You are not logged in.
Pages: 1
Hello all
i'm really glad that i found this project
i'm working on a Project Called "Cmulator"
Cmulator is ( x86 - x64 ) Windows PE Sandbox Emulator & Disassembler
Based on Unicorn & Capstone & Besen Engine .
the main core functions built with FreePascal and API hooks with JS Engine "Besen"
but Besen Engine is old and slow , that why i’m interested in your product , as there’s no small and native Pascal JS Engine out there .
a small preview of what JS will be used for in my project
this’s a small Example to Hook "GetModuleFileNameA & GetModuleFileNameW" with JS
var GetModuleFileName = new ApiHook();
/*
DWORD WINAPI GetModuleFileName(
_In_opt_ HMODULE hModule,
_Out_ LPTSTR lpFilename,
_In_ DWORD nSize
);
*/
GetModuleFileName.OnCallBack = function (Emu, API, ret) {
Emu.pop(); // ret
var hModule = Emu.isx64 ? Emu.ReadReg(REG_RCX) : Emu.pop();
var lpFilename = Emu.isx64 ? Emu.ReadReg(REG_RDX) : Emu.pop();
var nSize = Emu.isx64 ? Emu.ReadReg(REG_R8D) : Emu.pop();
var mName = Emu.GetModuleName(hModule);
var Path = 'C:\\folder\\' + mName;
var len = API.isWapi ? Emu.WriteStringW(lpFilename,Path) : Emu.WriteStringA(lpFilename,Path);
print("GetModuleFileName{0}(0x{1}, 0x{2}, 0x{3}) = '{4}'".format(
API.IsWapi ? 'W' : 'A',
hModule.toString(16),
lpFilename.toString(16),
nSize.toString(16),
Path
));
// MS Docs : the return value is the length of the string
Emu.SetReg(Emu.isx64 ? REG_RAX : REG_EAX, len);
Emu.SetReg(Emu.isx64 ? REG_RIP : REG_EIP, ret);
return true; // true if you handle it false if you want Emu to handle it and set PC .
};
GetModuleFileName.install('kernel32.dll', 'GetModuleFileNameA');
GetModuleFileName.install('kernel32.dll', 'GetModuleFileNameW');
Emu is JS Object have all needed Native functions like "ReadReg" to read Register from the CPU Emulator , "WriteStringA" & "GetModuleName" and a lot more
the main thing here is that i can call JS function from my Native code and vice versa .
the tool Depends on JS as Scripting lang for Hooks and dealing with the CPU Emulator for easy of use and speed .
3 days ago i downloaded and use your project on Mac OS Mojave and it works fine with the linux Patch for exports
but SM is very big 22MB for "libmozjs-52.dylib"
so i'm searching for a way to Build it without the need of Debugger and anything that i can get rid of , even if i'll remove JIT
but i need it small as i can get .
Thanks
Mac, Windows, Linux
FPC Trunk, Lazarus Trunk, Delphi 12 Latest
Offline
this's the smallest size i get so far 6.8MB
with this config
../configure --enable-release --disable-ion --enable-ctypes --disable-jemalloc --enable-nspr-build --disable-debug --disable-debug-symbols --enable-optimize=-O3 --without-intl-api --enable-strip --disable-ion --without-system-icu
Mac, Windows, Linux
FPC Trunk, Lazarus Trunk, Delphi 12 Latest
Offline
6.8MB seems to be already a great deduction of the file size!
Delphi XE4 Pro on Windows 7 64bit.
Lazarus trunk built with fpcupdelux on Windows with cross-compile for Linux 64bit.
Offline
This is known problem. Most of the size take libicu with all known languages inside. So, without-intl-api and without-system-icu will strip this library and decrease size, but you lost Internationalization API. For example we use it widely. The possible way to keep Intl and decrease size is to remove unneeded resources from libicu
Also disable-ion is IMHO not decrease library size but you lost JIT - very, very big performance degradation
Offline
This is known problem. Most of the size take libicu with all known languages inside. So, without-intl-api and without-system-icu will strip this library and decrease size, but you lost Internationalization API. For example we use it widely. The possible way to keep Intl and decrease size is to remove unneeded resources from libicu
Also disable-ion is IMHO not decrease library size but you lost JIT - very, very big performance degradation
i'll try to enable ion again
in my project i don't need "icu" so i think it's ok to remove
and is there any place i can find more info about
--disable-ion -> i know now it's for JIT
but what about
--disable-jm
--disable-tm
--disable-methodjit
--disable-monoic
--disable-polyic
etc ...
i can't find any resource that give details about these options
Mac, Windows, Linux
FPC Trunk, Lazarus Trunk, Delphi 12 Latest
Offline
Pages: 1