Create a gist now

Instantly share code, notes, and snippets.

What would you like to do?
#include <stdio.h>
#include <stdlib.h>
#include <stdint.h>
#include "pin.H"
VOID print_regs(CONTEXT *ctx) {
printf("rax=0x%lx\n"
"rbx=0x%lx\n"
"rcx=0x%lx\n"
"rdx=0x%lx\n"
"rsi=0x%lx\n"
"rdi=0x%lx\n"
"r8=0x%lx\n"
"r9=0x%lx\n"
"r10=0x%lx\n"
"r11=0x%lx\n"
"r12=0x%lx\n"
"r13=0x%lx\n"
"r14=0x%lx\n"
"r15=0x%lx\n",
(long unsigned int)PIN_GetContextReg(ctx, REG_FullRegName(REG_GAX)),
(long unsigned int)PIN_GetContextReg(ctx, REG_FullRegName(REG_GBX)),
(long unsigned int)PIN_GetContextReg(ctx, REG_FullRegName(REG_GCX)),
(long unsigned int)PIN_GetContextReg(ctx, REG_FullRegName(REG_GDX)),
(long unsigned int)PIN_GetContextReg(ctx, REG_FullRegName(REG_GSI)),
(long unsigned int)PIN_GetContextReg(ctx, REG_FullRegName(REG_GDI)),
(long unsigned int)PIN_GetContextReg(ctx, REG_FullRegName(REG_R8)),
(long unsigned int)PIN_GetContextReg(ctx, REG_FullRegName(REG_R9)),
(long unsigned int)PIN_GetContextReg(ctx, REG_FullRegName(REG_R10)),
(long unsigned int)PIN_GetContextReg(ctx, REG_FullRegName(REG_R11)),
(long unsigned int)PIN_GetContextReg(ctx, REG_FullRegName(REG_R12)),
(long unsigned int)PIN_GetContextReg(ctx, REG_FullRegName(REG_R13)),
(long unsigned int)PIN_GetContextReg(ctx, REG_FullRegName(REG_R14)),
(long unsigned int)PIN_GetContextReg(ctx, REG_FullRegName(REG_R15)));
fflush(stdout);
exit(0);
}
// Pin calls this function every time a new instruction is encountered
VOID Instruction(INS ins, VOID *v)
{
if (INS_IsRet(ins)) {
INS_InsertCall(ins, IPOINT_BEFORE, (AFUNPTR)print_regs, IARG_CONTEXT, IARG_END);
}
}
// This function is called when the application exits
VOID Fini(INT32 code, VOID *v)
{
}
/* ===================================================================== */
/* Main */
/* ===================================================================== */
int main(int argc, char * argv[])
{
// Initialize pin
if (PIN_Init(argc, argv)) { }
// Register Instruction to be called to instrument instructions
INS_AddInstrumentFunction(Instruction, 0);
// Register Fini to be called when the application exits
PIN_AddFiniFunction(Fini, 0);
// Start the program, never returns
PIN_StartProgram();
return 0;
}
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment