Hi,
first of all thanks for the tool. During the last DEFCON finals I realized once again how there's a lack of tools when it comes to userspace and scriptable multi-arch emulation.
Usercorn looks like it might be THE tool if it matures enough.
That being said, I noticed you removed the python interface in favor of #184.
As everyone in security I do love python and I did a small PoC of how a Go/python integration would work (thebabush/usercorn).
If you want to try it, just make && make py && ./make.sh.
So the idea is to use opaque handles + ref counting as a way around the garbage collector.
I think that most (all?) of go/models/usercorn.go could be easily mapped to C or FFI.
It's a PITA to do the mapping manually, but after some tests with parsing Go, I would say that doing it automatically in the proper way would be a whole project by itself (maybe a regex-based approach would suffice, which is what z3 bindings for python do AFAIK).
Still, why not create a barebone plugin mechanism instead of exposing usercorn as a shared object? Like usercorn --whatever whatever.so ./my_binary.
My stuff actually uses CFFI at compile time, which should be faster than a shared plugin and should support Python 2/3/pypy.
I'm opening this issue to see what you think about it. It's just an hack for now but it looks like a viable way of implementing scripting (or a general C API).
Hi,
first of all thanks for the tool. During the last DEFCON finals I realized once again how there's a lack of tools when it comes to userspace and scriptable multi-arch emulation.
Usercorn looks like it might be THE tool if it matures enough.
That being said, I noticed you removed the python interface in favor of #184.
As everyone in security I do love python and I did a small PoC of how a Go/python integration would work (thebabush/usercorn).
If you want to try it, just
make && make py && ./make.sh.So the idea is to use opaque handles + ref counting as a way around the garbage collector.
I think that most (all?) of
go/models/usercorn.gocould be easily mapped to C or FFI.It's a PITA to do the mapping manually, but after some tests with parsing Go, I would say that doing it automatically in the proper way would be a whole project by itself (maybe a regex-based approach would suffice, which is what z3 bindings for python do AFAIK).
Still, why not create a barebone plugin mechanism instead of exposing usercorn as a shared object? Like
usercorn --whatever whatever.so ./my_binary.My stuff actually uses CFFI at compile time, which should be faster than a shared plugin and should support Python 2/3/pypy.
I'm opening this issue to see what you think about it. It's just an hack for now but it looks like a viable way of implementing scripting (or a general C API).