This is EDA3, the fourth EDA New Instructions: * Install python packages I'm too lazy to enumerate * Run ./go.sh * Visit http://localhost:5000/ * Use xvi to upload file Coming Soon: * Use 0xFFFFFFFF as global tag storage * Support mode switching with spacebar in IDA * Support a,c,d hotkeys flask/ -- the new backend storage and webserver in python eda.py -- the main server edadb/ -- the backend storage system for raw ram byte.* -- the Byte class memory.* -- the Memory class www/ -- the directory root(ish) of apache css/ -- base css files edadb/ -- PHP endpoints to access the EDAdb flat/ -- flat viewer ida/ -- nice graph viewer webapp isdf/ -- instruction set entry system js/ -- common javascript files base.js -- basic functions that should be a part of core javascript(not EDA specific) db.js -- the better client side edadb, actually classish dbmanager.js -- the client side version of the edadb jquery-1.6.1.min.js -- jquery static/ -- static analyzer viewtest/ -- testing for the new view system xvi/ -- xvi32 hex editor webapp Requirements: * PHP and a webserver * Thrift * gtest for C++ testing * Boost for db saving and loading * graphviz(dot) for graph layout * v8 for MMIO exec * node for elfloading from tests Build instructions: * create a build dir outside the eda-3 dir and cmake eda-3/edadb * do make in build dir and ./edadb * symlink the www directory to http://yourcomp/eda/ * visit http://yourcomp/eda/ and pick a tool :) Philosophy: Functional first, then fast(don't prematurely optimise) Not invented here is an antipattern, use third party code It only supports Chrome, because Chrome is the best browser ever EDA solves the halting problem Registers are just memory, ex 0xEDA00000 = R0, 0xEDA00004 = R1, ... A CPU takes in a state and outputs the delta to the next state Each instruction is a changelist Each run of an instruction is a commit Design: All state is held in the EDAdb. The EDAdb has a one byte entry for each address in a 64-bit memory space. Each byte has a complete history of it's value and a set of tags These tags hold everything about the byte Implemented tags: * len -- number of bytes that go with this one, forming a word, ex "1", "2", "4" * endian -- the endianness of that word, ex "little", "big" * iset -- the instruction set of the word, if it's an instruction, ex "arm", "x86", "thumb" * comment -- comment on this byte * parsed -- the parsed instruction, ex "\t{\o{ADD}}\l{0xEDA0001C}, \l{0xEDA00034}, #\i{8}" * \t{...} - left instructionish region * \o{...} - opcode ex \o{ADD} * \c{...} - condition ex \c{NE} * \f{...} - flag ex \f{S} * \l{addr} - location(these are registers) ex \l{0xEDA0001C} * \i{num} - immed * flow -- JSON array of places outside the normal flow this can go, ex "['O3A40']" * Oxxxx - optional, green line in IDA * Axxxx - always, blue line in IDA * Cxxxx - call, doesn't interupt basic block * Xxxxx - xref, doesn't interupt basic block * R - return * scope -- start address of function this is in * function -- list of addresses in function 3A30:50 is format Global tags(0xFFFFFFFF): * range_start * range_length * endian Considering tags: * compiled -- the javascript code that actually runs the instruction, can call instruction set locals * mmio -- javascript to run when this is read or written * type -- the type