How to disassemble first 200 bytes of an executable code using pydasm library in Python? I want to know how to set size of buffer to disassemble it.
Asked
Active
Viewed 1,781 times
1 Answers
10
Slightly modified version from pydasm's README.txt
import pydasm
import binascii
# Open, and read 200 bytes out of the file,
# while converting buffer to hex string
with open('file.bin','r') as f:
buffer = binascii.hexlify(f.read(200))
# Iterate through the buffer and disassemble
offset = 0
while offset < len(buffer):
i = pydasm.get_instruction(buffer[offset:], pydasm.MODE_32)
print pydasm.get_instruction_string(i, pydasm.FORMAT_INTEL, 0)
if not i:
break
offset += i.length
ADDED:
You also can play with seek() to go to certain position of the file, and then read from there. It is particular useful if you want to read shellcode embedded into some file and you know relative position. You will have to open() the file with "b" option for it to work. Consult Python File Object Library Reference for details.
PSS
- 3,088
- 1
- 21
- 35