How to use the triton.CPUSIZE.BYTE function in triton
To help you get started, we’ve selected a few triton examples, based on popular ways it is used in public projects.
Secure your code as it's written. Use Snyk Code to scan source code in minutes - no build needed - and fix issues immediately.
JonathanSalwan / Triton / src / testers / unittests / test_simulation.py View on Github 
def symbolize_inputs(self, seed):
"""Add symboles in memory for seed."""
self.Triton.concretizeAllRegister()
self.Triton.concretizeAllMemory()
for address, value in list(seed.items()):
self.Triton.setConcreteMemoryValue(address, value)
self.Triton.convertMemoryToSymbolicVariable(MemoryAccess(address, CPUSIZE.BYTE))
self.Triton.convertMemoryToSymbolicVariable(MemoryAccess(address+1, CPUSIZE.BYTE))Triton.enableMode(MODE.ALIGNED_MEMORY, True)
Triton.enableMode(MODE.ONLY_ON_SYMBOLIZED, True)
# Load the binary
loadBinary(os.path.join(os.path.dirname(__file__), 'r100.bin'))
# Define a fake stack
Triton.setConcreteRegisterValue(Triton.registers.rbp, 0x7fffffff)
Triton.setConcreteRegisterValue(Triton.registers.rsp, 0x6fffffff)
# Define an user input
Triton.setConcreteRegisterValue(Triton.registers.rdi, 0x10000000)
# Symbolize user inputs (30 bytes)
for index in range(30):
Triton.convertMemoryToSymbolicVariable(MemoryAccess(0x10000000+index, CPUSIZE.BYTE))
# Emulate from the verification function
emulate(0x4006FD)
sys.exit(0)def symbolizeInputs(seed):
# Clean symbolic state
Triton.concretizeAllRegister()
Triton.concretizeAllMemory()
for address, value in list(seed.items()):
Triton.setConcreteMemoryValue(address, value)
Triton.convertMemoryToSymbolicVariable(MemoryAccess(address, CPUSIZE.BYTE))
Triton.convertMemoryToSymbolicVariable(MemoryAccess(address+1, CPUSIZE.BYTE))
return# Create the Triton instruction
instruction = Instruction()
instruction.setOpcode(opcode)
instruction.setAddress(pc)
# Process
Triton.processing(instruction)
count += 1
#print(instruction)
# NOTE: Here is the solution of the challenge. The flag is decoded
# and written into the memory. So, let's track all memory STORE of
# 1 byte.
for mem, memAst in instruction.getStoreAccess():
if mem.getSize() == CPUSIZE.BYTE:
sys.stdout.write(chr(Triton.getConcreteMemoryValue(mem)))
# End of solution
if instruction.getType() == OPCODE.X86.HLT:
break
# Simulate routines
hookingHandler()
# Next
pc = Triton.getConcreteRegisterValue(Triton.registers.rip)
debug('Instruction executed: %d' %(count))
returndef tainting(threadId):
rdi = getCurrentRegisterValue(Triton.registers.rdi) # argc
rsi = getCurrentRegisterValue(Triton.registers.rsi) # argv
while rdi > 1:
argv = getCurrentMemoryValue(rsi + ((rdi-1) * CPUSIZE.QWORD), CPUSIZE.QWORD)
offset = 0
while offset != STRLEN_ASSERT_LEN+5:
Triton.taintMemory(argv + offset)
concreteValue = getCurrentMemoryValue(argv + offset)
Triton.setConcreteMemoryValue(argv + offset, concreteValue)
Triton.convertMemoryToSymbolicVariable(MemoryAccess(argv + offset, CPUSIZE.BYTE))
offset += 1
print('[+] %03d bytes tainted from the argv[%d] (%#x) pointer' %(offset, rdi-1, argv))
rdi -= 1
returndef symbolizeInputs(seed):
# Clean symbolic state
Triton.concretizeAllRegister()
Triton.concretizeAllMemory()
for address, value in list(seed.items()):
Triton.setConcreteMemoryValue(address, value)
Triton.convertMemoryToSymbolicVariable(MemoryAccess(address, CPUSIZE.BYTE))
Triton.convertMemoryToSymbolicVariable(MemoryAccess(address+1, CPUSIZE.BYTE))
returndef __fgets():
debug('fgets hooked')
# Get arguments
arg1 = Triton.getConcreteRegisterValue(Triton.registers.rdi)
arg2 = Triton.getConcreteRegisterValue(Triton.registers.rsi)
indx = 0
#user = raw_input("")[:arg2]
user = "blah blah"
for c in user:
mem = MemoryAccess(arg1 + indx, CPUSIZE.BYTE)
Triton.setConcreteMemoryValue(mem, ord(c))
indx += 1
# Return value
return arg1triton.CALLBACK.SYMBOLIC_SIMPLIFICATION)
for r in self.regs:
if r in self.triton_regs:
triton.setConcreteRegisterValue(
triton.Register(self.triton_regs[r], self.regs[r] & ((1 << self.triton_regs[r].getBitSize()) - 1))
)
for m in cache:
self.write_mem(m['start'], m["data"])
for address in self.inputs:
self.inputs[address] = triton.convertMemoryToSymbolicVariable(
triton.MemoryAccess(
address,
triton.CPUSIZE.BYTE
)def add_input(self, addr, size):
for offset in xrange(size):
cmtsv = self.triton.convertMemoryToSymbolicVariable(triton.MemoryAccess(addr+offset, triton.CPUSIZE.BYTE))
self.inputs[addr + offset] = cmtsvtriton
A language and compiler for custom Deep Learning operations
Package Health Score
94 / 100Popular triton functions
- triton.ARCH
- triton.ARCH.X86
- triton.ARCH.X86_64
- triton.CALLBACK
- triton.CALLBACK.GET_CONCRETE_MEMORY_VALUE
- triton.CPUSIZE
- triton.CPUSIZE.BYTE
- triton.CPUSIZE.QWORD
- triton.getConcreteMemoryAreaValue
- triton.getConcreteRegisterValue
- triton.getSymbolicExpressionFromId
- triton.Immediate
- triton.Instruction
- triton.MemoryAccess
- triton.MODE
- triton.MODE.ALIGNED_MEMORY
- triton.MODE.ONLY_ON_SYMBOLIZED
- triton.OPCODE
- triton.REG
- triton.TritonContext