Last active
October 31, 2017 08:29
-
-
Save scrapbird/57ff6c254d665654c2566f46cfaad15d to your computer and use it in GitHub Desktop.
Revisions
-
scrapbird revised this gist
Oct 31, 2017 . 1 changed file with 0 additions and 86 deletions.There are no files selected for viewing
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters. Learn more about bidirectional Unicode charactersOriginal file line number Diff line number Diff line change @@ -1,15 +1,5 @@ #!/usr/bin/env python import r2pipe from anytree import Node, RenderTree @@ -75,79 +65,3 @@ def populateTree(current_node): here_node = Node(here) populateTree(here_node) printTree(here_node) -
Oct 31, 2017 . 1 changed file with 68 additions and 1 deletion.There are no files selected for viewing
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters. Learn more about bidirectional Unicode charactersOriginal file line number Diff line number Diff line change @@ -8,7 +8,74 @@ entry = int(r2.cmd("afl~entry0[0]"), 16) print "Here: ", hex(here) print "Entry: ", hex(entry)#!/usr/bin/env python import r2pipe from anytree import Node, RenderTree r2 = r2pipe.open() here = int(r2.cmd("s"), 16) print "Here: ", hex(here) history = {} functions = r2.cmdj('aflj') # There is probably a better way to do this def getResidingFunction(addr): for func in functions: if addr >= func['offset'] and addr < func['offset'] + func['realsz']: return func return None def printTree(root_node): for pre, _, node in RenderTree(root_node): str_loc = "{0:#0{1}x}".format(node.name, 10) fcn_name = r2.cmd("afl~" + str_loc + "[3]") if fcn_name == "->": fcn_name = r2.cmd("afl~" + str_loc + "[5]") print("%s%s - %s" % (pre, str_loc, fcn_name)) def populateTree(current_node): xrefs = r2.cmdj("axtj @ " + hex(current_node.name)) if len(xrefs) == 0: # Leaf detected return else: for xref in xrefs: fcn = getResidingFunction(int(xref['from'])) if fcn != None and int(fcn['offset']) != current_node.name: # Found an xref from inside a function new_node = Node(int(fcn['offset'])) else: # Found an xref from outside function bounds new_node = Node(xref['from']) # Check if we've processed this node before try: if history[new_node.name] != None: # Merging paths detected history[current_node.name] = 1 continue except: pass history[current_node.name] = 1 current_node.children += (new_node,) populateTree(new_node) return here_node = Node(here) populateTree(here_node) printTree(here_node) history = {} printedPaths = {} -
Oct 30, 2017 . 1 changed file with 0 additions and 1 deletion.There are no files selected for viewing
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters. Learn more about bidirectional Unicode charactersOriginal file line number Diff line number Diff line change @@ -74,7 +74,6 @@ def getOrPrintPath(path): if fcn != None: newPath.append(int(fcn['offset'])) getOrPrintPath(newPath) else: newPath.append(xref['from']) printPath(newPath, False, True) -
Oct 30, 2017 . 1 changed file with 1 addition and 0 deletions.There are no files selected for viewing
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters. Learn more about bidirectional Unicode charactersOriginal file line number Diff line number Diff line change @@ -16,6 +16,7 @@ functions = r2.cmdj('aflj') # There is probably a better way to do this def getResidingFunction(addr): for func in functions: if addr >= func['offset'] and addr < func['offset'] + func['realsz']: -
Oct 30, 2017 .There are no files selected for viewing
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters. Learn more about bidirectional Unicode charactersOriginal file line number Diff line number Diff line change @@ -0,0 +1,86 @@ #!/usr/bin/env python import r2pipe r2 = r2pipe.open() here = int(r2.cmd("s"), 16) entry = int(r2.cmd("afl~entry0[0]"), 16) print "Here: ", hex(here) print "Entry: ", hex(entry) history = {} printedPaths = {} functions = r2.cmdj('aflj') def getResidingFunction(addr): for func in functions: if addr >= func['offset'] and addr < func['offset'] + func['realsz']: return func return None def printPath(path, merging=False, nonexisting=False): try: if printedPaths[hash(tuple(path))] == 1: return except: pass print "-"*80 if merging: print 'Found merging path:' elif nonexisting: print 'Found path from non-existing function:' else: print 'Found path:' for loc in reversed(path): strLoc = "{0:#0{1}x}".format(loc,10) fcnName = r2.cmd("afl~" + strLoc + "[3]") if fcnName == "->": fcnName = r2.cmd("afl~" + strLoc + "[5]") print 'Loc: ', strLoc, fcnName print "-"*80 print printedPaths[hash(tuple(path))] = 1 def getOrPrintPath(path): try: if history[path[len(path)-1]] == 1: # Merging paths detected printPath(path, True) return except: pass history[path[len(path)-1]] = 1 xrefs = r2.cmdj("axtj @ " + hex(path[len(path)-1])) if len(xrefs) == 0: # Path end detected printPath(path) return else: for xref in xrefs: newPath = path[:] fcn = getResidingFunction(int(xref['from'])) if fcn != None: newPath.append(int(fcn['offset'])) getOrPrintPath(newPath) # history[int(fcn['offset'])] = 1 else: newPath.append(xref['from']) printPath(newPath, False, True) return initPath = [] initPath.append(here) getOrPrintPath(initPath)