Home

Welcome to the PLASMA disassembler wiki!

Help

• About jumptables
• Read a MIPS binary
• Differences between commands dump, x and v
• The noreturn flag
• Calling conventions TODO

Hacks

• Use the Python API
• Source code structure
• Add a support for a new architecture

FIXME

• make plasma pip-installable issue #60
• mips: unsigned int immediate bug
• mips: delay slot with pc, the pc is the address of the current instruction, not of the delay slot instruction

TODO

Stack :

• stack variables for MIPS64
• canary detection
• set type on variables

Analyzer :

• unicode strings
• function detection : actually it checks first if the prolog is known, otherwise nothing is done. But if the function is in a code section we should force to analyze the function.
• improve analyzer performances : memoryview or c_types : a disassembling is done on a block which is every time copied. It requires to modify the capstone api
• mips: auto detect the value of gp
• detect syscalls during the analysis, not at the decompilation
• jump-tables for MIPS/ARM
• detect exceptions (try/catch)

Visual :

• unsensitive case search
• better printing of PE imports
• reload automatically if the analyzer has modified the content in visual
• binary search history
• console in the visual ?

Elf :

• import symbols from so : CLE does, but I've not copied this part

Memory map :

• cleanup
• communicate with analyzer/visual -> cursors on the map
• zoom

Features :

• visual popup to modify : flags (noreturn #47)
• multi-lines comments
• vtables
• structure, enum
• Mach-o
• text search ? will be unfortunately inefficient, it requires to disassemble all the binary