/* MUST be called with cs_error held. */
void
resolve_event_strings(kherr_event * e)
{
DWORD_PTR args[8];
va_list vl = (va_list) args;
if ((e->flags & KHERR_RF_STR_RESOLVED) != 0)
return;
va_args_from_event(vl, e, sizeof(args));
resolve_string(e, &e->short_desc, vl,
KHERR_RFMASK_SHORT_DESC,
KHERR_RF_FREE_SHORT_DESC,
KHERR_RF_FREE_SHORT_DESC);
resolve_string(e, &e->long_desc, vl,
KHERR_RFMASK_LONG_DESC,
KHERR_RF_FREE_LONG_DESC,
KHERR_RF_FREE_LONG_DESC);
resolve_string(e, &e->suggestion, vl,
KHERR_RFMASK_SUGGEST,
KHERR_RF_FREE_SUGGEST,
KHERR_RF_FREE_SUGGEST);
resolve_string_resource(e, &e->short_desc, vl,
KHERR_RF_RES_SHORT_DESC,
KHERR_RF_FREE_SHORT_DESC);
resolve_string_resource(e, &e->long_desc, vl,
KHERR_RF_RES_LONG_DESC,
KHERR_RF_FREE_LONG_DESC);
resolve_string_resource(e, &e->suggestion, vl,
KHERR_RF_RES_SUGGEST,
KHERR_RF_FREE_SUGGEST);
resolve_msg_resource(e, &e->short_desc, vl,
KHERR_RF_MSG_SHORT_DESC,
KHERR_RF_FREE_SHORT_DESC);
resolve_msg_resource(e, &e->long_desc, vl,
KHERR_RF_MSG_LONG_DESC,
KHERR_RF_FREE_LONG_DESC);
resolve_msg_resource(e, &e->suggestion, vl,
KHERR_RF_MSG_SUGGEST,
KHERR_RF_FREE_SUGGEST);
/* get rid of dangling reference now that we have done everything
we can with it. Since we have already dealt with all the
parameter inserts, we don't need the parameters anymore
either. */
free_event_params(e);
e->h_module = NULL;
e->flags |= KHERR_RF_STR_RESOLVED;
}
scp_result resolve_strings_2_3(sc_memory_context *context, const sc_char *operator_name, scp_operand *param2,
scp_operand *param3, char **str2, char **str3)
{
if (SCP_RESULT_ERROR == resolve_string(context, operator_name, "Parameter 2", param2, str2))
{
return SCP_RESULT_ERROR;
}
if (SCP_RESULT_ERROR == resolve_string(context, operator_name, "Parameter 3", param3, str3))
{
free(*str2);
return SCP_RESULT_ERROR;
}
return SCP_RESULT_TRUE;
}
void write_string()
{
/* Pass current string literal to write */
emit(OP_LLI, resolve_function("write", 0));
emit(OP_LLI, resolve_string());
emit(OP_CAL, 2);
}
//------------------------------------------------------------------------------
// Name: comment
// Desc:
//------------------------------------------------------------------------------
QString CommentServer::comment(QHexView::address_t address, int size) const {
if(IProcess *process = edb::v1::debugger_core->process()) {
// if the view is currently looking at words which are a pointer in size
// then see if it points to anything...
if(size == edb::v1::pointer_size()) {
edb::address_t value(0);
if(process->read_bytes(address, &value, edb::v1::pointer_size())) {
auto it = custom_comments_.find(value);
if(it != custom_comments_.end()) {
return it.value();
} else {
if(Result<QString> ret = resolve_function_call(value)) {
return *ret;
} else if(Result<QString> ret = resolve_string(value)) {
return *ret;
}
}
}
}
}
return QString();
}
//------------------------------------------------------------------------------
// Name: comment(QHexView::address_t address, int size) const
// Desc:
//------------------------------------------------------------------------------
QString CommentServer::comment(QHexView::address_t address, int size) const {
QString ret;
// if the view is currently looking at words which are a pointer in size
// then see if it points to anything...
if(size == edb::v1::pointer_size()) {
edb::address_t value;
if(edb::v1::debugger_core->read_bytes(address, &value, sizeof(value))) {
QHash<quint64, QString>::const_iterator it = custom_comments_.find(value);
if(it != custom_comments_.end()) {
ret = it.value();
} else {
bool ok;
ret = resolve_function_call(value, ok);
if(!ok) {
ret = resolve_string(value, ok);
}
}
}
}
return ret;
}
crack_index network_crack_http(const string target_ip,const unsigned int target_port,dictionary crack_dictionary,const string crack_express,const string crack_term) {
string resolve_string(crack_express);
split_result split;
crack_index result;
unsigned int username_point=find_string(resolve_string,"%username%");
if (-1==username_point) {
dictionary crack_dictionary_;
resolve_dictionary_add_username(crack_dictionary_,"");
resolve_dictionary_add_password(crack_dictionary_,
resolve_dictionary_get_password_list(crack_dictionary,
resolve_dictionary_get_user_list(crack_dictionary)[0]));
crack_dictionary=crack_dictionary_;
}
unsigned int password_point=find_string(resolve_string,"%password%");
if (-1==password_point) {
dictionary crack_dictionary_;
username_list name_list;
name_list=resolve_dictionary_get_user_list(crack_dictionary);
crack_dictionary=crack_dictionary_;
for (dictionary::const_iterator username_iterator=crack_dictionary.begin();
username_iterator!=crack_dictionary.end();
++username_iterator)
resolve_dictionary_add_username(crack_dictionary,username_iterator->first);
resolve_dictionary_add_password(crack_dictionary,"");
}
unsigned int length_point=find_string(resolve_string,"%length%");
unsigned int handle=scan_tcp_connect(target_ip.c_str(),target_port);
if (-1!=handle) {
for (dictionary::const_iterator username_iterator=crack_dictionary.begin();
username_iterator!=crack_dictionary.end();
++username_iterator) {
for (password_list::const_iterator password_iterator=username_iterator->second.begin();
password_iterator!=username_iterator->second.end();
++password_iterator) {
string packet(resolve_string);
if (-1!=username_point)
replace_string(packet,"%username%",username_iterator->first);
if (-1!=password_point)
replace_string(packet,"%password%",*password_iterator);
packet=resolve_express(packet);
if (-1!=length_point) {
string http_body;
split_result result_body(split_string(packet,"\r\n\r\n"));
if (!result_body.second.empty()) {
unsigned int length=result_body.second.length()-4;
replace_string(packet,"%length%",number_to_string(length));
}
}
CRACK:
scan_tcp_send(handle,packet.c_str(),packet.length());
char recv_buffer[NETWORK_CRACK_RECV_BUFFER_LENGTH]={0};
unsigned int recv_length=scan_tcp_recv(handle,recv_buffer,NETWORK_CRACK_RECV_BUFFER_LENGTH);
if (-1!=recv_length && recv_length) {
if (-1!=find_string(recv_buffer,crack_term)) {
result.first=username_iterator->first;
result.second=*password_iterator;
scan_tcp_disconnect(handle);
return result;
}
} else {
scan_tcp_disconnect(handle);
Sleep(50);
handle=scan_tcp_connect(target_ip.c_str(),target_port);
Sleep(50);
goto CRACK;
}
}
}
scan_tcp_disconnect(handle);
}
return result;
}
scp_result resolve_string_2(sc_memory_context *context, const sc_char *operator_name, scp_operand *param2, char **str2) {
return resolve_string(context, operator_name, "Parameter 2", param2, str2);
}
