Rust bindings for the unicorn CPU emulator

Overview

unicorn-rs

THIS PACKAGE IS DEPRECATED AND NO LONGER MAINTAINED.

Rust bindings are now included with unicorn and will be maintained there from now on.

https://github.com/unicorn-engine/unicorn/tree/next/bindings/rust

Summary

Cargo Documentation Build Status

Rust bindings for the unicorn CPU emulator.

use unicorn::{Cpu, CpuX86};

fn main() {
    let x86_code32: Vec<u8> = vec![0x41, 0x4a]; // INC ecx; DEC edx

    let emu = CpuX86::new(unicorn::Mode::MODE_32).expect("failed to instantiate emulator");
    let _ = emu.mem_map(0x1000, 0x4000, unicorn::Protection::ALL);
    let _ = emu.mem_write(0x1000, &x86_code32);
    let _ = emu.reg_write_i32(unicorn::RegisterX86::ECX, -10);
    let _ = emu.reg_write_i32(unicorn::RegisterX86::EDX, -50);

    let _ = emu.emu_start(0x1000, (0x1000 + x86_code32.len()) as u64, 10 * unicorn::SECOND_SCALE, 1000);
    assert_eq!(emu.reg_read_i32(unicorn::RegisterX86::ECX), Ok(-9));
    assert_eq!(emu.reg_read_i32(unicorn::RegisterX86::EDX), Ok(-51));
}

Installation

This project has been tested on Linux, OS X and Windows. The bindings are built for version 1.0 of unicorn.

This package attempts to build unicorn if it is not already installed on the system. To build unicorn on Linux and OS X, the following tools are needed : gcc, make, git, python 2.7. Visual Studio is needed on Windows.

To use unicorn-rs, simply add it as dependency to the Cargo.toml of your program.

[dependencies]
unicorn = "0.8.0"

Changelog

0.9

Error now implements the Error trait (thanks to @tathanhdinh), the RESOURCE and EXCEPTION error cases are now supported (thanks to @endeav0r). The CPU context can now be saved and restored (thanks to @oblivia-simplex). You can find an example use in the test x86_context_save_and_restore, in tests/unicorn.rs. The ffi bindings crate unicorn-sys is now no_std by default (thanks to @strake). Finally the crate was migrated to Rust edition 2018.

Thank you again to all the contributors, your help is always appreciated.

0.8.0

Added support for mem_map_ptr.

0.7.0

Windows is now supported (thanks to kichristensen).

0.6.0

We now check if unicorn is installed on the system via pkg-tool and use that version if available. Otherwise unicorn is compiled when building the package.

0.4.0

unicorn is now compiled as part of the build process of unicorn-rs.

0.3.0

The handling of callbacks has been modified, callbacks should be implemented using closures. See the tests for examples.

  • added support for interrupt, in/out and sysenter callbacks

Contributing

Contributions to this project are super appreciated. Pull requests, bug reports, code review, tests, documentation or feedback on your use of the bindings, nothing is too small. Don't hesitate to open an issue if you have questions.

Contributors:

  • Sébastien Duquette (@ekse)
  • Israel Hallé (@isra17) for redesigning the callbacks API
  • Richo Healey (@richo)
  • Kim Christensen (@kichristensen) for the Windows support
  • petevine for reviewing the project and adding tests
  • jschievink for his help with the API design
  • m4b for the build.rs script
  • TA Thanh Dinh
  • Lucca Fraser (@oblivia-simplex)
  • Matthew Farkas-Dyck (@strake)
  • endeav0r
Comments
  • unable to install it on osx

    unable to install it on osx

    Hi there,

    I know this project is only tested on linux but as everything should work on OSX, I gave it a try. Unfortunately it did not compile and people on users.rust.com were unable to help me so before I dig deep into the rust code, I wanted to know whether you can image what the problem is. So here is what I did:

    1. I addunicorn = "0.4.1" as dependency
    2. I run cargo run --verbose but I get the following error:
    $ cargo run --verbose
           Fresh libc v0.2.20
           Fresh bitflags v0.6.0
           Fresh gcc v0.3.41
           Fresh byteorder v1.0.0
       Compiling libunicorn-sys v0.4.0
         Running `rustc /Users/$username/.cargo/registry/src/github.com-1ecc6299db9ec823/libunicorn-sys-0.4.0/lib.rs --crate-name libunicorn_sys \
    --crate-type lib -g -C metadata=271778d4aa553e9c -C extra-filename=-271778d4aa553e9c --out-dir \
    /Users/$username/dev/$project/target/debug/deps --emit=dep-info,link -L \
    dependency=/Users/$username/dev/$project/target/debug/deps --extern \
    libc=/Users/$username/dev/$project/target/debug/deps/liblibc-29ef97a68464c2b7.rlib --extern \
    bitflags=/Users/$username/dev/$project/target/debug/deps/libbitflags-b8c7fb7df9b2bc2e.rlib --cap-lints allow -L \
    native=/Users/$username/dev/$project/target/debug/build/libunicorn-sys-fe33b86568c508cb/out -l static=unicorn`
    
    error: failed to add native library /Users/$user/dev/$project/target/debug/build/libunicorn-sys-fe33b86568c508cb/out/libunicorn.a: failed to open archive
    
    error: Could not compile `libunicorn-sys`.
    
    Caused by:
      process didn't exit successfully: `rustc /Users/$user/.cargo/registry/src/github.com-1ecc6299db9ec823/libunicorn-sys-0.4.0/lib.rs --crate-name libunicorn_sys --crate-type lib -g -C metadata=271778d4aa553e9c -C extra-filename=-271778d4aa553e9c --out-dir /Users/$user/dev/$project/target/debug/deps --emit=dep-info,link -L dependency=/Users/$user/dev/$project/target/debug/deps --extern libc=/Users/$user/dev/$project/target/debug/deps/liblibc-29ef97a68464c2b7.rlib --extern bitflags=/Users/$user/dev/$project/target/debug/deps/libbitflags-b8c7fb7df9b2bc2e.rlib --cap-lints allow -L native=/Users/$user/dev/$project/target/debug/build/libunicorn-sys-fe33b86568c508cb/out -l static=unicorn` (exit code: 101)
    
    1. The file libunicorn.a exists and file reveals the following:
    $ file /Users/$username/dev/$project/target/debug/build/libunicorn-sys-fe33b86568c508cb/out/libunicorn.a
    /Users/$username/dev/$project/target/debug/build/libunicorn-sys-fe33b86568c508cb/out/libunicorn.a: Mach-O universal binary with 2 architectures: [x86_64: current ar archive random library] [i386]
    /Users/$username/dev/$project/target/debug/build/libunicorn-sys-fe33b86568c508cb/out/libunicorn.a (for architecture x86_64):	current ar archive random library
    /Users/$username/dev/$project/target/debug/build/libunicorn-sys-fe33b86568c508cb/out/libunicorn.a (for architecture i386):	current ar archive random library
    

    I assume the error gets thrown here but if possible I would like to avoid digging there. RUST_BACKTRACE=1 does not reveal more information. 4. my versions:

    $ rustc --version
    rustc 1.14.0
    $ cargo --version
    cargo 0.15.0-dev (298a012 2016-12-20)
    

    By looking at your files, it does not look like that you are doing any linux specific things, but maybe I did not see it. One thing I suspect is that rustc expects a linux .a and not an osx .a, but according to the documentation, rustc should also work on osx. I am happy to fix this bug and file a merge request afterwards, but I do not know where to start.

    opened by felberj 13
  • Can't build unicorn on Linux

    Can't build unicorn on Linux

    After commit 1bdbb753fd52c47973ef7a17c0e18c65e133da22, I can't build unicorn on Linux. I have installed unicorn library in my system, which is the one unicorn-rs uses before that commit. But after that change, when I try to build it, it fails. Here you have some information:

    $ cargo build --verbose   # Just after that commit...
        Updating registry `https://github.com/rust-lang/crates.io-index`
       Compiling gcc v0.3.43
       Compiling libc v0.2.20
       Compiling bitflags v0.6.0
         Running `rustc /home/jmi2k/.cargo/registry/src/github.com-1ecc6299db9ec823/gcc-0.3.43/src/lib.rs --crate-name gcc --crate-type lib -g -C metadata=be7b7587fd240ec9 -C extra-filename=-be7b7587fd240ec9 --out-dir /home/jmi2k/tmp/unicorn-rs/target/debug/deps --emit=dep-info,link -L dependency=/home/jmi2k/tmp/unicorn-rs/target/debug/deps --cap-lints allow`
         Running `rustc /home/jmi2k/.cargo/registry/src/github.com-1ecc6299db9ec823/libc-0.2.20/src/lib.rs --crate-name libc --crate-type lib -g --cfg feature=\"use_std\" --cfg feature=\"default\" -C metadata=29ef97a68464c2b7 -C extra-filename=-29ef97a68464c2b7 --out-dir /home/jmi2k/tmp/unicorn-rs/target/debug/deps --emit=dep-info,link -L dependency=/home/jmi2k/tmp/unicorn-rs/target/debug/deps --cap-lints allow`
         Running `rustc /home/jmi2k/.cargo/registry/src/github.com-1ecc6299db9ec823/bitflags-0.6.0/src/lib.rs --crate-name bitflags --crate-type lib -g -C metadata=b8c7fb7df9b2bc2e -C extra-filename=-b8c7fb7df9b2bc2e --out-dir /home/jmi2k/tmp/unicorn-rs/target/debug/deps --emit=dep-info,link -L dependency=/home/jmi2k/tmp/unicorn-rs/target/debug/deps --cap-lints allow`
       Compiling libunicorn-sys v0.4.0 (file:///home/jmi2k/tmp/unicorn-rs/libunicorn-sys)
         Running `rustc libunicorn-sys/build.rs --crate-name build_script_build --crate-type bin -g -C metadata=1b1fea3559201b39 --out-dir /home/jmi2k/tmp/unicorn-rs/target/debug/build/libunicorn-sys-1b1fea3559201b39 --emit=dep-info,link -L dependency=/home/jmi2k/tmp/unicorn-rs/target/debug/deps --extern gcc=/home/jmi2k/tmp/unicorn-rs/target/debug/deps/libgcc-be7b7587fd240ec9.rlib`
         Running `/home/jmi2k/tmp/unicorn-rs/target/debug/build/libunicorn-sys-1b1fea3559201b39/build-script-build`
         Running `rustc libunicorn-sys/src/lib.rs --crate-name libunicorn_sys --crate-type lib -g -C metadata=1b1fea3559201b39 --out-dir /home/jmi2k/tmp/unicorn-rs/target/debug/deps --emit=dep-info,link -L dependency=/home/jmi2k/tmp/unicorn-rs/target/debug/deps --extern bitflags=/home/jmi2k/tmp/unicorn-rs/target/debug/deps/libbitflags-b8c7fb7df9b2bc2e.rlib --extern libc=/home/jmi2k/tmp/unicorn-rs/target/debug/deps/liblibc-29ef97a68464c2b7.rlib -L native=/home/jmi2k/tmp/unicorn-rs/target/debug/build/libunicorn-sys-1b1fea3559201b39/out -l static=unicorn`
    error: could not find native static library `unicorn`, perhaps an -L flag is missing?
    
    error: Could not compile `libunicorn-sys`.
    
    Caused by:
      process didn't exit successfully: `rustc libunicorn-sys/src/lib.rs --crate-name libunicorn_sys --crate-type lib -g -C metadata=1b1fea3559201b39 --out-dir /home/jmi2k/tmp/unicorn-rs/target/debug/deps --emit=dep-info,link -L dependency=/home/jmi2k/tmp/unicorn-rs/target/debug/deps --extern bitflags=/home/jmi2k/tmp/unicorn-rs/target/debug/deps/libbitflags-b8c7fb7df9b2bc2e.rlib --extern libc=/home/jmi2k/tmp/unicorn-rs/target/debug/deps/liblibc-29ef97a68464c2b7.rlib -L native=/home/jmi2k/tmp/unicorn-rs/target/debug/build/libunicorn-sys-1b1fea3559201b39/out -l static=unicorn` (exit code: 101)
    

    More details:

    • cargo version 0.15.0
    • rustc version 1.14.0
    • unicorn version 0.9

    My system is pretty exotic, but I tried in an Arch chroot and it still happens. If you need more details, I can test it in a VM next week.

    opened by jmi2k 10
  • I want to find a maintainer

    I want to find a maintainer

    Hi @ekse , I would like to find another maintainer. In the meantime, you could handle the ownership of this crate to me. At least I could merge the bug fix PR if there are any.

    If you want direct conversation, look for me on Rust Discord (@lzutao).

    opened by tesuji 9
  • error: could not find native static library `unicorn`, perhaps an -L flag is missing?

    error: could not find native static library `unicorn`, perhaps an -L flag is missing?

    Referencing the unicorn crate as follows:

    # Cargo.toml
    # ...
    [dependencies]
    unicorn = { version = "0.9" }
    

    Then attempting to build on Linux/amd64:

    $ PYTHON=python2 cargo build --verbose
    

    Fails as follows:

    ...
    rustc --edition=2018 --crate-name libunicorn_sys .../.cargo/registry/src/github.com-1ecc6299db9ec823/libunicorn-sys-0.9.0/src/lib.rs --color always --crate-type lib --emit=dep-info,link -C debuginfo=2 -C metadata=3e5e84d63b293298 -C extra-filename=-3e5e84d63b293298 --out-dir .../target/debug/deps -L dependency=.../target/debug/deps --extern bitflags=.../target/debug/deps/libbitflags-f4c5ccff822b82c9.rlib --extern libc=.../target/debug/deps/liblibc-e1ff536ab604bb39.rlib --cap-lints allow -L native=.../target/debug/build/libunicorn-sys-f7184211e440bd6d/out -l static=unicorn`
    error: could not find native static library `unicorn`, perhaps an -L flag is missing?
    
    error: aborting due to previous error
    
    error: Could not compile `libunicorn-sys`.
    
    Caused by:
      process didn't exit successfully: `rustc --edition=2018 --crate-name libunicorn_sys .../.cargo/registry/src/github.com-1ecc6299db9ec823/libunicorn-sys-0.9.0/src/lib.rs --color always --crate-type lib --emit=dep-info,link -C debuginfo=2 -C metadata=3e5e84d63b293298 -C extra-filename=-3e5e84d63b293298 --out-dir .../target/debug/deps -L dependency=.../target/debug/deps --extern bitflags=.../target/debug/deps/libbitflags-f4c5ccff822b82c9.rlib --extern libc=.../target/debug/deps/liblibc-e1ff536ab604bb39.rlib --cap-lints allow -L native=.../target/debug/build/libunicorn-sys-f7184211e440bd6d/out -l static=unicorn` (exit code: 1)
    

    Where

    cargo 1.32.0 (8610973aa 2019-01-02)
    rustc 1.32.0 (9fda7c223 2019-01-16)
    
    opened by koutheir 9
  • generic register read/write

    generic register read/write

    Hello all,

    This PR tries to simplify the implementation of register read/write methods, briefly:

    • add type alias type Result<T> = std::result::Result<T, Error>
    • use a generic read (or write) reg_..._generic, and versions u64 and i32 are generated by monomorphization, e.g.

    https://github.com/ekse/unicorn-rs/blob/90b0890538ce55fe7e95c9ef3f1f555814928262/src/lib.rs#L486-L519

    becomes

    fn reg_write_generic<T: Sized>(&self, regid: i32, value: T) -> Result<()> {
        let p_value: *const T = &value;
        let err = unsafe { uc_reg_write(self.handle, regid, p_value as *const libc::c_void) };
        if err == Error::OK {
            Ok(())
        } else {
            Err(err)
        }
    }
    
    /// Write an unsigned value register.
    ///
    /// Note : The register is defined as an i32 to be able to support the
    /// different register types (`RegisterX86`, `RegisterARM`, `RegisterMIPS` etc.).
    /// You need to cast the register with `as i32`.
    pub fn reg_write(&self, regid: i32, value: u64) -> Result<()> {
        Self::reg_write_generic::<_>(&self, regid, value)
    }
    
    /// Write a signed 32-bit value to a register.
    ///
    /// Note : The register is defined as an i32 to be able to support the
    /// different register types (`RegisterX86`, `RegisterARM`, `RegisterMIPS` etc.).
    /// You need to cast the register with `as i32`.
    pub fn reg_write_i32(&self, regid: i32, value: i32) -> Result<()> {
        Self::reg_write_generic::<_>(&self, regid, value)
    }
    

    Many thanks for any comment.

    opened by tathanhdinh 9
  • Windows build works out of the box

    Windows build works out of the box

    Previously unicorn-rs and projects that depend on it could only be build using the "Visual Studio Developer Command Prompt".

    I changed the unicorn-rs build script so that it locates the latest Visual Studio installation and invokes msbuild with the appropriate parameters.

    I tested this with Visual Studio 2017 and Visual Studio 2015 for x86 and x64 builds.

    opened by mthiesen 8
  • Benchmarking the bindings

    Benchmarking the bindings

    I remember @lunixbochs mention his go bindings were posting a 20x speedup compared to python (quoting from memory) so recreating the benchmark in unicorn-rs should make for an interesting comparison and provide some more testing.

    If the benchmark is to be found somewhere, that is :)

    opened by MagaTailor 8
  • Possible to bind uc_mem_map_ptr?

    Possible to bind uc_mem_map_ptr?

    Is it possible to bind uc_mem_map_ptr, thereby allowing the user to provide their own memory? Maybe this isn't reasonably to do with Rust, I don't know it well enough.

    opened by petmac 6
  • [WIP] expose reg_write_generic

    [WIP] expose reg_write_generic

    In order to write X86Mmr to the GDTR register, we need to expose reg_write_generic.

    This pull request builds on pull request 55 https://github.com/ekse/unicorn-rs/pull/55

    For an example of what this looks like in the C API, see https://github.com/unicorn-engine/unicorn/blob/master/samples/sample_x86_32_gdt_and_seg_regs.c#L228

    opened by endeav0r 5
  • Test fails on ARM

    Test fails on ARM

    $ RUST_BACKTRACE=1  target/debug/examples/test 
    version : 1.0
    Support for:
             x86: true
             arm: true
             mips: true
    page size : 4096
    thread '<main>' panicked at 'failed to query hardware mode: ARG', src/libcore/result.rs:746
    stack backtrace:
       1: 0xb6f70eff - std::sys::backtrace::tracing::imp::write::hf68f1a220b61702c
                    at src/libstd/sys/unix/backtrace/tracing/gcc_s.rs:40
       2: 0xb6f74443 - std::panicking::default_hook::_$u7b$$u7b$closure$u7d$$u7d$::hb638acea7c29901b
                    at src/libstd/panicking.rs:178
       3: 0xb6f73b13 - std::panicking::default_hook::h508c3dab3df347d6
                    at src/libstd/panicking.rs:193
       4: 0xb6f6d84b - std::panicking::on_panic::h3a6e649f33b132c3
                    at src/libstd/panicking.rs:227
       5: 0xb6f4fd6b - std::sys_common::unwind::begin_unwind_inner::h17f9e42de6d55309
                    at src/libstd/sys/common/unwind/mod.rs:237
       6: 0xb6f526bb - std::sys_common::unwind::begin_unwind_fmt::h039d18bd8498e1d0
                    at src/libstd/sys/common/unwind/mod.rs:202
       7: 0xb6f6d21b - rust_begin_unwind
                    at src/libstd/sys/common/unwind/mod.rs:179
       8: 0xb6f814a7 - core::panicking::panic_fmt::h813eaa27a5810609
                    at src/libcore/panicking.rs:69
       9: 0xb6f46fa7 - core::result::unwrap_failed::h419bc270f6772dcb
                    at src/libcore/macros.rs:29
      10: 0xb6f47117 - _<std..result..Result<T, E>>::expect::he67c7df582d2e1e0
                    at src/libcore/result.rs:708
      11: 0xb6f4673f - test::main::h1ef728500ff2f89b
                    at examples/test.rs:17
      12: 0xb6f73323 - fn()::fn_pointer_shim.32839::ha52fbbed76ed0ca0
      13: 0xb6f73127 - std::panic::recover::_$u7b$$u7b$closure$u7d$$u7d$::he74338885f2bd0e2
                    at src/libstd/panic.rs:318
      14: 0xb6f730f7 - std::sys_common::unwind::try::try_fn::h0f540c0db5f980f7
                    at src/libstd/sys/common/unwind/mod.rs:127
    

    rustc 1.9.0-dev (470ca1c3f 2016-04-07)

    opened by MagaTailor 5
  • make `mem_read` interface more versatile

    make `mem_read` interface more versatile

    #47 reminded me, i had been thinking about the mem_read interface...

    The interface now invariably allocates, even if the caller has a buffer they could re-use. The new interface in this PR is more versatile and more closely follows std::io.

    It's a little unfortunate we have no type to denote a potentially-uninitialized buffer; i have seen mention of a hypothetical &out type in other threads, a reference to potentially-uninitialized memory, which can be written but not read, but my just-woken-up self has been unable to find them this morning. If they adopt some such interface for std::io in future, we should also consider it here.

    opened by strake 4
  • Tracing/logging?

    Tracing/logging?

    use std::path::Path;
    use pelite::{FileMap};
    use pelite::pe64::{Pe, PeFile};
    use unicorn::{Cpu, CpuX86};
    
    fn round_to_multiple(numToRound: u64, multiple: u64) -> u64 {
        if (multiple == 0) {
            return numToRound;
        }
        let remainder = numToRound % multiple;
        if (remainder == 0) {
            return numToRound;
        }
        return numToRound + multiple - remainder;
    }
    
    fn main() {
      // emulator
      let mut emu = CpuX86::new(unicorn::Mode::MODE_64).unwrap();
      // parse PE
      let mut args = std::env::args();
      let filename = args.nth(1).unwrap();
      let path = Path::new(&filename);
      let map = FileMap::open(path).unwrap();
      let file = PeFile::from_bytes(&map).unwrap();
      let optional_header = file.optional_header();
      println!("{:02x?}", optional_header);
      let image_base = optional_header.ImageBase;
      for section in file.section_headers() {
        let section_va = image_base + section.VirtualAddress as u64;
        println!("{:02x?}", section);
        println!("{:08x}", section_va);
        let rounded_virtual_size = round_to_multiple(section.VirtualSize as u64, 4096);
        emu.mem_map(section_va, rounded_virtual_size as usize, unicorn::Protection::ALL).unwrap();
        if (section.SizeOfRawData > 0) {
          let section_bytes = file.get_section_bytes(&section).unwrap();
          emu.mem_write(section_va, &section_bytes).unwrap();
        }
      }
      let imports = file.imports().unwrap();
      for desc in imports {
        let iat = desc.iat().unwrap();
        let int = desc.int().unwrap();
        for (va, import) in Iterator::zip(iat, int) {
          println!("{:?} {:02x?} {:?}", desc, va, import);
        }
      }
      let va_entry = optional_header.ImageBase + optional_header.AddressOfEntryPoint as u64;
      emu.emu_start(
        va_entry,
        optional_header.ImageBase + (optional_header.AddressOfEntryPoint as u64) + 4,
        0,
        0
      ).unwrap();
    }
    
    IMAGE_OPTIONAL_HEADER64 { Magic: 20b, LinkerVersion: "14.0", SizeOfCode: a09a00, SizeOfInitializedData: 2081c00, SizeOfUninitializedData: 00, AddressOfEntryPoint: 4901722, BaseOfCode: 1000, ImageBase: 14000
    0000, SectionAlignment: 1000, FileAlignment: 200, OperatingSystemVersion: "6.0", ImageVersion: "0.0", SubsystemVersion: "6.0", Win32VersionValue: 00, SizeOfImage: 50a4000, SizeOfHeaders: 400, CheckSum: 00, 
    Subsystem: 02, DllCharacteristics: 8120, SizeOfStackReserve: 100000, SizeOfStackCommit: 1000, SizeOfHeapReserve: 100000, SizeOfHeapCommit: 1000, LoaderFlags: 00, NumberOfRvaAndSizes: 10, DataDirectory: [] }
    SectionHeader { Name: ".text", VirtualAddress: 0x1000, VirtualSize: 0xa098b6, PointerToRawData: 0x0, SizeOfRawData: 0x0, Characteristics: 0x60000020 }
    140001000
    SectionHeader { Name: ".rdata", VirtualAddress: 0xa0b000, VirtualSize: 0x1f60058, PointerToRawData: 0x0, SizeOfRawData: 0x0, Characteristics: 0x40000040 }
    140a0b000
    SectionHeader { Name: ".data", VirtualAddress: 0x296c000, VirtualSize: 0x5aae4, PointerToRawData: 0x0, SizeOfRawData: 0x0, Characteristics: 0xc0000040 }
    14296c000
    SectionHeader { Name: ".pdata", VirtualAddress: 0x29c7000, VirtualSize: 0x38da8, PointerToRawData: 0x0, SizeOfRawData: 0x0, Characteristics: 0x40000040 }
    1429c7000
    SectionHeader { Name: ".qtmetad", VirtualAddress: 0x2a00000, VirtualSize: 0x536, PointerToRawData: 0x0, SizeOfRawData: 0x0, Characteristics: 0x40000040 }
    142a00000
    SectionHeader { Name: ".qtmimed", VirtualAddress: 0x2a01000, VirtualSize: 0x4ece5, PointerToRawData: 0x0, SizeOfRawData: 0x0, Characteristics: 0x40000040 }
    142a01000
    SectionHeader { Name: ".tls", VirtualAddress: 0x2a50000, VirtualSize: 0x18, PointerToRawData: 0x0, SizeOfRawData: 0x0, Characteristics: 0xc0000040 }
    142a50000
    SectionHeader { Name: ".jPc0", VirtualAddress: 0x2a51000, VirtualSize: 0x524792, PointerToRawData: 0x0, SizeOfRawData: 0x0, Characteristics: 0x60000020 }
    142a51000
    SectionHeader { Name: ".jPc1", VirtualAddress: 0x2f76000, VirtualSize: 0x1938, PointerToRawData: 0x400, SizeOfRawData: 0x1a00, Characteristics: 0xc0000040 }
    142f76000
    SectionHeader { Name: ".jPc2", VirtualAddress: 0x2f78000, VirtualSize: 0x20e804c, PointerToRawData: 0x1e00, SizeOfRawData: 0x20e8200, Characteristics: 0x68000060 }
    142f78000
    SectionHeader { Name: ".rsrc", VirtualAddress: 0x5061000, VirtualSize: 0x42bd8, PointerToRawData: 0x20ea000, SizeOfRawData: 0x42c00, Characteristics: 0x40000040 }
    145061000
    Imports { dll_name: Ok("KERNEL32.dll"), iat.len: Ok(1), int.len: Ok(1) } 3336408 Ok(ByName { hint: 0, name: "AcquireSRWLockExclusive" })
    Imports { dll_name: Ok("api-ms-win-crt-heap-l1-1-0.dll"), iat.len: Ok(1), int.len: Ok(1) } 334fa7c Ok(ByName { hint: 0, name: "_aligned_free" })
    Imports { dll_name: Ok("api-ms-win-crt-private-l1-1-0.dll"), iat.len: Ok(1), int.len: Ok(1) } 4e46904 Ok(ByName { hint: 0, name: "__intrinsic_setjmpex" })
    Imports { dll_name: Ok("api-ms-win-crt-runtime-l1-1-0.dll"), iat.len: Ok(1), int.len: Ok(1) } 4941db6 Ok(ByName { hint: 0, name: "__p___argc" })
    Imports { dll_name: Ok("api-ms-win-crt-stdio-l1-1-0.dll"), iat.len: Ok(1), int.len: Ok(1) } 492ac0e Ok(ByName { hint: 0, name: "__acrt_iob_func" })
    Imports { dll_name: Ok("api-ms-win-crt-string-l1-1-0.dll"), iat.len: Ok(1), int.len: Ok(1) } 4e594cc Ok(ByName { hint: 0, name: "_isctype_l" })
    Imports { dll_name: Ok("USER32.dll"), iat.len: Ok(1), int.len: Ok(1) } 48f1170 Ok(ByName { hint: 0, name: "AdjustWindowRectEx" })
    Imports { dll_name: Ok("api-ms-win-crt-environment-l1-1-0.dll"), iat.len: Ok(1), int.len: Ok(1) } 48f6ac0 Ok(ByName { hint: 0, name: "__p__environ" })
    Imports { dll_name: Ok("SHELL32.dll"), iat.len: Ok(1), int.len: Ok(1) } 48915e8 Ok(ByName { hint: 0, name: "CommandLineToArgvW" })
    Imports { dll_name: Ok("ole32.dll"), iat.len: Ok(1), int.len: Ok(1) } 48e2d20 Ok(ByName { hint: 0, name: "CoCreateGuid" })
    Imports { dll_name: Ok("api-ms-win-crt-math-l1-1-0.dll"), iat.len: Ok(1), int.len: Ok(1) } 490faa2 Ok(ByName { hint: 0, name: "__setusermatherr" })
    Imports { dll_name: Ok("api-ms-win-crt-convert-l1-1-0.dll"), iat.len: Ok(1), int.len: Ok(1) } 335579a Ok(ByName { hint: 0, name: "_strtod_l" })
    Imports { dll_name: Ok("api-ms-win-crt-time-l1-1-0.dll"), iat.len: Ok(1), int.len: Ok(1) } 3356172 Ok(ByName { hint: 0, name: "__daylight" })
    Imports { dll_name: Ok("UxTheme.dll"), iat.len: Ok(1), int.len: Ok(1) } 49757a0 Ok(ByName { hint: 0, name: "CloseThemeData" })
    Imports { dll_name: Ok("ADVAPI32.dll"), iat.len: Ok(1), int.len: Ok(1) } 33563a8 Ok(ByName { hint: 0, name: "AccessCheck" })
    Imports { dll_name: Ok("NETAPI32.dll"), iat.len: Ok(1), int.len: Ok(1) } 4e582fe Ok(ByName { hint: 0, name: "NetApiBufferFree" })
    Imports { dll_name: Ok("api-ms-win-crt-filesystem-l1-1-0.dll"), iat.len: Ok(1), int.len: Ok(1) } 49a4fac Ok(ByName { hint: 0, name: "_lock_file" })
    Imports { dll_name: Ok("USERENV.dll"), iat.len: Ok(1), int.len: Ok(1) } 49812da Ok(ByName { hint: 0, name: "GetUserProfileDirectoryW" })
    Imports { dll_name: Ok("api-ms-win-crt-utility-l1-1-0.dll"), iat.len: Ok(1), int.len: Ok(1) } 4e3a80a Ok(ByName { hint: 0, name: "bsearch" })
    Imports { dll_name: Ok("VERSION.dll"), iat.len: Ok(1), int.len: Ok(1) } 48a76be Ok(ByName { hint: 0, name: "GetFileVersionInfoSizeW" })
    Imports { dll_name: Ok("api-ms-win-crt-locale-l1-1-0.dll"), iat.len: Ok(1), int.len: Ok(1) } 4eadaf2 Ok(ByName { hint: 0, name: "___lc_codepage_func" })
    Imports { dll_name: Ok("GDI32.dll"), iat.len: Ok(1), int.len: Ok(1) } 4e54c3e Ok(ByName { hint: 0, name: "AddFontMemResourceEx" })
    Imports { dll_name: Ok("WS2_32.dll"), iat.len: Ok(1), int.len: Ok(1) } 48f2c4e Ok(ByName { hint: 0, name: "WSAAsyncSelect" })
    Imports { dll_name: Ok("WINMM.dll"), iat.len: Ok(1), int.len: Ok(1) } 4e44ff2 Ok(ByName { hint: 0, name: "PlaySoundW" })
    Imports { dll_name: Ok("WTSAPI32.dll"), iat.len: Ok(1), int.len: Ok(1) } 4906e6e Ok(ByName { hint: 0, name: "WTSFreeMemory" })
    Imports { dll_name: Ok("IMM32.dll"), iat.len: Ok(1), int.len: Ok(1) } 4e2c998 Ok(ByName { hint: 0, name: "ImmAssociateContext" })
    Imports { dll_name: Ok("dwmapi.dll"), iat.len: Ok(1), int.len: Ok(1) } 4e4086a Ok(ByName { hint: 0, name: "DwmEnableBlurBehindWindow" })
    Imports { dll_name: Ok("api-ms-win-crt-multibyte-l1-1-0.dll"), iat.len: Ok(1), int.len: Ok(1) } 49863aa Ok(ByName { hint: 0, name: "_mbtowc_l" })
    Imports { dll_name: Ok("OLEAUT32.dll"), iat.len: Ok(1), int.len: Ok(1) } 48f08aa Ok(ByName { hint: 0, name: "SafeArrayCreateVector" })
    Imports { dll_name: Ok("KERNEL32.dll"), iat.len: Ok(1), int.len: Ok(1) } 4e595ca Ok(ByName { hint: 0, name: "GetSystemTimeAsFileTime" })
    Imports { dll_name: Ok("USER32.dll"), iat.len: Ok(1), int.len: Ok(1) } 499c918 Ok(ByName { hint: 0, name: "CharUpperBuffW" })
    Imports { dll_name: Ok("KERNEL32.dll"), iat.len: Ok(11), int.len: Ok(11) } 48ec4b0 Ok(ByName { hint: 0, name: "LocalAlloc" })
    Imports { dll_name: Ok("KERNEL32.dll"), iat.len: Ok(11), int.len: Ok(11) } 494c6f6 Ok(ByName { hint: 0, name: "LocalFree" })
    Imports { dll_name: Ok("KERNEL32.dll"), iat.len: Ok(11), int.len: Ok(11) } 333f566 Ok(ByName { hint: 0, name: "GetModuleFileNameW" })
    Imports { dll_name: Ok("KERNEL32.dll"), iat.len: Ok(11), int.len: Ok(11) } 333cb80 Ok(ByName { hint: 0, name: "GetProcessAffinityMask" })
    Imports { dll_name: Ok("KERNEL32.dll"), iat.len: Ok(11), int.len: Ok(11) } 48e52d4 Ok(ByName { hint: 0, name: "SetProcessAffinityMask" })
    Imports { dll_name: Ok("KERNEL32.dll"), iat.len: Ok(11), int.len: Ok(11) } 495fd82 Ok(ByName { hint: 0, name: "SetThreadAffinityMask" })
    Imports { dll_name: Ok("KERNEL32.dll"), iat.len: Ok(11), int.len: Ok(11) } 3341d1e Ok(ByName { hint: 0, name: "Sleep" })
    Imports { dll_name: Ok("KERNEL32.dll"), iat.len: Ok(11), int.len: Ok(11) } 2f7f7c8 Ok(ByName { hint: 0, name: "ExitProcess" })
    Imports { dll_name: Ok("KERNEL32.dll"), iat.len: Ok(11), int.len: Ok(11) } 333a9c2 Ok(ByName { hint: 0, name: "LoadLibraryA" })
    Imports { dll_name: Ok("KERNEL32.dll"), iat.len: Ok(11), int.len: Ok(11) } 4e433ec Ok(ByName { hint: 0, name: "GetModuleHandleA" })
    Imports { dll_name: Ok("KERNEL32.dll"), iat.len: Ok(11), int.len: Ok(11) } 495cd40 Ok(ByName { hint: 0, name: "GetProcAddress" })
    thread 'main' panicked at 'called `Result::unwrap()` on an `Err` value: WRITE_UNMAPPED', src\main.rs:63:5
    note: run with `RUST_BACKTRACE=1` environment variable to display a backtrace
    error: process didn't exit successfully: `target\debug\pe32-emulator.exe C:\Users\Brandon\Desktop\foo.exe` (exit code: 101)
    
    opened by brandonros 0
  • fix vswhere problem

    fix vswhere problem

    please use follow arguments to run vswhere, or libunicorn-sys will not build when only install Visual Studio BuildTools

    libunicorn-sys-0.9.1, build.rs, ln 11 let vswhere_output = Command::new(r"build_tools\vswhere.exe") .args(&[ "-latest", "-products", "*", "-property", "installationPath"]) .output() .expect("failed to execute vswhere.exe");

    opened by norrath-hero-cn 0
Owner
null
Rust bindings for libinjection

libinjection-rs Rust bindings for libinjection. How to use Add libinjection to dependencies of Cargo.toml: libinjection = "0.2" Import crate: extern c

ArvanCloud 35 Sep 24, 2022
Rust bindings for VirusTotal/Yara

yara-rust Bindings for the Yara library from VirusTotal. More documentation can be found on the Yara's documentation. Example The implementation is in

null 43 Dec 17, 2022
Bindings to the macOS Security.framework

macOS/iOS Security framework for Rust Documentation Bindings to the Apple's Security.framework. Allows use of TLS and Keychain from Rust. License Lice

Kornel 172 Jan 2, 2023
Detects usage of unsafe Rust in a Rust crate and its dependencies.

cargo-geiger ☢️ Looking for maintainer: https://github.com/rust-secure-code/cargo-geiger/issues/210 A program that lists statistics related to the usa

Rust Secure Code Working Group 1.1k Jan 4, 2023
Rust-verification-tools - RVT is a collection of tools/libraries to support both static and dynamic verification of Rust programs.

Rust verification tools This is a collection of tools/libraries to support both static and dynamic verification of Rust programs. We see static verifi

null 253 Dec 31, 2022
A simple password manager written in Rust

ripasso A simple password manager written in Rust. The root crate ripasso is a library for accessing and decrypting passwords stored in pass format (G

Joakim Lundborg 548 Dec 26, 2022
tcp connection hijacker, rust rewrite of shijack

rshijack tcp connection hijacker, rust rewrite of shijack from 2001. This was written for TAMUctf 2018, brick house 100. The target was a telnet serve

null 377 Jan 1, 2023
A fast, simple, recursive content discovery tool written in Rust.

A simple, fast, recursive content discovery tool written in Rust ?? Releases ✨ Example Usage ✨ Contributing ✨ Documentation ?? ?? What the heck is a f

epi 3.6k Dec 30, 2022
link is a command and control framework written in rust

link link is a command and control framework written in rust. Currently in alpha. Table of Contents Introduction Features Feedback Build Process Ackno

null 427 Dec 24, 2022
CVEs for the Rust standard library

Rust CVE Preface This is a list of CVEs for unsound APIs in the Rust standard library. These bugs break Rust's memory safety guarantee and lead to sec

Yechan Bae 26 Dec 4, 2022
Rust library for building and running BPF/eBPF modules

RedBPF A Rust eBPF toolchain. Overview The redbpf project is a collection of tools and libraries to build eBPF programs using Rust. It includes: redbp

foniod 1.5k Jan 1, 2023
Rust library for developing safe canisters.

IC Kit This library provides an alternative to ic-cdk that can help developers write canisters and unit test them in their Rust code. Install Add this

Psychedelic 26 Nov 28, 2022
MimiRust - Hacking the Windows operating system to hand us the keys to the kingdom with Rust.

MimiRust - Hacking the Windows operating system to hand us the keys to the kingdom with Rust. MimiRust is a program based on the wdigest attack vector

Thotty 0 Nov 29, 2022
simple multi-threaded port scanner written in rust

knockson simple multi-threaded port scanner written in rust Install Using AUR https://aur.archlinux.org/packages/knockson-bin/ yay -Syu knockson-bin M

Josh Münte 4 Oct 5, 2022
Rust TLS/SSL certificate expiration date from command-line checker

Rust TLS/SSL certificate expiration date from command-line checker

Jose Bovet Derpich 9 Nov 9, 2022
Lightweight slowloris (HTTP DoS) implementation in Rust.

slowlorust Lightweight slowloris (HTTP DoS) implementation in Rust. Slowloris is a denial-of-service attack program which allows an attacker to overwh

Michael Van Leeuwen 6 Sep 29, 2022
A simple port scanner built using rust-lang

A simple port scanner built using rust-lang

Krisna Pranav 1 Nov 6, 2021
Safe Rust interface to the Vulkan API.

Magma: A strictly typed Vulkan API interface. Magma is a strictly typed Rust interface for the vulkan API. This means that whenever possible, the well

null 1 Oct 11, 2022
A rust program to bruteforce ZIP, PDF and some popular hashes.

Veldora A program to bruteforce zips, pdfs and some popular hashes. This is basically a rust version of bruttle, but a lot faster. Installation: git c

Aquib 30 Dec 28, 2022