aboutsummaryrefslogtreecommitdiffstats
path: root/bruiser/lua-scripts
diff options
context:
space:
mode:
Diffstat (limited to 'bruiser/lua-scripts')
-rw-r--r--bruiser/lua-scripts/asmrw.lua53
-rw-r--r--bruiser/lua-scripts/asmtest.lua23
-rw-r--r--bruiser/lua-scripts/demo2.lua56
-rw-r--r--bruiser/lua-scripts/xobj.lua2
4 files changed, 109 insertions, 25 deletions
diff --git a/bruiser/lua-scripts/asmrw.lua b/bruiser/lua-scripts/asmrw.lua
new file mode 100644
index 0000000..2f68d2b
--- /dev/null
+++ b/bruiser/lua-scripts/asmrw.lua
@@ -0,0 +1,53 @@
+------------------------------------------------Project Mutator-----------------------------------------------
+--bruiser's asmrw module
+--Copyright (C) 2018 Farzad Sadeghi
+
+--This program is free software; you can redistribute it and/or
+--modify it under the terms of the GNU General Public License
+--as published by the Free Software Foundation; either version 2
+--of the License, or (at your option) any later version.
+
+--This program is distributed in the hope that it will be useful,
+--but WITHOUT ANY WARRANTY; without even the implied warranty of
+--MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+--GNU General Public License for more details.
+
+--You should have received a copy of the GNU General Public License
+--along with this program; if not, write to the Free Software
+--Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA.*/
+--------------------------------------------------------------------------------------------------------------
+--start of asmrewriter module
+local asmrw = {}
+xobj = require("lua-scripts.xobj")
+
+setmetatable(jmp_s_t, {__call =
+ function(self, arg1,arg2,arg3,arg4,arg5,arg6,arg7,arg8,arg9,arg10,arg11,arg12)
+ local t = self.new(arg1,arg2,arg3,arg4,arg5,arg6,arg7,arg8,arg9,arg10,arg11,arg12)
+ print("created", t)
+ return t
+ end
+ }
+)
+
+function jmp_s_t:dump(msg)
+ print(msg, self:custom())
+ return self
+end
+
+function asmrw.get_head(elf_exe)
+ local text_section = xobj.getTextSection(elf_exe)
+ local head = getjmptable(#text_section, text_section)
+ return head
+end
+
+function asmrw.get_jmp(location)
+ while head:inext() ~= nil do
+ if head:location() == location then return head end
+ head = head:inext()
+ end
+end
+
+--end of asmrewriter module
+return asmrw
+--------------------------------------------------------------------------------------------------------------
+
diff --git a/bruiser/lua-scripts/asmtest.lua b/bruiser/lua-scripts/asmtest.lua
index 83b523a..ac5730e 100644
--- a/bruiser/lua-scripts/asmtest.lua
+++ b/bruiser/lua-scripts/asmtest.lua
@@ -1,10 +1,21 @@
+
+xobj = require("lua-scripts.xobj")
+asmrw = require("lua-scripts.asmrw")
+
function test()
- print("running asmtest.lua")
- --for k,v in pairs(jmp_s_t) do print(k,v) end
- local t = jmp_s_t.new()
- print(t)
- t:set_type(3)
- print(t.type)
+ local elf_exe = "../bfd/test/test"
+ local text_section = xobj.getTextSection(elf_exe)
+ local head = jmp_s_t()
+ -- messes up the stack. I could fix it but not sure why i would want to keep this in
+ --local head2 = jmp_s_t:new()
+ head = getjmptable(#text_section, text_section)
+
+ while head:inext() ~= nil do
+ head:dump("entry")
+ io.write("type:", head:type(), "\tlocation:", "0x"..string.format("%x", head:location()))
+ print()
+ head = head:inext()
+ end
end
test()
diff --git a/bruiser/lua-scripts/demo2.lua b/bruiser/lua-scripts/demo2.lua
index de13c58..db840fc 100644
--- a/bruiser/lua-scripts/demo2.lua
+++ b/bruiser/lua-scripts/demo2.lua
@@ -4,6 +4,13 @@ colors = require("ansicolors")
elf_file = "../bfd/test/test.so"
elf_exe = "../bfd/test/test"
+function get_jmp_type(val)
+ if val == 1 then return "JMP" end
+ if val == 2 then return "JNE" end
+ if val == 3 then return "JE" end
+ return "U"
+end
+
function main()
xobj.getSO(elf_file)
local add2_code = xobj.codeTableByName_number("'add2'")
@@ -27,7 +34,7 @@ end
function pretty_dump()
count = 0
- local text_section = xobj.getTextSection()
+ local text_section = xobj.getTextSection(elf_exe)
io.write(colors("%{blue}".." ".."\t".."00 ".."01 ".."02 ".."03 ".."04 ".."05 ".."06 ".."07 ".."08 ".."09 ".."0A ".."0B ".."0C ".."0D ".."0E ".."0F"))
for k,v in pairs(text_section) do
if count % 16 == 0 then
@@ -42,28 +49,17 @@ function pretty_dump()
end
function test()
- local text_section = xobj.getTextSection()
+ local text_section = xobj.getTextSection(elf_exe)
dummy = xobj.CSDump(text_section)
print(dummy)
end
-function asm_rewriter()
- local text_section = xobj.getTextSection()
- local head = getjmptable(#text_section, text_section)
- print("head value is",head)
- dumpjmptable(head)
- freejmptable(haed)
-end
-
setmetatable(jmp_s_t, {__call = function(self, arg1,arg2,arg3,arg4,arg5,arg6,arg7,arg8,arg9,arg10,arg11,arg12)
local t = self.new(arg1,arg2,arg3,arg4,arg5,arg6,arg7,arg8,arg9,arg10,arg11,arg12)
print("created", t)
return t
end})
-setmetatable(jmp_s_t, {__index = function(self, arg1)
-end})
-
function jmp_s_t:show(msg)
print(msg, self, self:custom())
return self
@@ -86,21 +82,45 @@ function jmp_t_test()
end
function integ_test()
- local text_section = xobj.getTextSection()
+ local text_section = xobj.getTextSection(elf_exe)
local head = getjmptable(#text_section, text_section)
head:show("XXXXXhead is")
print("head location is ", head:location())
while head:inext() ~= nil do
- --for i=1,11,1 do
head:show("next is")
head = head:inext()
- --if head:type() == 0 then break end
end
end
+function asm_rewriter_pretty()
+ local text_section = xobj.getTextSection(elf_exe)
+ local head = getjmptable(#text_section, text_section)
+ while head:inext() ~= nil do
+ io.write(colors("%{blue}".."type:"),colors("%{green}"..get_jmp_type(head:type())),"\t",colors("%{blue}".."location:"),colors("%{green}".."0x"..string.format("%x",head:location())),"\t",colors("%{blue}".."size:"),colors("%{green}"..head:size()),"\n")
+ head = head:inext()
+ end
+ freejmptable(haed)
+end
+
+function dump_jmp_table()
+ local text_section = xobj.getTextSection(elf_exe)
+ local head = getjmptable(#text_section, text_section)
+ while head:inext() ~= nil do
+ io.write("type:", head:type(), "\tlocation:", "0x"..string.format("%x", head:location()))
+ print()
+ head = head:inext()
+ end
+end
+
+function get_jmp_table()
+ local text_section = xobj.getTextSection(elf_exe)
+ return getjmptable(#text_section, text_section)
+end
+
--main()
--pretty_dump()
--test()
---asm_rewriter()
--jmp_t_test()
-integ_test()
+--integ_test()
+--asm_rewriter_pretty()
+dump_jmp_table()
diff --git a/bruiser/lua-scripts/xobj.lua b/bruiser/lua-scripts/xobj.lua
index 81d0bc0..8453a93 100644
--- a/bruiser/lua-scripts/xobj.lua
+++ b/bruiser/lua-scripts/xobj.lua
@@ -129,7 +129,7 @@ function xobj.printFuncSizes()
end
end
-function xobj.getTextSection()
+function xobj.getTextSection(elf_exe)
return objload("elf_get_text_section", elf_exe, "bytes")
end