dmknght/qiling_with_asm.py

## qiling_with_asm.py
from qiling import Qiling
from capstone import *
md = Cs(CS_ARCH_X86, CS_MODE_64)


def print_asm(ql, address, size):
# Credits -> https://isc.sans.edu/diary/Qiling+A+true+instrumentable+binary+emulation+framework/27372
    buf = ql.mem.read(address, size)
    for i in md.disasm(buf, address):
        opcode = ' '.join('{:02x}'.format(x) for x in i.bytes)
        print(f"0x{i.address}: {opcode:40}{i.mnemonic:8}{i.op_str}")


if __name__ == "__main__":
    # initialize Qiling instance, specifying the executable to emulate and the emulated system root.
    # note that the current working directory is assumed to be Qiling home
    ql = Qiling([r'/tmp/rootfs/x8664_linux/meter'], r'/tmp/rootfs/x8664_linux/')

    ql.hook_code(print_asm)
    # start emulation
    ql.run()
	from qiling import Qiling
	from capstone import *
	md = Cs(CS_ARCH_X86, CS_MODE_64)


	def print_asm(ql, address, size):
	# Credits -> https://isc.sans.edu/diary/Qiling+A+true+instrumentable+binary+emulation+framework/27372
	buf = ql.mem.read(address, size)
	for i in md.disasm(buf, address):
	opcode = ' '.join('{:02x}'.format(x) for x in i.bytes)
	print(f"0x{i.address}: {opcode:40}{i.mnemonic:8}{i.op_str}")


	if __name__ == "__main__":
	# initialize Qiling instance, specifying the executable to emulate and the emulated system root.
	# note that the current working directory is assumed to be Qiling home
	ql = Qiling([r'/tmp/rootfs/x8664_linux/meter'], r'/tmp/rootfs/x8664_linux/')

	ql.hook_code(print_asm)
	# start emulation
	ql.run()