* Initial work merging rasc2 inside r_egg

- Still unusable, but getting shape
2024-11-28 07:30:33 +00:00 · 2011-11-12 06:16:00 +01:00 · 2011-11-12 06:16:00 +01:00 · 9969f39564
commit 9969f39564
parent 158962d606
5 changed files with 99 additions and 9 deletions
--- a/libr/egg/Makefile
+++ b/libr/egg/Makefile
@ -6,4 +6,6 @@ OBJ+=emit_arm.o
 OBJ+=emit_x64.o
 OBJ+=emit_trace.o

+OBJ+=p/x86_osx_binsh.o
+
 include ../rules.mk
--- a/libr/egg/egg.c
+++ b/libr/egg/egg.c
@ -83,21 +83,22 @@ R_API int r_egg_setup(REgg *egg, const char *arch, int bits, int endian, const c
 }

 R_API int r_egg_include(REgg *egg, const char *file, int format) {
-	char *foo = r_file_slurp (file, NULL);
+	int sz;
+	const ut8 *foo = (const ut8*)r_file_slurp (file, &sz);
 	if (!foo)
 		return 0;
+// XXX: format breaks compiler layers
 	switch (format) {
 	case 'r': // raw
-		// TODO: append ("\x102030202303203202", n);
-		// TODO: r_buf_append_bytes (egg->buf, (const ut8*)foo, strlen (foo));
+		r_egg_raw (egg, foo, sz);
 		break;
 	case 'a': // assembly
-		r_buf_append_bytes (egg->buf, (const ut8*)foo, strlen (foo));
+		r_buf_append_bytes (egg->buf, foo, sz);
 		break;
 	default:
-		r_buf_append_bytes (egg->src, (const ut8*)foo, strlen (foo));
+		r_buf_append_bytes (egg->src, foo, sz);
 	}
-	free (foo);
+	free ((void *)foo);
 	return 1;
 }

@ -134,7 +135,14 @@ R_API void r_egg_math (REgg *egg) {//, char eq, const char *vs, char type, const
 	//e->mathop (egg, op, type, eq, p);
 }

-R_API void r_egg_raw(REgg *egg, const ut8 *b, int len) {
+R_API int r_egg_raw(REgg *egg, const ut8 *b, int len) {
+	char *out;
+	int outlen = (len*2)+1;
+	out = malloc (outlen);
+	if (!out) return R_FALSE;
+	r_hex_bin2str (b, len, out);
+	r_buf_append_bytes (egg->buf, (const ut8*)out, outlen);
+	return R_TRUE;
 }

 // r_egg_block (egg, FRAME | IF | ELSE | ENDIF | FOR | WHILE, sz)
@ -232,3 +240,34 @@ R_API int r_egg_run(REgg *egg) {
 	free (ptr);
 	return ret;
 }
+
+R_API void r_egg_option(REgg *egg, const char *k, const char *v) {
+	// set option for shellcode
+}
+
+// functions that manipulate the compile() buffer
+//-----------------------------------------------
+#if 0
+ - fill traps
+ - fill nops
+ - fill char
+ - fill sequence 01 02 03..
+ - fill printable seq
+
+- encoder
+#endif
+
+R_API void r_egg_option_set(REgg *egg, const char *key, const char *val) {
+	// TODO: use hashtable here k=v
+	// TOOD: use rconfig here?
+}
+
+R_API const char *r_egg_option_get(REgg *egg, const char *key) {
+	// TODO: use hashtable here k=v
+	return NULL;
+}
+
+R_API void r_egg_shellcode(REgg *egg, const char *name) {
+	// TODO embed in r_egg
+}
+
--- a/libr/egg/p/x86_osx_binsh.c
+++ b/libr/egg/p/x86_osx_binsh.c
@ -0,0 +1,31 @@
+/* radare - LGPL - Copyright 2011 pancake<@nopcode.org> */
+#include <r_egg.h>
+
+static ut8 x86_osx_binsh[] =
+	"\x31\xdb\x6a\x3b\x58\x53\xeb\x18\x5f"
+	"\x57\x53\x54\x54\x57\x6a\xff\x88\x5f"
+	"\x07\x89\x5f\xf5\x88\x5f\xfa\x9a\xff"
+	"\xff\xff\xff\x2b\xff\xe8\xe3\xff\xff"
+	"\xff" // /bin/shX";
+	"\x2f\x73\x68\x68\x2f\x62\x69\x6e\x58";
+
+static RBuffer *build (REgg *egg) {
+	RBuffer *buf = r_buf_new ();
+	const char *shell = r_egg_option_get (egg, "shell");
+	if (shell) {
+		eprintf ("TODO: implement support to change the shell\n");
+		r_buf_free (buf);
+		return NULL;
+	} else {
+		r_buf_set_bytes (buf, x86_osx_binsh, strlen (x86_osx_binsh));
+	}
+	return buf;
+}
+
+REggPlugin r_egg_plugin_x86_osx_binsh = {
+	.name = "x86.osx.binsh",
+	.desc = "execute shell=/bin/sh",
+	.bytes = x86_osx_binsh,
+	.length = sizeof (x86_osx_binsh),
+	.build = build
+};
--- a/libr/egg/t/t.sh
+++ b/libr/egg/t/t.sh
@ -1,4 +1,7 @@
 # test suite tool for r_egg #
+DEBUG=
+#DEBUG=gdb --args
+#DEBUG=valgrind
 case "$1" in
 -h)
 	echo "Usage: $0 [-opt]"
@ -32,7 +35,7 @@ case "$1" in
 	cp t fail-t-$0
 	;;
 *)
-	ragg2 -FO t.r
+	eval ${DEBUG} ragg2 -FO t.r
 	rarun2 '' program=./t timeout=1 > t.o 
 	if [ $? = "${EXIT}" -a "`cat t.o`" = "${OUTPUT}" ]; then
 		out=SUCCESS
--- a/libr/include/r_egg.h
+++ b/libr/include/r_egg.h
@ -8,11 +8,22 @@
 #define R_EGG_INCDIR_ENV "EGG_INCDIR"
 #define R_EGG_INCDIR_PATH R2_PREFIX"/lib/radare2/"R2_VERSION"/egg"

+//TODO: add shellcode encoder
+// rename to REggShellcode
+typedef struct r_egg_plugin {
+	const char *name;
+	const char *desc;
+	const ut8 *bytes;
+	int length;
+	RBuffer* (*build) (void *egg);
+} REggPlugin;
+
 typedef struct r_egg_t {
 	RBuffer *src;
 	RBuffer *buf;
 	RBuffer *bin;
 	RList *list;
+	RList *shellcodes;
 	RAsm *rasm;
 	RSyscall *syscall;
 	struct r_egg_emit_t *emit;
@ -90,7 +101,11 @@ R_API void r_egg_load(REgg *egg, const char *code, int format);
 R_API void r_egg_syscall(REgg *egg, const char *arg, ...);
 R_API void r_egg_alloc(REgg *egg, int n);
 R_API void r_egg_label(REgg *egg, const char *name);
-R_API void r_egg_raw(REgg *egg, const ut8 *b, int len);
+R_API int r_egg_raw(REgg *egg, const ut8 *b, int len);
+R_API void r_egg_shellcode(REgg *egg, const char *name);
+#define r_egg_get_shellcodes(x) x->shellcodes
+R_API void r_egg_option_set (REgg *egg, const char *k, const char *v);
+R_API const char *r_egg_option_get (REgg *egg, const char *k);
 R_API void r_egg_if(REgg *egg, const char *reg, char cmp, int v);
 R_API void r_egg_printf(REgg *egg, const char *fmt, ...);
 R_API int r_egg_compile(REgg *egg);