Beispiel #1
0
static void serialize(RAnal *a, RSignItem *it, char *k, char *v) {
	char *hexbytes = NULL, *hexmask = NULL, *hexgraph = NULL;
	int len = 0;
	RSignBytes *bytes = it->bytes;
	RSignGraph *graph = it->graph;

	if (k) {
		serializeKey(a, it->space, it->name, k);
	}

	if (v) {
		if (bytes) {
			len = bytes->size * 2 + 1;
			hexbytes = calloc (1, len);
			hexmask = calloc (1, len);
			r_hex_bin2str (bytes->bytes, bytes->size, hexbytes);
			r_hex_bin2str (bytes->mask, bytes->size, hexmask);
		}
		if (graph) {
			hexgraph = calloc (1, sizeof (RSignGraph) * 2 + 1);
			r_hex_bin2str ((ut8 *) graph, sizeof (RSignGraph), hexgraph);
		}

		snprintf (v, R_SIGN_VAL_MAXSZ, "%d|%s|%s|%s",
			bytes? bytes->size: 0,
			bytes? hexbytes: "0",
			bytes? hexmask: "0",
			graph? hexgraph: "0");

		free (hexbytes);
		free (hexmask);
		free (hexgraph);
	}
}
Beispiel #2
0
static int rabin_dump_sections(char *scnname) {
	RList *sections;
	RListIter *iter;
	RBinSection *section;
	ut8 *buf;
	char *ret;

	if ((sections = r_bin_get_sections (bin)) == NULL)
		return R_FALSE;

	r_list_foreach (sections, iter, section) {
		if (!strcmp (scnname, section->name)) {
			if (!(buf = malloc (section->size)))
				return R_FALSE;
			if (!(ret = malloc (section->size*2+1))) {
				free (buf);
				return R_FALSE;
			}
			r_buf_read_at (bin->cur->buf, section->paddr, buf, section->size);
			if (output) {
				r_file_dump (output, buf, section->size);
			} else {
				r_hex_bin2str (buf, section->size, ret);
				printf ("%s\n", ret);
			}
			free (buf);
			free (ret);
			break;
		}
	}

	return R_TRUE;
}
Beispiel #3
0
static int rabin_dump_symbols(int len) {
	RList *symbols;
	RListIter *iter;
	RBinSymbol *symbol;
	ut8 *buf;
	char *ret;
	int olen = len;

	if ((symbols = r_bin_get_symbols (bin)) == NULL)
		return R_FALSE;

	r_list_foreach (symbols, iter, symbol) {
		if (symbol->size != 0 && (olen > symbol->size || olen == 0))
			len = symbol->size;
		else if (symbol->size == 0 && olen == 0)
			len = 32;
		else len = olen;
		if (!(buf = malloc (len))) {
			return R_FALSE;
		}
		if (!(ret = malloc (len*2+1))) {
			free (buf);
			return R_FALSE;
		}
		r_buf_read_at (bin->cur->buf, symbol->paddr, buf, len);
		r_hex_bin2str (buf, len, ret);
		printf ("%s %s\n", symbol->name, ret);
		free (buf);
		free (ret);
	}
	return R_TRUE;
}
Beispiel #4
0
R_API int r_asm_op_set_hexbuf(RAsmOp *op, const ut8 *buf, int len) {
	r_return_val_if_fail (op && buf && len >= 0, 0);
	char *hex = malloc (len * 4 + 1);
	if (hex) {
		(void)r_hex_bin2str (buf, len, hex);
		int olen = r_asm_op_set_hex (op, hex);
		free (hex);
		return olen;
	}
	return 0;
	// TODO: update the op->buf too?
}
Beispiel #5
0
R_API void r_core_visual_asm(RCore *core) {
	RCoreVisualAsm cva = {0};
	cva.core = core;

	r_io_read_at (core->io, core->offset, cva.buf, sizeof (cva.buf));
	cva.blocklen = r_hex_bin2str (cva.buf, sizeof (cva.buf), cva.blockbuf);

	r_line_readline_cb (readline_callback, &cva);

	if (cva.acode && cva.acode->len>0)
		if (r_cons_yesno ('y', "Save changes? (Y/n)"))
			r_core_cmdf (core, "wx %s", cva.acode->buf_hex);
	r_asm_code_free (cva.acode);
}
Beispiel #6
0
static int trace_hook_mem_write(RAnalEsil *esil, ut64 addr, const ut8 *buf, int len) {
	int ret = 0;
	char *hexbuf = malloc ((1+len)*3);
	sdb_array_add_num (DB, KEY ("mem.write"), addr, 0);
	r_hex_bin2str (buf, len, hexbuf);
	sdb_set (DB, KEYAT ("mem.write.data", addr), hexbuf, 0);
	eprintf ("[ESIL] MEM WRITE 0x%08"PFMT64x" %s\n", addr, hexbuf);
	free (hexbuf);

	if (ocbs.hook_mem_write) {
		RAnalEsilCallbacks cbs = esil->cb;
		esil->cb = ocbs;
		ret = ocbs.hook_mem_write (esil, addr, buf, len);
		esil->cb = cbs;
	}
	return ret;
}
Beispiel #7
0
static int __write(RIO *io, RIODesc *fd, const ut8 *buf, int count) {
	int code, rlen;
	char *out, *url, *hexbuf;
	if (fd == NULL || fd->data == NULL)
		return -1;

	hexbuf = malloc (count * 3);
	hexbuf[0] = 0;
	r_hex_bin2str (buf, count, hexbuf);
	url = r_str_newf ("%s/wx%%20%s@%"PFMT64d,
		rURL(fd), hexbuf, io->off);
	out = r_socket_http_get (url, &code, &rlen);
	free (out);
	free (url);
	free (hexbuf);
	return count;
}
Beispiel #8
0
static int duk_disasm(RAsm *a, RAsmOp *op, const ut8 *buf, int len) {
	int res = 0, res2 = 0;
	const char *opstr = NULL;
	ut8 *b = a->cur->user;
	duk_push_global_stash (ctx);
	duk_dup (ctx, 0);  /* timer callback */
	duk_get_prop_string (ctx, -2, "disfun");
	b = a->cur->user = duk_require_tval (ctx, -1);
//	pushBuffer (buf, len);
	if (duk_is_callable(ctx, -1)) {
		int i;
		// duk_push_string (ctx, "TODO 2");
		pushBuffer (buf, len);
		duk_call (ctx, 1);

		// [ size, str ]
		for (i = 0; i<3; i++) {
			duk_dup_top (ctx);
			duk_get_prop_index (ctx, -1, i);
			if (duk_is_number (ctx, -1)) {
				if (res)
				res2 = duk_to_number (ctx, -1);
				else
				res2 = res = duk_to_number (ctx, -1);
			} else if (duk_is_string (ctx, -1)) {
				if (!opstr) {
					opstr = duk_to_string (ctx, -1);
				}
			}
			duk_pop (ctx);
		}
	} else {
		eprintf ("[:(] Is not a function %02x %02x\n", b[0],b[1]);
	}

	// fill op struct
	op->size = res;
	if (!opstr) opstr = "invalid";
	strncpy (op->buf_asm, opstr, sizeof (op->buf_asm));
	r_hex_bin2str (buf, op->size, op->buf_hex);
	return res2;
}
Beispiel #9
0
static int trace_hook_mem_read(RAnalEsil *esil, ut64 addr, ut8 *buf, int len) {
	char *hexbuf = malloc ((1+len)*3);
	int ret = 0;
	if (esil->cb.mem_read) {
		ret = esil->cb.mem_read (esil, addr, buf, len);
	}
	sdb_array_add_num (DB, KEY ("mem.read"), addr, 0);
	r_hex_bin2str (buf, len, hexbuf);
	sdb_set (DB, KEYAT ("mem.read.data", addr), hexbuf, 0);
	eprintf ("[ESIL] MEM READ 0x%08"PFMT64x" %s\n", addr, hexbuf);
	free (hexbuf);

	if (ocbs.hook_mem_read) {
		RAnalEsilCallbacks cbs = esil->cb;
		esil->cb = ocbs;
		ret = ocbs.hook_mem_read (esil, addr, buf, len);
		esil->cb = cbs;
	}
	return ret;
}
Beispiel #10
0
static char *__system(RIO *io, RIODesc *fd, const char *cmd) {
	if (!strncmp (cmd, "?", 1)) {
		eprintf ("dr  : show registers\n");
		eprintf ("dr* : show registers as flags\n");
		eprintf ("drp : show reg profile\n");
		eprintf ("dr8 : show hexpairs with regstate\n");
		eprintf ("ds  : step into\n");
		eprintf ("dp  : show process info\n");
		eprintf ("dc  : continue\n");
		eprintf ("dm  : show maps\n");
		eprintf ("pid : show current process id\n");
	} else if (!strncmp (cmd, "dr8", 3)) {
		struct winedbg_x86_32 r = regState ();
		ut8 *arena = (ut8*)calloc (sizeof (struct winedbg_x86_32), 3);
		if (arena) {
			r_hex_bin2str ((ut8*)&r, sizeof (r), (char *)arena);
			return (char *)arena;
		}
	} else if (!strncmp (cmd, "drp", 3)) {
const char *msg =
"=PC	eip\n"\
"=SP	esp\n"\
"=BP	ebp\n"\
"=A0	eax\n"\
"=A1	ebx\n"\
"=A2	ecx\n"\
"=A3	edx\n"\
"=A4	esi\n"\
"=A5	edi\n"\
"=SN	eax\n"\

"seg	cs	.16	0	0\n"\
"seg	ss	.16	2	0\n"\
"seg	ds	.16	4	0\n"\
"seg	es	.16	6	0\n"\
"seg	fs	.16	8	0\n"\
"seg	gs	.16	10	0\n"\

"gpr	eip	.32	12	0\n"\
"gpr	esp	.32	16	0\n"\
"gpr	ebp	.32	20	0\n"\
"gpr	eflags	.32	24	0\n"\

"gpr	eax	.32	28	0\n"\
"gpr	ebx	.32	32	0\n"\
"gpr	ecx	.32	36	0\n"\
"gpr	edx	.32	40	0\n"\
"gpr	esi	.32	44	0\n"\
"gpr	edi	.32	48	0\n"\

"flg	flags	.16	24	0\n"\
"flg	cf	.1	.192	0\n"\
"flg	pf	.1	.193	0\n"\
"flg	af	.1	.194	0\n"\
"flg	zf	.1	.195	0\n"\
"flg	sf	.1	.196	0\n"\
"flg	tf	.1	.197	0\n"\
"flg	if	.1	.198	0\n"\
"flg	df	.1	.199	0\n"\
"flg	of	.1	.200	0\n"\
"flg	nt	.1	.201	0\n"\
"flg	rf	.1	.202	0\n"\
"flg	vm	.1	.203	0\n";
		return strdup (msg);
	} else if (!strncmp (cmd, "dr", 2)) {
		printcmd (io, "info reg");
	} else if (!strncmp (cmd, "db ", 3)) {
		free (runcmd (sdb_fmt (0, "break *%"PFMT64x, r_num_get (NULL, cmd + 3) || io->off)));
	} else if (!strncmp (cmd, "ds", 2)) {
		free (runcmd ("stepi"));
	} else if (!strncmp (cmd, "dc", 2)) {
		free (runcmd ("cont"));
	} else if (!strncmp (cmd, "dso", 3)) {
		eprintf ("TODO: dso\n");
	} else if (!strncmp (cmd, "dp", 3)) {
		printcmd (io, "info thread");
	} else if (!strncmp (cmd, "dm", 3)) {
		char *wineDbgMaps = runcmd ("info maps");
		char *res = NULL;
		if (wineDbgMaps) {
			const char *perm;
			char *ptr = wineDbgMaps;
			for (;;) {
				char *nl = strchr (ptr, '\n');
				if (!nl) {
					break;
				}
				*nl++ = 0;
				perm = "r-x";
				ut64 from = 0, to = 0;
				if (strstr (ptr, " commit ")) {
					if (strstr (ptr, "RW")) {
						perm = "rw-";
					}
					sscanf (ptr, "%08"PFMT64x" %08"PFMT64x, &from, &to);
				}
				char *row = r_str_newf ("0x%08"PFMT64x" - 0x%08" PFMT64x" %s %s\n", from, to, perm, "");
				ptr = nl + 1;
				res = r_str_append (res, row);
				free (row);
			}
			free (wineDbgMaps);
			return res;
		}
	} else if (!strncmp (cmd, "pid", 3)) {
		return r_str_newf ("%d", fd->fd);
	} else {
		printcmd (io, cmd);
	}
	return NULL;
}