aboutsummaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorbloodstalker <thabogre@gmail.com>2018-04-21 12:48:01 +0000
committerbloodstalker <thabogre@gmail.com>2018-04-21 12:48:01 +0000
commit64d1ba4efcd6e2f0d01cbf5bc373c47547a7906d (patch)
treedfe134f5f96fdf0fca302db6292ef0f58f54a109
parentfixed #29 (diff)
downloadmutator-64d1ba4efcd6e2f0d01cbf5bc373c47547a7906d.tar.gz
mutator-64d1ba4efcd6e2f0d01cbf5bc373c47547a7906d.zip
two more options for load.py. also fixed the default lua script for bruiser. now it works for everyone if luarocks is in path.
-rwxr-xr-xbfd/load.py8
-rw-r--r--bruiser/README.md11
-rw-r--r--bruiser/bruisercapstone.c1
-rw-r--r--bruiser/defaults.lua17
-rw-r--r--bruiser/lua-scripts/df-demo.lua25
-rw-r--r--bruiser/lua-scripts/xobj.lua4
6 files changed, 47 insertions, 19 deletions
diff --git a/bfd/load.py b/bfd/load.py
index 4e85ca7..9393c18 100755
--- a/bfd/load.py
+++ b/bfd/load.py
@@ -65,6 +65,7 @@ class CLIArgParser(object):
parser.add_argument("--dynsecents", action='store_true', help="dynamic section entries", default=False)
parser.add_argument("--reladyn", action='store_true', help=".rela.dyn entries", default=False)
parser.add_argument("--relaplt", action='store_true', help=".rela.plt entries", default=False)
+ parser.add_argument("--rodata", action='store_true', help="dump .rodata", default=False)
self.args = parser.parse_args()
if self.args.obj is None:
raise Exception("no object file provided. please specify an object with --obj.")
@@ -716,6 +717,7 @@ class ELF(object):
self.rela_dyn_ents = []
self.rela_plt = []
self.rela_plt_ents = []
+ self.rodata = []
def init(self, size):
self.size = size
@@ -1251,6 +1253,12 @@ def elf_get_text_section():
elf.init(64)
return elf.dump_section(".text", False)
+def elf_get_rodata_section():
+ so = openSO_r(sys.argv[1])
+ elf = ELF(so)
+ elf.init(64)
+ return elf.dump_section(".rodata", False)
+
# obj here means variables or what the C standard means by objects
def elf_get_obj_names():
so = openSO_r(sys.argv[1])
diff --git a/bruiser/README.md b/bruiser/README.md
index 29c66c5..870f468 100644
--- a/bruiser/README.md
+++ b/bruiser/README.md
@@ -86,13 +86,4 @@ you can see a working example if you run `lua-scripts/demo2.lua`. The example re
#### Lua Defaults
Upon start-up, bruiser will look to find a file called `defaults.lua` in the same directory as the bruiser executable to run before running any user provided lua code, both in interactive and non-interactive modes. The path to the lua default file could be changed from the default value by the `LuaDefault` option passed to bruiser on startup.<br/>
-If you use `luarocks`, you can run `luarocks path --bin` to see where rocks on your machine are and then add that to your path to have the rocks available in bruiser as well.<br/>
-One way do to that is to add the following lines to your `defaults.lua`:<br/>
-```lua
-
-package.path = package.path .. ";LUA_PATH"
-packege.cpath = package.cpath .. ";LUA_CPATH"
-
-```
-The following lines make the rocks in `LUA_PATH` and `LUA_CPATH` available on bruiser. You can get `LUA_PATH` and `LUA_CPATH` by runnin `luarocks path --bin`. You can also look at the `defaults.lua` that is shipped with bruiser.<br/>
-Also since there is a cli option that tells bruiser which lua script to load before handing control over to user code, you can have more than one such script to suit your needs.<br/>
+The default script provided will run `luarocks path --bin` and add `paht` and `cpath` so that you can use your Lua modules from bruiser.<br/>
diff --git a/bruiser/bruisercapstone.c b/bruiser/bruisercapstone.c
index 39e274a..de40e6c 100644
--- a/bruiser/bruisercapstone.c
+++ b/bruiser/bruisercapstone.c
@@ -242,6 +242,7 @@ JMP_S_T* makejmptable(size_t size, uint8_t* obj, bool Verbose, lua_State* __ls)
cs_option(handle, CS_OPT_DETAIL, CS_OPT_ON);
intmax_t address;
+ //@DEVI-matching against strings is really slow
if (count > 0) {
size_t j;
for (j = 0; j < count; ++j) {
diff --git a/bruiser/defaults.lua b/bruiser/defaults.lua
index 8dd09df..d3344f0 100644
--- a/bruiser/defaults.lua
+++ b/bruiser/defaults.lua
@@ -1,2 +1,15 @@
-package.path = package.path .. ";/home/bloodstalker/.luarocks/share/lua/5.3/?.lua;/home/bloodstalker/.luarocks/share/lua/5.3/?/init.lua;/usr/share/lua/5.3/?.lua;/usr/share/lua/5.3/?/init.lua;/usr/lib64/lua/5.3/?.lua;/usr/lib64/lua/5.3/?/init.lua;./?.lua;./?/init.lua"
-package.cpath = package.cpath .. ";/home/bloodstalker/.luarocks/lib64/lua/5.3/?.so;/usr/lib64/lua/5.3/?.so;/usr/lib64/lua/5.3/loadall.so;./?.so"
+-- bruiser default script.
+-- This is run everytime bruiser is called.
+
+-- adds luarocks' path and cpath to bruiser
+local luarocks_handle = io.popen("luarocks path --bin")
+for line in luarocks_handle:lines() do
+ local path = string.match(line, "LUA_PATH%s*=%s*('.+')")
+ local cpath = string.match(line, "LUA_CPATH%s*=%s*('.+')")
+ if path ~= nil then
+ package.path = package.path..path
+ end
+ if cpath ~= nil then
+ package.cpath = package.cpath..cpath
+ end
+end
diff --git a/bruiser/lua-scripts/df-demo.lua b/bruiser/lua-scripts/df-demo.lua
index d393988..7db2f85 100644
--- a/bruiser/lua-scripts/df-demo.lua
+++ b/bruiser/lua-scripts/df-demo.lua
@@ -28,19 +28,30 @@ end
function jmp_table_test()
io.write(colors("%{cyan}".."lua:getting text section...\n"))
local text_section = xobj.getTextSection(df_exe)
+ local rodata = xobj.getRODataSection(df_exe)
+ for k,v in pairs(rodata) do
+ if v > 32 and v < 127 then
+ io.write(string.format("%c",v))
+ else
+ io.write(" ")
+ end
+ end
+ io.write("\0\n")
io.write(colors("%{green}".."lua:got text section.\n"))
local head = jmp_s_t()
-- messes up the stack. I could fix it but not sure why i would want to keep this in
--local head2 = jmp_s_t:new()
io.write(colors("%{cyan}".."lua:calling getjmptable\n"))
- head = getjmptable(#text_section, text_section)
+ --head = getjmptable(#text_section, text_section)
- while head:inext() ~= nil do
- head:dump("entry")
- io.write("type:", head:type(), "\tlocation:", "0x"..string.format("%x", head:location()))
- print()
- head = head:inext()
- end
+ --if false then
+ --while head:inext() ~= nil do
+ --head:dump("entry")
+ --io.write("type:", head:type(), "\tlocation:", "0x"..string.format("%x", head:location()))
+ --print()
+ --head = head:inext()
+ --end
+ --end
end
--main()
diff --git a/bruiser/lua-scripts/xobj.lua b/bruiser/lua-scripts/xobj.lua
index 8453a93..1d1f748 100644
--- a/bruiser/lua-scripts/xobj.lua
+++ b/bruiser/lua-scripts/xobj.lua
@@ -133,6 +133,10 @@ function xobj.getTextSection(elf_exe)
return objload("elf_get_text_section", elf_exe, "bytes")
end
+function xobj.getRODataSection(elf_exe)
+ return objload("elf_get_rodata_section", elf_exe, "bytes")
+end
+
function xobj.CSDump(code)
ret = ""
for k,v in pairs(code) do