diff options
| author | Malfurious <m@lfurio.us> | 2022-09-12 20:33:37 -0400 |
|---|---|---|
| committer | Malfurious <m@lfurio.us> | 2022-09-12 20:33:37 -0400 |
| commit | 3df225eb84bf3415854e922271b2901810e2a81e (patch) | |
| tree | 02f69d8d2e638d22751116d897d8c29ee7040d94 | |
| parent | 506db999842bcd831baaff318ab0da3b7d10e9b3 (diff) | |
| parent | fe63ef169d3ce1e6e14842f716cdbc62b458e1f1 (diff) | |
| download | lib-des-gnux-3df225eb84bf3415854e922271b2901810e2a81e.tar.gz lib-des-gnux-3df225eb84bf3415854e922271b2901810e2a81e.zip | |
Merge branch 'sploit/symtbl-base'
This branch brings some conveniences to the semantics behind Symtbl base
values.
* sploit/symtbl-base:
sploit: rev: Properly base Symtbls for non-PIC binaries
sploit: Fix bugs involving Symtbl base value
sploit: mem: Allow Symtbl base to be modified
| -rw-r--r-- | tools/sploit/sploit/mem.py | 16 | ||||
| -rw-r--r-- | tools/sploit/sploit/rev/r2.py | 7 |
2 files changed, 15 insertions, 8 deletions
diff --git a/tools/sploit/sploit/mem.py b/tools/sploit/sploit/mem.py index 3fee92f..3a3e697 100644 --- a/tools/sploit/sploit/mem.py +++ b/tools/sploit/sploit/mem.py @@ -1,8 +1,8 @@ import types class Symtbl: - def __init__(self, **kwargs): - object.__setattr__(self, '_namesp', types.SimpleNamespace(base=0,sym={},sub={})) + def __init__(self, *, base=0, **kwargs): + object.__setattr__(self, '_namesp', types.SimpleNamespace(base=base,sym={},sub={})) for k, v in {**kwargs}.items(): setattr(self, k, v) @@ -15,11 +15,13 @@ class Symtbl: def __setattr__(self, ident, value): if ident in dir(self): raise Exception(f'Symtbl: assignment would shadow non-symbol "{ident}"') - if ident == 'base': raise Exception('Symtbl: may not redefine symbol "base"') self = self._namesp - if type(value) is tuple: self.sub[ident], off = value - else: off = value - self.sym[ident] = off - self.base + if ident == 'base': + self.base = value + else: + if type(value) is tuple: self.sub[ident], off = value + else: off = value + self.sym[ident] = off - self.base def map(self, addr, off=0): self = self._namesp @@ -34,7 +36,7 @@ class Symtbl: self.sym[k] = v + off def rebase(self, off): - self.adjust(-off) + self.adjust(self.base - off) def __str__(_self): FMT = '\n{:<20} {:<20}' diff --git a/tools/sploit/sploit/rev/r2.py b/tools/sploit/sploit/rev/r2.py index bb3edb3..6dfd499 100644 --- a/tools/sploit/sploit/rev/r2.py +++ b/tools/sploit/sploit/rev/r2.py @@ -13,6 +13,11 @@ def get_elf_symbols(elf): ilog(f'Retrieving symbols of {elf} with r2...') out = {} + cmd_base = 'iI~baddr' + base = run_cmd(elf,cmd_base) + base = re.split(r'\s+',base[0])[1] + base = int(base,0) + cmd_syms = 'is' out_syms = run_cmd(elf,cmd_syms) out_syms = [re.split(r'\s+',sym) for sym in out_syms][4:] @@ -39,7 +44,7 @@ def get_elf_symbols(elf): out_strs = {sym[2][sym[2].rfind('.')+1:]:int(sym[0],0) for sym in out_strs} out.update(out_strs) - return Symtbl(**out) + return Symtbl(base=base, **out) def get_locals(binary,func): ilog(f'Retrieving local stack frame of {hex(func)} in {binary} with r2...') |