#include <stdio.h>
#include<iostream>
#include<fstream>
#include"pin.H"
using namespace std;
ofstream OutFile;
//指定输出文件
KNOB<string> KnobOutputFile(KNOB_MODE_WRITEONCE,"pintool",
"o", "branch.out","specify output file name");
//分析例程
void recording(VOID*ip,ADDRINT addr)
{
OutFile<<hex<<"From:"<<ip<<" To:"<<(void*)addr<<endl;
}
//插装回调函数
void instruction(INS ins,VOID *v)
{
//判断当前指令是否是转移指令或者Call调用指令
if(INS_IsIndirectBranchOrCall(ins))
{
INS_InsertCall(ins,IPOINT_TAKEN_BRANCH, (AFUNPTR)recording,
IARG_INST_PTR,INS_DirectBranchOrCallTargetAddress(ins),IARG_END);
}
}
VOID Fini(INT32 code,VOID *v)
{
OutFile.close();
}
int main(int argc,char * argv[])
{
PIN_InitSymbols();
PIN_Init(argc, argv);
OutFile.open(KnobOutputFile.Value().c_str());
INS_AddInstrumentFunction(instruction,0);
PIN_AddFiniFunction(Fini, 0);
PIN_StartProgram();
return 0;
}
想要用pin插桩间接跳转的call,jump,ret.获取原地址和跳转后的地址,这个还要怎么改下。。谢谢了
[培训]内核驱动高级班,冲击BAT一流互联网大厂工作,每周日13:00-18:00直播授课
