display return rates for each arch

2022-01-24 13:15:33 -05:00 · 2022-01-24 13:15:33 -05:00 · c370df827c
parent e5d446c22f
commit c370df827c
3 changed files with 36 additions and 9 deletions
--- a/subdisassem/disassemble.py
+++ b/subdisassem/disassemble.py
@ -74,18 +74,42 @@ class _CapstoneBase:
        return opcodes

    @property
-    def rates(self) -> list:
+    def rets(self) -> list:
+        if hasattr(self, "_rets"):
+            return self._rets
+
+        self._rets = list()
+
+        for opcode in self.disassembly:
+            if "ret" in opcode.mnemonic:
+                self._rets.append(opcode.mnemonic)
+
+        return self._rets
+
+    @property
+    def ret_rates(self) -> list:
+        rates = dict()
+
+        for mnemonic in set(self.rets):
+            rates[mnemonic] = self.rets.count(mnemonic)
+
+        listed = sorted(((value, key) for (key, value) in rates.items()), reverse=True)
+
+        return listed
+
+    @property
+    def mnemonic_rates(self) -> list:
        mnemonics = list()

        for opcode in self.disassembly:
            mnemonics.append(opcode.mnemonic)

-        _rates = dict()
+        rates = dict()

        for mnemonic in set(mnemonics):
-            _rates[mnemonic] = mnemonics.count(mnemonic)
+            rates[mnemonic] = mnemonics.count(mnemonic)

-        listed = sorted(((value, key) for (key, value) in _rates.items()), reverse=True)
+        listed = sorted(((value, key) for (key, value) in rates.items()), reverse=True)

        return listed

--- a/subdisassem/schema.py
+++ b/subdisassem/schema.py
@ -20,7 +20,8 @@ class Disassembly(Base):
    arch = Column(String, nullable=False)
    checksum = Column(String, nullable=False)
    count = Column(Integer, nullable=False)
-    rates = Column(String, nullable=False)
+    mnemonic_rates = Column(String, nullable=False)
+    ret_rates = Column(String, nullable=False)
    size = Column(Integer, nullable=False)
    offset = Column(Integer, nullable=False)
    opcodes = Column(String, nullable=False)
@ -41,7 +42,8 @@ class Disassembly(Base):
            "id": self.id,
            "arch": self.arch,
            "count": self.count,
-            "rates": self.rates,
+            "mnemonic_rates": self.mnemonic_rates,
+            "ret_rates": self.ret_rates,
            "size": self.size,
            "offset": self.offset,
        }
--- a/subdisassem/scripts.py
+++ b/subdisassem/scripts.py
@ -29,7 +29,7 @@ def subdisassem_script():
    parser.add_argument("-b", "--bin-path", required=True)
    parser.add_argument("-l", "--log", action="store_true", help="log to file")
    parser.add_argument(
-        "-f", "--fuzz", type=int, default=64, help="offset bruteforce max"
+        "-f", "--fuzz", type=int, default=1, help="offset bruteforce max"
    )
    args = parser.parse_args()

@ -110,7 +110,8 @@ def subdisassem_script():
            row.arch = disasembler.arch
            row.checksum = checksum
            row.count = len(disasembler)
-            row.rates = str(disasembler.rates[:5])
+            row.mnemonic_rates = str(disasembler.mnemonic_rates[:5])
+            row.ret_rates = str(disasembler.ret_rates[:5])
            row.size = len(raw_bytes) - offset
            row.offset = offset
            row.opcodes = disasembler.objdump
@ -132,5 +133,5 @@ def subdisassem_script():

    tops = sorted(tops, key=len, reverse=True)

-    for top in tops[:3]:
+    for top in tops[:5]:
        logging.info(top)