├── README.md
└── asm_buddy.py


/README.md:
--------------------------------------------------------------------------------
 1 | # asm_buddy
 2 | Small script using [Capstone](http://capstone-engine.org)/[Keystone](http://keystone-engine.org) to assemble/disassemble x86/x64 instructions from the command line.
 3 | 
 4 | Add the below functions into your .bashrc or .bash_profile for daily usage.
 5 | 
 6 | ```
 7 | asma() {
 8 |     python ~/Scripts/OneOffs/asm_buddy.py -f a -i "$@"
 9 | }
10 | 
11 | asmd() {
12 |     python ~/Scripts/OneOffs/asm_buddy.py -f d -i "$@"
13 | }
14 | ```
15 | 
16 | ### Usage
17 | 
18 | Using the functions above, it's pretty straight forward.
19 | 
20 | For assembling -
21 | 
22 | ```
23 | $ asma 'jmp esp; inc ecx; call 0x400100'
24 | \xFF\xE4\x41\xE8\xF8\x00\x40\x00
25 | ```
26 | 
27 | For disassembling -
28 | 
29 | ```
30 | $ asmd 'ffe441e8f8004000'
31 | jmp       esp
32 | inc       ecx
33 | call      0x1400100
34 | ```
35 | 
36 | A couple of other options if you need some more control over architecture.
37 | 
38 | ```
39 | usage: asm_buddy.py [-h] [-a {x86,x64,arm}] -i INPUT -f {a,d}
40 | 
41 | Generate ASM or disasemble bytes. ASM should be semi-colon separated (";").
42 | 
43 | optional arguments:
44 |   -h, --help            show this help message and exit
45 |   -a {x86,x64,arm}, --arch {x86,x64,arm}
46 |                         Architecture choice.
47 |   -i INPUT, --input INPUT
48 |                         Your input to assemble or disassemble.
49 |   -f {a,d}, --func {a,d}
50 |                         Assemble [a] or Disassemble [d].
51 | ```
52 | 


--------------------------------------------------------------------------------
/asm_buddy.py:
--------------------------------------------------------------------------------
 1 | #!/usr/bin/env python
 2 | from capstone import *
 3 | from keystone import *
 4 | import argparse
 5 | 
 6 | __author__  = "Jeff White [karttoon] @noottrak"
 7 | __email__   = "karttoon@gmail.com"
 8 | __version__ = "1.0.4"
 9 | __date__    = "15AUG2022"
10 | 
11 | """
12 | asma() {
13 |     python ~/Scripts/OneOffs/asm_buddy.py -f a -i "$@"
14 | }
15 | 
16 | asmd() {
17 |     python ~/Scripts/OneOffs/asm_buddy.py -f d -i "$@"
18 | }
19 | """
20 | 
21 | def disassemble(args):
22 | 
23 |     if args.arch == "x86":
24 |         md = Cs(CS_ARCH_X86, CS_MODE_32)
25 |     if args.arch == "x64":
26 |         md = Cs(CS_ARCH_X86, CS_MODE_64)
27 |     if args.arch == "arm":
28 |         md = Cs(CS_ARCH_ARM, CS_MODE_ARM)
29 | 
30 |     md.detail = True
31 | 
32 |     CODE = args.input
33 |     CODE = [CODE[x:x+2] for x in range(0, len(CODE), 2)]
34 |     CODE = bytes("".join([chr(int(x, 16)) for x in CODE]).encode())
35 | 
36 |     for op in md.disasm(CODE, 0):
37 |         if args.verbose == True:
38 |             if hasattr(op, "bytes"):
39 |                 print("%-10x | %-15s | %-15s | %2d | %-10s | %-15s | %-12s" % (op.address, op.prefix, op.opcode, len(op.operands), op.mnemonic, op.op_str,  "".join('{:02x}'.format(x) for x in op.bytes)))
40 |         else:
41 |             print("%-10s%s" % (op.mnemonic, op.op_str))
42 | 
43 | def assemble(args):
44 | 
45 |     if args.arch == "x86":
46 |         ks = Ks(KS_ARCH_X86, KS_MODE_32)
47 |     if args.arch == "x64":
48 |         ks = Ks(KS_ARCH_X86, KS_MODE_64)
49 |     if args.arch == "arm":
50 |         ks = Ks(KS_ARCH_ARM, KS_MODE_ARM)
51 | 
52 |     CODE = args.input
53 | 
54 |     ASM = ks.asm(CODE)
55 |     ASM = ["\\x%.2X" % x for x in ASM[0]]
56 | 
57 |     print("".join(ASM))
58 | 
59 | def main():
60 |     parser = argparse.ArgumentParser(description="Generate ASM or disasemble bytes. ASM should be semi-colon separated (\";\").")
61 |     parser.add_argument("-a", "--arch", help="Architecture choice.", default="x86", choices=["x86", "x64", "arm"])
62 |     parser.add_argument("-i", "--input", help="Your input to assemble or disassemble.", required=True)
63 |     parser.add_argument("-f", "--func", help="Assemble [a] or Disassemble [d].", required=True, choices=["a", "d"])
64 |     parser.add_argument("-v", "--verbose", help="Prints additional data when disassembling bytes", action="store_true")
65 |     args = parser.parse_args()
66 | 
67 |     if args.func == "d":
68 | 
69 |         args.input = args.input.replace("0x","")
70 |         args.input = args.input.replace("\\x", "")
71 |         args.input = args.input.replace(",", "")
72 |         args.input = args.input.replace(";", "")
73 |         args.input = args.input.replace("+", "")
74 |         args.input = args.input.replace(":", "")
75 |         args.input = args.input.replace(" ", "")
76 | 
77 |         disassemble(args)
78 | 
79 |     if args.func == "a":
80 | 
81 |         assemble(args)
82 | 
83 | if __name__ == '__main__':
84 |     main()
85 | 


--------------------------------------------------------------------------------