May 13, 2024
Zynq bootrom - reverse tools - Unicorn
Unicorn is a processor emulator.
It will emulate a long list of architectures,
including armv7 and aarch64.
Unicorn is more properly called "Unicorn engine".
It is a toolkit (or library) intended to be the innards of
some application that you write.
You are likely to compare unicorn to Qemu.
Qemu expects to be handed a program (like and ELF file) or
a kernel image and will emulate hardware other than the CPU.
Unicorn is more useful for reverse engineering tasks where
you only have a binary image, and maybe not a complete piece
of code.
Unicorn on Fedora
I am now running fedora 40 on an x86-64 machine.
I see these packages that look suggestive:
python3-unicorn.x86_64
unicorn.x86_64
unicorn-devel.x86_64
I do "dnf install unicorn", but I need more than that to do anything useful.
For example to get the python bindings, you need:
dnf install python3-unicorn
And to get the include files for C, you need:
dnf install unicorn-devel
Documentation
Unicorn was written by a team in China, and the only complete API document is in Chinese!
The above "juniEmu" project is a front end for ARMv7 emulation using Python and tkInter.
It ought to be a decent source of example code.
An overview
Better documentation would be wonderful.
If anything the authors are making the mistake of going wide, but not deep.
They try to emulate a long list of architectures, many of which nobody cares about (SPARC).
There are bindings for every language known to man (even Haskell!)
Yet no english language document covering the basic API
Feedback? Questions?
Drop me a line!
Tom's Computer Info / tom@mmto.org