int main(int argc, char **argv) { MalelfDissect dissect; MalelfInfect infect; Disas disas; Database database; Analyse analyse; _u8 error = MALELF_SUCCESS; if (argc == 1) { _malelf_help(); return -1; } if (strncmp(argv[1], DISSECT, sizeof(DISSECT)) == 0) { error = malelf_dissect_init(&dissect, argc, argv); malelf_dissect_finish(&dissect); } else if (strncmp(argv[1], SHELLCODE, sizeof (SHELLCODE)) == 0) { malelf_shellcode_init(argc, argv); malelf_shellcode_finish(); } else if (strncmp(argv[1], INFECT, sizeof(INFECT)) == 0) { malelf_infect_init(&infect, argc, argv); malelf_infect_finish(&infect); } else if (strncmp(argv[1], DYNAMIC_ANALYSIS, sizeof(DYNAMIC_ANALYSIS)) == 0) { malelf_dynanalyse_init(argc, argv); malelf_dynanalyse_finish(); } else if (strncmp(argv[1], DISAS, sizeof(DISAS)) == 0) { disas_init(&disas, argc, argv); disas_finish(&disas); } else if (strncmp(argv[1], DATABASE, sizeof(DATABASE)) == 0) { database_init(&database, argc, argv); database_finish(&database); } else if (strncmp(argv[1], ANALYSE, sizeof(ANALYSE)) == 0) { error = analyse_init(&analyse, argc, argv); analyse_finish(&analyse); } else if (strncmp(argv[1], "-v", 2) || strncmp(argv[1], "--version", 9)) { show_version(*argv); } else { _malelf_help(); } if (MALELF_SUCCESS != error) { if (MALELF_ERROR != error) { MALELF_PERROR(error); } return error; } return 0; }
void _malelf_debug_open_file(char *fname) { if (fname == NULL) { _malelf_debug_fd = MALELF_DEBUG_OUTPUT; return; } _malelf_debug_fd = fopen(fname, "a+"); if (!_malelf_debug_fd) { malelf_error("Error in environment variable " "MALELF_DEBUG_FILE ='%s': ", fname); MALELF_PERROR(errno); _malelf_debug_fd = MALELF_DEBUG_OUTPUT; } }
int main(int argc, char **argv) { MalelfBinary bin; Elf32_Phdr phdr_load, phdr_note; _u32 error; int fd; struct stat st_info; unsigned char *text_data; if (argc < 3) { printf("%s <text-segment-file> <output-elf>\n", *argv); return 1; } fd = open(argv[1], O_RDONLY); if (fd == -1) { fprintf(stderr, "Failed to open %s...\n", argv[1]); return 1; } if (stat(argv[1], &st_info) == -1) { perror("Failed to stat file.\n"); return 1; } text_data = mmap(NULL, st_info.st_size, PROT_READ, MAP_SHARED, fd, 0); if (!text_data) { perror("Failed to mmap...\n"); return 1; } malelf_binary_init(&bin); error = malelf_binary_create_elf_exec(&bin, MALELF_ELF32); if (MALELF_SUCCESS != error) { MALELF_PERROR(error); return 1; } /* First, configure your executable (PT_LOAD) segment */ phdr_load.p_type = PT_LOAD; phdr_load.p_offset = sizeof (Elf32_Ehdr) + sizeof (Elf32_Phdr) * 3; phdr_load.p_vaddr = 0x08048000 + phdr_load.p_offset; phdr_load.p_paddr = phdr_load.p_vaddr; phdr_load.p_filesz = st_info.st_size; phdr_load.p_memsz = phdr_load.p_filesz; phdr_load.p_flags = PF_X; phdr_load.p_align = 0; error = malelf_binary_add_phdr32(&bin, &phdr_load); if (MALELF_SUCCESS != error) { MALELF_PERROR(error); malelf_binary_close(&bin); return 1; } /* content of NOTE segment */ const char * message = "generated libmalelf"; phdr_note.p_type = PT_NOTE; phdr_note.p_offset = phdr_load.p_offset + st_info.st_size; phdr_note.p_vaddr = 0x08048000 + phdr_load.p_offset + st_info.st_size; phdr_note.p_paddr = phdr_note.p_vaddr; phdr_note.p_filesz = strlen(message); phdr_note.p_memsz = phdr_note.p_filesz; phdr_note.p_flags = PF_R | PF_W; phdr_note.p_align = 0; error = malelf_binary_add_phdr32(&bin, &phdr_note); if (MALELF_SUCCESS != error) { MALELF_PERROR(error); malelf_binary_close(&bin); return 1; } /* copying text segment */ bin.mem = malelf_realloc(bin.mem, phdr_load.p_offset + st_info.st_size); memcpy(bin.mem + phdr_load.p_offset, text_data, st_info.st_size); /* copying note segment */ bin.mem = malelf_realloc(bin.mem, phdr_note.p_offset + phdr_note.p_filesz); memcpy(bin.mem + phdr_note.p_offset, message, phdr_note.p_filesz); malelf_ehdr_set_entry(&bin.ehdr, phdr_load.p_vaddr); error = malelf_binary_write(&bin, argv[2]); if (MALELF_SUCCESS != error) { MALELF_PERROR(error); return 1; } munmap(text_data, st_info.st_size); malelf_binary_close(&bin); return 0; }