2021-08-14 16:28:20 +00:00
|
|
|
/* radare - LGPL - Copyright 2009-2021 - pancake */
|
2017-02-03 12:06:03 +00:00
|
|
|
|
2016-05-03 02:52:41 +00:00
|
|
|
#include "r_cons.h"
|
|
|
|
#include "r_core.h"
|
|
|
|
#include "r_egg.h"
|
2012-02-27 02:07:32 +00:00
|
|
|
|
2017-08-10 09:52:13 +00:00
|
|
|
static const char *help_msg_g[] = {
|
|
|
|
"Usage:", "g[wcilper] [arg]", "Go compile shellcodes",
|
2022-04-11 09:09:41 +00:00
|
|
|
"g", " ", "compile the shellcode",
|
|
|
|
"g", " foo.r", "compile r_egg source file",
|
|
|
|
"gw", "", "compile and write",
|
|
|
|
"gc", " cmd=/bin/ls", "set config option for shellcodes and encoders",
|
|
|
|
"gc", "", "list all config options",
|
|
|
|
"gL", "[?]", "list plugins (shellcodes, encoders)",
|
|
|
|
"gs", " name args", "compile syscall name(args)",
|
|
|
|
"gi", " [type]", "define the shellcode type",
|
|
|
|
"git", " [...]", "your favourite version control",
|
|
|
|
"gp", " padding", "define padding for command",
|
|
|
|
"ge", " [encoder] [key]", "specify an encoder and a key",
|
|
|
|
"gr", "", "reset r_egg",
|
|
|
|
"gS", "", "show the current configuration",
|
2017-08-10 09:52:13 +00:00
|
|
|
"EVAL VARS:", "", "asm.arch, asm.bits, asm.os",
|
|
|
|
NULL
|
|
|
|
};
|
|
|
|
|
2017-03-07 13:50:34 +00:00
|
|
|
static void cmd_egg_option(REgg *egg, const char *key, const char *input) {
|
2017-02-03 12:06:03 +00:00
|
|
|
if (!*input) {
|
|
|
|
return;
|
|
|
|
}
|
2017-03-07 13:50:34 +00:00
|
|
|
if (input[1] != ' ') {
|
2012-02-27 02:07:32 +00:00
|
|
|
char *a = r_egg_option_get (egg, key);
|
|
|
|
if (a) {
|
2016-06-26 04:51:17 +00:00
|
|
|
r_cons_println (a);
|
2012-02-27 02:07:32 +00:00
|
|
|
free (a);
|
|
|
|
}
|
2017-03-07 13:50:34 +00:00
|
|
|
} else {
|
|
|
|
r_egg_option_set (egg, key, input + 2);
|
|
|
|
}
|
2012-02-27 02:07:32 +00:00
|
|
|
}
|
2013-08-29 02:44:18 +00:00
|
|
|
|
2017-02-03 12:06:03 +00:00
|
|
|
static void showBuffer(RBuffer *b) {
|
2012-02-27 02:07:32 +00:00
|
|
|
int i;
|
2019-03-15 19:28:52 +00:00
|
|
|
if (b && r_buf_size (b) > 0) {
|
2019-05-15 13:34:06 +00:00
|
|
|
r_buf_seek (b, 0, R_BUF_SET);
|
2019-03-15 19:28:52 +00:00
|
|
|
for (i = 0; i < r_buf_size (b); i++) {
|
2019-03-26 19:32:53 +00:00
|
|
|
r_cons_printf ("%02x", r_buf_read8 (b));
|
2017-02-03 12:06:03 +00:00
|
|
|
}
|
2018-03-14 14:31:08 +00:00
|
|
|
r_cons_newline ();
|
2017-02-03 12:06:03 +00:00
|
|
|
}
|
|
|
|
}
|
|
|
|
|
2018-02-09 17:45:54 +00:00
|
|
|
#if 0
|
2017-03-07 13:50:34 +00:00
|
|
|
static int compileShellcode(REgg *egg, const char *input){
|
|
|
|
int i = 0;
|
|
|
|
RBuffer *b;
|
|
|
|
if (!r_egg_shellcode (egg, input)) {
|
|
|
|
eprintf ("Unknown shellcode '%s'\n", input);
|
2018-01-03 19:28:08 +00:00
|
|
|
return 1;
|
2017-03-07 13:50:34 +00:00
|
|
|
}
|
|
|
|
if (!r_egg_assemble (egg)) {
|
|
|
|
eprintf ("r_egg_assemble : invalid assembly\n");
|
2018-01-03 19:28:08 +00:00
|
|
|
r_egg_reset (egg);
|
2017-03-07 13:50:34 +00:00
|
|
|
return 1;
|
|
|
|
}
|
|
|
|
if (!egg->bin) {
|
|
|
|
egg->bin = r_buf_new ();
|
|
|
|
}
|
|
|
|
if (!(b = r_egg_get_bin (egg))) {
|
|
|
|
eprintf ("r_egg_get_bin: invalid egg :(\n");
|
2018-01-03 19:28:08 +00:00
|
|
|
r_egg_reset (egg);
|
2017-03-07 13:50:34 +00:00
|
|
|
return 1;
|
|
|
|
}
|
|
|
|
r_egg_finalize (egg);
|
|
|
|
for (i = 0; i < b->length; i++) {
|
|
|
|
r_cons_printf ("%02x", b->buf[i]);
|
|
|
|
}
|
|
|
|
r_cons_newline ();
|
2018-01-03 19:28:08 +00:00
|
|
|
r_egg_reset (egg);
|
2017-03-07 13:50:34 +00:00
|
|
|
return 0;
|
|
|
|
}
|
2018-02-09 17:45:54 +00:00
|
|
|
#endif
|
2017-03-07 13:50:34 +00:00
|
|
|
|
2017-02-03 12:06:03 +00:00
|
|
|
static int cmd_egg_compile(REgg *egg) {
|
2012-02-27 02:07:32 +00:00
|
|
|
RBuffer *b;
|
2015-09-14 10:35:38 +00:00
|
|
|
int ret = false;
|
2012-02-27 02:07:32 +00:00
|
|
|
char *p = r_egg_option_get (egg, "egg.shellcode");
|
|
|
|
if (p && *p) {
|
|
|
|
if (!r_egg_shellcode (egg, p)) {
|
2018-01-16 10:01:35 +00:00
|
|
|
eprintf ("Unknown shellcode '%s'\n", p);
|
2012-02-27 02:07:32 +00:00
|
|
|
free (p);
|
2015-09-14 10:35:38 +00:00
|
|
|
return false;
|
2012-02-27 02:07:32 +00:00
|
|
|
}
|
|
|
|
free (p);
|
2018-01-16 10:01:35 +00:00
|
|
|
} else {
|
|
|
|
eprintf ("Setup a shellcode before (gi command)\n");
|
|
|
|
free (p);
|
|
|
|
return false;
|
2012-02-27 02:07:32 +00:00
|
|
|
}
|
2018-01-16 10:01:35 +00:00
|
|
|
|
2012-02-27 02:07:32 +00:00
|
|
|
r_egg_compile (egg);
|
|
|
|
if (!r_egg_assemble (egg)) {
|
|
|
|
eprintf ("r_egg_assemble: invalid assembly\n");
|
2015-09-14 10:35:38 +00:00
|
|
|
return false;
|
2012-02-27 02:07:32 +00:00
|
|
|
}
|
|
|
|
p = r_egg_option_get (egg, "egg.padding");
|
|
|
|
if (p && *p) {
|
|
|
|
r_egg_padding (egg, p);
|
|
|
|
free (p);
|
|
|
|
}
|
|
|
|
p = r_egg_option_get (egg, "egg.encoder");
|
|
|
|
if (p && *p) {
|
|
|
|
r_egg_encode (egg, p);
|
|
|
|
free (p);
|
|
|
|
}
|
|
|
|
if ((b = r_egg_get_bin (egg))) {
|
2017-02-03 12:06:03 +00:00
|
|
|
showBuffer (b);
|
2015-09-14 10:35:38 +00:00
|
|
|
ret = true;
|
2012-02-27 02:07:32 +00:00
|
|
|
}
|
|
|
|
// we do not own this buffer!!
|
|
|
|
// r_buf_free (b);
|
2018-01-16 10:01:35 +00:00
|
|
|
r_egg_option_set (egg, "egg.shellcode", "");
|
|
|
|
r_egg_option_set (egg, "egg.padding", "");
|
|
|
|
r_egg_option_set (egg, "egg.encoder", "");
|
|
|
|
r_egg_option_set (egg, "key", "");
|
|
|
|
|
2012-02-27 02:07:32 +00:00
|
|
|
r_egg_reset (egg);
|
|
|
|
return ret;
|
|
|
|
}
|
|
|
|
|
|
|
|
static int cmd_egg(void *data, const char *input) {
|
2017-03-07 13:50:34 +00:00
|
|
|
RCore *core = (RCore *) data;
|
2012-02-27 02:07:32 +00:00
|
|
|
REgg *egg = core->egg;
|
|
|
|
char *oa, *p;
|
|
|
|
r_egg_setup (egg,
|
|
|
|
r_config_get (core->config, "asm.arch"),
|
2022-04-22 17:47:25 +00:00
|
|
|
core->rasm->config->bits, 0,
|
2012-02-27 02:07:32 +00:00
|
|
|
r_config_get (core->config, "asm.os")); // XXX
|
|
|
|
switch (*input) {
|
2015-08-26 01:07:20 +00:00
|
|
|
case 's': // "gs"
|
2013-08-29 02:44:18 +00:00
|
|
|
// TODO: pass args to r_core_syscall without vararg
|
2015-08-26 01:07:20 +00:00
|
|
|
if (input[1] == ' ') {
|
2017-02-03 12:06:03 +00:00
|
|
|
RBuffer *buf = NULL;
|
2017-03-07 13:50:34 +00:00
|
|
|
const char *ooaa = input + 2;
|
|
|
|
while (IS_WHITESPACE (*ooaa) && *ooaa) ooaa++;
|
2015-08-26 01:07:20 +00:00
|
|
|
oa = strdup (ooaa);
|
2017-02-03 12:06:03 +00:00
|
|
|
p = strchr (oa + 1, ' ');
|
2013-08-29 17:46:48 +00:00
|
|
|
if (p) {
|
|
|
|
*p = 0;
|
2017-02-03 12:06:03 +00:00
|
|
|
buf = r_core_syscall (core, oa, p + 1);
|
2013-08-29 17:46:48 +00:00
|
|
|
} else {
|
2017-02-03 12:06:03 +00:00
|
|
|
buf = r_core_syscall (core, oa, "");
|
2013-08-29 02:44:18 +00:00
|
|
|
}
|
2013-08-29 17:46:48 +00:00
|
|
|
free (oa);
|
2018-01-07 17:52:14 +00:00
|
|
|
if (buf) {
|
|
|
|
showBuffer (buf);
|
|
|
|
}
|
2018-01-07 17:43:19 +00:00
|
|
|
egg->lang.nsyscalls = 0;
|
2015-08-26 01:07:20 +00:00
|
|
|
} else {
|
2015-04-16 15:49:17 +00:00
|
|
|
eprintf ("Usage: gs [syscallname] [parameters]\n");
|
2013-08-29 17:46:48 +00:00
|
|
|
}
|
2013-08-29 02:44:18 +00:00
|
|
|
break;
|
2017-02-03 12:06:03 +00:00
|
|
|
case ' ': // "g "
|
2015-03-22 23:05:18 +00:00
|
|
|
if (input[1] && input[2]) {
|
2017-03-07 13:50:34 +00:00
|
|
|
r_egg_load (egg, input + 2, 0);
|
2017-02-03 12:06:03 +00:00
|
|
|
if (!cmd_egg_compile (egg)) {
|
2017-03-07 13:50:34 +00:00
|
|
|
eprintf ("Cannot compile '%s'\n", input + 2);
|
2017-02-03 12:06:03 +00:00
|
|
|
}
|
2015-03-22 22:24:13 +00:00
|
|
|
} else {
|
|
|
|
eprintf ("wat\n");
|
|
|
|
}
|
2012-02-27 02:07:32 +00:00
|
|
|
break;
|
2017-02-03 12:06:03 +00:00
|
|
|
case '\0': // "g"
|
2017-03-07 13:50:34 +00:00
|
|
|
if (!cmd_egg_compile (egg)) {
|
2012-02-27 02:07:32 +00:00
|
|
|
eprintf ("Cannot compile\n");
|
2017-03-07 13:50:34 +00:00
|
|
|
}
|
2012-02-27 02:07:32 +00:00
|
|
|
break;
|
2015-08-26 01:07:20 +00:00
|
|
|
case 'p': // "gp"
|
2018-01-14 09:21:02 +00:00
|
|
|
if (input[1] == ' ') {
|
|
|
|
if (input[0] && input[2]) {
|
|
|
|
r_egg_option_set (egg, "egg.padding", input + 2);
|
|
|
|
}
|
|
|
|
} else {
|
2020-10-30 11:30:42 +00:00
|
|
|
eprintf ("Usage: gp [padding]\n");
|
2017-03-07 13:50:34 +00:00
|
|
|
}
|
2012-02-27 02:07:32 +00:00
|
|
|
break;
|
2015-08-26 01:07:20 +00:00
|
|
|
case 'e': // "ge"
|
2018-01-14 09:21:02 +00:00
|
|
|
if (input[1] == ' ') {
|
|
|
|
const char *encoder = input + 2;
|
|
|
|
while (IS_WHITESPACE (*encoder) && *encoder) {
|
|
|
|
encoder++;
|
|
|
|
}
|
|
|
|
|
|
|
|
oa = strdup (encoder);
|
|
|
|
p = strchr (oa + 1, ' ');
|
|
|
|
|
|
|
|
if (p) {
|
|
|
|
*p = 0;
|
|
|
|
r_egg_option_set (egg, "key", p + 1);
|
|
|
|
r_egg_option_set (egg, "egg.encoder", oa);
|
|
|
|
} else {
|
2020-10-30 11:30:42 +00:00
|
|
|
eprintf ("Usage: ge [encoder] [key]\n");
|
2017-03-07 13:50:34 +00:00
|
|
|
}
|
2018-01-14 09:21:02 +00:00
|
|
|
free (oa);
|
|
|
|
} else {
|
|
|
|
eprintf ("Usage: ge [encoder] [key]\n");
|
2017-03-07 13:50:34 +00:00
|
|
|
}
|
2012-02-27 02:07:32 +00:00
|
|
|
break;
|
2020-10-30 11:30:42 +00:00
|
|
|
case 'i': // "gi"
|
2021-09-25 10:41:23 +00:00
|
|
|
if (input[1] == 't') {
|
|
|
|
if (input[2] == '?') {
|
|
|
|
r_sys_cmd ("git --help");
|
|
|
|
} else {
|
|
|
|
r_sys_cmdf ("git%s", input + 2);
|
|
|
|
}
|
|
|
|
} else if (input[1] == ' ') {
|
2018-01-14 09:21:02 +00:00
|
|
|
if (input[0] && input[2]) {
|
|
|
|
r_egg_option_set (egg, "egg.shellcode", input + 2);
|
|
|
|
} else {
|
|
|
|
eprintf ("Usage: gi [shellcode-type]\n");
|
|
|
|
}
|
2017-03-07 13:50:34 +00:00
|
|
|
} else {
|
2018-01-14 09:21:02 +00:00
|
|
|
eprintf ("Usage: gi [shellcode-type]\n");
|
2017-03-07 13:50:34 +00:00
|
|
|
}
|
2012-02-27 02:07:32 +00:00
|
|
|
break;
|
2021-06-04 12:43:18 +00:00
|
|
|
case 'L': // "gL"
|
2017-02-03 12:06:03 +00:00
|
|
|
case 'l': // "gl"
|
2017-03-07 13:50:34 +00:00
|
|
|
{
|
|
|
|
RListIter *iter;
|
|
|
|
REggPlugin *p;
|
|
|
|
r_list_foreach (egg->plugins, iter, p) {
|
2017-05-22 00:54:26 +00:00
|
|
|
r_cons_printf ("%s %6s : %s\n",
|
2017-02-03 12:06:03 +00:00
|
|
|
(p->type == R_EGG_PLUGIN_SHELLCODE)?
|
2017-03-07 13:50:34 +00:00
|
|
|
"shc": "enc", p->name, p->desc);
|
2012-02-27 02:07:32 +00:00
|
|
|
}
|
2017-03-07 13:50:34 +00:00
|
|
|
}
|
|
|
|
break;
|
2018-01-16 10:01:35 +00:00
|
|
|
case 'S': // "gS"
|
|
|
|
{
|
2018-03-14 14:31:08 +00:00
|
|
|
static const char *configList[] = {
|
|
|
|
"egg.shellcode",
|
|
|
|
"egg.encoder",
|
|
|
|
"egg.padding",
|
|
|
|
"key",
|
|
|
|
"cmd",
|
|
|
|
"suid",
|
|
|
|
NULL
|
|
|
|
};
|
2018-01-16 10:01:35 +00:00
|
|
|
r_cons_printf ("Configuration options\n");
|
2018-03-14 14:31:08 +00:00
|
|
|
int i;
|
|
|
|
for (i = 0; configList[i]; i++) {
|
|
|
|
const char *p = configList[i];
|
2018-01-16 10:01:35 +00:00
|
|
|
if (r_egg_option_get (egg, p)) {
|
|
|
|
r_cons_printf ("%s : %s\n", p, r_egg_option_get (egg, p));
|
|
|
|
} else {
|
|
|
|
r_cons_printf ("%s : %s\n", p, "");
|
|
|
|
}
|
|
|
|
}
|
|
|
|
r_cons_printf ("\nTarget options\n");
|
2022-04-24 18:33:03 +00:00
|
|
|
RArchConfig *ac = core->anal->config;
|
|
|
|
r_cons_printf ("arch : %s\n", ac->cpu);
|
|
|
|
r_cons_printf ("os : %s\n", ac->os);
|
|
|
|
r_cons_printf ("bits : %d\n", ac->bits);
|
2018-01-16 10:01:35 +00:00
|
|
|
}
|
|
|
|
break;
|
2017-02-03 12:06:03 +00:00
|
|
|
case 'r': // "gr"
|
2012-02-27 02:07:32 +00:00
|
|
|
cmd_egg_option (egg, "egg.padding", "");
|
|
|
|
cmd_egg_option (egg, "egg.shellcode", "");
|
|
|
|
cmd_egg_option (egg, "egg.encoder", "");
|
|
|
|
break;
|
2017-02-03 12:06:03 +00:00
|
|
|
case 'c': // "gc"
|
2012-02-27 02:07:32 +00:00
|
|
|
// list, get, set egg options
|
|
|
|
switch (input[1]) {
|
|
|
|
case ' ':
|
2017-03-07 13:50:34 +00:00
|
|
|
oa = strdup (input + 2);
|
2012-02-27 02:07:32 +00:00
|
|
|
p = strchr (oa, '=');
|
|
|
|
if (p) {
|
|
|
|
*p = 0;
|
2017-03-07 13:50:34 +00:00
|
|
|
r_egg_option_set (egg, oa, p + 1);
|
2012-02-27 02:07:32 +00:00
|
|
|
} else {
|
|
|
|
char *o = r_egg_option_get (egg, oa);
|
|
|
|
if (o) {
|
2020-10-30 11:30:42 +00:00
|
|
|
r_cons_print (o);
|
2012-02-27 02:07:32 +00:00
|
|
|
free (o);
|
|
|
|
}
|
|
|
|
}
|
2014-01-18 22:02:53 +00:00
|
|
|
free (oa);
|
2012-02-27 02:07:32 +00:00
|
|
|
break;
|
|
|
|
case '\0':
|
2014-03-07 00:26:11 +00:00
|
|
|
// r_pair_list (egg->pair,NULL);
|
2017-02-03 12:06:03 +00:00
|
|
|
eprintf ("TODO: list options\n");
|
2012-02-27 02:07:32 +00:00
|
|
|
break;
|
|
|
|
default:
|
|
|
|
eprintf ("Usage: gc [k=v]\n");
|
|
|
|
break;
|
|
|
|
}
|
|
|
|
break;
|
2017-08-10 09:52:13 +00:00
|
|
|
case '?':
|
|
|
|
r_core_cmd_help (core, help_msg_g);
|
2012-02-27 02:07:32 +00:00
|
|
|
break;
|
|
|
|
}
|
2015-09-14 10:35:38 +00:00
|
|
|
return true;
|
2012-02-27 02:07:32 +00:00
|
|
|
}
|