ARM—HEX转换工具——keystone-engine

keystone-engine是一个将汇编指令转换为Hex机器码的工具

下载安装：http://www.keystone-engine.org/download/，下载得到一个压缩包，解压处理得到一个keystone-0.9.1文件夹，然后执行下面命令

 $ sudo apt-get install cmake $ cd keystone-0.9.1 #进入上面解压处理的文件夹 $ mkdir build $ cd build $ ../make-share.sh $ sudo make install $ sudo ldconfig $ kstool x32 "add eax, ebx" #测试kstool工具

下面我们就可以使用kstool工具来将汇编指令转换为Hex机器码，kstool支持下面处理器架构，执行执行kstool命令就可以看到。

 $ kstoolKstool v0.9.1 for Keystone Assembler Engine (www.keystone-engine.org)By Nguyen Anh Quynh, 2016Syntax: kstool <arch+mode> <assembly-string> [start-address-in-hex-format]The following <arch+mode> options are supported:        x16:       X86 16bit, Intel syntax        x32:       X86 32bit, Intel syntax        x64:       X86 64bit, Intel syntax        x16att:    X86 16bit, AT&T syntax        x32att:    X86 32bit, AT&T syntax        x64att:    X86 64bit, AT&T syntax        x16nasm:   X86 16bit, NASM syntax        x32nasm:   X86 32bit, NASM syntax        x64nasm:   X86 64bit, NASM syntax        arm:       ARM - little endian        armbe:     ARM - big endian        thumb:     Thumb - little endian        thumbbe:   Thumb - big endian        arm64:     AArch64        hexagon:   Hexagon        mips:      Mips - little endian        mipsbe:    Mips - big endian        mips64:    Mips64 - little endian        mips64be:  Mips64 - big endian        ppc32be:   PowerPC32 - big endian        ppc64:     PowerPC64 - little endian        ppc64be:   PowerPC64 - big endian        sparc:     Sparc - little endian        sparcbe:   Sparc - big endian        sparc64:   Sparc64 - little endian        sparc64be: Sparc64 - big endian        systemz:   SystemZ (S390x)

参考文章：

https://github.com/keystone-engine/keystone/blob/master/docs/COMPILE.md
http://bbs.pediy.com/thread-212173.htm
http://wooyun.jozxing.cc/static/drops/mobile-10010.html