def __init__(self):
b = r_bin.RBin()
b.load(
"./apks/exploits/617efb2d51ad5c4aed50b76119ad880c6adcd4d2e386b3170930193525b0563d",
None)
baddr = b.get_baddr()
print '-> Sections'
for i in b.get_sections():
print 'offset=0x%08x va=0x%08x size=%05i %s' % (
i.offset, baddr + i.rva, i.size, i.name)
core = r_core.RCore()
core.config.set_i("io.va", 1)
core.config.set_i("anal.split", 1)
core.file_open(
"./apks/exploits/617efb2d51ad5c4aed50b76119ad880c6adcd4d2e386b3170930193525b0563d",
0, 0)
core.bin_load(None)
core.anal_all()
for fcn in core.anal.get_fcns():
print type(fcn), fcn.type, "%x" % fcn.addr, fcn.ninstr, fcn.name
# if (fcn.type == FcnType_FCN or fcn.type == FcnType_SYM):
for s in core.bin.get_entries():
print s, type(s), s.rva, "%x" % s.offset
#a = r_asm.RAsm()
for s in core.bin.get_symbols():
print s, s.name, s.rva, s.offset, s.size
if s.name == "rootshell":
#print core.disassemble_bytes( 0x8000 + s.offset, s.size )
#core.assembler.mdisassemble( 0x8000 + s.offset, s.size )
z = core.op_anal(0x8000 + s.offset)
print z.mnemonic
raise ("oo")
print core.bin.bins, core.bin.user
d = core.bin.read_at(0x8000 + s.offset, x, s.size)
print d
raise ("ooo")
j = 0
while j < s.size:
v = core.disassemble(0x8000 + s.offset + j)
v1 = core.op_str(0x8000 + s.offset + j)
print v1
# print 0x8000 + s.offset + j, j, v.inst_len, v.buf_asm
j += v.inst_len
from r2 import r_core
rc = r_core.RCore()
rc.file_open("/bin/ls", 0, 0)
rc.bin_load("", 0)
rc.anal_all()
funcs = rc.anal.get_fcns()
for f in funcs:
blocks = f.get_bbs()
print("+" + (72 * "-"))
print("| FUNCTION: %s @ 0x%x" % (f.name, f.addr))
print("| (%d blocks)" % (len(blocks)))
print("+" + (72 * "-"))
for b in blocks:
print("---[ Block @ 0x%x ]---" % (b.addr))
print(" | size: %d" % (b.size))
print(" | jump: 0x%x" % (b.jump))
print(" | conditional: %d" % (b.conditional))
print(" | return: %d" % (b.returnbb))
end_byte = b.addr + b.size
cur_byte = b.addr
while (cur_byte < end_byte):
#anal_op = rc.op_anal(cur_byte)
asm_op = rc.disassemble(cur_byte)
if asm_op.inst_len == 0: