nsploit/sploit/rev, branch v0.1 Process interaction tool for software exploitation sploit: rev: Properly base Symtbls for non-PIC binaries 2022-09-13T00:19:09+00:00 Malfurious m@lfurio.us 2022-07-07T04:00:41+00:00 e2665bbeac88d55b78be6a97cb6c247ee57b8dbd The baddr property identified by r2 is now used as the base address for ELF symbol tables. This should not change the addresses retrieved via the table normally, however should fix the internal offsets of the table so that rebasing makes sense. Note that for PIC/PIE binaries we would already get a Symtbl with 'correct' offsets, as r2 is unable to absolutely resolve them for us. In these cases, the Symtbl base value remains at zero. Signed-off-by: Malfurious <m@lfurio.us> Signed-off-by: dusoleil <howcansocksbereal@gmail.com> 
The baddr property identified by r2 is now used as the base address for
ELF symbol tables.  This should not change the addresses retrieved via
the table normally, however should fix the internal offsets of the table
so that rebasing makes sense.

Note that for PIC/PIE binaries we would already get a Symtbl with
'correct' offsets, as r2 is unable to absolutely resolve them for us.
In these cases, the Symtbl base value remains at zero.

Signed-off-by: Malfurious <m@lfurio.us>
Signed-off-by: dusoleil <howcansocksbereal@gmail.com>
sploit: Clean up use of __getattribute__ 2022-03-17T07:48:43+00:00 Malfurious m@lfurio.us 2022-03-16T03:04:16+00:00 d7c7c96b4ff932078d0399b5ec6b4f8b8d87f43e __getattribute__ is the low-level magic func and will intercept every attribute lookup, whereas __getattr__ is high-level, and is only invoked in specific conditions (such as __getattribute__'s failure). As such, any overload of __getattribute__ which preferentially falls back to object.__getattribute__() before serving a request, can more simply be replaced by a __getattr__ overload without the fallback. Signed-off-by: Malfurious <m@lfurio.us> Signed-off-by: dusoleil <howcansocksbereal@gmail.com> 
__getattribute__ is the low-level magic func and will intercept every
attribute lookup, whereas __getattr__ is high-level, and is only invoked
in specific conditions (such as __getattribute__'s failure).

As such, any overload of __getattribute__ which preferentially falls
back to object.__getattribute__() before serving a request, can more
simply be replaced by a __getattr__ overload without the fallback.

Signed-off-by: Malfurious <m@lfurio.us>
Signed-off-by: dusoleil <howcansocksbereal@gmail.com>
sploit: Move __attr_filter__ to a general place in util 2022-03-14T03:34:23+00:00 dusoleil howcansocksbereal@gmail.com 2022-03-14T03:34:23+00:00 c493a8f8073702bcdccdbc40bf09931e201c9013 Found a spot to use __attr_filter__ in the rev module, so moving it out of mem and into a shared place (util). Signed-off-by: dusoleil <howcansocksbereal@gmail.com> 
Found a spot to use __attr_filter__ in the rev module, so moving it out
of mem and into a shared place (util).

Signed-off-by: dusoleil <howcansocksbereal@gmail.com>
sploit: add stack base pointer to locals symtbl 2022-03-14T03:27:30+00:00 dusoleil howcansocksbereal@gmail.com 2022-03-13T08:33:58+00:00 0ddf210c257cd27bb78743b5548d4c26fe1521df Signed-off-by: dusoleil <howcansocksbereal@gmail.com> 
Signed-off-by: dusoleil <howcansocksbereal@gmail.com>
sploit: print hex of addresses in rev logs 2022-03-14T03:27:30+00:00 dusoleil howcansocksbereal@gmail.com 2022-03-13T05:27:21+00:00 22771b12afcc50e3281e48301cedfd0599624b6e Signed-off-by: dusoleil <howcansocksbereal@gmail.com> 
Signed-off-by: dusoleil <howcansocksbereal@gmail.com>
sploit: add status logging to rev module 2022-03-14T03:27:30+00:00 dusoleil howcansocksbereal@gmail.com 2022-03-13T02:22:36+00:00 6bc9c69c534447ecec79ae551d8f6b3e50c71eba Signed-off-by: dusoleil <howcansocksbereal@gmail.com> 
Signed-off-by: dusoleil <howcansocksbereal@gmail.com>
sploit: lazy load libs for ELF 2022-03-14T03:27:30+00:00 dusoleil howcansocksbereal@gmail.com 2022-03-13T01:36:30+00:00 8897faa7387f8103df9dfdb54149d59bfde0e681 Signed-off-by: dusoleil <howcansocksbereal@gmail.com> 
Signed-off-by: dusoleil <howcansocksbereal@gmail.com>
sploit: cache results of external commands 2022-03-14T03:27:30+00:00 dusoleil howcansocksbereal@gmail.com 2022-03-13T00:18:28+00:00 509a8cfcadcca94d336fe08be897f62a721079d2 rather than cacheing ELF instantiations, just cache the results of external commands Signed-off-by: dusoleil <howcansocksbereal@gmail.com> 
rather than cacheing ELF instantiations, just cache the results of
external commands

Signed-off-by: dusoleil <howcansocksbereal@gmail.com>
sploit: add the rest of r2 functions through elf 2022-03-14T03:27:30+00:00 dusoleil howcansocksbereal@gmail.com 2022-03-11T16:36:59+00:00 fc1c413bc6b0054cc9c079dbdd2e74eefd75557a expose the rest of the rev.r2 capabilities through rev.elf Signed-off-by: dusoleil <howcansocksbereal@gmail.com> 
expose the rest of the rev.r2 capabilities through rev.elf

Signed-off-by: dusoleil <howcansocksbereal@gmail.com>
sploit: typo fix in rev.r2 2022-03-14T03:27:30+00:00 dusoleil howcansocksbereal@gmail.com 2022-03-11T16:21:34+00:00 19fc4694e7f825b1fee0cce05c4a34f3ae717679 accidentally left the argument as "elf" instead of "binary" and had the arguments in the wrong order Signed-off-by: dusoleil <howcansocksbereal@gmail.com> 
accidentally left the argument as "elf" instead of "binary" and had the
arguments in the wrong order

Signed-off-by: dusoleil <howcansocksbereal@gmail.com>