Updated ELF stuff
git-svn-id: file:///home/svn/framework3/trunk@5413 4d416f70-5f16-0410-b530-b9f4589650daunstable
parent
ffe2fa80d9
commit
e39c053f76
|
@ -8,5 +8,4 @@ module ElfParsey
|
|||
end
|
||||
end
|
||||
|
||||
require 'rex/elfparsey/exceptions'
|
||||
require 'rex/elfparsey/elf'
|
|
@ -19,7 +19,9 @@ class Elf < ElfBase
|
|||
# ELF Header
|
||||
elf_header = ElfHeader.new(isource.read(offset, ELF_HEADER_SIZE))
|
||||
|
||||
# Data encoding
|
||||
ei_data = elf_header.e_ident[EI_DATA]
|
||||
|
||||
e_phoff = elf_header.e_phoff
|
||||
e_phentsize = elf_header.e_phentsize
|
||||
e_phnum = elf_header.e_phnum
|
||||
|
@ -46,8 +48,6 @@ class Elf < ElfBase
|
|||
self.isource = isource
|
||||
end
|
||||
|
||||
# Stolen from lib/rex/peparsey/pebase.rb
|
||||
|
||||
def self.new_from_file(filename, disk_backed = false)
|
||||
|
||||
file = ::File.new(filename)
|
||||
|
@ -62,21 +62,36 @@ class Elf < ElfBase
|
|||
end
|
||||
end
|
||||
|
||||
# Stolen from lib/rex/peparsey/pebase.rb
|
||||
|
||||
def self.new_from_string(data)
|
||||
return self.new(ImageSource::Memory.new(data))
|
||||
end
|
||||
|
||||
# Stolen from lib/rex/peparsey/pe.rb
|
||||
#
|
||||
# Returns true if this binary is for a 64-bit architecture.
|
||||
#
|
||||
def ptr_64?
|
||||
unless [ ELFCLASS32, ELFCLASS64 ].include?(
|
||||
elf_header.e_ident[EI_CLASS])
|
||||
raise ElfHeaderError, 'Invalid class', caller
|
||||
end
|
||||
|
||||
elf_header.e_ident[EI_CLASS] == ELFCLASS64
|
||||
end
|
||||
|
||||
#
|
||||
# Returns true if this binary is for a 32-bit architecture.
|
||||
# This check does not take into account 16-bit binaries at the moment.
|
||||
#
|
||||
def ptr_32?
|
||||
ptr_64? == false
|
||||
end
|
||||
|
||||
#
|
||||
# Converts a virtual address to a string representation based on the
|
||||
# underlying architecture.
|
||||
#
|
||||
def ptr_s(va)
|
||||
#(ptr_32?) ? ("0x%.8x" % va) : ("0x%.16x" % va)
|
||||
"0x%.8x" % va
|
||||
def ptr_s(rva)
|
||||
(ptr_32?) ? ("0x%.8x" % rva) : ("0x%.16x" % rva)
|
||||
end
|
||||
|
||||
def offset_to_rva(offset)
|
||||
|
@ -95,14 +110,14 @@ class Elf < ElfBase
|
|||
isource.read(rva_to_offset(rva), len)
|
||||
end
|
||||
|
||||
def close
|
||||
isource.close
|
||||
end
|
||||
|
||||
def index(*args)
|
||||
isource.index(*args)
|
||||
end
|
||||
|
||||
def close
|
||||
isource.close
|
||||
end
|
||||
|
||||
end
|
||||
end
|
||||
end
|
|
@ -99,9 +99,11 @@ class ElfBase
|
|||
#
|
||||
|
||||
ELFMAG0 = 0x7f # e_ident[EI_MAG0]
|
||||
ELFMAG1 = 'E' # e_ident[EI_MAG1]
|
||||
ELFMAG2 = 'L' # e_ident[EI_MAG2]
|
||||
ELFMAG3 = 'F' # e_ident[EI_MAG3]
|
||||
ELFMAG1 = ?E # e_ident[EI_MAG1]
|
||||
ELFMAG2 = ?L # e_ident[EI_MAG2]
|
||||
ELFMAG3 = ?F # e_ident[EI_MAG3]
|
||||
|
||||
ELFMAG = ELFMAG0.chr + ELFMAG1.chr + ELFMAG2.chr + ELFMAG3.chr
|
||||
|
||||
# EI_CLASS Identifies the file's class, or capacity
|
||||
|
||||
|
@ -118,8 +120,6 @@ class ElfBase
|
|||
ELFDATA2LSB = 1 # Least significant byte first
|
||||
ELFDATA2MSB = 2 # Most significant byte first
|
||||
|
||||
# Stolen from lib/rex/peparsey/pebase.rb
|
||||
|
||||
class GenericStruct
|
||||
attr_accessor :struct
|
||||
def initialize(_struct)
|
||||
|
@ -154,6 +154,8 @@ class ElfBase
|
|||
|
||||
class ElfHeader < GenericHeader
|
||||
def initialize(rawdata)
|
||||
|
||||
# Identify the data encoding and parse ELF Header
|
||||
elf_header = ELF32_EHDR_LSB.make_struct
|
||||
|
||||
if !elf_header.from_s(rawdata)
|
||||
|
@ -168,16 +170,14 @@ class ElfBase
|
|||
end
|
||||
end
|
||||
|
||||
unless elf_header.v['e_ident'][EI_DATA] == ELFDATA2LSB ||
|
||||
elf_header.v['e_ident'][EI_DATA] == ELFDATA2MSB
|
||||
unless [ ELFDATA2LSB, ELFDATA2MSB ].include?(
|
||||
elf_header.v['e_ident'][EI_DATA])
|
||||
raise ElfHeaderError, 'Invalid data encoding', caller
|
||||
end
|
||||
|
||||
unless elf_header.v['e_ident'][EI_MAG0].to_i == ELFMAG0 &&
|
||||
elf_header.v['e_ident'][EI_MAG1] == ELFMAG1 &&
|
||||
elf_header.v['e_ident'][EI_MAG2] == ELFMAG2 &&
|
||||
elf_header.v['e_ident'][EI_MAG3] == ELFMAG3
|
||||
#raise ElfHeaderError, 'Invalid magic number', caller
|
||||
# Identify the file as an ELF object file
|
||||
unless elf_header.v['e_ident'][EI_MAG0, 4] == ELFMAG
|
||||
raise ElfHeaderError, 'Invalid magic number', caller
|
||||
end
|
||||
|
||||
self.struct = elf_header
|
||||
|
@ -237,6 +237,8 @@ class ElfBase
|
|||
|
||||
class ProgramHeader < GenericHeader
|
||||
def initialize(rawdata, ei_data)
|
||||
|
||||
# Identify the data encoding and parse Program Header
|
||||
if ei_data == ELFDATA2LSB
|
||||
program_header = ELF32_PHDR_LSB.make_struct
|
||||
elsif ei_data == ELFDATA2MSB
|
||||
|
|
|
@ -25,4 +25,3 @@ end
|
|||
|
||||
end
|
||||
end
|
||||
|
||||
|
|
|
@ -2,6 +2,11 @@
|
|||
|
||||
# $Id$
|
||||
|
||||
require 'rex/image_source/image_source.rb'
|
||||
require 'rex/image_source/memory.rb'
|
||||
require 'rex/image_source/disk.rb'
|
||||
module Rex
|
||||
module ImageSource
|
||||
|
||||
end
|
||||
end
|
||||
|
||||
require 'rex/image_source/disk'
|
||||
require 'rex/image_source/memory'
|
|
@ -1,5 +1,12 @@
|
|||
#!/usr/bin/env ruby
|
||||
|
||||
require 'rex/peparsey/exceptions'
|
||||
# $Id$
|
||||
|
||||
module Rex
|
||||
module PeParsey
|
||||
|
||||
end
|
||||
end
|
||||
|
||||
require 'rex/peparsey/pe'
|
||||
require 'rex/peparsey/pe_memdump'
|
|
@ -2,10 +2,10 @@
|
|||
|
||||
# $Id$
|
||||
|
||||
require 'rex/peparsey/pebase'
|
||||
require 'rex/peparsey/exceptions'
|
||||
require 'rex/peparsey/section'
|
||||
require 'rex/image_source'
|
||||
require 'rex/peparsey/exceptions'
|
||||
require 'rex/peparsey/pebase'
|
||||
require 'rex/peparsey/section'
|
||||
require 'rex/struct2'
|
||||
|
||||
module Rex
|
||||
|
|
|
@ -2,10 +2,10 @@
|
|||
|
||||
# $Id$
|
||||
|
||||
require 'rex/peparsey/pebase'
|
||||
require 'rex/peparsey/exceptions'
|
||||
require 'rex/peparsey/section'
|
||||
require 'rex/image_source'
|
||||
require 'rex/peparsey/exceptions'
|
||||
require 'rex/peparsey/pebase'
|
||||
require 'rex/peparsey/section'
|
||||
require 'rex/struct2'
|
||||
|
||||
#
|
||||
|
|
|
@ -2,8 +2,8 @@
|
|||
|
||||
# $Id$
|
||||
|
||||
require 'rex/peparsey/pebase'
|
||||
require 'rex/peparsey/exceptions'
|
||||
require 'rex/peparsey/pebase'
|
||||
require 'rex/struct2'
|
||||
|
||||
module Rex
|
||||
|
|
|
@ -1,3 +1,6 @@
|
|||
#!/usr/bin/env ruby
|
||||
|
||||
# $Id$
|
||||
|
||||
module Rex
|
||||
module PeScan
|
||||
|
@ -5,6 +8,6 @@ module PeScan
|
|||
end
|
||||
end
|
||||
|
||||
require 'rex/pescan/analyze'
|
||||
require 'rex/pescan/scanner'
|
||||
require 'rex/pescan/search'
|
||||
require 'rex/pescan/analyze'
|
||||
|
|
Loading…
Reference in New Issue