batch eval tool for machine code. eval() but for asm.

Overview

yaxpeax-eval

crate

yaxpeax-eval is the repo providing yaxeval, a tool to execute machine code with preconditions and report state at exit.

currently, yaxeval works by spawning a thread and executing the provided machine code on the local physical processor. there is some boring glue for architecture-dependent state setting and reporting. this means that yaxeval supports, or is close to supporting, whatever physical processor you would run it on.

i am interested in using qemu-user as an alternate execution backend for cross-platform emulation. yaxeval should be able to use qemu-user just the same for setup and reporting by using qemu's gdbserver.

usage

if you just want to build and use it, cargo install yaxpeax-eval should get you started. otherwise, clone this repo and a cargo build will work as well. yaxeval <x86 machine code> is a good starting point:

yaxpeax-eval> ./target/release/yaxeval b878563412
loaded code...
  00007f774b497000: mov eax, 0x12345678
  00007f774b497005: 🏁 (int 0x3)
running...
  rax:   0000000000000000
   to -> 0000000012345678
  rip:   00007f774b497000
   to -> 00007f774b497006

initial register state is generally zeroes, with exception of rip, which by default points to whatever address an unrestricted mmap could find.

inital register values, including rip, can be specified explicitly:

yaxpeax-eval> ./target/release/yaxeval --regs rax=4,rcx=5,rip=0x123456789a,eflags=0x246 03c133c9
loaded code...
  000000123456789a: add eax, ecx
  000000123456789c: xor ecx, ecx
  000000123456789e: 🏁 (int 0x3)
running...
  rax:   0000000000000004
   to -> 0000000000000009
  rcx:   0000000000000005
   to -> 0000000000000000
  rip:   000000123456789a
   to -> 000000123456789f

and if the provided code disastrously crashes, yaxeval will try to say a bit about what occurred:

yaxpeax-eval> ./target/release/yaxeval --regs rax=4,rcx=5,rip=0x123456789a,eflags=0x246 0000
loaded code...
  000000123456789a: add byte [rax], al
  000000123456789c: 🏁 (int 0x3)
running...
  eflags:        00000246
   to ->         00010246
sigsegv at unexpected address: 000000123456789a

aspirations

  • accept some config to map memory regions other than the implicitly-initialized code region
  • machine-friendly input/output formats
  • mode to single-step through provided code?
You might also like...
Blockoli is a high-performance tool for code indexing, embedding generation and semantic search tool for use with LLMs.
Blockoli is a high-performance tool for code indexing, embedding generation and semantic search tool for use with LLMs.

blockoli 🥦🔎 Blockoli is a high-performance tool for code indexing, embedding generation and semantic search tool for use with LLMs. blockoli is buil

A command-line downloader for sites archived on the Wayback Machine

This is a small command-line utility I wrote to help with browsing archived websites from the Wayback Machine, which can sometimes be pretty slow.

DeFiChain octopus is a codename research & development for DFIP 2111-B: VOC: Ethereum Virtual Machine (EVM) Support.

DeFiCh/octopus DeFiChain octopus is a codename research & development for DFIP 2111-B: VOC: Ethereum Virtual Machine (EVM) Support . Proposed as a DFI

Sugar is an alternative to the current Metaplex Candy Machine CLI

Sugar: A Candy Machine CLI Sugar is an alternative to the current Metaplex Candy Machine CLI. It has been written from the ground up and includes seve

By mirroring traffic to and from your machine, mirrord surrounds your local service with a mirror image of its cloud environment.
By mirroring traffic to and from your machine, mirrord surrounds your local service with a mirror image of its cloud environment.

mirrord lets you easily mirror traffic from your Kubernetes cluster to your development environment. It comes as both Visual Studio Code extension and

Nederlandse programmeertaal. Geinterpreteerd en met dynamische types. Met bytecode compiler en virtual machine, in Rust.

Nederlang Nederlang is een geinterpreteerde programmeertaal, in het Nederlands! Met als bestandsnaam extensie.... .nl! Het maakt gebruik van dynamisch

Shell Of A New Machine: Quickly configure new environments

Shell Of A New Machine soanm is a dead-simple tool for easily configuring new UNIX machines, with almost zero prerequisites on the target machine. All

A visual canvas and virtual machine for writing assembly to build cool things. Create machines and connect them together.
A visual canvas and virtual machine for writing assembly to build cool things. Create machines and connect them together.

Visual Assembly Canvas A highly visual assembly editor, infinite canvas for wiring blocks and machines together, bytecode virtual machine runnable nat

A visual canvas and virtual machine for writing assembly to build cool things. Create machines and connect them together.
A visual canvas and virtual machine for writing assembly to build cool things. Create machines and connect them together.

Visual Assembly Canvas A highly visual assembly editor, infinite canvas for wiring blocks and machines together, bytecode virtual machine runnable nat

Owner
iximeow
iximeow
Dechrome is a tool written in Rust for batch removing Chromium-based browsers.

Dechrome Dechrome is a tool written in Rust for batch removing Chromium-based browsers and installing Firefox as a replacement. Warning The script is

Ryze 7 Aug 29, 2023
A CLI batch downloader for your Bandcamp collection.

bandsnatch A CLI batch downloader for your Bandcamp collection. Bandsnatch is a Rust tool for downloading all of your Bandcamp purchases all at once i

Michael Mitchell 12 Jan 1, 2023
My solutions for the 2021 edition of the Advent of Code, using Rust and SOM (Simple Object Machine)

Advent of Code 2021 These are my solutions for the 2021 edition of the Advent of Code. The solutions are all implemented using both Rust and SOM (Simp

Nicolas Polomack 1 Dec 23, 2021
Evaluate performance gains to expect when EVM were to compile hot contracts into machine code

Convert evm bytecode to native machine code and go vroom - just an experiment, probably broken, reach out to [email protected] to contribute / productionize.

Paradigm 105 Aug 1, 2023
Hilbert curve but in Rust for j2kun/pmpf-code

About this code This repository contains code for matrix multiplication using Hilbert Curves. The original code (2) is part of @j2kun's code for his n

Christoph Siedentop 1 Jan 10, 2022
H2O Open Source Kubernetes operator and a command-line tool to ease deployment (and undeployment) of H2O open-source machine learning platform H2O-3 to Kubernetes.

H2O Kubernetes Repository with official tools to aid the deployment of H2O Machine Learning platform to Kubernetes. There are two essential tools to b

H2O.ai 16 Nov 12, 2022
Horus is an open source tool for running forensic and administrative tasks at the kernel level using eBPF, a low-overhead in-kernel virtual machine, and the Rust programming language.

Horus Horus is an open-source tool for running forensic and administrative tasks at the kernel level using eBPF, a low-overhead in-kernel virtual mach

null 4 Dec 15, 2022
Code-shape is a tool for extracting definitions from source code files

Code-shape Code-shape is a tool that uses Tree-sitter to extract a shape of code definitions from a source code file. The tool uses the same language

Andrew Hlynskyi 3 Apr 21, 2023
Codemod - Codemod is a tool/library to assist you with large-scale codebase refactors that can be partially automated but still require human oversight and occasional intervention

Codemod - Codemod is a tool/library to assist you with large-scale codebase refactors that can be partially automated but still require human oversight and occasional intervention. Codemod was developed at Facebook and released as open source.

Meta Archive 4k Dec 29, 2022
A simple (but really fast!) CLI tool to convert an epub into a text file.

epub_to_txt A simple (but really fast!) CLI tool written in Rust to convert an epub into a text file (in Markdown format). Usage epub_to_txt filename.

Darren Mothersele 3 Jul 30, 2023