init

Functionality for disassmebling code at an address, or at an address ± a few instructions.

`CapstoneArch = {'arm': CS_ARCH_ARM, 'armcm': CS_ARCH_ARM, 'aarch64': CS_ARCH_ARM64, 'i386': CS_ARCH_X86, 'i8086': CS_ARCH_X86, 'x86-64': CS_ARCH_X86, 'powerpc': CS_ARCH_PPC, 'mips': CS_ARCH_MIPS, 'sparc': CS_ARCH_SPARC, 'rv32': CS_ARCH_RISCV, 'rv64': CS_ARCH_RISCV}` `module-attribute` ¶

`CapstoneEndian = {'little': CS_MODE_LITTLE_ENDIAN, 'big': CS_MODE_BIG_ENDIAN}` `module-attribute` ¶

`CapstoneMode = {4: CS_MODE_32, 8: CS_MODE_64}` `module-attribute` ¶

`CapstoneSyntax = {'intel': CS_OPT_SYNTAX_INTEL, 'att': CS_OPT_SYNTAX_ATT}` `module-attribute` ¶

`VariableInstructionSizeMax = {'i386': 16, 'x86-64': 16, 'i8086': 16, 'mips': 8, 'rv32': 22, 'rv64': 22}` `module-attribute` ¶

`backward_cache: DefaultDict[int, int] = collections.defaultdict(lambda: None)` `module-attribute` ¶

`computed_instruction_cache: DefaultDict[int, PwndbgInstruction] = collections.defaultdict(lambda: None)` `module-attribute` ¶

`emulated_arm_mode_cache: DefaultDict[int, int] = collections.defaultdict(lambda: None)` `module-attribute` ¶

`first_time_emulate = True` `module-attribute` ¶

`next_addresses_cache: Set[int] = set()` `module-attribute` ¶

`can_run_first_emulate()` ¶

Disable the emulate config variable if we don't have enough memory to use it See https://github.com/pwndbg/pwndbg/issues/1534 And https://github.com/unicorn-engine/unicorn/pull/1743

`clear_on_reg_mem_change()` ¶

`emulate_one()` ¶

`enhance_cache_listener()` ¶

`get(address, instructions=1, emu=None, enhance=True, from_cache=False, put_cache=False)` ¶

`get_disassembler(address)` ¶

`get_disassembler_cached(arch, ptrsize, endian, extra=None)` ¶

`get_one_instruction(address, emu=None, enhance=True, from_cache=False, put_cache=False)` ¶

If passed an emulator, this will pass it to the DisassemblyAssistant which will single_step the emulator to determine the operand values before and after the instruction executes.

`near(address, instructions=1, emulate=False, show_prev_insns=True, use_cache=False, linear=False)` ¶

Disasms instructions near given address. Passing emulate makes use of unicorn engine to emulate instructions to predict branches that will be taken. show_prev_insns makes this show previously cached instructions (this is mostly used by context's disasm display, so user see what was previously)

`no_emulate_one()` ¶

`one(address=None, emu=None, enhance=True, from_cache=False, put_cache=False, put_backward_cache=True)` ¶

`one_raw(address=None)` ¶

`one_with_config()` ¶

Returns a single Pwndbg Instruction at the current PC.

Emulation determined by the pwndbg.config.emulate setting.

init

CapstoneArch = {'arm': CS_ARCH_ARM, 'armcm': CS_ARCH_ARM, 'aarch64': CS_ARCH_ARM64, 'i386': CS_ARCH_X86, 'i8086': CS_ARCH_X86, 'x86-64': CS_ARCH_X86, 'powerpc': CS_ARCH_PPC, 'mips': CS_ARCH_MIPS, 'sparc': CS_ARCH_SPARC, 'rv32': CS_ARCH_RISCV, 'rv64': CS_ARCH_RISCV} module-attribute ¶

CapstoneEndian = {'little': CS_MODE_LITTLE_ENDIAN, 'big': CS_MODE_BIG_ENDIAN} module-attribute ¶

CapstoneMode = {4: CS_MODE_32, 8: CS_MODE_64} module-attribute ¶

CapstoneSyntax = {'intel': CS_OPT_SYNTAX_INTEL, 'att': CS_OPT_SYNTAX_ATT} module-attribute ¶

VariableInstructionSizeMax = {'i386': 16, 'x86-64': 16, 'i8086': 16, 'mips': 8, 'rv32': 22, 'rv64': 22} module-attribute ¶

backward_cache: DefaultDict[int, int] = collections.defaultdict(lambda: None) module-attribute ¶

computed_instruction_cache: DefaultDict[int, PwndbgInstruction] = collections.defaultdict(lambda: None) module-attribute ¶

emulated_arm_mode_cache: DefaultDict[int, int] = collections.defaultdict(lambda: None) module-attribute ¶

first_time_emulate = True module-attribute ¶

next_addresses_cache: Set[int] = set() module-attribute ¶

can_run_first_emulate() ¶

clear_on_reg_mem_change() ¶

emulate_one() ¶

enhance_cache_listener() ¶

get(address, instructions=1, emu=None, enhance=True, from_cache=False, put_cache=False) ¶

get_disassembler(address) ¶

get_disassembler_cached(arch, ptrsize, endian, extra=None) ¶

get_one_instruction(address, emu=None, enhance=True, from_cache=False, put_cache=False) ¶

near(address, instructions=1, emulate=False, show_prev_insns=True, use_cache=False, linear=False) ¶

no_emulate_one() ¶

one(address=None, emu=None, enhance=True, from_cache=False, put_cache=False, put_backward_cache=True) ¶

one_raw(address=None) ¶

one_with_config() ¶