Python-based interactive assembler/disassembler CLI, powered by Keystone/Capstone.
I wanted to quickly view some opcodes with metasm-shell.rb, but I didn't have a Metasploit install handy. I didn't really want to mess around with Ruby either, so I figured that writing my own replacement was a good excuse to play with Keystone and Capstone.
pip install chiasm-shell
# OR
mkvirtualenv chiasm-shell # optional
git clone https://github.com/0xbc/chiasm-shell
cd chiasm-shell
python setup.py install # assumes you have Capstone and Keystone
# build toolchains installed, which includes CMake.chiasm-shell
# or, from the repo base directory:
python -m chiasm_shell.chiasm_shell- When the prompt is
asm>, you're using the interactive assembler backend (Keystone).- Input one or more assembly statements separated by a semi-colon. x86 uses Intel syntax only at the moment.
- When the prompt is
disasm>, you're using the interactive disassembler backend (Capstone).- Input one or more bytes represented by \xXX, where XX is a hex value.
- To switch backends, use
switch asmorswitch disasm. - To change architecture, use
setarch <arch> <mode(s)>.- e.g.
setarch x86 64. - You can use more than one mode, separated by spaces.
- Use
lsarchandlsmodeto view supported architectures and modes for the current backend - At the moment, you need to know what modes are relevant to each architecture - check the Keystone/Capstone source if you're not sure.
- e.g.
- Type
helpto see a list of commands;help <cmd>to see the docstring forcmd.
asm> inc eax; xor ebx, ebx
\x40\x31\xdb
disasm> \x40\x31\xdb
0x1000: inc eax
0x1001: xor ebx, ebx
Please get in touch/raise an issue/PR/etc!
- None at this time.
- Syntax highlighting and/or tab completion for assembly
- Intelligent mode selection
- Support different input/output formats
- Test suite