pwntools 0.1.0 → 1.0.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- checksums.yaml +4 -4
- data/README.md +88 -11
- data/Rakefile +5 -1
- data/lib/pwn.rb +9 -7
- data/lib/pwnlib/abi.rb +60 -0
- data/lib/pwnlib/asm.rb +146 -0
- data/lib/pwnlib/constants/constant.rb +16 -2
- data/lib/pwnlib/constants/constants.rb +35 -19
- data/lib/pwnlib/constants/linux/amd64.rb +30 -1
- data/lib/pwnlib/context.rb +25 -17
- data/lib/pwnlib/dynelf.rb +117 -54
- data/lib/pwnlib/elf/elf.rb +267 -0
- data/lib/pwnlib/ext/helper.rb +4 -4
- data/lib/pwnlib/logger.rb +87 -0
- data/lib/pwnlib/memleak.rb +58 -29
- data/lib/pwnlib/pwn.rb +19 -8
- data/lib/pwnlib/reg_sort.rb +102 -108
- data/lib/pwnlib/shellcraft/generators/amd64/common/common.rb +14 -0
- data/lib/pwnlib/shellcraft/generators/amd64/common/infloop.rb +17 -0
- data/lib/pwnlib/shellcraft/generators/amd64/common/memcpy.rb +31 -0
- data/lib/pwnlib/shellcraft/generators/amd64/common/mov.rb +127 -0
- data/lib/pwnlib/shellcraft/generators/amd64/common/nop.rb +16 -0
- data/lib/pwnlib/shellcraft/generators/amd64/common/popad.rb +27 -0
- data/lib/pwnlib/shellcraft/generators/amd64/common/pushstr.rb +64 -0
- data/lib/pwnlib/shellcraft/generators/amd64/common/pushstr_array.rb +19 -0
- data/lib/pwnlib/shellcraft/generators/amd64/common/ret.rb +32 -0
- data/lib/pwnlib/shellcraft/generators/amd64/common/setregs.rb +19 -0
- data/lib/pwnlib/shellcraft/generators/amd64/linux/execve.rb +21 -0
- data/lib/pwnlib/shellcraft/generators/amd64/linux/linux.rb +14 -0
- data/lib/pwnlib/shellcraft/generators/amd64/linux/ls.rb +19 -0
- data/lib/pwnlib/shellcraft/generators/amd64/linux/sh.rb +19 -0
- data/lib/pwnlib/shellcraft/generators/amd64/linux/syscall.rb +21 -0
- data/lib/pwnlib/shellcraft/generators/helper.rb +106 -0
- data/lib/pwnlib/shellcraft/generators/i386/common/common.rb +14 -0
- data/lib/pwnlib/shellcraft/generators/i386/common/infloop.rb +17 -0
- data/lib/pwnlib/shellcraft/generators/i386/common/mov.rb +90 -0
- data/lib/pwnlib/shellcraft/generators/i386/common/nop.rb +16 -0
- data/lib/pwnlib/shellcraft/generators/i386/common/pushstr.rb +39 -0
- data/lib/pwnlib/shellcraft/generators/i386/common/pushstr_array.rb +19 -0
- data/lib/pwnlib/shellcraft/generators/i386/common/setregs.rb +19 -0
- data/lib/pwnlib/shellcraft/generators/i386/linux/execve.rb +19 -0
- data/lib/pwnlib/shellcraft/generators/i386/linux/linux.rb +14 -0
- data/lib/pwnlib/shellcraft/generators/i386/linux/ls.rb +19 -0
- data/lib/pwnlib/shellcraft/generators/i386/linux/sh.rb +19 -0
- data/lib/pwnlib/shellcraft/generators/i386/linux/syscall.rb +19 -0
- data/lib/pwnlib/shellcraft/generators/x86/common/common.rb +26 -0
- data/lib/pwnlib/shellcraft/generators/x86/common/infloop.rb +22 -0
- data/lib/pwnlib/shellcraft/generators/x86/common/mov.rb +15 -0
- data/lib/pwnlib/shellcraft/generators/x86/common/pushstr.rb +15 -0
- data/lib/pwnlib/shellcraft/generators/x86/common/pushstr_array.rb +85 -0
- data/lib/pwnlib/shellcraft/generators/x86/common/setregs.rb +82 -0
- data/lib/pwnlib/shellcraft/generators/x86/linux/execve.rb +69 -0
- data/lib/pwnlib/shellcraft/generators/x86/linux/linux.rb +14 -0
- data/lib/pwnlib/shellcraft/generators/x86/linux/ls.rb +66 -0
- data/lib/pwnlib/shellcraft/generators/x86/linux/sh.rb +52 -0
- data/lib/pwnlib/shellcraft/generators/x86/linux/syscall.rb +52 -0
- data/lib/pwnlib/shellcraft/registers.rb +145 -0
- data/lib/pwnlib/shellcraft/shellcraft.rb +67 -0
- data/lib/pwnlib/timer.rb +60 -0
- data/lib/pwnlib/tubes/buffer.rb +96 -0
- data/lib/pwnlib/tubes/sock.rb +95 -0
- data/lib/pwnlib/tubes/tube.rb +270 -0
- data/lib/pwnlib/util/cyclic.rb +95 -94
- data/lib/pwnlib/util/fiddling.rb +256 -220
- data/lib/pwnlib/util/getdents.rb +83 -0
- data/lib/pwnlib/util/hexdump.rb +109 -108
- data/lib/pwnlib/util/lists.rb +55 -0
- data/lib/pwnlib/util/packing.rb +226 -228
- data/lib/pwnlib/util/ruby.rb +18 -0
- data/lib/pwnlib/version.rb +2 -1
- data/test/abi_test.rb +21 -0
- data/test/asm_test.rb +104 -0
- data/test/constants/constant_test.rb +1 -0
- data/test/constants/constants_test.rb +4 -2
- data/test/context_test.rb +1 -0
- data/test/data/echo.rb +20 -0
- data/test/data/elfs/Makefile +22 -0
- data/test/data/elfs/amd64.frelro.elf +0 -0
- data/test/data/elfs/amd64.frelro.pie.elf +0 -0
- data/test/data/elfs/amd64.nrelro.elf +0 -0
- data/test/data/elfs/amd64.prelro.elf +0 -0
- data/test/data/elfs/i386.frelro.pie.elf +0 -0
- data/test/data/elfs/i386.prelro.elf +0 -0
- data/test/data/elfs/source.cpp +19 -0
- data/test/data/flag +1 -0
- data/test/data/lib32/ld.so.2 +0 -0
- data/test/data/lib32/libc.so.6 +0 -0
- data/test/data/lib64/ld.so.2 +0 -0
- data/test/data/lib64/libc.so.6 +0 -0
- data/test/dynelf_test.rb +59 -24
- data/test/elf/elf_test.rb +120 -0
- data/test/ext_test.rb +3 -2
- data/test/files/use_pwnlib.rb +1 -1
- data/test/logger_test.rb +61 -0
- data/test/memleak_test.rb +4 -33
- data/test/reg_sort_test.rb +3 -1
- data/test/shellcraft/infloop_test.rb +26 -0
- data/test/shellcraft/linux/ls_test.rb +108 -0
- data/test/shellcraft/linux/sh_test.rb +119 -0
- data/test/shellcraft/linux/syscalls/execve_test.rb +136 -0
- data/test/shellcraft/linux/syscalls/syscall_test.rb +83 -0
- data/test/shellcraft/memcpy_test.rb +35 -0
- data/test/shellcraft/mov_test.rb +98 -0
- data/test/shellcraft/nop_test.rb +26 -0
- data/test/shellcraft/popad_test.rb +29 -0
- data/test/shellcraft/pushstr_array_test.rb +91 -0
- data/test/shellcraft/pushstr_test.rb +108 -0
- data/test/shellcraft/registers_test.rb +32 -0
- data/test/shellcraft/ret_test.rb +30 -0
- data/test/shellcraft/setregs_test.rb +62 -0
- data/test/shellcraft/shellcraft_test.rb +28 -0
- data/test/test_helper.rb +12 -1
- data/test/timer_test.rb +23 -0
- data/test/tubes/buffer_test.rb +45 -0
- data/test/tubes/sock_test.rb +68 -0
- data/test/tubes/tube_test.rb +241 -0
- data/test/util/cyclic_test.rb +2 -1
- data/test/util/fiddling_test.rb +2 -1
- data/test/util/getdents_test.rb +32 -0
- data/test/util/hexdump_test.rb +7 -9
- data/test/util/lists_test.rb +21 -0
- data/test/util/packing_test.rb +4 -3
- metadata +215 -25
|
@@ -0,0 +1,21 @@
|
|
|
1
|
+
# encoding: ASCII-8BIT
|
|
2
|
+
|
|
3
|
+
require 'pwnlib/shellcraft/generators/amd64/linux/linux'
|
|
4
|
+
require 'pwnlib/shellcraft/generators/x86/linux/syscall'
|
|
5
|
+
|
|
6
|
+
module Pwnlib
|
|
7
|
+
module Shellcraft
|
|
8
|
+
module Generators
|
|
9
|
+
module Amd64
|
|
10
|
+
module Linux
|
|
11
|
+
# See {Generators::X86::Linux#syscall}.
|
|
12
|
+
def syscall(*arguments)
|
|
13
|
+
context.local(arch: 'amd64') do
|
|
14
|
+
cat X86::Linux.syscall(*arguments)
|
|
15
|
+
end
|
|
16
|
+
end
|
|
17
|
+
end
|
|
18
|
+
end
|
|
19
|
+
end
|
|
20
|
+
end
|
|
21
|
+
end
|
|
@@ -0,0 +1,106 @@
|
|
|
1
|
+
require 'pwnlib/abi'
|
|
2
|
+
require 'pwnlib/constants/constants'
|
|
3
|
+
require 'pwnlib/context'
|
|
4
|
+
require 'pwnlib/reg_sort'
|
|
5
|
+
require 'pwnlib/shellcraft/registers'
|
|
6
|
+
require 'pwnlib/util/fiddling'
|
|
7
|
+
require 'pwnlib/util/lists'
|
|
8
|
+
require 'pwnlib/util/packing'
|
|
9
|
+
|
|
10
|
+
module Pwnlib
|
|
11
|
+
module Shellcraft
|
|
12
|
+
module Generators
|
|
13
|
+
# Define methods for generator modules.
|
|
14
|
+
#
|
|
15
|
+
# This module must and can only be extended by Common or Linux module under {Generators}.
|
|
16
|
+
module Helper
|
|
17
|
+
# Provide a 'sandbox' for generators.
|
|
18
|
+
class Runner
|
|
19
|
+
class << self
|
|
20
|
+
def label_num
|
|
21
|
+
@label_num ||= 0
|
|
22
|
+
@label_num += 1
|
|
23
|
+
end
|
|
24
|
+
end
|
|
25
|
+
|
|
26
|
+
def clear
|
|
27
|
+
@_output = StringIO.new
|
|
28
|
+
end
|
|
29
|
+
|
|
30
|
+
# Indent each line 2 spaces.
|
|
31
|
+
def typesetting
|
|
32
|
+
indent = @_output.string.lines.map do |line|
|
|
33
|
+
next line.strip + "\n" if label_str?(line.strip)
|
|
34
|
+
line == "\n" ? line : ' ' * 2 + line.lstrip
|
|
35
|
+
end
|
|
36
|
+
indent.join
|
|
37
|
+
end
|
|
38
|
+
|
|
39
|
+
private
|
|
40
|
+
|
|
41
|
+
def cat(str)
|
|
42
|
+
@_output.puts(str)
|
|
43
|
+
end
|
|
44
|
+
|
|
45
|
+
# @example
|
|
46
|
+
# get_label('infloop') #=> 'infloop_1'
|
|
47
|
+
def get_label(str)
|
|
48
|
+
"#{str}_#{self.class.label_num}"
|
|
49
|
+
end
|
|
50
|
+
|
|
51
|
+
def okay(s, *a, **kw)
|
|
52
|
+
s = pack(s, *a, **kw) if s.is_a?(Integer)
|
|
53
|
+
!(s.include?("\x00") || s.include?("\n"))
|
|
54
|
+
end
|
|
55
|
+
|
|
56
|
+
def evaluate(item)
|
|
57
|
+
return item if register?(item)
|
|
58
|
+
Constants.eval(item)
|
|
59
|
+
end
|
|
60
|
+
|
|
61
|
+
# @param [Constants::Constant, String, Integer] n
|
|
62
|
+
def pretty(n)
|
|
63
|
+
case n
|
|
64
|
+
when Constants::Constant
|
|
65
|
+
format('%s /* %s */', pretty(n.to_i), n)
|
|
66
|
+
when Integer
|
|
67
|
+
n.abs < 10 ? n.to_s : hex(n)
|
|
68
|
+
else
|
|
69
|
+
n.inspect
|
|
70
|
+
end
|
|
71
|
+
end
|
|
72
|
+
|
|
73
|
+
def label_str?(str)
|
|
74
|
+
str.match(/\A\w+_\d+:\Z/) != nil
|
|
75
|
+
end
|
|
76
|
+
|
|
77
|
+
include ::Pwnlib::Context
|
|
78
|
+
include ::Pwnlib::RegSort
|
|
79
|
+
include ::Pwnlib::Shellcraft::Registers
|
|
80
|
+
include ::Pwnlib::Util::Fiddling
|
|
81
|
+
include ::Pwnlib::Util::Lists
|
|
82
|
+
include ::Pwnlib::Util::Packing
|
|
83
|
+
end
|
|
84
|
+
|
|
85
|
+
class << self
|
|
86
|
+
# Define a corresponding singleton method whenever an instance method is defined.
|
|
87
|
+
def extended(mod)
|
|
88
|
+
class << mod
|
|
89
|
+
define_method(:method_added) do |m|
|
|
90
|
+
# Define singleton methods, so we can invoke +Generators::X86::Common.pushstr_array+.
|
|
91
|
+
# Each method runs in an independent 'runner', so methods would not effect each other.
|
|
92
|
+
runner = Runner.new
|
|
93
|
+
method = instance_method(m).bind(runner)
|
|
94
|
+
define_singleton_method(m) do |*args|
|
|
95
|
+
runner.clear
|
|
96
|
+
method.call(*args)
|
|
97
|
+
runner.typesetting
|
|
98
|
+
end
|
|
99
|
+
end
|
|
100
|
+
end
|
|
101
|
+
end
|
|
102
|
+
end
|
|
103
|
+
end
|
|
104
|
+
end
|
|
105
|
+
end
|
|
106
|
+
end
|
|
@@ -0,0 +1,17 @@
|
|
|
1
|
+
require 'pwnlib/shellcraft/generators/i386/common/common'
|
|
2
|
+
require 'pwnlib/shellcraft/generators/x86/common/infloop'
|
|
3
|
+
|
|
4
|
+
module Pwnlib
|
|
5
|
+
module Shellcraft
|
|
6
|
+
module Generators
|
|
7
|
+
module I386
|
|
8
|
+
module Common
|
|
9
|
+
# See {X86::Common#infloop}.
|
|
10
|
+
def infloop
|
|
11
|
+
cat X86::Common.infloop
|
|
12
|
+
end
|
|
13
|
+
end
|
|
14
|
+
end
|
|
15
|
+
end
|
|
16
|
+
end
|
|
17
|
+
end
|
|
@@ -0,0 +1,90 @@
|
|
|
1
|
+
# encoding: ASCII-8BIT
|
|
2
|
+
|
|
3
|
+
require 'pwnlib/shellcraft/generators/i386/common/common'
|
|
4
|
+
|
|
5
|
+
module Pwnlib
|
|
6
|
+
module Shellcraft
|
|
7
|
+
module Generators
|
|
8
|
+
module I386
|
|
9
|
+
module Common
|
|
10
|
+
# Move +src+ into +dst+ without newlines and null bytes.
|
|
11
|
+
#
|
|
12
|
+
# See {Amd64::Common#mov} for parameters' details.
|
|
13
|
+
def mov(dst, src, stack_allowed: true)
|
|
14
|
+
raise ArgumentError, "#{dst} is not a register" unless register?(dst)
|
|
15
|
+
dst = get_register(dst)
|
|
16
|
+
raise ArgumentError, "cannot use #{dst} on i386" if dst.size > 32 || dst.is64bit
|
|
17
|
+
if register?(src)
|
|
18
|
+
src = get_register(src)
|
|
19
|
+
raise ArgumentError, "cannot use #{src} on i386" if src.size > 32 || src.is64bit
|
|
20
|
+
if dst.size < src.size && !dst.bigger.include?(src.name)
|
|
21
|
+
raise ArgumentError, "cannot mov #{dst}, #{src}: dst is smaller than src"
|
|
22
|
+
end
|
|
23
|
+
else
|
|
24
|
+
context.local(arch: 'i386') { src = evaluate(src) }
|
|
25
|
+
raise ArgumentError, format('cannot mov %s, %d: dst is smaller than src', dst, src) unless dst.fits(src)
|
|
26
|
+
|
|
27
|
+
# Calculate the packed version
|
|
28
|
+
srcp = pack(src & ((1 << dst.size) - 1), bits: dst.size)
|
|
29
|
+
|
|
30
|
+
# Calculate the unsigned and signed versions
|
|
31
|
+
srcu = unpack(srcp, bits: dst.size, signed: false)
|
|
32
|
+
srcs = unpack(srcp, bits: dst.size, signed: true)
|
|
33
|
+
srcp_neg = p32(-src)
|
|
34
|
+
srcp_not = p32(src ^ 0xffffffff)
|
|
35
|
+
end
|
|
36
|
+
if register?(src)
|
|
37
|
+
if src == dst || dst.bigger.include?(src.name)
|
|
38
|
+
cat "/* moving #{src} into #{dst}, but this is a no-op */"
|
|
39
|
+
elsif dst.size > src.size
|
|
40
|
+
cat "movzx #{dst}, #{src}"
|
|
41
|
+
else
|
|
42
|
+
cat "mov #{dst}, #{src}"
|
|
43
|
+
end
|
|
44
|
+
elsif src.is_a?(Numeric) # Constant or immi
|
|
45
|
+
xor = ->(reg) { "xor #{reg.xor}, #{reg.xor}" }
|
|
46
|
+
if src.zero? # special case for zeroes
|
|
47
|
+
cat "xor #{dst}, #{dst} /* #{src} */"
|
|
48
|
+
elsif stack_allowed && dst.size == 32 && src == 10
|
|
49
|
+
cat "push 9 /* mov #{dst}, '\\n' */"
|
|
50
|
+
cat "pop #{dst}"
|
|
51
|
+
cat "inc #{dst}"
|
|
52
|
+
elsif stack_allowed && dst.size == 32 && (-2**7 <= srcs && srcs < 2**7) && okay(srcp[0])
|
|
53
|
+
cat "push #{pretty(src)}"
|
|
54
|
+
cat "pop #{dst}"
|
|
55
|
+
elsif okay(srcp)
|
|
56
|
+
# Easy case. This implies that the register size and value are the same.
|
|
57
|
+
cat "mov #{dst}, #{pretty(src)}"
|
|
58
|
+
elsif srcu < 2**8 && okay(srcp[0]) && dst.sizes.include?(8)
|
|
59
|
+
# Move 8-bit value into reg.
|
|
60
|
+
cat xor[dst]
|
|
61
|
+
cat "mov #{dst.sizes[8]}, #{pretty(src)}"
|
|
62
|
+
elsif srcu == srcu & 0xff00 && okay(srcp[1]) && dst.ff00
|
|
63
|
+
# Target value is a 16-bit value with no data in the low 8 bits, we can use the 'AH' style register.
|
|
64
|
+
cat xor[dst]
|
|
65
|
+
cat "mov #{dst.ff00}, #{pretty(src)} >> 8"
|
|
66
|
+
elsif srcu < 2**16 && okay(srcp[0, 2])
|
|
67
|
+
# Target value is a 16-bit value, use a 16-bit mov.
|
|
68
|
+
cat xor[dst]
|
|
69
|
+
cat "mov #{dst.sizes[16]}, #{pretty(src)}"
|
|
70
|
+
elsif okay(srcp_neg)
|
|
71
|
+
cat "mov #{dst}, -#{pretty(src)}"
|
|
72
|
+
cat "neg #{dst}"
|
|
73
|
+
elsif okay(srcp_not)
|
|
74
|
+
cat "mov #{dst}, (-1) ^ #{pretty(src)}"
|
|
75
|
+
cat "not #{dst}"
|
|
76
|
+
else
|
|
77
|
+
# All else has failed. Use some XOR magic to move things around.
|
|
78
|
+
a, b = xor_pair(srcp, avoid: "\x00\n")
|
|
79
|
+
a = hex(unpack(a, bits: dst.size))
|
|
80
|
+
b = hex(unpack(b, bits: dst.size))
|
|
81
|
+
cat "mov #{dst}, #{a}"
|
|
82
|
+
cat "xor #{dst}, #{b} /* #{hex(src)} == #{a} ^ #{b} */"
|
|
83
|
+
end
|
|
84
|
+
end
|
|
85
|
+
end
|
|
86
|
+
end
|
|
87
|
+
end
|
|
88
|
+
end
|
|
89
|
+
end
|
|
90
|
+
end
|
|
@@ -0,0 +1,39 @@
|
|
|
1
|
+
# encoding: ASCII-8BIT
|
|
2
|
+
|
|
3
|
+
require 'pwnlib/shellcraft/generators/i386/common/common'
|
|
4
|
+
|
|
5
|
+
module Pwnlib
|
|
6
|
+
module Shellcraft
|
|
7
|
+
module Generators
|
|
8
|
+
module I386
|
|
9
|
+
module Common
|
|
10
|
+
# Push a string to stack.
|
|
11
|
+
#
|
|
12
|
+
# See {Amd64::Common#pushstr} for parameters' details.
|
|
13
|
+
def pushstr(str, append_null: true)
|
|
14
|
+
# This will not affect callee's +str+.
|
|
15
|
+
str += "\x00" if append_null && !str.end_with?("\x00")
|
|
16
|
+
return if str.empty?
|
|
17
|
+
padding = str[-1].ord >= 128 ? "\xff" : "\x00"
|
|
18
|
+
cat "/* push #{str.inspect} */"
|
|
19
|
+
group(4, str, underfull_action: :fill, fill_value: padding).reverse_each do |word|
|
|
20
|
+
sign = u32(word, endian: 'little', signed: true)
|
|
21
|
+
if [0, 0xa].include?(sign) # simple forbidden byte case
|
|
22
|
+
cat "push #{pretty(sign + 1)}"
|
|
23
|
+
cat 'dec byte ptr [esp]'
|
|
24
|
+
elsif sign >= -128 && sign <= 127
|
|
25
|
+
cat "push #{pretty(sign)}"
|
|
26
|
+
elsif okay(word)
|
|
27
|
+
cat "push #{pretty(sign)}"
|
|
28
|
+
else
|
|
29
|
+
a = u32(xor_pair(word).first, endian: 'little', signed: false)
|
|
30
|
+
cat "push #{pretty(a)}"
|
|
31
|
+
cat "xor dword ptr [esp], #{pretty(a ^ sign)} /* #{pretty(a)} ^ #{pretty(sign)} */"
|
|
32
|
+
end
|
|
33
|
+
end
|
|
34
|
+
end
|
|
35
|
+
end
|
|
36
|
+
end
|
|
37
|
+
end
|
|
38
|
+
end
|
|
39
|
+
end
|
|
@@ -0,0 +1,19 @@
|
|
|
1
|
+
require 'pwnlib/shellcraft/generators/i386/common/common'
|
|
2
|
+
require 'pwnlib/shellcraft/generators/x86/common/pushstr_array'
|
|
3
|
+
|
|
4
|
+
module Pwnlib
|
|
5
|
+
module Shellcraft
|
|
6
|
+
module Generators
|
|
7
|
+
module I386
|
|
8
|
+
module Common
|
|
9
|
+
# See {Pwnlib::Shellcraft::Generators::X86::Common#pushstr_array}.
|
|
10
|
+
def pushstr_array(*args)
|
|
11
|
+
context.local(arch: 'i386') do
|
|
12
|
+
cat X86::Common.pushstr_array(*args)
|
|
13
|
+
end
|
|
14
|
+
end
|
|
15
|
+
end
|
|
16
|
+
end
|
|
17
|
+
end
|
|
18
|
+
end
|
|
19
|
+
end
|
|
@@ -0,0 +1,19 @@
|
|
|
1
|
+
require 'pwnlib/shellcraft/generators/i386/common/common'
|
|
2
|
+
require 'pwnlib/shellcraft/generators/x86/common/setregs'
|
|
3
|
+
|
|
4
|
+
module Pwnlib
|
|
5
|
+
module Shellcraft
|
|
6
|
+
module Generators
|
|
7
|
+
module I386
|
|
8
|
+
module Common
|
|
9
|
+
# See {Generators::X86::Common#setregs}.
|
|
10
|
+
def setregs(*args)
|
|
11
|
+
context.local(arch: 'i386') do
|
|
12
|
+
cat X86::Common.setregs(*args)
|
|
13
|
+
end
|
|
14
|
+
end
|
|
15
|
+
end
|
|
16
|
+
end
|
|
17
|
+
end
|
|
18
|
+
end
|
|
19
|
+
end
|
|
@@ -0,0 +1,19 @@
|
|
|
1
|
+
require 'pwnlib/shellcraft/generators/i386/linux/linux'
|
|
2
|
+
require 'pwnlib/shellcraft/generators/x86/linux/execve'
|
|
3
|
+
|
|
4
|
+
module Pwnlib
|
|
5
|
+
module Shellcraft
|
|
6
|
+
module Generators
|
|
7
|
+
module I386
|
|
8
|
+
module Linux
|
|
9
|
+
# See {Generators::X86::Linux#execve}.
|
|
10
|
+
def execve(*arguments)
|
|
11
|
+
context.local(arch: 'i386') do
|
|
12
|
+
cat X86::Linux.execve(*arguments)
|
|
13
|
+
end
|
|
14
|
+
end
|
|
15
|
+
end
|
|
16
|
+
end
|
|
17
|
+
end
|
|
18
|
+
end
|
|
19
|
+
end
|
|
@@ -0,0 +1,19 @@
|
|
|
1
|
+
require 'pwnlib/shellcraft/generators/i386/linux/linux'
|
|
2
|
+
require 'pwnlib/shellcraft/generators/x86/linux/ls'
|
|
3
|
+
|
|
4
|
+
module Pwnlib
|
|
5
|
+
module Shellcraft
|
|
6
|
+
module Generators
|
|
7
|
+
module I386
|
|
8
|
+
module Linux
|
|
9
|
+
# See #{Generators::X86::Linux#ls}.
|
|
10
|
+
def ls(*args)
|
|
11
|
+
context.local(arch: 'i386') do
|
|
12
|
+
cat X86::Linux.ls(*args)
|
|
13
|
+
end
|
|
14
|
+
end
|
|
15
|
+
end
|
|
16
|
+
end
|
|
17
|
+
end
|
|
18
|
+
end
|
|
19
|
+
end
|
|
@@ -0,0 +1,19 @@
|
|
|
1
|
+
require 'pwnlib/shellcraft/generators/i386/linux/linux'
|
|
2
|
+
require 'pwnlib/shellcraft/generators/x86/linux/sh'
|
|
3
|
+
|
|
4
|
+
module Pwnlib
|
|
5
|
+
module Shellcraft
|
|
6
|
+
module Generators
|
|
7
|
+
module I386
|
|
8
|
+
module Linux
|
|
9
|
+
# See #{Generators::X86::Linux#sh}.
|
|
10
|
+
def sh(*args)
|
|
11
|
+
context.local(arch: 'i386') do
|
|
12
|
+
cat X86::Linux.sh(*args)
|
|
13
|
+
end
|
|
14
|
+
end
|
|
15
|
+
end
|
|
16
|
+
end
|
|
17
|
+
end
|
|
18
|
+
end
|
|
19
|
+
end
|
|
@@ -0,0 +1,19 @@
|
|
|
1
|
+
require 'pwnlib/shellcraft/generators/i386/linux/linux'
|
|
2
|
+
require 'pwnlib/shellcraft/generators/x86/linux/syscall'
|
|
3
|
+
|
|
4
|
+
module Pwnlib
|
|
5
|
+
module Shellcraft
|
|
6
|
+
module Generators
|
|
7
|
+
module I386
|
|
8
|
+
module Linux
|
|
9
|
+
# See {Generators::X86::Linux#syscall}.
|
|
10
|
+
def syscall(*arguments)
|
|
11
|
+
context.local(arch: 'i386') do
|
|
12
|
+
cat X86::Linux.syscall(*arguments)
|
|
13
|
+
end
|
|
14
|
+
end
|
|
15
|
+
end
|
|
16
|
+
end
|
|
17
|
+
end
|
|
18
|
+
end
|
|
19
|
+
end
|