std::unique_ptr<wasm_instantiated_module_interface>& get_instantiated_module(const digest_type& code_id, const shared_vector<char>& code) {
auto it = instantiation_cache.find(code_id);
if(it == instantiation_cache.end()) {
IR::Module module;
try {
Serialization::MemoryInputStream stream((const U8*)code.data(), code.size());
WASM::serialize(stream, module);
} catch(Serialization::FatalSerializationException& e) {
EOS_ASSERT(false, wasm_serialization_error, e.message.c_str());
}
wasm_injections::wasm_binary_injection injector(module);
injector.inject();
std::vector<U8> bytes;
try {
Serialization::ArrayOutputStream outstream;
WASM::serialize(outstream, module);
bytes = outstream.getBytes();
} catch(Serialization::FatalSerializationException& e) {
EOS_ASSERT(false, wasm_serialization_error, e.message.c_str());
}
it = instantiation_cache.emplace(code_id, runtime_interface->instantiate_module((const char*)bytes.data(), bytes.size(), parse_initial_memory(module))).first;
}
return it->second;
}
ASTTransformer::Result
NullDerefProtectionTransformer::Transform(clang::Decl* D) {
PointerCheckInjector injector(*m_Interp);
injector.TraverseDecl(D);
return Result(D, true);
}
ASTTransformer::Result
NullDerefProtectionTransformer::Transform(clang::Decl* D) {
if (getCompilationOpts().CheckPointerValidity) {
PointerCheckInjector injector(*m_Interp);
injector.TraverseDecl(D);
}
return Result(D, true);
}
int main() {
fruit::NormalizedComponent<> normalizedComponent(getComponent());
fruit::Injector<XAnnot> injector(normalizedComponent, getComponent2());
injector.get<XAnnot>();
return 0;
}
main(int argc, char** argv) {
/* assign the interface victim machine's ip and mac spoofed machine's ip and mac */
interface=argv[1];
victim_ip=argv[3];
spoofed_mac=argv[4];
spoofed_ip=argv[5];
victim_mac=argv[2];
injector();
return 0;
}
void NullDerefProtectionTransformer::Transform() {
FunctionDecl* FD = getTransaction()->getWrapperFD();
if (!FD)
return;
CompoundStmt* CS = dyn_cast<CompoundStmt>(FD->getBody());
assert(CS && "Function body not a CompundStmt?");
IfStmtInjector injector((*m_Sema));
CompoundStmt* newCS = injector.Inject(CS);
FD->setBody(newCS);
}
ASTTransformer::Result
NullDerefProtectionTransformer::Transform(clang::Decl* D) {
FunctionDecl* FD = dyn_cast<FunctionDecl>(D);
if (!FD || FD->isFromASTFile())
return Result(D, true);
CompoundStmt* CS = dyn_cast_or_null<CompoundStmt>(FD->getBody());
if (!CS)
return Result(D, true);
PointerCheckInjector injector(*m_Sema);
injector.Visit(CS);
return Result(FD, true);
}
int main() {
fruit::Injector<> injector(getComponent());
X* x = injector.unsafeGet<X>();
Y* y = injector.unsafeGet<Y>();
Z* z = injector.unsafeGet<Z>();
(void) x;
(void) y;
(void) z;
assert(x != nullptr);
assert(y != nullptr);
assert(z == nullptr);
return 0;
}
// Unload library from remote process.
bool InjectLibrary::unloadLib() {
GenericInjector injector(process_);
INJECT_CODEPAYLOAD code = createUnloadLibCode();
INJECT_DATAPAYLOAD data = createUnloadLibData();
bool errorFlag = false;
injector.doInjection(data, code);
// Read back return value from freelibrary call.
char* readAddress = (char*)injector.getAddrOfData();
readAddress += sizeof(void*) + sizeof(HMODULE);
int error;
process_.readMemory(readAddress, &error, sizeof(int));
errorFlag = (error != 0);
free(code.code);
free(data.data);
return errorFlag;
}
int main() {
fruit::NormalizedComponent<fruit::Required<XAnnot>, Y> normalizedComponent(getComponent());
X x{};
fruit::Injector<XAnnot> injector(normalizedComponent, fruit::Component<XAnnot>(fruit::createComponent().bindInstance<XAnnot>(x)));
injector.get<fruit::Annotated<Annotation, X*>>();
fruit::Injector<Y> injector2(normalizedComponent, getXComponent(x));
injector2.get<Y*>();
fruit::Injector<Y> injector3(normalizedComponent, getXComponent(x));
injector3.get<Y*>();
fruit::Injector<XAnnot> injector4(normalizedComponent, fruit::Component<XAnnot>(fruit::createComponent().bindInstance<XAnnot>(x)));
injector4.get<fruit::Annotated<Annotation, X*>>();
return 0;
}
void IDAStealth::StealthSession::dbgAttachThread(unsigned int processID,
const std::string& configFile, const std::string profile)
{
try
{
performCommonInit();
if (ipc_) ipc_->remove();
ipc_ = IPCConfigExchangeWriter_Ptr(new IPC::IPCConfigExchangeWriter(processID));
ipc_->setConfigFile(configFile);
ipc_->setProfile(profile);
ipc_->setPERestoreRequired(false);
Process process(processID);
InjectLibrary injector(getStealthDllPath(), process);
bool injected = injector.injectLib();
if (injected) logString("Successfully injected stealth dll (while attaching to process)");
else logString("Injection of stealth dll failed (while attaching to process)!");
}
catch (const std::exception& e)
{
logString(e.what());
}
}
int main() {
{
/*<<create injector with deduced `interface`>>*/
auto injector = di::make_injector(
di::deduce<implementation>()
);
/*<<create `example`>>*/
injector.create<example>();
}
{
/*<<create injector with deduced `interface`>>*/
using injector = di::injector<
implementation
>;
/*<<create `example`>>*/
injector().create<example>();
}
return 0;
}
int main() {
fruit::NormalizedComponent<fruit::Required<fruit::Annotated<Annotation, X>>> normalizedComponent(getComponent());
fruit::Injector<> injector(normalizedComponent, fruit::Component<>(fruit::createComponent()));
return 0;
}
INJECT_CODEPAYLOAD InjectLibrary::createLoadLibCode() {
size_t s, e;
void* source;
__asm
{
mov s, offset _start
mov e, offset _end
mov source, offset _start
jmp _end // we only want to copy this code - not execute it so jump over it
_start:
// create standard stack frame
push ebp
mov ebp, esp
push esi
push edi
mov esi, [ebp+8] // get first param, ESI now points to strcut
mov edi, [esi] // get loadlibrary pointer
lea ecx, [esi+4] // get addres of dll filename
push ecx
call edi // call loadlibrary
lea ecx, [esi+MAX_PATH+4] // let EBX point to the handle entry in our struct
mov [ecx], eax // save handle
xor eax, eax
pop edi
pop esi
pop ebp
ret
_end:
}
INJECT_CODEPAYLOAD tmpPayload;
tmpPayload.size = e - s;
tmpPayload.code = malloc(tmpPayload.size);
// Copying code from code section should always work.
memcpy(tmpPayload.code, source, tmpPayload.size);
return tmpPayload;
}
#pragma warning(default : 4731 4740)
// Inject code into remote process to load the library.
bool InjectLibrary::injectLib() {
GenericInjector injector(process_);
INJECT_DATAPAYLOAD data = createLoadLibData();
INJECT_CODEPAYLOAD code = createLoadLibCode();
injector.doInjection(data, code);
free(data.data);
free(code.code);
// Read back dll handle.
char* readAddress = (char*)injector.getAddrOfData();
readAddress += MAX_PATH + sizeof(HANDLE);
HMODULE hRemoteDll;
process_.readMemory(readAddress, (void*)&hRemoteDll, sizeof(HMODULE));
hDll_ = hRemoteDll;
return (hDll_ == 0 ? false : true);
}
int main() {
fruit::NormalizedComponent<> normalizedComponent(fruit::createComponent());
fruit::Injector<X> injector(normalizedComponent, fruit::Component<>(fruit::createComponent()));
return 0;
}
int main() {
fruit::NormalizedComponent<XAnnot> normalizedComponent(fruit::createComponent());
fruit::Injector<XAnnot> injector(normalizedComponent, getComponent());
return 0;
}
int main() {
fruit::NormalizedComponent<> normalizedComponent(fruit::createComponent());
fruit::Injector<X> injector(std::move(normalizedComponent), fruit::createComponent());
return 0;
}
//-------------------------------------------------------
void OdbcPersistor::RestoreAll()
{
int connectionAttempts = 0;
bool errorReported = false;
EntityIdSet restoredObjects;
const int binaryLargeSize = Safir::Dob::PersistenceParameters::BinaryDataColumnSize();
const int binarySmallSize = Safir::Dob::PersistenceParameters::BinarySmallDataColumnSize();
const int xmlSize = Safir::Dob::PersistenceParameters::XmlDataColumnSize();
SQLHDBC getAllConnection = SQL_NULL_HANDLE;
bool isConnected = false;
bool getAllIsValid = false;
SQLHSTMT getAllStatement = SQL_NULL_HANDLE;
Safir::Dob::Typesystem::Int64 typeId = 0;
Safir::Dob::Typesystem::Int64 instance = 0;
Safir::Dob::Typesystem::Int64 handlerId = 0;
boost::scoped_array<unsigned char> storeBinarySmallData(new unsigned char[binarySmallSize]);
SQLLEN currentSmallDataSize = 0;
boost::scoped_array<unsigned char> storeBinaryLargeData(new unsigned char[binaryLargeSize]);
SQLLEN currentLargeDataSize = 0;
boost::scoped_array<char> xmlBuffer(new char[xmlSize]);
boost::scoped_array<wchar_t> xmlBufferW(new wchar_t[xmlSize / sizeof(wchar_t)]);
SQLLEN currentXmlSize = 0;
const boost::chrono::steady_clock::time_point startTime = boost::chrono::steady_clock::now();
const SQLRETURN ret = ::SQLAllocHandle(SQL_HANDLE_DBC, m_environment, &getAllConnection);
if (!SQL_SUCCEEDED(ret))
{
OdbcHelper::ThrowException(SQL_HANDLE_ENV, m_environment);
}
bool done = false;
while (!done)
{
try
{
ConnectIfNeeded(getAllConnection, isConnected, connectionAttempts);
for (;;)
{
//getAll statement execution (will loop here until we successfully execute)
if (!getAllIsValid)
{
m_helper.AllocStatement(&getAllStatement, getAllConnection);
m_helper.Prepare(
getAllStatement,
"SELECT typeId, instance, handlerid, xmlData, binaryData, binarySmallData "
"FROM PersistentEntity");
m_helper.BindColumnInt64(getAllStatement, 1, &typeId);
m_helper.BindColumnInt64(getAllStatement, 2, &instance);
m_helper.BindColumnInt64(getAllStatement, 3, &handlerId);
if (Safir::Dob::PersistenceParameters::TextColumnsAreUtf8())
{
BindColumnString(getAllStatement, 4, xmlSize, xmlBuffer.get(), ¤tXmlSize);
}
else
{
BindColumnStringW(getAllStatement,
4,
xmlSize / sizeof(wchar_t),
xmlBufferW.get(),
¤tXmlSize);
}
m_helper.BindColumnBinary(getAllStatement, 5, binaryLargeSize, storeBinaryLargeData.get(), ¤tLargeDataSize);
m_helper.BindColumnBinary(getAllStatement, 6, binarySmallSize, storeBinarySmallData.get(), ¤tSmallDataSize);
}
try
{
m_helper.Execute(getAllStatement);
break;
}
catch(const OdbcException& e)
{
const std::wstring err = Safir::Dob::Typesystem::Utilities::ToWstring(e.what());
m_debug << "Caught a RetryException in GetAll:\n" << err << std::endl;
boost::this_thread::sleep_for(RETRY_EXCEPTION_DELAY);
}
}
for (;;)
{
if (!m_helper.Fetch(getAllStatement))
{//we've got all rows!
done = true;
break;
}
const Safir::Dob::Typesystem::EntityId entityId
(typeId,
Safir::Dob::Typesystem::InstanceId(instance));
const Safir::Dob::Typesystem::HandlerId handler(handlerId);
auto findIt = GetPersistentTypes().find(entityId.GetTypeId());
if (findIt == GetPersistentTypes().end())
{ //not to be persisted!
Remove(entityId);
continue;
}
if (restoredObjects.find(entityId) != restoredObjects.end())
{ //already restored this object
continue;
}
try
{
Safir::Dob::ConnectionAspectInjector injector(m_dobConnection);
if (currentXmlSize != SQL_NULL_DATA)
{ //some xml persistent data set
std::wstring xml;
if (Safir::Dob::PersistenceParameters::TextColumnsAreUtf8())
{
xml = Safir::Dob::Typesystem::Utilities::ToWstring(xmlBuffer.get());
}
else
{
xml = xmlBufferW.get();
}
m_debug
<< "Restoring from xml" << entityId
<< ", size = " << xml.size()
<< ". First 100 chars of the data: " << xml.substr(0,100)
<< std::endl;
const Safir::Dob::Typesystem::ObjectPtr object =
Safir::Dob::Typesystem::Serialization::ToObject(xml);
const Safir::Dob::EntityPtr entity =
boost::dynamic_pointer_cast<Safir::Dob::Entity>(object);
m_debug << "Successfully deserialized" <<std::endl;
injector.InitialSet(entity, entityId.GetInstanceId(), handler);
m_debug << "InitialSet successful"<<std::endl;
Safir::Dob::Typesystem::BinarySerialization bin;
Safir::Dob::Typesystem::Serialization::ToBinary(entity, bin);
Store(entityId, handler, bin, true);
m_debug << "Stored it as binary" << std::endl;
}
else if (currentSmallDataSize != SQL_NULL_DATA)
{
const char * const data = reinterpret_cast<const char * const>(storeBinarySmallData.get());
m_debug << "Restoring " << entityId << " from binary " <<std::endl;
Safir::Dob::EntityPtr entity =
boost::dynamic_pointer_cast<Safir::Dob::Entity>
(Safir::Dob::Typesystem::ObjectFactory::Instance().CreateObject(data));
m_debug << "Successfully deserialized" <<std::endl;
injector.InitialSet(entity, entityId.GetInstanceId(), handler);
m_debug << "InitialSet successful"<<std::endl;
}
else
{
if (currentLargeDataSize != SQL_NULL_DATA)
{ //some binarypersistent data set
const char * const data = reinterpret_cast<const char * const>(storeBinaryLargeData.get());
m_debug << "Restoring " << entityId << " from binary " <<std::endl;
Safir::Dob::EntityPtr entity =
boost::dynamic_pointer_cast<Safir::Dob::Entity>
(Safir::Dob::Typesystem::ObjectFactory::Instance().CreateObject(data));
m_debug << "Successfully deserialized" <<std::endl;
injector.InitialSet(entity, entityId.GetInstanceId(), handler);
m_debug << "InitialSet successful"<<std::endl;
}
else
{
m_debug << "No data set for " << entityId <<std::endl;
}
}
//add the objectid to the list of objectids that we've done, so that we can resume from where
//we were in case the db goes down during restore
restoredObjects.insert(entityId);
}
catch(const Safir::Dob::Typesystem::IllegalValueException &)
{
m_debug << "Could not restore "
<< entityId.ToString()
<< ", removing it" << std::endl;
Safir::Logging::SendSystemLog(Safir::Logging::Error,
L"Failed to restore entity" +
entityId.ToString() +
L", will remove persisted data.");
//we don't want to try it again if the connection fails later.
restoredObjects.insert(entityId);
//remove the row from the db
Remove(entityId);
//since we did not remove the objectid from persistentObjects an empty row will be inserted below.
}
}
}
catch(const OdbcException& e)
{
const std::wstring err = Safir::Dob::Typesystem::Utilities::ToWstring(e.what());
m_debug << "Caught a ReconnectException in RestoreAll:\n" << err << std::endl;
if (connectionAttempts > REPORT_AFTER_RECONNECTS && !errorReported)
{
Safir::Logging::SendSystemLog(Safir::Logging::Error,
L"RestoreAll: Failed to connect to the database, will keep trying. Exception info: " +
err);
errorReported = true;
}
if (isConnected)
{
Disconnect(getAllConnection);
isConnected = false;
}
getAllIsValid = false;
boost::this_thread::sleep_for(RECONNECT_EXCEPTION_DELAY);
}
}
if (errorReported)
{
Safir::Logging::SendSystemLog(Safir::Logging::Informational,
L"Successfully connected to the database");
errorReported = false;
connectionAttempts = 0;
}
try
{
if (isConnected)
{
Disconnect(getAllConnection);
}
FreeConnection(getAllConnection);
}
catch(const OdbcException& e)
{
const std::wstring err = Safir::Dob::Typesystem::Utilities::ToWstring(e.what());
Safir::Logging::SendSystemLog(Safir::Logging::Error,
L"Whoops. Error while disconnecting the getAllConnection. Ignoring this and moving on. Exception info: " +
err);
}
m_debug << "RestoreAll completed: "
<< restoredObjects.size()
<< " objects restored in time "
<< boost::chrono::steady_clock::now() - startTime << std::endl;
}
