[panda-users] How can I get the original assembly code(opcode)?
InGap Jeong
laughfool at gmail.com
Mon Aug 17 02:24:39 EDT 2015
Hello,
I trying to get the "mybin.exe'' 's original assembly code(opcode) in the
PANDA plugin.
(for tracing binary's opcode, registers, memory ..)
Host OS : ubuntu x64
Guest OS : windows xp x86
Test binary : mybin.exe
I got the opcode using panda_virtual_memory_rw function at
PANDA_CB_INSN_TRANSLATE.
ex) panda_virtual_memory_rw(env, env->eip, buf, 20, 0);
but, It is not same as original assembly code('mybin.exe').
It seems to be translated by the PANDA.
How can I get the "mybin.exe"'s original opcode?
Thanks!
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://mailman.mit.edu/pipermail/panda-users/attachments/20150817/03a8bda6/attachment.html
More information about the panda-users
mailing list