From 5de630461628e95a7460f16574242f897f874a94 Mon Sep 17 00:00:00 2001 From: bloodstalker Date: Sat, 19 May 2018 04:05:03 +0430 Subject: fixes #33. fixed #34. python interpreter should clean up after itself properly so maybe #32 is also sovled but i need more time to know. the stack usage for lua has been reduced so larger number of xobjs are fine now. general cleanup for executioner and bruiser. added a note regarding running obfuscators test. lua no longer needs libreadline to build. bfds test no longer needs libbfd to build. --- bfd/load.py | 58 +++++++++++++++++++++++++++++++++++++++++-------------- bfd/test/makefile | 3 ++- bfd/test/test.c | 5 ++++- 3 files changed, 49 insertions(+), 17 deletions(-) (limited to 'bfd') diff --git a/bfd/load.py b/bfd/load.py index 1a62b04..f0941b0 100755 --- a/bfd/load.py +++ b/bfd/load.py @@ -83,6 +83,7 @@ class CLIArgParser(object): parser.add_argument("--reladyn", action='store_true', help=".rela.dyn entries", default=False) parser.add_argument("--relaplt", action='store_true', help=".rela.plt entries", default=False) parser.add_argument("--rodata", action='store_true', help="dump .rodata", default=False) + parser.add_argument("--disass", type=str, help="disassemblt a section") self.args = parser.parse_args() if self.args.obj is None: raise Exception("no object file provided. please specify an object with --obj.") @@ -928,8 +929,8 @@ class ELF(object): for byte in obj: if count%16 == 0: for ch in strrep: - if ord(ch) > 16 and ord(ch) < 127: print(ch, end = '') - else: pass + if ord(ch) > 32 and ord(ch) < 127: print(ch, end = '') + else: print(" ", end="") print() strrep = [] print(format(count, "06x"), ': ', end='') @@ -941,9 +942,9 @@ class ELF(object): print(format(byte, '02x') + ' ', end='') count += 1 for i in range(0, 16-count%16): print(" ", end="") - #for ch in strrep: - #if ord(ch) > 63 and ord(ch) < 100: print(repr(ch), end = '') - #else: pass + for ch in strrep: + if ord(ch) > 32 and ord(ch) < 127: print(ch, end = '') + else: print(" ", end="") print() ret_dummy = [] @@ -1343,11 +1344,13 @@ class Rewriter(object): self.elf = ELF(so) self.elf.init(64) #shutil.copyfile(path, "/tmp/exe") - self.file_w = open("/tmp/exe", "wb") self.magic_section_number = int() self.new_name = new_name + self.shdr_new_size = [] + self.shdr_new_offset = [] def fix_section_offsets(self, section_name, new_size:int, new_section:bytes): + file_w = open(self.new_name, "wb") magic_number = int() for i in range(0, byte2int(self.elf.elfhdr.e_shnum)): name = self.elf.read_section_name(byte2int(self.elf.shhdr[i].sh_name)) @@ -1355,16 +1358,30 @@ class Rewriter(object): self.magic_section_number = i print(self.magic_section_number) + ### copy the sections before magic_number + ### write in the new section + ### fix section headers + end = int() - for i in range(self.magic_section_number-1, byte2int(self.elf.elfhdr.e_shnum)): - before = byte2int(self.elf.shhdr[i].sh_offset) + byte2int(self.elf.shhdr[i].sh_size) - print(before) - if before / byte2int(self.elf.shhdr[i].sh_addralign) == float(before / byte2int(self.elf.shhdr[i].sh_addralign)): pass - else: - end = ceil(before / byte2int(self.elf.shhdr[i].sh_addralign)) - - def fix_section_size(self, section_name): - pass + #for i in range(self.magic_section_number, byte2int(self.elf.elfhdr.e_shnum) + 1): + for i in range(0, byte2int(self.elf.elfhdr.e_shnum)): + if i > self.magic_section_number: + extra_chunk = end % byte2int(self.elf.shhdr[i].sh_addralign) + missing_chunk = byte2int(self.elf.shhdr[i].sh_addralign) - extra_chunk + assert missing_chunk > 0, "missing chunk is negative" + self.shdr_new_size.append(byte2int(self.elf.shhdr[i].sh_size)) + self.shdr_new_offset.append(end + missing_chunk%byte2int(self.elf.shhdr[i].sh_addralign)) + end = self.shdr_new_offset[-1] + self.shdr_new_size[-1] + + elif i < self.magic_section_number: + self.shdr_new_size.append(byte2int(self.elf.shhdr[i].sh_size)) + self.shdr_new_offset.append(byte2int(self.elf.shhdr[i].sh_offset)) + elif i == self.magic_section_number: + self.shdr_new_size.append(new_size) + self.shdr_new_offset.append(byte2int(self.elf.shhdr[i].sh_offset)) + end = byte2int(self.elf.shhdr[i].sh_offset) + new_size + for size in self.shdr_new_size: print(repr(i) + " new size is " + repr(size)) + for offset in self.shdr_new_offset: print(repr(i) + " new offset is " + repr(offset)) def premain(argparser): so = openSO_r(argparser.args.obj) @@ -1409,6 +1426,17 @@ def premain(argparser): for i in md.disasm(bytes(code), 0x0): print(hex(i.address).ljust(7), i.mnemonic.ljust(7), i.op_str) elif argparser.args.phdynent: elf.dump_ph_dyn_entries() + elif argparser.args.disass: + for section in elf.shhdr: + name = elf.read_section_name(byte2int(section.sh_name)) + if name == argparser.args.disass: + if byte2int(section.sh_flags) & 0x4 != 0x04: + print("section is not executable...but, since you asked, here you go...") + elf.so.seek(byte2int(section.sh_offset)) + code = elf.so.read(byte2int(section.sh_size)) + md = Cs(CS_ARCH_X86, CS_MODE_64) + for i in md.disasm(bytes(code), 0x0): + print(hex(i.address).ljust(7), i.mnemonic.ljust(7), i.op_str) elif argparser.args.textasm: md = Cs(CS_ARCH_X86, CS_MODE_64) for i in md.disasm(bytes(elf.text_section), 0x0): diff --git a/bfd/test/makefile b/bfd/test/makefile index eb8576f..9414f84 100644 --- a/bfd/test/makefile +++ b/bfd/test/makefile @@ -3,7 +3,8 @@ CC?=gcc CC=gcc CC_FLAGS=-fpic -O0 -g -v --debug -LD_FLAGS= -l bfd +#LD_FLAGS= -l bfd +LD_FLAGS= TARGET=test ##################################RULES################################ .DEFAULT:all diff --git a/bfd/test/test.c b/bfd/test/test.c index cac61b6..00f92ad 100644 --- a/bfd/test/test.c +++ b/bfd/test/test.c @@ -13,6 +13,7 @@ double subdouble(double a, double b) {return a-b;} double triple(double a, double b, double c) {return a+b+c;} int quad(int a, int b, int c, int d) {return add2(a,b) + add2(c,d);} const char* passthrough(const char* a) {return a;} +void ext_1(void) {printf("%s", "hey there sleepy-head.\n");} int myvar1 = 1; int myvar2 = 2; @@ -25,5 +26,7 @@ int main(int argc, char** argv) { int sum; sum = add2(10, 20); printf("i live!\n"); - return sub2(20, 10); + int res = sub2(20, 10); + ext_1(); + return quad(1,2,3,4); } -- cgit v1.2.3