C++ (Cpp) panda_parse_stringの例

コード例 #1

0

ファイルを表示

ファイル: rehosting.cpp プロジェクト: mnavaki/FAROS

bool init_plugin(void *self) {

    panda_arg_list *args;

    args = panda_get_args("rehosting");
    kernel_filename = panda_parse_string(args, "kernel", "");
    assert (kernel_filename != NULL);
    assert (strlen(kernel_filename) > 0);
    // this is where we will blit the kernel into memory
    const char *base_addr_str = panda_parse_string(args, "base", "");
    if (strnlen(base_addr_str,10) != 0) {
        base_addr = strtoul(base_addr_str, NULL, 16);
    }
    // and this is the entry point
    const char *entry_addr_str = panda_parse_string(args, "entry", "");
    if (strnlen(entry_addr_str,10) != 0) {
        entry_addr = strtoul(entry_addr_str, NULL, 16);
    }

    printf ("rehosting: kernel=[%s]\n", kernel_filename);
    printf ("rehosting: base=0x%x entry=0x%x\n", base_addr, entry_addr);    

#if defined(TARGET_I386) 
    panda_cb pcb;
    pcb.before_block_exec_invalidate_opt = blit_kernel;
    panda_register_callback(self, PANDA_CB_BEFORE_BLOCK_EXEC_INVALIDATE_OPT, pcb);
    return true;
#else
    return false;
#endif
}

コード例 #2

0

ファイルを表示

ファイル: memstrings.cpp プロジェクト: 3a9LL/panda

bool init_plugin(void *self) {
    panda_cb pcb;

    printf("Initializing plugin memstrings\n");

    panda_arg_list *args = panda_get_args("memstrings");

    const char *prefix = panda_parse_string(args, "name", "memstrings");
    min_strlen = panda_parse_ulong(args, "len", 4);

    char matchfile[128] = {};
    sprintf(matchfile, "%s_strings.txt.gz", prefix);
    mem_report = gzopen(matchfile, "w");
    if(!mem_report) {
        printf("Couldn't write report:\n");
        perror("fopen");
        return false;
    }

    // Need this to get EIP with our callbacks
    panda_enable_precise_pc();
    // Enable memory logging
    panda_enable_memcb();

    pcb.virt_mem_write = mem_write_callback;
    panda_register_callback(self, PANDA_CB_VIRT_MEM_WRITE, pcb);
    pcb.virt_mem_read = mem_read_callback;
    panda_register_callback(self, PANDA_CB_VIRT_MEM_READ, pcb);

    return true;
}

コード例 #3

0

ファイルを表示

ファイル: file_taint.cpp プロジェクト: Confocus/panda

bool init_plugin(void *self) {

    printf("Initializing plugin file_taint\n");

    panda_arg_list *args;
    args = panda_get_args("file_taint");
    taint_filename = panda_parse_string(args, "filename", "abc123");
    positional_labels = panda_parse_bool(args, "pos");
    // used to just find the names of files that get 
    no_taint = panda_parse_bool(args, "notaint");
    prob_label_u32 = panda_parse_double(args, "prob_label_u32", 0.0);
    end_label = panda_parse_ulong(args, "max_num_labels", 1000000);
    end_label = panda_parse_ulong(args, "end", end_label);
    start_label = panda_parse_ulong(args, "start", 0);
    first_instr = panda_parse_uint64(args, "first_instr", 0);

    printf ("taint_filename = [%s]\n", taint_filename);
    printf ("positional_labels = %d\n", positional_labels);
    printf ("no_taint = %d\n", no_taint);
    printf ("prob_label_u32 = %.3f\n", prob_label_u32);
    printf ("end_label = %d\n", end_label);
    printf ("first_instr = %" PRId64 " \n", first_instr);

    panda_require("syscalls2");

    // this sets up the taint api fn ptrs so we have access
    if (!no_taint) {
        panda_require("taint2");
        assert(init_taint2_api());
        if (first_instr == 0) {
            taint2_enable_taint();
        }
    }
    
    panda_cb pcb;        

    if (first_instr > 0) {
        // only need this callback if we are turning on taint late
        pcb.before_block_translate = file_taint_enable;
        panda_register_callback(self, PANDA_CB_BEFORE_BLOCK_TRANSLATE, pcb);
    }

#if defined(TARGET_I386)
            
    PPP_REG_CB("syscalls2", on_sys_open_enter, open_enter);
    PPP_REG_CB("syscalls2", on_sys_open_return, open_return);
    
    PPP_REG_CB("syscalls2", on_sys_read_enter, read_enter);
    PPP_REG_CB("syscalls2", on_sys_read_return, read_return);

#endif
    return true;
}

コード例 #4

0

ファイルを表示

ファイル: coverage.cpp プロジェクト: 3a9LL/panda

bool init_plugin(void *self) {

    printf ("Initializing plugin coverage\n");
    panda_arg_list *args = panda_get_args("coverage");
    process_name = panda_parse_string(args, "process", "");
    panda_require("osi");
    // this sets up OS introspection API
    assert(init_osi_api());
    panda_cb pcb;    
    pcb.before_block_exec = coverage_before_block_exec;
    panda_register_callback(self, PANDA_CB_BEFORE_BLOCK_EXEC, pcb);
    return true;
}

コード例 #5

0

ファイルを表示

ファイル: file_taint.cpp プロジェクト: blaquee/panda

bool init_plugin(void *self) {

    printf("Initializing plugin file_taint\n");

    panda_arg_list *args;
    args = panda_get_args("file_taint");
    taint_filename = panda_parse_string(args, "filename", "abc123");
    positional_labels = panda_parse_bool(args, "pos");
    use_taint2 = !panda_parse_bool(args, "taint1");
    // used to just find the names of files that get 
    no_taint = panda_parse_bool(args, "notaint");

    printf ("taint_filename = [%s]\n", taint_filename);
    printf ("positional_labels = %d\n", positional_labels);


    panda_require("syscalls2");

    // this sets up the taint api fn ptrs so we have access
    if (!no_taint) {
        if (use_taint2) {
            panda_require("taint2");
            assert(init_taint2_api());
            taint2_enable_taint();
        } else {
            panda_require("taint");
            assert(init_taint_api());
            taint_enable_taint();
        }
    }
    
#if defined(TARGET_I386)
            
    PPP_REG_CB("syscalls2", on_sys_open_enter, open_enter);
    PPP_REG_CB("syscalls2", on_sys_open_return, open_return);
    
    PPP_REG_CB("syscalls2", on_sys_read_enter, read_enter);
    PPP_REG_CB("syscalls2", on_sys_read_return, read_return);
    
#endif
    return true;
}

コード例 #6

0

ファイルを表示

ファイル: osi_linux.cpp プロジェクト: JaonLin/panda

/* ******************************************************************
 Plugin Initialization/Cleanup
****************************************************************** */

/**
 * @brief Initializes plugin.
 */
bool init_plugin(void *self) {
#if defined(TARGET_I386) || defined(TARGET_ARM)
#if (OSI_LINUX_TEST)
	panda_cb pcb = { .after_PGD_write = vmi_pgd_changed };
#endif

	// Read the name of the kernel configuration to use.
	panda_arg_list *plugin_args = panda_get_args(PLUGIN_NAME);
	char *kconf_file = g_strdup(panda_parse_string(plugin_args, "kconf_file", DEFAULT_KERNELINFO_FILE));
	char *kconf_group = g_strdup(panda_parse_string(plugin_args, "kconf_group", DEFAULT_KERNELINFO_GROUP));
	panda_free_args(plugin_args);

	// Load kernel offsets.
	if (read_kernelinfo(kconf_file, kconf_group, &ki) != 0) {
		LOG_ERR("Failed to read kernel info from group \"%s\" of file \"%s\".", kconf_group, kconf_file);
		goto error;
	}
	LOG_INFO("Read kernel info from group \"%s\" of file \"%s\".", kconf_group, kconf_file);
	g_free(kconf_file);
	g_free(kconf_group);

#if (OSI_LINUX_TEST)
	panda_register_callback(self, PANDA_CB_VMI_PGD_CHANGED, pcb);
#else

コード例 #7

0

ファイルを表示

ファイル: file_taint.cpp プロジェクト: AmesianX/panda

bool init_plugin(void *self) {

    printf("Initializing plugin file_taint\n");

#ifdef TARGET_I386
    panda_cb pcb;
    panda_arg_list *args;
    args = panda_get_args("file_taint");
    taint_filename = panda_parse_string(args, "filename", "abc123");
    positional_labels = panda_parse_bool(args, "pos");
    no_taint = panda_parse_bool(args, "notaint");
    end_label = panda_parse_ulong(args, "max_num_labels", 1000000);
    end_label = panda_parse_ulong(args, "end", end_label);
    start_label = panda_parse_ulong(args, "start", 0);
    enable_taint_on_open = panda_parse_bool(args, "enable_taint_on_open");
    first_instr = panda_parse_uint64(args, "first_instr", 0);
    taint_stdin = panda_parse_string(args, "use_stdin_for", nullptr);

    printf ("taint_filename = [%s]\n", taint_filename);
    printf ("positional_labels = %d\n", positional_labels);
    printf ("no_taint = %d\n", no_taint);
    printf ("end_label = %d\n", end_label);
    printf ("first_instr = %" PRId64 " \n", first_instr);

    // you must use '-os os_name' cmdline arg!
    assert (!(panda_os_type == OST_UNKNOWN));

    panda_require("osi");
    assert(init_osi_api());
    panda_require("syscalls2");

    if (taint_stdin) {
        printf("tainting stdin\n");
        assert (panda_os_type == OST_LINUX);
    }

    if (panda_os_type == OST_LINUX) {
        panda_require("osi_linux");
        assert(init_osi_linux_api());

        PPP_REG_CB("syscalls2", on_sys_open_enter, linux_open_enter);
        PPP_REG_CB("syscalls2", on_sys_read_enter, linux_read_enter);
        PPP_REG_CB("syscalls2", on_sys_read_return, linux_read_return);
        PPP_REG_CB("syscalls2", on_sys_pread64_enter, linux_pread_enter);
        PPP_REG_CB("syscalls2", on_sys_pread64_return, linux_pread_return);
    }

    if (panda_os_type == OST_WINDOWS) {
        panda_require("wintrospection");
        assert(init_wintrospection_api());

        PPP_REG_CB("syscalls2", on_NtOpenFile_enter, windows_open_enter);
        PPP_REG_CB("syscalls2", on_NtOpenFile_return, windows_open_return);
        PPP_REG_CB("syscalls2", on_NtCreateFile_enter, windows_create_enter);
        PPP_REG_CB("syscalls2", on_NtCreateFile_return, windows_create_return);
        PPP_REG_CB("syscalls2", on_NtReadFile_enter, windows_read_enter);
        PPP_REG_CB("syscalls2", on_NtReadFile_return, windows_read_return);
    }

    // this sets up the taint api fn ptrs so we have access
    if (!no_taint) {
        if (debug) printf("file_taint: initializing taint2 plugin\n");
        panda_require("taint2");
        assert(init_taint2_api());
        if (!enable_taint_on_open && first_instr == 0) {
            if (debug) printf("file_taint: turning on taint at replay beginning\n");
            taint2_enable_taint();
        }
    }

    if (!no_taint && first_instr > 0) {
        if (debug) printf ("file_taint: turning on taint at instruction %" PRId64 "\n", first_instr);
        // only need this callback if we are turning on taint late
        pcb.before_block_translate = file_taint_enable;
        panda_register_callback(self, PANDA_CB_BEFORE_BLOCK_TRANSLATE, pcb);
    }

    pcb.before_block_exec = osi_foo;
    panda_register_callback(self, PANDA_CB_BEFORE_BLOCK_EXEC, pcb);

#else
    printf ("file_taint: only works for x86 target (really just 32-bit)\n");
    return false;

#endif
    return true;
}