A library for disassembling various types of machine code.
npm install disassemblerinitialize is called.js
import { initialize, Architecture, Mode } from 'disassembler';async function disassembleStuff() {
// initialize the library (loads the capstone WebAssembly binary).
// This takes about half a second the first time. Thereafter, it
// just returns the capstone object. You can call it once and then
// keep the capstone object around.
const capstone = await initialize();
// create an instance that can disassemble Arm Thumb code.
const instance = capstone.createInstance(Architecture.ARM, Mode.Thumb);
// disassemble the code
const someCode = Buffer.from("4ff00001bde80088d1e800f018bfadbff3ff0b0c86f3008980f3008c4ffa99f6d0ffa201", "hex");
const instructions = instance.disassemble(someCode);
// print out the results
for (let insn of instructions) {
console.log(
${insn.mnemonic} ${insn.operands});
}
}disassembleStuff().catch(console.error);
`The code above spits out:
asm
mov.w r1, #0
pop.w {fp, pc}
tbb [r1, r0]
it ne
iteet ge
vdupne.8 d16, d11[1]
msr cpsr_fc, r6
msr apsr_nzcvqg, r0
sxtb.w r6, sb, ror #8
vaddw.u16 q8, q8, d18
`Note about web
The Capstone wasm file is quite large (5Mb). In order
to save space, it is not included when packed with
webpack or other tools but rather will be downloaded
by calling . The wasm file is stored on a CDN,
is compressed to about 500kb, and may be cached indefinitely.If this library is included from a regular node project,
the wasm data is stored as hex in a javascript file generated
when this library is published.
This works by specifying a different main file for
browser` inThis library relies on the Capstone disassembly framework.
The sources for the capstone project,
including modifications for this module,
and any binary files produced therefrom, distributed with this library,
are Copyright (c) 2013, COSEINC.