int32_t env_hook_SHGetSpecialFolderPathA(struct emu_env *env, struct emu_env_hook *hook) { struct emu_cpu *c = emu_cpu_get(env->emu); struct emu_memory *mem = emu_memory_get(env->emu); uint32_t eip_save; POP_DWORD(c, &eip_save); /* CopyBOOL SHGetSpecialFolderPath( HWND hwndOwner, __out LPTSTR lpszPath, __in int csidl, __in BOOL fCreate ); */ uint32_t hwnd; POP_DWORD(c, &hwnd); uint32_t buf; POP_DWORD(c, &buf); uint32_t csidl; POP_DWORD(c, &csidl); uint32_t fCreate; POP_DWORD(c, &fCreate); char buf255[255]; memset(buf255,0,254); GetSHFolderName(csidl, (char*)&buf255); emu_memory_write_block(mem,buf,buf255,strlen(buf255)); emu_cpu_reg32_set(c, eax, 0); if ( env->profile != NULL ) { emu_profile_function_add(env->profile, "SHGetSpecialFolderPath"); emu_profile_argument_add_int(env->profile, "HWND", "hwndOwner", hwnd); emu_profile_argument_add_ptr(env->profile, "LPCSTR", "lpszPath", buf); emu_profile_argument_add_string(env->profile, "", "", buf255); emu_profile_argument_add_int(env->profile, "int", "csidl", csidl); emu_profile_argument_add_int(env->profile, "BOOL", "fCreate", fCreate); emu_profile_function_returnvalue_int_set(env->profile, "BOOL", c->reg[eax]); } emu_cpu_eip_set(c, eip_save); return 0; }
int32_t env_linux_hook_dup2(struct emu_env *env, struct emu_env_hook *hook) { struct emu_cpu *c = emu_cpu_get(env->emu); printf("int dup2(int oldfd=%i, int newfd=%i);\n", c->reg[ebx], c->reg[ecx]); if ( env->profile != NULL ) { emu_profile_function_add(env->profile, "dup2"); emu_profile_argument_add_int(env->profile, "int", "oldfd", c->reg[ebx]); emu_profile_argument_add_int(env->profile, "int", "newfd", c->reg[ecx]); emu_profile_function_returnvalue_int_set(env->profile, "int", c->reg[ecx]); } emu_cpu_reg32_set(c, eax, c->reg[ecx]); return 0; }
int32_t env_linux_hook_exit(struct emu_env *env, struct emu_env_hook *hook) { printf("sys_exit(2)\n"); struct emu_cpu *c = emu_cpu_get(env->emu); emu_profile_function_add(env->profile, "exit"); emu_profile_argument_add_int(env->profile, "int", "status", c->reg[ebx]); if (hook->hook.lin->userhook != NULL) { uint32_t r = hook->hook.lin->userhook(env, hook, c->reg[ebx]); emu_cpu_reg32_set(c, eax, r); }else emu_cpu_reg32_set(c, eax, 0); return 0; }
int32_t env_linux_hook_socketcall(struct emu_env *env, struct emu_env_hook *hook) { struct emu_cpu *c = emu_cpu_get(env->emu); #define AL(x) (x) static unsigned char nargs[18]={AL(0),AL(3),AL(3),AL(3),AL(2),AL(3), AL(3),AL(3),AL(4),AL(4),AL(4),AL(6), AL(6),AL(2),AL(5),AL(5),AL(3),AL(3)}; #undef AL uint32_t a[6]; int i; for ( i=0;i<nargs[c->reg[ebx]];i++ ) { emu_memory_read_dword(emu_memory_get(c->emu),c->reg[ecx]+4*i,a+i); } uint32_t returnvalue = 0; switch ( c->reg[ebx] ) { case 1: // SYS_SOCKET printf("int socket(int domain=%i, int type=%i, int protocol=%i);\n", a[0], a[1], a[2]); if (hook->hook.lin->userhook != NULL) returnvalue = hook->hook.lin->userhook(env, hook, a[0], a[1], a[2]); else returnvalue = 14; if ( env->profile != NULL ) { emu_profile_function_add(env->profile, "socket"); emu_profile_argument_add_int(env->profile, "int", "domain", a[0]); emu_profile_argument_add_int(env->profile, "int", "type", a[1]); emu_profile_argument_add_int(env->profile, "int", "protocol", a[2]); emu_profile_function_returnvalue_int_set(env->profile, "int", returnvalue); } emu_cpu_reg32_set(c, eax, returnvalue); break; case 2: // SYS_BIND { /* printf("int bind(int sockfd=%i, struct sockaddr *my_addr=%08x={host %s port %i}, int addrlen);\n", a[0], a[1], inet_ntoa(*(struct in_addr *)&((struct sockaddr_in *)&sa)->sin_addr), ntohs(((struct sockaddr_in *)&sa)->sin_port) ); */ struct sockaddr sa; memset(&sa, 0, sizeof(struct sockaddr)); emu_memory_read_block(emu_memory_get(c->emu), a[1], &sa, sizeof(struct sockaddr)); if (hook->hook.lin->userhook != NULL) returnvalue = hook->hook.lin->userhook(env, hook, a[0], &sa, a[2]); else returnvalue = 0; if (env->profile != NULL) { emu_profile_function_add(env->profile, "bind"); emu_profile_argument_add_int(env->profile, "int", "sockfd", a[0]); emu_profile_argument_add_sockaddr_ptr(env->profile, "my_addr", a[1], sa); emu_profile_argument_add_int(env->profile, "int", "addrlen", a[2]); emu_profile_function_returnvalue_int_set(env->profile, "int", returnvalue); } emu_cpu_reg32_set(c, eax, returnvalue); } break; case 3: // SYS_CONNECT { printf("connect\n"); struct sockaddr sa; memset(&sa, 0, sizeof(struct sockaddr)); emu_memory_read_block(emu_memory_get(c->emu), a[1], &sa, sizeof(struct sockaddr)); if (hook->hook.lin->userhook != NULL) returnvalue = hook->hook.lin->userhook(env, hook, a[0], &sa, a[2]); else returnvalue = 0; if (env->profile != NULL) { emu_profile_function_add(env->profile, "connect"); emu_profile_argument_add_int(env->profile, "int", "sockfd", a[0]); emu_profile_argument_add_sockaddr_ptr(env->profile, "serv_addr", a[1], sa); emu_profile_argument_add_int(env->profile, "int", "addrlen", a[2]); emu_profile_function_returnvalue_int_set(env->profile, "int", returnvalue); } emu_cpu_reg32_set(c, eax, returnvalue); } break; case 4: // SYS_LISTEN printf("int listen(int s=%i, int backlog=%i);\n", a[0], a[1]); if (hook->hook.lin->userhook != NULL) returnvalue = hook->hook.lin->userhook(env, hook, a[0], a[1]); else returnvalue = 0; if (env->profile != NULL) { emu_profile_function_add(env->profile, "listen"); emu_profile_argument_add_int(env->profile, "int", "s", a[0]); emu_profile_argument_add_int(env->profile, "int", "backlog", a[1]); emu_profile_function_returnvalue_int_set(env->profile, "int", returnvalue); } emu_cpu_reg32_set(c, eax, returnvalue); break; case 5: // SYS_ACCEPT printf("int accept(int s=%i, struct sockaddr *addr=%08x, int *addrlen=%08x);\n", a[0], a[1], a[2]); struct sockaddr sa; memset(&sa, 0, sizeof(struct sockaddr)); emu_memory_read_block(emu_memory_get(c->emu), a[1], &sa, sizeof(struct sockaddr)); if (hook->hook.lin->userhook != NULL) returnvalue = hook->hook.lin->userhook(env, hook, a[0], &sa, a[2]); else returnvalue = 19; if (env->profile != NULL) { emu_profile_function_add(env->profile, "accept"); emu_profile_argument_add_int(env->profile, "int", "sockfd", a[0]); emu_profile_argument_add_ptr(env->profile, "sockaddr_in *", "addr", a[1]); emu_profile_argument_add_none(env->profile); emu_profile_argument_add_ptr(env->profile, "int", "addrlen", a[2]); emu_profile_argument_add_none(env->profile); emu_profile_function_returnvalue_int_set(env->profile, "int", returnvalue); } emu_cpu_reg32_set(c, eax, returnvalue); break; case 6: // SYS_GETSOCKNAME printf("sys_getsockname(2)\n"); break; case 7: // SYS_GETPEERNAME printf("sys_getpeername(2)\n"); break; case 8: // SYS_SOCKETPAIR printf("sys_socketpair(2)\n"); break; case 9: // SYS_SEND printf("sys_send(2)\n"); break; case 10: // SYS_RECV printf("sys_recv(2)\n"); break; case 11: // SYS_SENDTO printf("sys_sendto(2)\n"); break; case 12: // SYS_RECVFROM printf("sys_recvfrom(2)\n"); break; case 13: // SYS_SHUTDOWN printf("sys_shutdown(2)\n"); break; case 14: // SYS_SETSOCKOPT printf("sys_setsockopt(2)\n"); break; case 15: // SYS_GETSOCKOPT printf("sys_getsockopt(2)\n"); break; case 16: // SYS_SENDMSG printf("sys_sendmsg(2)\n"); break; case 17: // SYS_RECVMSG printf("sys_recvmsg(2)\n"); break; default: printf("syscall %i (%x) unknown", c->reg[ebx], c->reg[ebx]); } return 0; }
int32_t env_w32_hook_fwrite(struct emu_env *env, struct emu_env_hook *hook) { logDebug(env->emu, "Hook me Captain Cook!\n"); logDebug(env->emu, "%s:%i %s\n",__FILE__,__LINE__,__FUNCTION__); struct emu_cpu *c = emu_cpu_get(env->emu); uint32_t eip_save; POP_DWORD(c, &eip_save); /* size_t fwrite( const void *buffer, size_t size, size_t count, FILE *stream ); */ uint32_t p_buffer; MEM_DWORD_READ(c, c->reg[esp], &p_buffer); uint32_t size; MEM_DWORD_READ(c, (c->reg[esp]+4), &size); uint32_t count; MEM_DWORD_READ(c, (c->reg[esp]+8), &count); unsigned char *buffer = malloc(size*count); emu_memory_read_block(emu_memory_get(env->emu), p_buffer, buffer, size*count); uint32_t p_stream; MEM_DWORD_READ(c, c->reg[esp]+12, &p_stream); uint32_t returnvalue; if ( hook->hook.win->userhook != NULL ) { returnvalue = hook->hook.win->userhook(env, hook, buffer, size, count, p_stream); }else { returnvalue = size*count; } logDebug(env->emu, "fwrite(0x%08x, %d, %d, 0x%08x)\n", p_buffer, size, count, p_stream); emu_cpu_reg32_set(c, eax, returnvalue); if ( env->profile != NULL ) { emu_profile_function_add(env->profile, "fwrite"); emu_profile_function_returnvalue_int_set(env->profile, "size_t", returnvalue); emu_profile_argument_add_ptr(env->profile, "const void *", "buffer", p_buffer); emu_profile_argument_add_bytea(env->profile, "", "", buffer, size*count); emu_profile_argument_add_int(env->profile, "size_t", "size", size); emu_profile_argument_add_int(env->profile, "count_t", "count", count); emu_profile_argument_add_ptr(env->profile, "FILE *", "stream", p_stream); emu_profile_argument_add_none(env->profile); } free(buffer); emu_cpu_eip_set(c, eip_save); return 0; }