assert data.array.cast(Str()) != memstr assert data.array.cast(Str("utf16")).val == memstr.val print "See that the original array has been modified:" print repr(data) print # Some type manipulation examples, for example let's construct an argv for # a program: # Let's say that we have two arguments, +1 for the program name and +1 for the # final null ptr in argv, the array has 4 elements: argv_t = Array(Ptr("<I", Str()), 4) print "3 arguments argv type:", argv_t # alloc argv somewhere argv = argv_t.lval(vm) # Auto alloc with the MemStr.from_str helper MemStrAnsi = Str().lval argv[0].val = MemStrAnsi.from_str(vm, "./my-program").get_addr() argv[1].val = MemStrAnsi.from_str(vm, "arg1").get_addr() argv[2].val = MemStrAnsi.from_str(vm, "27").get_addr() argv[3].val = 0 # If you changed your mind on the second arg, you could do: argv[2].deref.val = "42" print "An argv instance:", repr(argv) print "argv values:", repr([val.deref.val for val in argv[:-1]]) print
sb.jitter.vm.add_memory_page(passwd_addr,PAGE_READ | PAGE_WRITE,ascii_letters[:30] + '\x00','required input') sb.jitter.vm.add_memory_page(argzero_addr,PAGE_READ,'reverseMe\x00','argv[0] -> program path') sb.jitter.push_uint32_t(passwd_addr) #argv[1] sb.jitter.push_uint32_t(argzero_addr) #argv[0] sb.jitter.push_uint32_t(0x2) #argc ''' #Set default allocator from class heap() set_allocator(heap().vm_alloc) #implementing argv[] array busing core types of miasm2 argv_t = Array(Ptr("<I",Str()),3) argv = argv_t.lval(sb.jitter.vm) MemStrAnsi = Str().lval argv[0].val = MemStrAnsi.from_str(sb.jitter.vm, "./reverseMe").get_addr() argv[1].val = MemStrAnsi.from_str(sb.jitter.vm, ascii_letters[:28]).get_addr() argv[2].val = 0 sb.jitter.push_uint32_t(argv[2].val) #argv[2] sb.jitter.push_uint32_t(argv[1].val) #argv[1] sb.jitter.push_uint32_t(argv[0].val) #argv[0] sb.jitter.push_uint32_t(0x2) #argc #Handle INT \x80 exception and dump memory region def dump(jitter): print sb.jitter.vm