add message for medusa_text

[ivan-kulikov-dev]

I wanted to pull to 2 commits, but the third was added...

[wisk]

Help message for both medusa_text and emulator is a good idea, but "<< std::endl;" is missing at the end of the "std::cout".

An OS module for AVR8 looks interesting but I'm not familiar with this architecture, could you tell more about it?

BTW: This is my first pull request and thank you for that! But why is it closed?

[ivan-kulikov-dev]

I wanted to add 2 commit)).But accidentally added a third.(third commit empty yet). I want to write a loader for avr8 files() and analyler for it.(support atmega328,atmega8 ...etc). I have a question.How add menu for loader?Or do I have to add the library support menu for loader. (as it:
Configuration::Enum VendorMdl; VendorMdl.push_back(std::make_pair("AMD", X86_ProcType_AMD)); m_CfgMdl.InsertEnum("Vendor", VendorMdl, X86_ProcType_INTEL); ).But it for "Architecture" only...:(.

[wisk]

The AVR8 architecture was not written by me and I don't have any knowledge about the used file format (loader) nor what kind of analyzer you're looking to implement, so fell free to correct me if I misunderstand you. :)

If you wanna let the user select specific options for the loader, it'd required to add a method to the Loader object (like GetConfigurationModel) and modify this part of the code: https://github.com/wisk/medusa/blob/dev/src/ui/qt/ConfigureDialog.cpp#L61. A better solution would be to have a basic class which contains a method GetConfigurationModel and makes all "configurable" modules inherit from it. I can quickly implement it if you really need it.

Now I'm wondering can you detect atmega328, atmega8, ... from the file format? Just like the PE/PE+ or ELF/ELF64 executable format.

[ivan-kulikov-dev]

" A better solution would be to have a basic class which contains a method GetConfigurationModel and makes all "configurable" modules inherit from it. I can quickly implement it if you really need it." Make this,please.

[wisk]

Take a look at https://github.com/wisk/medusa/commit/d918c766fa8325442d7fdef003c8476e40c6ec95 and tell me if it's ok. I didn't test it.

[ivan-kulikov-dev]

good. :) All ok.

[ivan-kulikov-dev]

How to use multiple architectures for a one loader?(For example, I want to add an external disassembler BeaEngine.It support x86 and x64.But i want use your x86 disassembler too.So,there is a need to add menu change architecture are compatible with the loader and display them to QComboBox).

[wisk]

In order to select multiple loader for one loader, you first have to overload the method Loader::FilterAndConfigureArchitectures on your custom loader, take a look at the ldr_gb which uses the z80 architecture (https://github.com/wisk/medusa/tree/dev/src/ldr/gb/gameboy_loader.cpp#L164).

Regarding BeaEngine (an awesome disassembler! :)), you have to write another Architecture class with a custom tag (You cannot re-use the tag _MEDUSA_ARCHTAG('x','8','6')) like MEDUSA_ARCH_TAG('b','e','a') and make sure it's kept by the method Loader::FilterAndConfigureArchitectures. The hardest part is to write a glue for the method Architecture::Disassemble and Architecture::FormatInstruction.

[ivan-kulikov-dev]

https://code.google.com/p/corkami/ very cool site :)

[ivan-kulikov-dev]

Hello.I see new commits)What is new API to taint register (WIP)?

[wisk]

Hi @gunmetal313,

Sorry for the delay, I was unable to access to your account and your messages as well (404).

Corkami is a really good resources for reverse engineering, I was planning to use some of their examples to do unit-test, but I don't have time to do it.

Regarding the new API, I'm trying to implement symbolic execution to improve analysis, the term "taint" that I used was incorrect since it's related to user input. In this case, I'm looking to track every kinds of input. I'll comment this feature as soon as I finish to implement it.

BTW I'm really interested including your patches, however I'm using a nomenclature for commit messages, do you want me to add a wiki page/RST about how to contribute on this project?

[ivan-kulikov-dev]

Hi.I have a question about medusa/src/srlz.Do you planning to use module serialization in future?

[wisk]

Hi, srlz stands for serialization, and it's deprecated now. If you look to implement serialization, you should implement a db module (Database, see TextDatabase https://github.com/wisk/medusa/blob/dev/src/db/text/text_db.hpp for instance). I keep the srlz folder since @deionalims has developed a serialization module which uses sqlite. I plan to re-implement it as a Database module later.