aboutsummaryrefslogtreecommitdiffstats
path: root/bfd
diff options
context:
space:
mode:
authorbloodstalker <thabogre@gmail.com>2018-02-17 08:13:27 +0000
committerbloodstalker <thabogre@gmail.com>2018-02-17 08:13:27 +0000
commit8bff748dd325ff45375e6f5948368e1ee024d411 (patch)
tree716f9686867b6a73eec43e9f4103a9f1c6c45079 /bfd
parenttravis fix (diff)
downloadmutator-8bff748dd325ff45375e6f5948368e1ee024d411.tar.gz
mutator-8bff748dd325ff45375e6f5948368e1ee024d411.zip
trying to implement the nested call and global object rewriters
Diffstat (limited to '')
-rwxr-xr-xbfd/load.py69
-rw-r--r--bfd/test/makefile4
-rw-r--r--bfd/test/test.c2
3 files changed, 71 insertions, 4 deletions
diff --git a/bfd/load.py b/bfd/load.py
index 865fe91..e8de59a 100755
--- a/bfd/load.py
+++ b/bfd/load.py
@@ -34,6 +34,7 @@ class CLIArgParser(object):
parser.add_argument("--objs", action='store_true', help="dump objects", default=False)
parser.add_argument("--dynsym", action='store_true', help="dump dynamic symbol table", default=False)
parser.add_argument("--dlpath", action='store_true', help="dump dynamic linker path", default=False)
+ parser.add_argument("--phdynent", action='store_true', help="dump ph PT_DYNAMIC entries", default=False)
parser.add_argument("--section", type=str, help="dump a section")
self.args = parser.parse_args()
if self.args.obj is None:
@@ -142,6 +143,39 @@ def get_ph_type(value):
elif value == p_type_e.GNU_RELRO: return "GNU_RELRO"
else: return None
+class ph_dynamic_entry:
+ def __init__(self, d_tag, d_un):
+ self.d_tag = d_tag;
+ self.d_un = d_un
+
+class PH_DYN_TAG_TYPE:
+ DT_NULL = 0
+ DT_NEEDED = 1
+ DT_PLTRELSZ = 2
+ DT_PLTGOT = 3
+ DT_HASH = 4
+ DT_STRTAB = 5
+ DT_SYMTAB = 6
+ DT_RELA = 7
+ DT_RELASZ = 8
+ DT_RELAENT = 9
+ DT_STRSZ = 10
+ DT_SYMENT = 11
+ DT_INIT = 12
+ DT_FINI = 13
+ DT_SONAME = 14
+ DT_RPATH = 15
+ DT_SYMBOLIC = 16
+ DT_REL = 17
+ DT_RELSZ = 18
+ DT_RELENT = 19
+ DT_PLTREL = 20
+ DT_DEBUG = 21
+ DT_TEXTREL = 22
+ DT_JMPREL = 23
+ DT_LOPROC = 24
+ DT_HIPROC = 25
+
class ELF_ST_BIND:
STB_LOCAL = 0
STB_GLOBAL = 1
@@ -308,6 +342,7 @@ class ELF(object):
self.data_section = []
self.text_section = []
self.dlpath = str()
+ self.ph_dyn_ent = []
def init(self, size):
self.size = size
@@ -340,6 +375,7 @@ class ELF(object):
offset += 24
self.pop_data_section()
self.pop_text_section()
+ self.get_ph_dyn_entries()
def read_ELF_H(self, size):
self.elfhdr.ei_mag = self.so.read(4)
@@ -430,6 +466,22 @@ class ELF(object):
char = strings[index]
return ''.join(name)
+ def get_ph_dyn_entries(self):
+ for phdr in self.phdr:
+ if byte2int(phdr.p_type) == p_type_e.PT_DYNAMIC:
+ self.so.seek(byte2int(phdr.p_offset), 0)
+ size = byte2int(phdr.p_memsz)
+ ph_dyn = self.so.read(size)
+ for i in range(int(size/8)):
+ d_tag = byte2int(ph_dyn[8*i:8*i + 4])
+ d_un = byte2int(ph_dyn[8*i + 4:8*i + 8])
+ self.ph_dyn_ent.append(ph_dynamic_entry(d_tag, d_un))
+
+ def dump_ph_dyn_entries(self):
+ for ph_dyn_e in self.ph_dyn_ent:
+ print(Colors.green + "d_tag: " + Colors.blue + repr(ph_dyn_e.d_tag) + Colors.ENDC, end="\t")
+ print(Colors.green + "d_un: " + Colors.blue + repr(ph_dyn_e.d_un) + Colors.ENDC)
+
def dump_funcs(self, dump_b):
ret_list = []
dummy = []
@@ -745,6 +797,7 @@ class Call_Rewriter(object):
for i in self.md.disasm(self.obj_code, 0x1):
if i.mnemonic == "call":
print("0x%x:\t%s\t%s" %(i.address, i.mnemonic, i.op_str))
+ print(i.bytes)
class Global_Rewriter(object):
def __init__(self):
@@ -771,11 +824,23 @@ def main():
elif argparser.args.dlpath: elf.dump_section(".interp")
elif argparser.args.section: elf.dump_section(argparser.args.section)
elif argparser.args.test:
+ counter = 0
print(elf.dump_funcs(False)[10])
print(elf.dump_symbol_string(ELF_ST_TYPE.STT_FUNC, False)[10])
- code = elf.dump_funcs(False)[10]
- rewriter = Call_Rewriter(code)
+ for name in elf.dump_symbol_string(ELF_ST_TYPE.STT_FUNC, False):
+ if name == "glob":
+ print(counter)
+ print(elf.dump_funcs(False)[counter])
+ print(name)
+ if name == "quad":
+ print(counter)
+ print(elf.dump_funcs(False)[counter])
+ print(name)
+ counter += 1
+ obj = elf.dump_funcs(False)[10]
+ rewriter = Call_Rewriter(obj)
rewriter.run()
+ elif argparser.args.phdynent: elf.dump_ph_dyn_entries()
except:
signal.signal(signal.SIGINT, SigHandler_SIGINT)
variables = globals().copy()
diff --git a/bfd/test/makefile b/bfd/test/makefile
index 7115100..3512579 100644
--- a/bfd/test/makefile
+++ b/bfd/test/makefile
@@ -1,7 +1,7 @@
##################################VARS#################################
CC=clang
-CC_FLAGS=-fpic
+CC_FLAGS=-fpic -O0
LD_FLAGS= -l bfd
TARGET=test
##################################RULES################################
@@ -18,7 +18,7 @@ $(TARGET): $(TARGET).o
$(CC) $^ $(LD_FLAGS) -o $@
$(TARGET).asm: $(TARGET).o
- objdump -d -M intel -S $(TARGET).o > $(TARGET).asm
+ objdump -r -d -M intel -S $(TARGET).o > $(TARGET).asm
$(TARGET).so: $(TARGET).o
$(CC) $^ $(LD_FLAGS) -shared -o $@
diff --git a/bfd/test/test.c b/bfd/test/test.c
index a62769a..cac61b6 100644
--- a/bfd/test/test.c
+++ b/bfd/test/test.c
@@ -19,6 +19,8 @@ int myvar2 = 2;
int myvar3 = 3;
int myvar4 = 4;
+int glob(void) {return myvar1+myvar2+myvar3+myvar4;}
+
int main(int argc, char** argv) {
int sum;
sum = add2(10, 20);