rubypwn 0.0.7 → 0.0.8
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- checksums.yaml +4 -4
- data/docs/source/elf.rst +14 -0
- data/docs/source/index.rst +2 -1
- data/lib/elf.rb +45 -14
- data/rubypwn.gemspec +2 -2
- metadata +3 -2
checksums.yaml
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
---
|
|
2
2
|
SHA1:
|
|
3
|
-
metadata.gz:
|
|
4
|
-
data.tar.gz:
|
|
3
|
+
metadata.gz: d1cd3dd82e4fad21aa45c4e7e4a5057ad9682bb3
|
|
4
|
+
data.tar.gz: 4fcf224ad259314b30b5311e642ec4973abb996f
|
|
5
5
|
SHA512:
|
|
6
|
-
metadata.gz:
|
|
7
|
-
data.tar.gz:
|
|
6
|
+
metadata.gz: aa49d4daeb2ba2477ca156b7984670b9dce586bb673b0901894ac83df35be6067eb755e030ff22241054dac519e173c89c781fd57e4efefae914cd0e9d942a2e
|
|
7
|
+
data.tar.gz: ac3cc5bce1e70f24a6d0891bb661a336013c33c624d6fe8aafd0a1b2341d19ee0479fb8ee941be2718a3e87fc63435bd2e36e1a82c082d97a6b4ada7756d5677
|
data/docs/source/elf.rst
ADDED
|
@@ -0,0 +1,14 @@
|
|
|
1
|
+
class Elf
|
|
2
|
+
====================================
|
|
3
|
+
|
|
4
|
+
Used to get some constant value from the binary::
|
|
5
|
+
|
|
6
|
+
2.2.0 :001 > require 'rubypwn'
|
|
7
|
+
=> true
|
|
8
|
+
2.2.0 :002 > e = Elf.new "/lib/i386-linux-gnu/libc.so.6"
|
|
9
|
+
2.2.0 :003 > e.gotplt.keys
|
|
10
|
+
=> ["_Unwind_Find_FDE", "realloc", "malloc", "memalign", "_dl_find_dso_for_object", "calloc", "___tls_get_addr", "free", ""]
|
|
11
|
+
2.2.0 :004 > e.gotplt["malloc"]
|
|
12
|
+
=> 1744916
|
|
13
|
+
2.2.0 :005 > puts "%08x" % e.gotplt["malloc"]
|
|
14
|
+
001aa014
|
data/docs/source/index.rst
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
rubypwn
|
|
2
2
|
====================================
|
|
3
3
|
|
|
4
|
-
|
|
4
|
+
pwntools for ruby developer
|
|
5
5
|
|
|
6
6
|
Getting Started
|
|
7
7
|
---------------
|
|
@@ -24,6 +24,7 @@ All documented module in rubypwn.
|
|
|
24
24
|
|
|
25
25
|
basic
|
|
26
26
|
asm
|
|
27
|
+
elf
|
|
27
28
|
|
|
28
29
|
Indices and tables
|
|
29
30
|
==================
|
data/lib/elf.rb
CHANGED
|
@@ -187,6 +187,14 @@ class ElfParser < BinData::Record
|
|
|
187
187
|
array 1, :type => :relaplt32, :initial_length => 0
|
|
188
188
|
array 2, :type => :relaplt64, :initial_length => 0
|
|
189
189
|
end
|
|
190
|
+
choice :reldyn, :selection => lambda{e_ident.ei_class} do
|
|
191
|
+
array 1, :type => :relplt32, :initial_length => 0
|
|
192
|
+
array 2, :type => :relplt64, :initial_length => 0
|
|
193
|
+
end
|
|
194
|
+
choice :reladyn, :selection => lambda{e_ident.ei_class} do
|
|
195
|
+
array 1, :type => :relaplt32, :initial_length => 0
|
|
196
|
+
array 2, :type => :relaplt64, :initial_length => 0
|
|
197
|
+
end
|
|
190
198
|
|
|
191
199
|
def parse_bits(ei_class)
|
|
192
200
|
ei_class == 1 ? 32 : 64
|
|
@@ -342,24 +350,40 @@ class Elf
|
|
|
342
350
|
end
|
|
343
351
|
|
|
344
352
|
def parse_relplt(binary, elf)
|
|
345
|
-
|
|
353
|
+
plt = nil
|
|
346
354
|
elf.e_shnum.times do |i|
|
|
347
355
|
if elf.sh[i].name_str.to_s == ".rel.plt"
|
|
348
356
|
size = elf.sh[i].sh_size/elf.sh[i].sh_entsize
|
|
349
357
|
if elf.e_ident[:ei_class] == 1
|
|
350
|
-
|
|
358
|
+
plt = BinData::Array.new(:type => :relplt32, :initial_length => size)
|
|
351
359
|
else
|
|
352
|
-
|
|
360
|
+
plt = BinData::Array.new(:type => :relplt64, :initial_length => size)
|
|
353
361
|
end
|
|
354
|
-
elf.relplt.assign
|
|
362
|
+
elf.relplt.assign plt.read binary[elf.sh[i].sh_offset, elf.sh[i].sh_size]
|
|
363
|
+
elsif elf.sh[i].name_str.to_s == ".rel.dyn"
|
|
364
|
+
size = elf.sh[i].sh_size/elf.sh[i].sh_entsize
|
|
365
|
+
if elf.e_ident[:ei_class] == 1
|
|
366
|
+
plt = BinData::Array.new(:type => :relplt32, :initial_length => size)
|
|
367
|
+
else
|
|
368
|
+
plt = BinData::Array.new(:type => :relplt64, :initial_length => size)
|
|
369
|
+
end
|
|
370
|
+
elf.reldyn.assign plt.read binary[elf.sh[i].sh_offset, elf.sh[i].sh_size]
|
|
355
371
|
elsif elf.sh[i].name_str.to_s == ".rela.plt"
|
|
356
372
|
size = elf.sh[i].sh_size/elf.sh[i].sh_entsize
|
|
357
373
|
if elf.e_ident[:ei_class] == 1
|
|
358
|
-
|
|
374
|
+
plt = BinData::Array.new(:type => :relaplt32, :initial_length => size)
|
|
375
|
+
else
|
|
376
|
+
plt = BinData::Array.new(:type => :relaplt64, :initial_length => size)
|
|
377
|
+
end
|
|
378
|
+
elf.relaplt.assign plt.read binary[elf.sh[i].sh_offset, elf.sh[i].sh_size]
|
|
379
|
+
elsif elf.sh[i].name_str.to_s == ".rela.dyn"
|
|
380
|
+
size = elf.sh[i].sh_size/elf.sh[i].sh_entsize
|
|
381
|
+
if elf.e_ident[:ei_class] == 1
|
|
382
|
+
plt = BinData::Array.new(:type => :relaplt32, :initial_length => size)
|
|
359
383
|
else
|
|
360
|
-
|
|
384
|
+
plt = BinData::Array.new(:type => :relaplt64, :initial_length => size)
|
|
361
385
|
end
|
|
362
|
-
elf.
|
|
386
|
+
elf.reladyn.assign plt.read binary[elf.sh[i].sh_offset, elf.sh[i].sh_size]
|
|
363
387
|
end
|
|
364
388
|
end
|
|
365
389
|
end
|
|
@@ -367,19 +391,26 @@ class Elf
|
|
|
367
391
|
def gen_gotplt(elf)
|
|
368
392
|
result = {}
|
|
369
393
|
rel = nil
|
|
370
|
-
if elf.relplt.size > 0
|
|
371
|
-
rel = elf.relplt
|
|
372
|
-
elsif elf.relaplt.size > 0
|
|
373
|
-
rel = elf.relaplt
|
|
374
|
-
end
|
|
375
394
|
|
|
376
|
-
|
|
395
|
+
elf.relplt.each do |r|
|
|
377
396
|
result[elf.symtab[r.sym_index.to_i].name_str.to_s] = r.r_offset.to_i
|
|
378
397
|
end
|
|
398
|
+
|
|
399
|
+
elf.relaplt.each do |r|
|
|
400
|
+
result[elf.symtab[r.sym_index.to_i].name_str.to_s] = r.r_offset.to_i
|
|
401
|
+
end
|
|
402
|
+
|
|
403
|
+
elf.reldyn.each do |r|
|
|
404
|
+
result[elf.symtab[r.sym_index.to_i].name_str.to_s] = elf.symtab[r.sym_index.to_i].st_value
|
|
405
|
+
end
|
|
406
|
+
|
|
407
|
+
elf.reladyn.each do |r|
|
|
408
|
+
result[elf.symtab[r.sym_index.to_i].name_str.to_s] = elf.symtab[r.sym_index.to_i].st_value
|
|
409
|
+
end
|
|
379
410
|
result
|
|
380
411
|
end
|
|
381
412
|
end
|
|
382
413
|
|
|
383
414
|
#require 'pp'
|
|
384
415
|
#e = Elf.new ARGV[0]
|
|
385
|
-
#pp e.gotplt["
|
|
416
|
+
#pp e.gotplt["__free_hook"]
|
data/rubypwn.gemspec
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
Gem::Specification.new do |s|
|
|
2
2
|
s.name = 'rubypwn'
|
|
3
|
-
s.version = '0.0.
|
|
4
|
-
s.date = '2015-
|
|
3
|
+
s.version = '0.0.8'
|
|
4
|
+
s.date = '2015-09-06'
|
|
5
5
|
s.summary = "ruby pwn tools"
|
|
6
6
|
s.description = <<-DESCRIPTION.strip.gsub(/\s+/, " ")
|
|
7
7
|
A simple library for CTF pwning challenges.
|
metadata
CHANGED
|
@@ -1,14 +1,14 @@
|
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
|
2
2
|
name: rubypwn
|
|
3
3
|
version: !ruby/object:Gem::Version
|
|
4
|
-
version: 0.0.
|
|
4
|
+
version: 0.0.8
|
|
5
5
|
platform: ruby
|
|
6
6
|
authors:
|
|
7
7
|
- atdog
|
|
8
8
|
autorequire:
|
|
9
9
|
bindir: bin
|
|
10
10
|
cert_chain: []
|
|
11
|
-
date: 2015-
|
|
11
|
+
date: 2015-09-06 00:00:00.000000000 Z
|
|
12
12
|
dependencies:
|
|
13
13
|
- !ruby/object:Gem::Dependency
|
|
14
14
|
name: rainbow
|
|
@@ -106,6 +106,7 @@ files:
|
|
|
106
106
|
- docs/source/asm.rst
|
|
107
107
|
- docs/source/basic.rst
|
|
108
108
|
- docs/source/conf.py
|
|
109
|
+
- docs/source/elf.rst
|
|
109
110
|
- docs/source/getting_started.rst
|
|
110
111
|
- docs/source/index.rst
|
|
111
112
|
- lib/asm.rb
|