dnrops
/
radare2
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Implement rabin2 -K and do some work on the RHash api. Fixes #1204

This commit is contained in:
pancake 2014-08-15 03:30:45 +02:00
parent b717518f8f
commit 13872af7bc
11 changed files with 119 additions and 50 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

7
binr/rabin2/rabin2.c
View File

@ -55,6 +55,7 @@ static int rabin_show_help(int v) {
" -e entrypoint\n"
" -f [str] select sub-bin named str\n"
" -k [query] perform sdb query on loaded file\n"
" -K [algo] calculate checksums (md5, sha1, ..)\n"
" -g same as -SMRevsiz (show all info)\n"
" -h this help\n"
" -H header fields\n"
@ -348,6 +349,7 @@ int main(int argc, char **argv) {
char *homeplugindir = r_str_home (R2_HOMEDIR"/plugins");
char *ptr, *arch = NULL, *arch_name = NULL;
const char *op = NULL;
const char *chksum = NULL;
RCoreBinFilter filter;
RCore core;
RCoreFile *cf = NULL;
@ -370,7 +372,7 @@ int main(int argc, char **argv) {
#define is_active(x) (action&x)
#define set_action(x) actions++; action |=x
while ((c = getopt (argc, argv, "jgqAf:a:B:b:c:Ck:dMm:n:N:@:isSIHelRwO:o:rvLhxzZ")) != -1) {
while ((c = getopt (argc, argv, "jgqAf:a:B:b:c:Ck:K:dMm:n:N:@:isSIHelRwO:o:rvLhxzZ")) != -1) {
switch (c) {
case 'g':
set_action (ACTION_CLASSES);
@ -401,6 +403,7 @@ int main(int argc, char **argv) {
create = strdup (optarg);
break;
case 'k': query = optarg; break;
case 'K': chksum = optarg; break;
case 'C': set_action (ACTION_CLASSES); break;
case 'f': if (optarg) arch_name = strdup (optarg); break;
case 'b': bits = r_num_math (NULL, optarg); break;
@ -572,7 +575,7 @@ int main(int argc, char **argv) {
#define run_action(n,x,y) {\
if (action&x) {\
if (isradjson) r_cons_printf ("\"%s\":",n);\
if (!r_core_bin_info (&core, y, rad, va, &filter, laddr)) {\
if (!r_core_bin_info (&core, y, rad, va, &filter, laddr, chksum)) {\
if (isradjson) r_cons_printf("false");\
};\
actions_done++;\

72
libr/core/bin.c
View File

@ -44,7 +44,7 @@ R_API int r_core_bin_set_env (RCore *r, RBinFile *binfile) {
r_asm_use (r->assembler, arch);
r_core_bin_info (r, R_CORE_BIN_ACC_ALL, R_CORE_BIN_SET,
va, NULL, loadaddr);
va, NULL, loadaddr, NULL);
r_core_bin_set_cur (r, binfile);
return R_TRUE;
}
@ -844,7 +844,7 @@ static int bin_symbols (RCore *r, int mode, ut64 baddr, int va, ut64 at, const c
return R_TRUE;
}
static int bin_sections (RCore *r, int mode, ut64 baddr, int va, ut64 at, const char *name) {
static int bin_sections (RCore *r, int mode, ut64 baddr, int va, ut64 at, const char *name, const char *chksum) {
char str[R_FLAG_NAME_SIZE];
RBinSection *section;
ut64 secbase = 0LL;
@ -857,34 +857,62 @@ static int bin_sections (RCore *r, int mode, ut64 baddr, int va, ut64 at, const
return R_FALSE;
if (mode & R_CORE_BIN_JSON) {
char *hashstr = NULL;
r_cons_printf ("[");
r_list_foreach (sections, iter, section) {
if (va)
delta = section->vaddr - r_bin_get_vaddr (r->bin, baddr, section->paddr, section->vaddr);
// ut64 addr = va? r_bin_get_vaddr (r->bin, baddr, section->paddr,
// section->vaddr): section->paddr;
if (va)
delta = section->vaddr - r_bin_get_vaddr (r->bin, baddr, section->paddr, section->vaddr);
//ut64 addr = va? r_bin_get_vaddr (r->bin, baddr, section->paddr,
// section->vaddr): section->paddr;
if (chksum) {
char *chkstr;
ut8 *data = malloc (section->size);
ut32 datalen = section->size;
r_io_pread (r->io, section->paddr, data, datalen);
chkstr = r_hash_to_string (NULL, chksum, data, datalen);
free (data);
hashstr = malloc (strlen (chkstr)+strlen (chksum)+7);
sprintf (hashstr, "\"%s\":\"%s\",", chksum, chkstr);
free (chkstr);
}
r_cons_printf ("%s{\"name\":\"%s\","
"\"size\":%"PFMT64d","
"\"flags\":\"%s\","
"%s"
"\"paddr\":%"PFMT64d","
"\"vaddr\":%"PFMT64d"}",
iter->p?",":"",
section->name,
section->size,
r_str_rwx_i (section->srwx),
hashstr? hashstr: "",
section->paddr, // paddr
delta + section->vaddr); // paddr
delta + section->vaddr); // vaddr
free (hashstr);
hashstr = NULL;
}
r_cons_printf ("]");
} else
if ((mode & R_CORE_BIN_SIMPLE)) {
char *chkstr = NULL;
r_list_foreach (sections, iter, section) {
ut64 addr = va? r_bin_get_vaddr (r->bin, baddr, section->paddr,
section->vaddr): section->paddr;
r_cons_printf ("0x%"PFMT64x" 0x%"PFMT64x" %s %s\n",
ut64 addr = va? r_bin_get_vaddr (r->bin, baddr,
section->paddr, section->vaddr): section->paddr;
if (chksum) {
ut8 *data = malloc (section->size);
ut32 datalen = section->size;
r_io_read_at (r->io, addr, data, datalen);
chkstr = r_hash_to_string (NULL, chksum, data, datalen);
free (data);
}
r_cons_printf ("0x%"PFMT64x" 0x%"PFMT64x" %s %s%s%s\n",
addr, addr + section->size,
r_str_rwx_i (section->srwx),
section->name);
chkstr?chkstr:"", chkstr?" ":"",
section->name
);
free (chkstr);
chkstr = NULL;
}
} else
if ((mode & R_CORE_BIN_SET)) {
@ -970,7 +998,18 @@ delta = section->vaddr - r_bin_get_vaddr (r->bin, baddr, section->paddr, section
(R_BIN_SCN_EXECUTABLE &section->srwx)?'x':'-',
section->name, addr);
} else {
char str[128];
char *hashstr = NULL, str[128];
if (chksum) {
char *chkstr;
ut8 *data = malloc (section->size);
ut32 datalen = section->size;
r_io_read_at (r->io, addr, data, datalen);
chkstr = r_hash_to_string (NULL, chksum, data, datalen);
free (data);
hashstr = malloc (strlen (chkstr)+strlen (chksum)+3);
sprintf (hashstr, "%s=%s ", chksum, chkstr);
free (chkstr);
}
if (section->arch || section->bits) {
const char *arch = section->arch;
int bits = section->bits;
@ -979,13 +1018,14 @@ delta = section->vaddr - r_bin_get_vaddr (r->bin, baddr, section->paddr, section
snprintf (str, sizeof (str), "arch=%s bits=%d ", arch, bits);
} else str[0] = 0;
r_cons_printf ("idx=%02i addr=0x%08"PFMT64x" off=0x%08"PFMT64x" sz=%"PFMT64d" vsz=%"PFMT64d" "
"perm=%c%c%c%c %sname=%s\n",
"perm=%c%c%c%c %s%sname=%s\n",
i, addr, section->paddr, section->size, section->vsize,
(R_BIN_SCN_SHAREABLE &section->srwx)?'s':'-',
(R_BIN_SCN_READABLE &section->srwx)?'r':'-',
(R_BIN_SCN_WRITABLE &section->srwx)?'w':'-',
(R_BIN_SCN_EXECUTABLE &section->srwx)?'x':'-',
str, section->name);
str, hashstr?hashstr:"", section->name);
free (hashstr);
}
}
i++;
@ -1149,7 +1189,7 @@ static int bin_libs (RCore *r, int mode) {
return R_TRUE;
}
R_API int r_core_bin_info (RCore *core, int action, int mode, int va, RCoreBinFilter *filter, ut64 loadaddr) {
R_API int r_core_bin_info (RCore *core, int action, int mode, int va, RCoreBinFilter *filter, ut64 loadaddr, const char *chksum) {
int ret = R_TRUE;
const char *name = NULL;
ut64 at = 0, baseaddr = 0LL;
@ -1179,7 +1219,7 @@ R_API int r_core_bin_info (RCore *core, int action, int mode, int va, RCoreBinFi
if ((action & R_CORE_BIN_ACC_SYMBOLS))
ret &= bin_symbols (core, mode, baseaddr, va, at, name);
if ((action & R_CORE_BIN_ACC_SECTIONS))
ret &= bin_sections (core, mode, baseaddr, va, at, name);
ret &= bin_sections (core, mode, baseaddr, va, at, name, chksum);
if ((action & R_CORE_BIN_ACC_FIELDS))
ret &= bin_fields (core, mode, baseaddr, va);
if ((action & R_CORE_BIN_ACC_LIBS))

2
libr/core/cmd_debug.c
View File

@ -415,7 +415,7 @@ static int cmd_debug_map(RCore *core, const char *input) {
baddr = o->baddr;
o->baddr = map->addr;
r_core_bin_info (core, R_CORE_BIN_ACC_SYMBOLS, (input[1]=='*'),
R_TRUE, &filter, 0);
R_TRUE, &filter, 0, NULL);
o->baddr = baddr;
break;
}

4
libr/core/cmd_info.c
View File

@ -82,7 +82,7 @@ static void cmd_info_bin(RCore *core, ut64 offset, int va, int mode) {
if (mode == R_CORE_BIN_JSON)
r_cons_printf ("{\"bin\":");
r_core_bin_info (core, R_CORE_BIN_ACC_INFO,
mode, va, NULL, offset);
mode, va, NULL, offset, NULL);
if (mode == R_CORE_BIN_JSON)
r_cons_printf (",\"core\":");
r_core_file_info (core, mode);
@ -159,7 +159,7 @@ static int cmd_info(void *data, const char *input) {
if (is_array==1) is_array++; else r_cons_printf (","); \
r_cons_printf ("\"%s\":",n); \
}\
r_core_bin_info (core,x,mode,va,NULL,offset);
r_core_bin_info (core,x,mode,va,NULL,offset,NULL);
case 'A': newline=0; r_bin_list_archs (core->bin, 1); break;
case 'Z': RBININFO ("size",R_CORE_BIN_ACC_SIZE); break;
case 'S': RBININFO ("sections",R_CORE_BIN_ACC_SECTIONS); break;

8
libr/core/cmd_search.c
View File

@ -350,9 +350,11 @@ static int r_core_search_rop(RCore *core, ut64 from, ut64 to, int opt, const cha
RListIter *iter = NULL;
boolt json_first = 1;
if (delta < 1)
if((delta = from-to) < 1)
if (delta < 1) {
delta = from-to;
if (delta < 1)
return R_FALSE;
}
if (*grep==' ') { // grep mode
for (++grep; *grep==' '; grep++);
} else {
@ -378,7 +380,7 @@ static int r_core_search_rop(RCore *core, ut64 from, ut64 to, int opt, const cha
if (!ret)
continue;
hitlist = construct_rop_gadget(core, from+i, buf, i, grep);
hitlist = construct_rop_gadget (core, from+i, buf, i, grep);
if (!hitlist)
continue;

2
libr/hash/calc.c
View File

@ -13,7 +13,7 @@ static int bitnum(int bit) {
/* TODO: do it more beautiful with structs and not spaguetis */
/* TODO: find a better method name */
R_API int r_hash_calculate(RHash *ctx, int algobit, const ut8 *buf, int len) {
R_API int r_hash_calculate(RHash *ctx, ut64 algobit, const ut8 *buf, int len) {
if (len <= 0)
return 0;
if (algobit & R_HASH_MD4) {

55
libr/hash/hash.c
View File

@ -88,24 +88,24 @@ R_API const char *r_hash_name(ut64 bit) {
return "";
}
R_API int r_hash_size(int bit) {
if (bit & R_HASH_MD4) return R_HASH_SIZE_MD4;
if (bit & R_HASH_MD5) return R_HASH_SIZE_MD5;
if (bit & R_HASH_SHA1) return R_HASH_SIZE_SHA1;
if (bit & R_HASH_SHA256) return R_HASH_SIZE_SHA256;
if (bit & R_HASH_SHA384) return R_HASH_SIZE_SHA384;
if (bit & R_HASH_SHA512) return R_HASH_SIZE_SHA512;
if (bit & R_HASH_CRC16) return R_HASH_SIZE_CRC16;
if (bit & R_HASH_CRC32) return R_HASH_SIZE_CRC32;
if (bit & R_HASH_XXHASH) return R_HASH_SIZE_XXHASH;
if (bit & R_HASH_ADLER32) return R_HASH_SIZE_ADLER32;
if (bit & R_HASH_PARITY) return 1;
if (bit & R_HASH_ENTROPY) return 4; // special case
if (bit & R_HASH_HAMDIST) return 1;
if (bit & R_HASH_XOR) return 1;
if (bit & R_HASH_XORPAIR) return 1;
if (bit & R_HASH_MOD255) return 1;
if (bit & R_HASH_PCPRINT) return 1;
R_API int r_hash_size(ut64 algo) {
if (algo & R_HASH_MD4) return R_HASH_SIZE_MD4;
if (algo & R_HASH_MD5) return R_HASH_SIZE_MD5;
if (algo & R_HASH_SHA1) return R_HASH_SIZE_SHA1;
if (algo & R_HASH_SHA256) return R_HASH_SIZE_SHA256;
if (algo & R_HASH_SHA384) return R_HASH_SIZE_SHA384;
if (algo & R_HASH_SHA512) return R_HASH_SIZE_SHA512;
if (algo & R_HASH_CRC16) return R_HASH_SIZE_CRC16;
if (algo & R_HASH_CRC32) return R_HASH_SIZE_CRC32;
if (algo & R_HASH_XXHASH) return R_HASH_SIZE_XXHASH;
if (algo & R_HASH_ADLER32) return R_HASH_SIZE_ADLER32;
if (algo & R_HASH_PARITY) return 1;
if (algo & R_HASH_ENTROPY) return 4; // special case
if (algo & R_HASH_HAMDIST) return 1;
if (algo & R_HASH_XOR) return 1;
if (algo & R_HASH_XORPAIR) return 1;
if (algo & R_HASH_MOD255) return 1;
if (algo & R_HASH_PCPRINT) return 1;
return 0;
}
@ -165,3 +165,22 @@ R_API void r_hash_do_spice(RHash *ctx, int algo, int loops, RHashSeed *seed) {
(void)r_hash_calculate (ctx, algo, buf, len);
}
}
R_API char *r_hash_to_string(RHash *ctx, const char *name, const ut8 *data, int len) {
char *digest_hex = NULL;
int i, digest_size;
ut64 algo = r_hash_name_to_bits (name);
if (!ctx)
ctx = r_hash_new (R_TRUE, algo);
r_hash_do_begin (ctx, algo);
r_hash_calculate (ctx, algo, data, len);
r_hash_do_end (ctx, algo);
digest_size= r_hash_size (algo);
digest_hex = malloc ((digest_size *2)+1);
for (i = 0; i< digest_size; i++) {
sprintf (digest_hex+(i*2), "%02x", ctx->digest[i]);
}
digest_hex[digest_size] = 0;
r_hash_free (ctx);
return digest_hex;
}

2
libr/hash/state.c
View File

@ -1,4 +1,4 @@
/* radare - LGPL - Copyright 2009-2013 pancake<nopcode.org> */
/* radare - LGPL - Copyright 2009-2014 pancake<nopcode.org> */
// TODO: use ptr tablez here
#include "r_hash.h"

2
libr/include/r_core.h
View File

@ -371,7 +371,7 @@ typedef struct r_core_bin_filter_t {
const char *name;
} RCoreBinFilter;
R_API int r_core_bin_info (RCore *core, int action, int mode, int va, RCoreBinFilter *filter, ut64 offset);
R_API int r_core_bin_info (RCore *core, int action, int mode, int va, RCoreBinFilter *filter, ut64 offset, const char *chksum);
R_API int r_core_bin_set_arch_bits (RCore *r, const char *name, const char * arch, ut16 bits);
R_API int r_core_bin_update_arch_bits (RCore *r);
/* rtr */

12
libr/include/r_hash.h
View File

@ -17,10 +17,10 @@ typedef struct {
} R_MD5_CTX;
typedef struct {
unsigned int H[5];
unsigned int W[80];
ut32 H[5];
ut32 W[80];
int lenW;
unsigned int sizeHi, sizeLo;
ut32 sizeHi, sizeLo;
} R_SHA_CTX;
#define SHA256_BLOCK_LENGTH 64
@ -103,11 +103,13 @@ R_API ut8 *r_hash_do_sha384(RHash *ctx, const ut8 *input, int len);
R_API ut8 *r_hash_do_sha512(RHash *ctx, const ut8 *input, int len);
R_API ut8 *r_hash_do_xxhash(RHash *ctx, const ut8 *input, int len);
R_API char *r_hash_to_string(RHash *ctx, const char *name, const ut8 *data, int len);
/* static methods */
R_API const char *r_hash_name(ut64 bit);
R_API ut64 r_hash_name_to_bits(const char *name);
R_API int r_hash_size(int bit);
R_API int r_hash_calculate(RHash *ctx, int algobit, const ut8 *input, int len);
R_API int r_hash_size(ut64 bit);
R_API int r_hash_calculate(RHash *ctx, ut64 algobit, const ut8 *input, int len);
/* checksums */
/* XXX : crc16 should use 0 as arg0 by default */

3
man/rabin2.1
View File

@ -12,6 +12,7 @@ rabin2 \- Binary program info extractor
.Op Fl c Ar fmt:C:[D]
.Op Fl f Ar subbin
.Op Fl k Ar query
.Op Fl K Ar algo
.Op Fl O Ar str
.Op Fl o Ar str
.Op Fl m Ar addr
@ -55,6 +56,8 @@ Show imports (symbols imported from libraries)
Output in json
.It Fl k Ar query
Perform SDB query on loaded file
.It Fl K Ar algo
Select a rahash2 checksum algorithm to be performed on sections listing (and maybe others in the future)
.It Fl l
List linked libraries to the binary
.It Fl L