X86::Disasm - Perl extension to wrap libdisasm - an X86 Disassembler
use X86::Disasm ':all'; my $buffer = "\x8d\x4c\x24\x04\x83\xe4\xf0\xff\x71\xfc\x55\x89\xe5\x51"; my $buf_rva = 0; my $offset = 0; my $disasm = X86::Disasm->new; my $data = $disasm->disassemble($buffer, $buf_rva, $offset, $x86_asm_format_enum->{$syntax});
X86::Disasm provides a Perl interface to the C X86 disassembler library, libdisasm. See http://bastard.sourceforge.net/libdisasm.html
None by default.
our %EXPORT_TAGS = ( 'all' => [ qw( $x86_asm_format $x86_asm_format_enum $x86_options $x86_op_foreach_type $x86_report_codes ) ] );
my $disasm = X86::Disasm->new($options, $reporter, $reporter_args);
All arguments are optional.
$options is defined by the hash
$options
our $x86_options = { # these can be ORed together 0 => "opt_none", 1 => "opt_ignore_nulls", # ignore sequences of > 4 NULL bytes 2 => "opt_16_bit", # 16-bit/DOS disassembly 4 => "opt_att_mnemonics", # use AT&T syntax names for alternate opcode mnemonics };
If supplied, $reporter must be a code reference.
$reporter
If supplied, $reporter_args must be a hash reference.
$reporter_args
my $data = $disasm->disassemble($buffer, $buf_rva, $offset, $x86_asm_format_enum->{$syntax});
This method presents the instructions as a list of lists. Each instruction is the first element of the sub-list; subsequent elements are the associated operands.
my $data = $disasm->disassemble_list($buffer, $buf_rva, $offset, $x86_asm_format_enum->{$syntax});
This method presents the instructions as a list. Each instruction is presented as a string.
my $data = $disasm->disassemble_hash($buffer, $buf_rva, $offset);
This method presents the instructions as a a list of hashes. Each instruction is totally deconstructed in to the hash - and provides a full representation of the information.
No longer implemented.
# $disasm->disassemble_range($buffer, $buf_rva, $offset, $length, $callback_ref, $callback_data); # #This method disassembles the range of instructions from $offset for $length #bytes. The supplied calback can be used to do *something* with the #instructions.
# my $retval = $disasm->disassemble_forward($buffer, $buf_rva, $offset, $callback_ref, $callback_data, $resolver_ref, $resolver_data); # #The disassembly in this case starts at 'offset', and proceeds forward following #the flow of execution for the disassembled code. This means that when a jump, #call, or conditional jump is encountered, disassemble_forward recurses, using #the offset of the target of the jump or call as the 'offset' argument. When #a jump or return is encountered, disassemble_forward returns, allowing its #caller [either the application, or an outer invocation of disassemble_forward] #to continue.
If you use Debian and install libdisasm0 and libdisasm-dev then the following are a useful supplement to this documentation.
/usr/include/libdis.h
/usr/share/doc/libdisasm-dev/libdisasm.txt.gz
The latest version of this Perl module is available from https://sourceforge.net/projects/x86disasm/
Bob Wilkinson, <bob@fourtheye.org>
Copyright (C) 2009 by Bob Wilkinson
This library is free software; you can redistribute it and/or modify it under the same terms as Perl itself, either Perl version 5.10.0 or, at your option, any later version of Perl 5 you may have available.
To install X86::Disasm, copy and paste the appropriate command in to your terminal.
cpanm
cpanm X86::Disasm
CPAN shell
perl -MCPAN -e shell install X86::Disasm
For more information on module installation, please visit the detailed CPAN module installation guide.