capstone-d 0.0.2

D bindings for the Capstone disassembly framework


To use this package, run the following command in your project's root directory:

Manual usage
Put the following dependency into your project's dependences section:


This package provides sub packages which can be used individually:

capstone-d:example-basic - Basic example usage of the bindings

capstone-d

What is this?

This package implements idiomatic D bindings for Capstone - the disassembly framework powering many reverse engineering tools. If you do not need the expressivity and safety of D but just the plain C API in D, non-idiomatic bindings might be just what you're looking for.

Note: The development is still in progress and not all architectures are supported yet -- although x86 and ARM work already. While the core API is fully documented, some classes are still missing documentation and adding it is a currently ongoing effort.

Examples

Introductory Example

The following D code uses these bindings for a concise implementation of the introductory example for the original C library.

import std.format;
import std.stdio;

import capstone;

auto CODE = cast(ubyte[])"\x55\x48\x8b\x05\xb8\x13\x00\x00";

void main(){
	auto cs = new Capstone!(Arch.x86)(ModeFlags(Mode.bit64));
	auto res = cs.disasm(CODE, 0x1000);
	foreach(instr; res)
		writefln!"0x%x:\t%s\t\t%s"(instr.address, instr.mnemonic, instr.opStr);
}

Running this will dissassemble the byte sequence \x55\x48\x8b\x05\xb8\x13\x00\x00 on a x86_64 architecture and output the following

0x1000: push            rbp
0x1001: mov             rax, qword ptr [rip + 0x13b8]

Querying the library's capabilities

If you wanted to determine which architectures are supported by the capstone library that you have installed on your system, you could do so as follows:

import std.format;
import std.stdio;
import std.traits;

import capstone;

void main(){
	writefln!"Version: %s (lib), %s (bindings)"(versionOfLibrary, versionOfBindings);
	writeln("Querying Support:");
	foreach(query; EnumMembers!SupportQuery)
		writefln!"%-10s: %s"(query, supports(query));
}

In my case, using the precompiled version 3.0.5 for Arch Linux, this will output

Version: 3.0 (lib), 3.0 (bindings)
Querying Support:
arm       : true
arm64     : true
mips      : true
x86       : true
powerPc   : true
sparc     : true
systemZ   : true
xCore     : true
all       : true
diet      : false
x86Reduce : false

How to include this in your project

The package is available in the D package management s.t. it suffices to add capstone-d as a dependency in the dub.json of your project. Furthermore, the examples folder contains a basic project to get you started.

Contribute

Keep in mind that the bindings are still under development, but you can always create an issue if you find bugs or think that something could be improved. If you want to tackle an issue or contribute to the plugin feel free to create a pull request.

Authors:
  • Dimitri Bohlender
Sub packages:
capstone-d:example-basic
Dependencies:
none
Versions:
2.1.1 2020-Oct-13
2.1.0 2019-Jun-08
2.0.0 2019-May-21
1.0.0 2018-Dec-25
0.1.0 2018-Oct-29
Show all 7 versions
Download Stats:
  • 0 downloads today

  • 0 downloads this week

  • 0 downloads this month

  • 77 downloads total

Score:
0.9
Short URL:
capstone-d.dub.pm