diff options
author | bloodstalker <thabogre@gmail.com> | 2018-04-21 12:48:01 +0000 |
---|---|---|
committer | bloodstalker <thabogre@gmail.com> | 2018-04-21 12:48:01 +0000 |
commit | 64d1ba4efcd6e2f0d01cbf5bc373c47547a7906d (patch) | |
tree | dfe134f5f96fdf0fca302db6292ef0f58f54a109 | |
parent | fixed #29 (diff) | |
download | mutator-64d1ba4efcd6e2f0d01cbf5bc373c47547a7906d.tar.gz mutator-64d1ba4efcd6e2f0d01cbf5bc373c47547a7906d.zip |
two more options for load.py. also fixed the default lua script for bruiser. now it works for everyone if luarocks is in path.
-rwxr-xr-x | bfd/load.py | 8 | ||||
-rw-r--r-- | bruiser/README.md | 11 | ||||
-rw-r--r-- | bruiser/bruisercapstone.c | 1 | ||||
-rw-r--r-- | bruiser/defaults.lua | 17 | ||||
-rw-r--r-- | bruiser/lua-scripts/df-demo.lua | 25 | ||||
-rw-r--r-- | bruiser/lua-scripts/xobj.lua | 4 |
6 files changed, 47 insertions, 19 deletions
diff --git a/bfd/load.py b/bfd/load.py index 4e85ca7..9393c18 100755 --- a/bfd/load.py +++ b/bfd/load.py @@ -65,6 +65,7 @@ class CLIArgParser(object): parser.add_argument("--dynsecents", action='store_true', help="dynamic section entries", default=False) parser.add_argument("--reladyn", action='store_true', help=".rela.dyn entries", default=False) parser.add_argument("--relaplt", action='store_true', help=".rela.plt entries", default=False) + parser.add_argument("--rodata", action='store_true', help="dump .rodata", default=False) self.args = parser.parse_args() if self.args.obj is None: raise Exception("no object file provided. please specify an object with --obj.") @@ -716,6 +717,7 @@ class ELF(object): self.rela_dyn_ents = [] self.rela_plt = [] self.rela_plt_ents = [] + self.rodata = [] def init(self, size): self.size = size @@ -1251,6 +1253,12 @@ def elf_get_text_section(): elf.init(64) return elf.dump_section(".text", False) +def elf_get_rodata_section(): + so = openSO_r(sys.argv[1]) + elf = ELF(so) + elf.init(64) + return elf.dump_section(".rodata", False) + # obj here means variables or what the C standard means by objects def elf_get_obj_names(): so = openSO_r(sys.argv[1]) diff --git a/bruiser/README.md b/bruiser/README.md index 29c66c5..870f468 100644 --- a/bruiser/README.md +++ b/bruiser/README.md @@ -86,13 +86,4 @@ you can see a working example if you run `lua-scripts/demo2.lua`. The example re #### Lua Defaults Upon start-up, bruiser will look to find a file called `defaults.lua` in the same directory as the bruiser executable to run before running any user provided lua code, both in interactive and non-interactive modes. The path to the lua default file could be changed from the default value by the `LuaDefault` option passed to bruiser on startup.<br/> -If you use `luarocks`, you can run `luarocks path --bin` to see where rocks on your machine are and then add that to your path to have the rocks available in bruiser as well.<br/> -One way do to that is to add the following lines to your `defaults.lua`:<br/> -```lua - -package.path = package.path .. ";LUA_PATH" -packege.cpath = package.cpath .. ";LUA_CPATH" - -``` -The following lines make the rocks in `LUA_PATH` and `LUA_CPATH` available on bruiser. You can get `LUA_PATH` and `LUA_CPATH` by runnin `luarocks path --bin`. You can also look at the `defaults.lua` that is shipped with bruiser.<br/> -Also since there is a cli option that tells bruiser which lua script to load before handing control over to user code, you can have more than one such script to suit your needs.<br/> +The default script provided will run `luarocks path --bin` and add `paht` and `cpath` so that you can use your Lua modules from bruiser.<br/> diff --git a/bruiser/bruisercapstone.c b/bruiser/bruisercapstone.c index 39e274a..de40e6c 100644 --- a/bruiser/bruisercapstone.c +++ b/bruiser/bruisercapstone.c @@ -242,6 +242,7 @@ JMP_S_T* makejmptable(size_t size, uint8_t* obj, bool Verbose, lua_State* __ls) cs_option(handle, CS_OPT_DETAIL, CS_OPT_ON); intmax_t address; + //@DEVI-matching against strings is really slow if (count > 0) { size_t j; for (j = 0; j < count; ++j) { diff --git a/bruiser/defaults.lua b/bruiser/defaults.lua index 8dd09df..d3344f0 100644 --- a/bruiser/defaults.lua +++ b/bruiser/defaults.lua @@ -1,2 +1,15 @@ -package.path = package.path .. ";/home/bloodstalker/.luarocks/share/lua/5.3/?.lua;/home/bloodstalker/.luarocks/share/lua/5.3/?/init.lua;/usr/share/lua/5.3/?.lua;/usr/share/lua/5.3/?/init.lua;/usr/lib64/lua/5.3/?.lua;/usr/lib64/lua/5.3/?/init.lua;./?.lua;./?/init.lua" -package.cpath = package.cpath .. ";/home/bloodstalker/.luarocks/lib64/lua/5.3/?.so;/usr/lib64/lua/5.3/?.so;/usr/lib64/lua/5.3/loadall.so;./?.so" +-- bruiser default script. +-- This is run everytime bruiser is called. + +-- adds luarocks' path and cpath to bruiser +local luarocks_handle = io.popen("luarocks path --bin") +for line in luarocks_handle:lines() do + local path = string.match(line, "LUA_PATH%s*=%s*('.+')") + local cpath = string.match(line, "LUA_CPATH%s*=%s*('.+')") + if path ~= nil then + package.path = package.path..path + end + if cpath ~= nil then + package.cpath = package.cpath..cpath + end +end diff --git a/bruiser/lua-scripts/df-demo.lua b/bruiser/lua-scripts/df-demo.lua index d393988..7db2f85 100644 --- a/bruiser/lua-scripts/df-demo.lua +++ b/bruiser/lua-scripts/df-demo.lua @@ -28,19 +28,30 @@ end function jmp_table_test() io.write(colors("%{cyan}".."lua:getting text section...\n")) local text_section = xobj.getTextSection(df_exe) + local rodata = xobj.getRODataSection(df_exe) + for k,v in pairs(rodata) do + if v > 32 and v < 127 then + io.write(string.format("%c",v)) + else + io.write(" ") + end + end + io.write("\0\n") io.write(colors("%{green}".."lua:got text section.\n")) local head = jmp_s_t() -- messes up the stack. I could fix it but not sure why i would want to keep this in --local head2 = jmp_s_t:new() io.write(colors("%{cyan}".."lua:calling getjmptable\n")) - head = getjmptable(#text_section, text_section) + --head = getjmptable(#text_section, text_section) - while head:inext() ~= nil do - head:dump("entry") - io.write("type:", head:type(), "\tlocation:", "0x"..string.format("%x", head:location())) - print() - head = head:inext() - end + --if false then + --while head:inext() ~= nil do + --head:dump("entry") + --io.write("type:", head:type(), "\tlocation:", "0x"..string.format("%x", head:location())) + --print() + --head = head:inext() + --end + --end end --main() diff --git a/bruiser/lua-scripts/xobj.lua b/bruiser/lua-scripts/xobj.lua index 8453a93..1d1f748 100644 --- a/bruiser/lua-scripts/xobj.lua +++ b/bruiser/lua-scripts/xobj.lua @@ -133,6 +133,10 @@ function xobj.getTextSection(elf_exe) return objload("elf_get_text_section", elf_exe, "bytes") end +function xobj.getRODataSection(elf_exe) + return objload("elf_get_rodata_section", elf_exe, "bytes") +end + function xobj.CSDump(code) ret = "" for k,v in pairs(code) do |