// hook_intr
private static void HookInterrupt(Emulator emulator, int into, object userData)
{
X86Registers registers = ((X86Emulator)emulator).Registers;
byte[] buffer = new byte[256];
if (into != 0x80)
{
return;
}
long eax = registers.EAX;
long eip = registers.EIP;
switch (eax)
{
default:
Console.WriteLine($">>> 0x{eip.ToString("x2")}: interrupt 0x{into.ToString("x2")}, EAX = 0x{eax.ToString("x2")}");
break;
case 1: // sys_exit
Console.WriteLine($">>> 0x{eip.ToString("x2")}: interrupt 0x{into.ToString("x2")}, SYS_EXIT. quit!");
Console.WriteLine();
emulator.Stop();
break;
case 4:
long ecx = registers.ECX;
long edx = registers.EDX;
int count = buffer.Length < edx ? buffer.Length : (int)edx;
emulator.Memory.Read((ulong)ecx, buffer, count);
// >>> 0x%x: interrupt 0x%x, SYS_WRITE. buffer = 0x%x, size = %u, content = '%s'\n
// r_eip, intno, r_ecx, r_edx, buffer
Console.WriteLine($">>> 0x{eip.ToString("x2")}: interrupts 0x{into.ToString("x2")}, SYS_WRITE. buffer = 0x{ecx.ToString("x2")}, size = {edx.ToString("x2")}, content = {Encoding.UTF8.GetString(buffer)}");
break;
}
}
/// <summary>
/// Initializes a new instance of the <see cref="X86Emulator"/> class with the specified
/// <see cref="X86Mode"/> to use.
/// </summary>
/// <param name="mode">Mode to use.</param>
public X86Emulator(X86Mode mode) : base(Bindings.Arch.x86, (Bindings.Mode)mode)
{
_registers = new X86Registers(this);
}
/// <summary>
/// Initializes a new instance of the <see cref="X86Emulator"/> class with the specified
/// <see cref="X86Mode"/> to use.
/// </summary>
/// <param name="mode">Mode to use.</param>
public X86Emulator(X86Mode mode) : base(UnicornArch.X86, (UnicornMode)mode)
{
_registers = new X86Registers(this);
}
