X86/X86-64 DISASSEMBLER FOR .NET – SHARPDISASM

风吹屁屁凉

About the disassembler

SharpDisasm is a full C# port of the libudis86 x86/x86-64 disassembler. Disassembly of 16-bit, 32-bit and 64-bit instructions can be output to both Intel and AT&T syntax.

The library supports decoding each instruction to an object that provides access to low-level information for further analysis (e.g. instruction size, operand number and types etc).

SharpDisasm is a full C# port of the libudis86 C-library disassembler.

Disassembler features

• a full C# port of the libudis86 C library
• a set of simple C# classes wrapping the udis86 C API
• support for x86 16-bit, 32-bit and 64-bit instruction set architectures
• support for outputting in Intel and AT&T syntax
• support for all x86 and x86-64 (AMD64) General purpose and System instructions.
• support for the following ISA extensions:
  
  • MMX, FPU (x87), AMD 3DNow
  • SSE, SSE2, SSE3, SSSE3, SSE4.1, SSE4.2, AES
  • AMD-V, INTEL-VMX, SMX
    
  
  

The disassembler is exposed through the SharpDisam.Disassembler class.

Output from the provided example console app:

[Asm] 纯文本查看 复制代码

C:\>echo a1 c9 fd ff ff a1 37 02 00 00 b8 37 02 00 00 b4 09 8a 
25 09 00 00 00 8b 04 6d 85 ff ff ff 89 45 f0| disasmcli 32

00000000 a1 c9 fd ff ff                 mov eax, [0xfffffdc9]
00000005 a1 37 02 00 00                 mov eax, [0x237]
0000000a b8 37 02 00 00                 mov eax, 0x237
0000000f b4 09                          mov ah, 0x9
00000011 8a 25 09 00 00 00              mov ah, [0x9]
00000017 8b 04 6d 85 ff ff ff           mov eax, [ebp*2-0x7b]
0000001e 89 45 f0                       mov [ebp-0x10], eax

C:\>echo 488b05f7ffffff67668b40f06766035e1048030425ffff
000067660344bef04c0384980000008048a10000000000800000 | disasmcli 64

0000000000000000 48 8b 05 f7 ff ff ff           mov rax, [rip-0x9]
0000000000000007 67 66 8b 40 f0                 mov ax, [eax-0x10]
000000000000000c 67 66 03 5e 10                 add bx, [esi+0x10]
0000000000000011 48 03 04 25 ff ff 00 00        add rax, [0xffff]
0000000000000019 67 66 03 44 be f0              add ax, [esi+edi*4-0x10]
000000000000001f 4c 03 84 98 00 00 00 80        add r8, [rax+rbx*4-0x80000000]
0000000000000027 48 a1 00 00 00 00 00 80 00 00  mov rax, [0x800000000000]

Downloads

Download source from GitHub or download binaries on Codeplex or NuGet.

萋小磊

我是来看P叔怎么买一套房的

520_ai_in@sina.

怎么在南宁买一套别墅能教教吗

越陷越深越迷茫

什么东西，没看懂

风在这里停

关于反汇编程序
sharpdisasm是一个完整的C #端口的libudis86 x86 / x86-64汇编。16位，32位和64位指令的拆卸可以输出到英特尔，并在和语法。
库支持对每个指令进行解码，以提供对低级别信息的访问的对象（如指令大小、操作数和类型等）。
sharpdisasm是一个完整的C #端口的libudis86流通图书馆汇编。
反汇编程序的功能
一个完整的C #端口的libudis86 C库
一套简单的C #类包装udis86 C API
对于x86支持16位、32位和64位指令集架构
支持输出在英特尔和语法的语法
所有x86和x86-64支持（AMD64）通用系统说明。
支持以下是一个扩展：
MMX，FPU（助记符），AMD的3DNow
SSE、SSE2，SSE3，ssse3，SSE4.1，sse4.2，AES
AMD-V，intel-vmx，SMX
本程序是通过反汇编类sharpdisam暴露。
从所提供的示例控制台应用程序的输出：

木魚

看起来是一个C#版的反汇编工具。。。

xiawan

net程序的反汇编工具吧？

youjianpps

真的看不懂。