diff options
| author | bloodstalker <thabogre@gmail.com> | 2018-03-12 13:00:46 +0000 |
|---|---|---|
| committer | bloodstalker <thabogre@gmail.com> | 2018-03-12 13:00:46 +0000 |
| commit | ab8c8bf7f6d5fec080cfae5155ae891af214674f (patch) | |
| tree | 97c01489d3b17cf7e6ed5e6913ef5594c849a88a | |
| parent | the jmp table is working now. you get member set and get methods, and an iter... (diff) | |
| download | mutator-ab8c8bf7f6d5fec080cfae5155ae891af214674f.tar.gz mutator-ab8c8bf7f6d5fec080cfae5155ae891af214674f.zip | |
added a lua module for asmrewriter, will soon add docs. you can try the new module by running asmtest.lua or demo2.lua did some cosmetic fixes to load bfd so it doesnt suck as hard when you get dumps
| -rwxr-xr-x | bfd/load.py | 216 | ||||
| -rw-r--r-- | bruiser/asmrewriter.c | 2 | ||||
| -rw-r--r-- | bruiser/bruiser.cpp | 1 | ||||
| -rw-r--r-- | bruiser/bruisercapstone.c | 4 | ||||
| -rw-r--r-- | bruiser/lua-scripts/asmrw.lua | 53 | ||||
| -rw-r--r-- | bruiser/lua-scripts/asmtest.lua | 23 | ||||
| -rw-r--r-- | bruiser/lua-scripts/demo2.lua | 56 | ||||
| -rw-r--r-- | bruiser/lua-scripts/xobj.lua | 2 |
8 files changed, 237 insertions, 120 deletions
diff --git a/bfd/load.py b/bfd/load.py index d3480a7..270ebec 100755 --- a/bfd/load.py +++ b/bfd/load.py @@ -126,6 +126,48 @@ class ELF_RELA(): self.r_info = r_info self.r_addend = r_addend +def ffs(offset,header_list, numbered, *args): + cn = Colors.green + ch = Colors.cyan + cd = Colors.blue + cb = Colors.BOLD + ci = Colors.red + ce = Colors.ENDC + max_column_width = [] + lines = [] + numbers_f = [] + dummy = [] + + if numbered: + numbers_f.extend(range(1, len(args[-1])+1)) + max_column_width.append(max([len(repr(number)) for number in numbers_f])) + header_list.insert(0, "idx") + + for arg in args: + max_column_width.append(max([len(repr(argette)) for argette in arg])) + + index = range(0, len(header_list)) + for header, width, i in zip(header_list, max_column_width, index): + max_column_width[i] = max(len(header), width) + offset + + for i in index: + dummy.append(ch + cb + header_list[i].ljust(max_column_width[i]) + ce) + lines.append("".join(dummy)) + dummy.clear() + + index2 = range(0, len(args[-1])) + for i in index2: + if numbered: + dummy.append(ci+cb+repr(i).ljust(max_column_width[0])+ce) + for arg, width in zip(args, max_column_width[1:]): + dummy.append(cd+repr(arg[i]).ljust(width)+ce) + else: + for arg, width in zip(args, max_column_width): + dummy.append(cd+repr(arg[i]).ljust(width)+ce) + lines.append("".join(dummy)) + dummy.clear() + return lines + def get_section_type_string(number): if number == 0x0: return "NULL" if number == 0x1: return "PROGBITS" @@ -710,9 +752,12 @@ class ELF(object): self.ph_dyn_ent.append(ph_dynamic_entry(d_tag, d_un)) def dump_ph_dyn_entries(self): - for ph_dyn_e in self.ph_dyn_ent: - print(Colors.green + "d_tag: " + Colors.blue + get_ph_dynamic_ent_tag_type(ph_dyn_e.d_tag) + Colors.ENDC, end="\t") - print(Colors.green + "d_un: " + Colors.blue + repr(ph_dyn_e.d_un) + Colors.ENDC) + header = ["d_tag", "d_un"] + tag_list = [get_ph_dynamic_ent_tag_type(ph.d_tag) for ph in self.ph_dyn_ent] + un_list = [ph.d_un for ph in self.ph_dyn_ent] + lines = ffs(2, header, True, tag_list, un_list) + for line in lines: + print(line) def dump_funcs(self, dump_b): ret_list = [] @@ -793,32 +838,28 @@ class ELF(object): return ret_list def dump_symbol_idx(self): - print(Colors.green + "symbol:" + Colors.ENDC) - for iter in self.string_tb_e: - print(Colors.blue + "name: " + Colors.cyan + repr(int.from_bytes(iter.st_name, byteorder="little")) + Colors.ENDC, end="") - print("\t", end="") - print(Colors.blue + "size: " + Colors.cyan + repr(int.from_bytes(iter.st_size, byteorder="little")) + Colors.ENDC, end="") - print("\t", end="") - print(Colors.blue + "value: " + Colors.cyan + repr(int.from_bytes(iter.st_value, byteorder="little")) + Colors.ENDC, end="") - print("\t", end="") - print(Colors.blue + "info: " + Colors.cyan + repr(int.from_bytes(iter.st_info, byteorder="little")) + Colors.ENDC, end="") - print("\t", end="") - print(Colors.blue + "other: " + Colors.cyan + repr(int.from_bytes(iter.st_other, byteorder="little")) + Colors.ENDC, end="") - print("\t", end="") - print(Colors.blue + "shndx: " + Colors.cyan + repr(int.from_bytes(iter.st_shndx, byteorder="little")) + Colors.ENDC) - print(Colors.green + "dyn symbol:" + Colors.ENDC) - for iter in self.string_tb_e_dyn: - print(Colors.blue + "name: " + Colors.cyan + repr(int.from_bytes(iter.st_name, byteorder="little")) + Colors.ENDC, end="") - print("\t", end="") - print(Colors.blue + "size: " + Colors.cyan + repr(int.from_bytes(iter.st_size, byteorder="little")) + Colors.ENDC, end="") - print("\t", end="") - print(Colors.blue + "value: " + Colors.cyan + repr(int.from_bytes(iter.st_value, byteorder="little")) + Colors.ENDC, end="") - print("\t", end="") - print(Colors.blue + "info: " + Colors.cyan + repr(int.from_bytes(iter.st_info, byteorder="little")) + Colors.ENDC, end="") - print("\t", end="") - print(Colors.blue + "other: " + Colors.cyan + repr(int.from_bytes(iter.st_other, byteorder="little")) + Colors.ENDC, end="") - print("\t", end="") - print(Colors.blue + "shndx: " + Colors.cyan + repr(int.from_bytes(iter.st_shndx, byteorder="little")) + Colors.ENDC) + header = ["name", "size", "value", "info", "other", "shndx"] + name_list = [byte2int(st.st_name) for st in self.string_tb_e] + size_list = [byte2int(st.st_size) for st in self.string_tb_e] + value_list = [byte2int(st.st_value) for st in self.string_tb_e] + info_list = [byte2int(st.st_info) for st in self.string_tb_e] + other_list = [byte2int(st.st_other) for st in self.string_tb_e] + shndx_list = [byte2int(st.st_shndx) for st in self.string_tb_e] + lines = ffs(2, header, True, name_list, size_list, value_list, info_list, other_list, shndx_list) + print(Colors.green + Colors.BOLD + "symbol:" + Colors.ENDC) + for line in lines: + print(line) + print(Colors.green + Colors.BOLD + "dyn symbol:" + Colors.ENDC) + header = ["name", "size", "value", "info", "other", "shndx"] + name_list = [byte2int(st.st_name) for st in self.string_tb_e_dyn] + size_list = [byte2int(st.st_size) for st in self.string_tb_e_dyn] + value_list = [byte2int(st.st_value) for st in self.string_tb_e_dyn] + info_list = [byte2int(st.st_info) for st in self.string_tb_e_dyn] + other_list = [byte2int(st.st_other) for st in self.string_tb_e_dyn] + shndx_list = [byte2int(st.st_shndx) for st in self.string_tb_e_dyn] + lines = ffs(2, header, True, name_list, size_list, value_list, info_list, other_list, shndx_list) + for line in lines: + print(line) def dump_header(self): print("------------------------------------------------------------------------------") @@ -846,48 +887,37 @@ class ELF(object): print("------------------------------------------------------------------------------") def dump_phdrs(self): - print(Colors.green + Colors.BOLD + "pheaders:" + Colors.ENDC) - for i in range(0, int.from_bytes(self.elfhdr.e_phnum, byteorder="little", signed=False)): - type = get_ph_type(byte2int(self.phdr[i].p_type)) - print(Colors.blue + "p_type: " + Colors.cyan + type + Colors.ENDC, end="") - flags = get_elf_seg_flag(byte2int(self.phdr[i].p_flags)) - print(Colors.blue + " p_flags: " + Colors.cyan + flags + Colors.ENDC, end="") - print(Colors.blue + " p_offset: " + Colors.cyan + repr(byte2int(self.phdr[i].p_offset)) + Colors.ENDC, end="") - print(Colors.blue + " p_vaddr: " + Colors.cyan + repr(byte2int(self.phdr[i].p_vaddr)) + Colors.ENDC, end="") - print(Colors.blue + " p_paddr: " + Colors.cyan + repr(byte2int(self.phdr[i].p_paddr)) + Colors.ENDC, end="") - print(Colors.blue + " p_filesz: " + Colors.cyan + repr(byte2int(self.phdr[i].p_filesz)) + Colors.ENDC, end="") - print(Colors.blue + " p_memsz: " + Colors.cyan + repr(byte2int(self.phdr[i].p_memsz)) + Colors.ENDC, end="") - print(Colors.blue + " p_flags2: " + Colors.cyan + repr(self.phdr[i].p_flags2) + Colors.ENDC, end="") - print(Colors.blue + " p_align: " + Colors.cyan + repr(byte2int(self.phdr[i].p_align)) + Colors.ENDC) + header = ["p_type", "p_flags", "p_offset", "p_vaddr", "p_paddr", "p_filesz", "p_memsz", "p_flags2", "p_align"] + type_list = [get_ph_type(byte2int(phdr.p_type)) for phdr in self.phdr] + flags_list = [get_elf_seg_flag(byte2int(phdr.p_type)) for phdr in self.phdr] + offset_list = [byte2int(phdr.p_offset) for phdr in self.phdr] + vaddr_list = [byte2int(phdr.p_vaddr) for phdr in self.phdr] + paddr_list = [byte2int(phdr.p_paddr) for phdr in self.phdr] + filesz_list = [byte2int(phdr.p_filesz) for phdr in self.phdr] + memsz_list = [byte2int(phdr.p_memsz) for phdr in self.phdr] + flags2_list = [phdr.p_flags2 for phdr in self.phdr] + align_list = [byte2hex(phdr.p_align) for phdr in self.phdr] + + lines = ffs(2, header, True, type_list, flags_list, offset_list, vaddr_list, paddr_list, filesz_list, memsz_list, flags2_list, align_list) + for line in lines: + print(line) def dump_shdrs(self): - print(Colors.green + Colors.BOLD + "sheaders:" + Colors.ENDC) - counter = int() - for i in range(0, int.from_bytes(self.elfhdr.e_shnum, byteorder="little", signed=False)): - name = self.read_section_name(byte2int(self.shhdr[i].sh_name)) - print(Colors.green + Colors.BOLD + repr(counter) + Colors.ENDC, end="") - print(" ", end="") - print(Colors.blue + "sh_name: " + Colors.cyan + name + Colors.ENDC, end="") - print("\t", end="") - type = get_section_type_string(byte2int(self.shhdr[i].sh_type)) - print(Colors.blue + "sh_type: " + Colors.cyan + type + Colors.ENDC, end="") - print("\t", end="") - print(Colors.blue + "sh_flags: " + Colors.cyan + repr(byte2int(self.shhdr[i].sh_flags)) + Colors.ENDC, end="") - print("\t", end="") - print(Colors.blue + "sh_addr: " + Colors.cyan + repr(byte2int(self.shhdr[i].sh_addr)) + Colors.ENDC, end="") - print("\t", end="") - print(Colors.blue + "sh_offset: " + Colors.cyan + repr(byte2int(self.shhdr[i].sh_offset)) + Colors.ENDC, end="") - print("\t", end="") - print(Colors.blue + "sh_size: " + Colors.cyan + repr(byte2int(self.shhdr[i].sh_size)) + Colors.ENDC, end="") - print("\t", end="") - print(Colors.blue + "sh_link: " + Colors.cyan + repr(byte2int(self.shhdr[i].sh_link)) + Colors.ENDC, end="") - print("\t", end="") - print(Colors.blue + "sh_info: " + Colors.cyan + repr(byte2int(self.shhdr[i].sh_info)) + Colors.ENDC, end="") - print("\t", end="") - print(Colors.blue + "sh_addralign: " + Colors.cyan + repr(byte2int(self.shhdr[i].sh_addralign)) + Colors.ENDC, end="") - print("\t", end="") - print(Colors.blue + "sh_entsize: " + Colors.cyan + repr(byte2int(self.shhdr[i].sh_entsize)) + Colors.ENDC) - counter += 1 + header = ["sh_name", "sh_type", "sh_flags", "sh_addr", "sh_offset", "sh_size", "sh_link", "sh_info", "sh_addralign", "sh_entsize"] + name_list = [self.read_section_name(byte2int(shhdr.sh_name)) for shhdr in self.shhdr] + type_list = [get_section_type_string(byte2int(shhdr.sh_type)) for shhdr in self.shhdr] + flag_list = [byte2int(shhdr.sh_flags) for shhdr in self.shhdr] + addr_list = [byte2int(shhdr.sh_addr) for shhdr in self.shhdr] + offset_list = [byte2int(shhdr.sh_offset) for shhdr in self.shhdr] + size_list = [byte2int(shhdr.sh_size) for shhdr in self.shhdr] + link_list = [byte2int(shhdr.sh_link) for shhdr in self.shhdr] + info_list = [byte2int(shhdr.sh_info) for shhdr in self.shhdr] + allign_list = [byte2int(shhdr.sh_addralign) for shhdr in self.shhdr] + entsize_list = [byte2int(shhdr.sh_entsize) for shhdr in self.shhdr] + + lines = ffs(2, header, True, name_list, type_list, flag_list, addr_list, offset_list, size_list, link_list, info_list, allign_list, entsize_list) + for line in lines: + print(line) def dump_symbol_tb(self, name, type): for i in range(0, byte2int(self.elfhdr.e_shnum)): @@ -902,28 +932,36 @@ class ELF(object): def dump_st_entries(self): - for entry in self.string_tb_e: - print(Colors.green + "name index: " + Colors.ENDC + repr(byte2int(entry.st_name)), end="") - print(Colors.green + " name: " + Colors.ENDC + repr("".join(self.get_st_entry_symbol_string(byte2int(entry.st_name), ".strtab"))), end="") - print(Colors.green + " value: " + Colors.ENDC + repr(byte2int(entry.st_value)), end="") - print(Colors.green + " size: " + Colors.ENDC + repr(byte2int(entry.st_size)), end="") - print(Colors.green + " info: " + Colors.ENDC + repr(byte2int(entry.st_info)), end="") - print(Colors.green + " other: " + Colors.ENDC + repr(byte2int(entry.st_other)), end="") - print(Colors.green + " shndx: " + Colors.ENDC + repr(byte2int(entry.st_shndx)), end="") - print(Colors.green + " bind: " + Colors.ENDC + get_elf_st_bind_string(entry.st_bind), end="") - print(Colors.green + " type: " + Colors.ENDC + get_elf_st_type_string(entry.st_type)) + header = ["name_index", "name", "value", "size", "info", "other", "shndx", "bind", "type"] + idx_list = [byte2int(entry.st_name) for entry in self.string_tb_e] + name_list = [ "".join(self.get_st_entry_symbol_string(byte2int(entry.st_name), ".strtab")) for entry in self.string_tb_e] + value_list = [byte2int(entry.st_value) for entry in self.string_tb_e] + size_list = [byte2int(entry.st_size) for entry in self.string_tb_e] + info_list = [byte2int(entry.st_info) for entry in self.string_tb_e] + other_list = [byte2int(entry.st_other) for entry in self.string_tb_e] + shndx_list = [byte2int(entry.st_shndx) for entry in self.string_tb_e] + bind_list = [get_elf_st_bind_string(entry.st_bind) for entry in self.string_tb_e] + type_list = [get_elf_st_type_string(entry.st_type) for entry in self.string_tb_e] + + lines = ffs(2, header, True, idx_list, name_list, value_list, size_list, info_list, other_list, shndx_list, bind_list, type_list) + for line in lines: + print(line) def dump_st_entries_dyn(self): - for entry in self.string_tb_e_dyn: - print(Colors.green + "name index: " + Colors.ENDC + repr(byte2int(entry.st_name)), end="") - print(Colors.green + " name: " + Colors.ENDC + repr("".join(self.get_st_entry_symbol_string(byte2int(entry.st_name), ".dynstr"))), end="") - print(Colors.green + " value: " + Colors.ENDC + repr(byte2int(entry.st_value)), end="") - print(Colors.green + " size: " + Colors.ENDC + repr(byte2int(entry.st_size)), end="") - print(Colors.green + " info: " + Colors.ENDC + repr(byte2int(entry.st_info)), end="") - print(Colors.green + " other: " + Colors.ENDC + repr(byte2int(entry.st_other)), end="") - print(Colors.green + " shndx: " + Colors.ENDC + repr(byte2int(entry.st_shndx)), end="") - print(Colors.green + " bind: " + Colors.ENDC + get_elf_st_bind_string(entry.st_bind), end="") - print(Colors.green + " type: " + Colors.ENDC + get_elf_st_type_string(entry.st_type)) + header = ["name_index", "name", "value", "size", "info", "other", "shndx", "bind", "type"] + idx_list = [byte2int(entry.st_name) for entry in self.string_tb_e_dyn] + name_list = [ "".join(self.get_st_entry_symbol_string(byte2int(entry.st_name), ".dynstr")) for entry in self.string_tb_e_dyn] + value_list = [byte2int(entry.st_value) for entry in self.string_tb_e_dyn] + size_list = [byte2int(entry.st_size) for entry in self.string_tb_e_dyn] + info_list = [byte2int(entry.st_info) for entry in self.string_tb_e_dyn] + other_list = [byte2int(entry.st_other) for entry in self.string_tb_e_dyn] + shndx_list = [byte2int(entry.st_shndx) for entry in self.string_tb_e_dyn] + bind_list = [get_elf_st_bind_string(entry.st_bind) for entry in self.string_tb_e_dyn] + type_list = [get_elf_st_type_string(entry.st_type) for entry in self.string_tb_e_dyn] + + lines = ffs(2, header, True, idx_list, name_list, value_list, size_list, info_list, other_list, shndx_list, bind_list, type_list) + for line in lines: + print(line) def get_st_entry_symbol_string(self, index, section_name): symbol = [] diff --git a/bruiser/asmrewriter.c b/bruiser/asmrewriter.c index 2e3a98d..e126577 100644 --- a/bruiser/asmrewriter.c +++ b/bruiser/asmrewriter.c @@ -259,7 +259,7 @@ static int jmpt_tostring(lua_State* __ls) { } static const luaL_Reg jmpt_methods[] = { - {"new", new_jmpt}, + {"new", new_jmpt_2}, {"set_type", jmpt_set_type}, {"set_location", jmpt_set_location}, {"set_size", jmpt_set_size}, diff --git a/bruiser/bruiser.cpp b/bruiser/bruiser.cpp index 8b00b5e..ea2add1 100644 --- a/bruiser/bruiser.cpp +++ b/bruiser/bruiser.cpp @@ -1605,7 +1605,6 @@ class LuaWrapper auto head = makejmptable(size, code_v.data(), Verbose, __ls); jmpt_push_args(__ls, head); new_jmpt_2(__ls); - dumpjmptable(head); return 1; } diff --git a/bruiser/bruisercapstone.c b/bruiser/bruisercapstone.c index 9f85f1b..f8dff64 100644 --- a/bruiser/bruisercapstone.c +++ b/bruiser/bruisercapstone.c @@ -226,7 +226,6 @@ JMP_S_T* makejmptable(size_t size, uint8_t* obj, bool Verbose, lua_State* __ls) size_t size_counter = 0; JMP_S_T* head = push_jmpt(__ls); - //JMP_S_T* head = malloc(sizeof(JMP_S_T)); JMP_S_T* tail; head->type = NONE; head->next = NULL; @@ -264,7 +263,6 @@ JMP_S_T* makejmptable(size_t size, uint8_t* obj, bool Verbose, lua_State* __ls) tail->address = address; tail->size = insn[j].size; JMP_S_T* dummy = push_jmpt(__ls); - //JMP_S_T* dummy = malloc(sizeof(JMP_S_T)); tail->next = dummy; tail = dummy; } @@ -284,7 +282,6 @@ JMP_S_T* makejmptable(size_t size, uint8_t* obj, bool Verbose, lua_State* __ls) tail->address = address; tail->size = insn[j].size; JMP_S_T* dummy = push_jmpt(__ls); - //JMP_S_T* dummy = malloc(sizeof(JMP_S_T)); tail->next = dummy; tail = dummy; } @@ -304,7 +301,6 @@ JMP_S_T* makejmptable(size_t size, uint8_t* obj, bool Verbose, lua_State* __ls) tail->address = address; tail->size = insn[j].size; JMP_S_T* dummy = push_jmpt(__ls); - //JMP_S_T* dummy = malloc(sizeof(JMP_S_T)); tail->next = dummy; tail = dummy; } diff --git a/bruiser/lua-scripts/asmrw.lua b/bruiser/lua-scripts/asmrw.lua new file mode 100644 index 0000000..2f68d2b --- /dev/null +++ b/bruiser/lua-scripts/asmrw.lua @@ -0,0 +1,53 @@ +------------------------------------------------Project Mutator----------------------------------------------- +--bruiser's asmrw module +--Copyright (C) 2018 Farzad Sadeghi + +--This program is free software; you can redistribute it and/or +--modify it under the terms of the GNU General Public License +--as published by the Free Software Foundation; either version 2 +--of the License, or (at your option) any later version. + +--This program is distributed in the hope that it will be useful, +--but WITHOUT ANY WARRANTY; without even the implied warranty of +--MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +--GNU General Public License for more details. + +--You should have received a copy of the GNU General Public License +--along with this program; if not, write to the Free Software +--Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA.*/ +-------------------------------------------------------------------------------------------------------------- +--start of asmrewriter module +local asmrw = {} +xobj = require("lua-scripts.xobj") + +setmetatable(jmp_s_t, {__call = + function(self, arg1,arg2,arg3,arg4,arg5,arg6,arg7,arg8,arg9,arg10,arg11,arg12) + local t = self.new(arg1,arg2,arg3,arg4,arg5,arg6,arg7,arg8,arg9,arg10,arg11,arg12) + print("created", t) + return t + end + } +) + +function jmp_s_t:dump(msg) + print(msg, self:custom()) + return self +end + +function asmrw.get_head(elf_exe) + local text_section = xobj.getTextSection(elf_exe) + local head = getjmptable(#text_section, text_section) + return head +end + +function asmrw.get_jmp(location) + while head:inext() ~= nil do + if head:location() == location then return head end + head = head:inext() + end +end + +--end of asmrewriter module +return asmrw +-------------------------------------------------------------------------------------------------------------- + diff --git a/bruiser/lua-scripts/asmtest.lua b/bruiser/lua-scripts/asmtest.lua index 83b523a..ac5730e 100644 --- a/bruiser/lua-scripts/asmtest.lua +++ b/bruiser/lua-scripts/asmtest.lua @@ -1,10 +1,21 @@ + +xobj = require("lua-scripts.xobj") +asmrw = require("lua-scripts.asmrw") + function test() - print("running asmtest.lua") - --for k,v in pairs(jmp_s_t) do print(k,v) end - local t = jmp_s_t.new() - print(t) - t:set_type(3) - print(t.type) + local elf_exe = "../bfd/test/test" + local text_section = xobj.getTextSection(elf_exe) + local head = jmp_s_t() + -- messes up the stack. I could fix it but not sure why i would want to keep this in + --local head2 = jmp_s_t:new() + head = getjmptable(#text_section, text_section) + + while head:inext() ~= nil do + head:dump("entry") + io.write("type:", head:type(), "\tlocation:", "0x"..string.format("%x", head:location())) + print() + head = head:inext() + end end test() diff --git a/bruiser/lua-scripts/demo2.lua b/bruiser/lua-scripts/demo2.lua index de13c58..db840fc 100644 --- a/bruiser/lua-scripts/demo2.lua +++ b/bruiser/lua-scripts/demo2.lua @@ -4,6 +4,13 @@ colors = require("ansicolors") elf_file = "../bfd/test/test.so" elf_exe = "../bfd/test/test" +function get_jmp_type(val) + if val == 1 then return "JMP" end + if val == 2 then return "JNE" end + if val == 3 then return "JE" end + return "U" +end + function main() xobj.getSO(elf_file) local add2_code = xobj.codeTableByName_number("'add2'") @@ -27,7 +34,7 @@ end function pretty_dump() count = 0 - local text_section = xobj.getTextSection() + local text_section = xobj.getTextSection(elf_exe) io.write(colors("%{blue}".." ".."\t".."00 ".."01 ".."02 ".."03 ".."04 ".."05 ".."06 ".."07 ".."08 ".."09 ".."0A ".."0B ".."0C ".."0D ".."0E ".."0F")) for k,v in pairs(text_section) do if count % 16 == 0 then @@ -42,28 +49,17 @@ function pretty_dump() end function test() - local text_section = xobj.getTextSection() + local text_section = xobj.getTextSection(elf_exe) dummy = xobj.CSDump(text_section) print(dummy) end -function asm_rewriter() - local text_section = xobj.getTextSection() - local head = getjmptable(#text_section, text_section) - print("head value is",head) - dumpjmptable(head) - freejmptable(haed) -end - setmetatable(jmp_s_t, {__call = function(self, arg1,arg2,arg3,arg4,arg5,arg6,arg7,arg8,arg9,arg10,arg11,arg12) local t = self.new(arg1,arg2,arg3,arg4,arg5,arg6,arg7,arg8,arg9,arg10,arg11,arg12) print("created", t) return t end}) -setmetatable(jmp_s_t, {__index = function(self, arg1) -end}) - function jmp_s_t:show(msg) print(msg, self, self:custom()) return self @@ -86,21 +82,45 @@ function jmp_t_test() end function integ_test() - local text_section = xobj.getTextSection() + local text_section = xobj.getTextSection(elf_exe) local head = getjmptable(#text_section, text_section) head:show("XXXXXhead is") print("head location is ", head:location()) while head:inext() ~= nil do - --for i=1,11,1 do head:show("next is") head = head:inext() - --if head:type() == 0 then break end end end +function asm_rewriter_pretty() + local text_section = xobj.getTextSection(elf_exe) + local head = getjmptable(#text_section, text_section) + while head:inext() ~= nil do + io.write(colors("%{blue}".."type:"),colors("%{green}"..get_jmp_type(head:type())),"\t",colors("%{blue}".."location:"),colors("%{green}".."0x"..string.format("%x",head:location())),"\t",colors("%{blue}".."size:"),colors("%{green}"..head:size()),"\n") + head = head:inext() + end + freejmptable(haed) +end + +function dump_jmp_table() + local text_section = xobj.getTextSection(elf_exe) + local head = getjmptable(#text_section, text_section) + while head:inext() ~= nil do + io.write("type:", head:type(), "\tlocation:", "0x"..string.format("%x", head:location())) + print() + head = head:inext() + end +end + +function get_jmp_table() + local text_section = xobj.getTextSection(elf_exe) + return getjmptable(#text_section, text_section) +end + --main() --pretty_dump() --test() ---asm_rewriter() --jmp_t_test() -integ_test() +--integ_test() +--asm_rewriter_pretty() +dump_jmp_table() diff --git a/bruiser/lua-scripts/xobj.lua b/bruiser/lua-scripts/xobj.lua index 81d0bc0..8453a93 100644 --- a/bruiser/lua-scripts/xobj.lua +++ b/bruiser/lua-scripts/xobj.lua @@ -129,7 +129,7 @@ function xobj.printFuncSizes() end end -function xobj.getTextSection() +function xobj.getTextSection(elf_exe) return objload("elf_get_text_section", elf_exe, "bytes") end |