The old project name was Reverse.
PLASMA is an interactive disassembler. It can generate a more readable
assembly (pseudo code) with colored syntax. You can write scripts with the
available Python api (see an example below). The project is still in big development.
wiki : TODO list and some documentation.
It supports :
- architectures : x86, ARM, MIPS{64} (partially for ARM and MIPS)
- formats : ELF, PE, RAW
Warning: until structures and type definitions are not implemented, the database compatibility could be broken.
- python >= 3.4
- capstone
- python-pyelftools
- pefile + python3-future
- python-msgpack >= 0.4.6
c++filt(available in the binutils Linux package)- terminal should support UTF8 and 256 colors (if not, use the option
--nocolor) - optional :
python-qt4used for the memory map
./install.sh
Or if you have already installed requirements with the previous command :
./install.sh --update
Check tests :
make
....................................................................................
84/84 tests passed successfully in 2.777975s
analyzer tests...
stack [OK]
$ plasma -i tests/server.bin
>> v main
# then press tab
This image is the result of the libc :
See more on the wiki.
Print all ascii strings :
echo "py scripts/strings.py" | plasma -i tests/server.bin
0x400200 "/lib64/ld-linux-x86-64.so.2"
0x400228 "GNU"
0x400248 "GNU"
0x400481 "libpthread.so.0"
0x400491 "_ITM_deregisterTMCloneTable"
0x4004ad "_Jv_RegisterClasses"
0x4004c1 "_ITM_registerTMCloneTable"
0x4004db "write"
...