo-core http://www.apollo-core.com/ support for this awesome tool ?

pe: some symbols not demangled

This project seems to support msvc symbols starting with "?" :
https://sourceforge.net/projects/php-ms-demangle/

instruction semantics

you can take advantage of some advanced API of Capstone to check the semantics of instructions.
since instructions are classified in groups, you can do in Python:

check if an instruction is a RETURN instruction with:
if i.group(CS_GRP_RET):
....
check if an instruction is a kind of JUMP instruction with:
if i.group(CS_GRP_JUMP):
....

there are few more type of groups such as CS_GRP_CALL, CS_GRP_IRET, etc.
see __init__.py & x86_const.py for more info.

elf with only headers (no sections)

Python 3 Nose package is also a requirement.

Nose package is also a requirement so add it in the requirements.

PE or Mach-o?

I'm sure you've been asked many times, but any plans on expanding this to PE or Mach-o?

If you're not looking that way, do you know of similar projects (Python scripts, etc.) that do?

error: the file is not PE or ELF binary

When i am trying to read any file.
If i set raw option, output is empty

Dockerfile doesn't work fine

Hi,

I'm trying to execute it with Dockerfile but the files inside don't match with the file that there are on folder. By example:
RUN /plasma/requirements.sh
and requirements.sh doesn't exist on anywhere.

Regards.

analyzer: confusion small address / immediate

When sections are mapped in low memory, the analyzer add too much xrefs. It could be better to check first if there is memory access when an immediate value is encountered.

Is it possible to release this for Python 2.7.x?

How to display pseudo and asm code at the same time.

Like this pic.

python 3.4 requirement

Running reverse in python < 3.4 results in the following error (tested with python 3.2):

$ ./reverse.py tests/nestedloop1.bin
Traceback (most recent call last):
  File "./reverse.py", line 20, in <module>
    from lib import reverse, parse_args
  File "/home/netantho/reverse/lib/__init__.py", line 24, in <module>
    from lib.disassembler import Disassembler
  File "/home/netantho/reverse/lib/disassembler.py", line 25, in <module>
    from lib.output import print_no_end
  File "/home/netantho/reverse/lib/output.py", line 20, in <module>
    from lib.colors import (color_addr, color_comment, color_keyword, color_type,
  File "/home/netantho/reverse/lib/colors.py", line 21, in <module>
    from pathlib import Path
ImportError: No module named pathlib

pathlib is available only from python 3.4.

Also, the python command needs to link to python 3.4 to install capstone.

ARM support is unlikely

Just build and1.bin and behold stuff like:

    0x8500: pop fp, pc
    if == {
        <$d>
        0x8504: r8 = r0 & (r4 << 11) # andeq r8, r0, r4, lsl #11
        0x8508: r8 = r0 & (r8 << 11) # andeq r8, r0, r8, lsl #11
        0x850c: r8 = r0 & (ip << 11) # andeq r8, r0, ip, lsl #11
    }

i.e. it can't even detect return from function.

Out of curiosity, what made you write your own such tool, did you try to reuse an existing one?

No module named elftools

requirements.sh runs fine, installs everything that's needed, however:

python3.4 ./reverse.py tests/nestedloop1.bin

Traceback (most recent call last):
  File "./reverse.py", line 29, in <module>
    reverse(ctx)
  File "/home/reverse/lib/__init__.py", line 234, in reverse
    if not load_file(ctx):
  File "/home/reverse/lib/__init__.py", line 127, in load_file
    ctx.raw_base, ctx.raw_big_endian)
  File "/home/reverse/lib/disassembler.py", line 35, in __init__
    self.binary = Binary(filename, raw_type, raw_base, raw_big_endian)
  File "/home/reverse/lib/fileformat/binary.py", line 48, in __init__
    import lib.fileformat.elf as LIB_ELF
  File "/home/reverse/lib/fileformat/elf.py", line 20, in <module>
    from elftools.elf.elffile import ELFFile
ImportError: No module named 'elftools'

Wrong parse ELF, without section name

I found some bug, if into elf file doesnt contains section names, the parser may not see or display some sections.
Example:
First section in file has len(name) == 0

diff --git a/plasma/lib/fileformat/elf.py b/plasma/lib/fileformat/elf.py
index c1349b8..2176ade 100644
--- a/plasma/lib/fileformat/elf.py
+++ b/plasma/lib/fileformat/elf.py
@@ -108,7 +108,8 @@ class ELF(Binary):
         # Load sections
         for s in self.elf.iter_sections():
             if not s.name:
-                continue
+                 s.name = '.unknow'
+            #    continue
 
             # Keep only sections R|W|X
             # TODO : is it sufficiant ?

Traceback when trying to install

I get the following traceback when installing into a virtual environment.

Traceback (most recent call last):
  File "setup.py", line 9, in <module>
    from pip.req import parse_requirements
ImportError: No module named 'pip'

shellcode_0x0 test fails

$ make
and1 [OK]
and2 [OK]
and3 [OK]
and4 [OK]
...
shellcode_0x0 [EXCEPTION]
strlen [OK]

$ ./reverse.py --raw x86 tests/shellcode.bin
Traceback (most recent call last):
  File "./reverse.py", line 29, in <module>
    reverse(ctx)
  File "/home/alex/tools/reverse/lib/__init__.py", line 223, in reverse
    init_addr(ctx)
  File "/home/alex/tools/reverse/lib/__init__.py", line 163, in init_addr
    ctx.dis.check_addr(addr)
  File "/home/alex/tools/reverse/lib/disassembler.py", line 49, in check_addr
    addr_exists, is_exec = self.binary.check_addr(addr)
  File "/home/alex/tools/reverse/lib/fileformat/binary.py", line 90, in check_addr
    return self.__binary.check_addr(addr)
  File "/home/alex/tools/reverse/lib/fileformat/raw.py", line 63, in check_addr
    ad = addr - self.raw_base
TypeError: unsupported operand type(s) for -: 'int' and 'NoneType'

ImportError: No module named 'plasma.lib.fileformat.relocations'

Installed everything as described w/o any error. System is Debian jessie 64bit (VirtualBox Image).
Above error appears when trying to run tests

opcode \xff\x25 was not found, please report

When I give a certain *.so file to script I get following error:

warning: I'm expecting to see a jmp *(ADDR) on each plt entry
warning: opcode \xff\x25 was not found, please report
error: symbol main not found
error: You can see all symbols with -s (if resolution is done).
error: Note: --dump need the option -x.

What am i doing wrong?

AttributeError: 'str' object has no attribute 'decode'

Fresh install from master (the same using the Dockerfile). Every ELF file I try to open I receive the following error

$ ./run_plasma.py /bin/ls -x main
Traceback (most recent call last):
  File "/plasma/run_plasma.py", line 23, in <module>
    console_entry()
  File "/plasma/plasma/main.py", line 36, in console_entry
    if not gctx.load_file():
  File "/plasma/plasma/lib/__init__.py", line 196, in load_file
    self.db)
  File "/plasma/plasma/lib/disassembler.py", line 102, in __init__
    self.load_symbols()
  File "/plasma/plasma/lib/disassembler.py", line 167, in load_symbols
    self.binary.load_dyn_sym()
  File "/plasma/plasma/lib/fileformat/elf.py", line 276, in load_dyn_sym
    self.__register_relocs(reloc_sec)
  File "/plasma/plasma/lib/fileformat/elf.py", line 413, in __register_relocs
    self.__save_symbol(reloc, reloc.symbol.entry.st_value)
  File "/plasma/plasma/lib/fileformat/elf.py", line 345, in __save_symbol
    name = rel.symbol.name.decode()
AttributeError: 'str' object has no attribute 'decode'

I'm trying this on an Ubuntu

$ lsb_release -a
No LSB modules are available.
Distributor ID: Ubuntu
Description:    Ubuntu 14.04.5 LTS
Release:    14.04
Codename:   trusty

Make plasma pip-installable

Making this pip-installabe would make it more accessible to a bunch of folks. It would also be great if there were Windows, OS X and maybe even manylinux binary wheels (although I appreciate that these are less important than they are for other projects, since if you care about disassembly you probably have a C compiler lying around).

(As a side note, thanks for doing this, this looks amazing)

Recommend Projects

React

A declarative, efficient, and flexible JavaScript library for building user interfaces.
Vue.js

🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
Typescript

TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
TensorFlow

An Open Source Machine Learning Framework for Everyone
Django

The Web framework for perfectionists with deadlines.
Laravel

A PHP framework for web artisans
D3

Bring data to life with SVG, Canvas and HTML. 📊📈🎉

Recommend Topics

javascript

JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
web

Some thing interesting about web. New door for the world.
server

A server is a program made to process requests and deliver data to clients.
Machine learning

Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
Visualization

Some thing interesting about visualization, use data art
Game

Some thing interesting about game, make everyone happy.

Recommend Org

Facebook

We are working to build community through open source technology. NB: members must have two-factor auth.
Microsoft

Open source projects and samples from Microsoft.
Google

Google ❤️ Open Source for everyone.
Alibaba

Alibaba Open Source for everyone
D3

Data-Driven Documents codes.
Tencent

China tencent open source team.