def print_dst(args): socket_handle = k.z.handles.get(args.sockfd) if socket_handle is None: return "{0}=0x{1:x}".format("dest_addr", args.dest_addr) sock = socket_handle.socket sockaddr = bytes(p.memory.read(args.dest_addr, args.addrlen)) (host, port) = get_host_and_port(sock.domain, sockaddr) return f"dest_addr=0x{args.dest_addr:x} ({host}:{port})"
def print_addr(args): socket_handle = k.z.handles.get(args.sockfd) if not isinstance(socket_handle, SocketHandle): return "{0}=0x{1:x}".format("addr", args.addr) sock = socket_handle.socket sockaddr = bytes(p.memory.read(args.addr, args.addrlen)) (host, port) = get_host_and_port(sock.domain, sockaddr) return f"dest_addr=0x{args.addr:x} ({host}:{port})"
def sendto(k, p, args_addr): def print_buf(args): s = repr(bytes(p.memory.read(args.buf, size=args.len)))[2:-1] return f'buf=0x{args.buf:x} ("{s}")' def print_dst(args): socket_handle = k.z.handles.get(args.sockfd) if socket_handle is None: return "{0}=0x{1:x}".format("dest_addr", args.dest_addr) sock = socket_handle.socket sockaddr = bytes(p.memory.read(args.dest_addr, args.addrlen)) (host, port) = get_host_and_port(sock.domain, sockaddr) return f"dest_addr=0x{args.dest_addr:x} ({host}:{port})" args = k._get_socketcall_args( p, "sendto", args_addr, [ ("int", "sockfd"), ("const void*", "buf"), ("size_t", "len"), ("int", "flags"), ("const struct sockaddr*", "dest_addr"), ("socklen_t", "addrlen"), ], arg_string_overrides={ "buf": print_buf, "dest_addr": print_dst }, ) socket_handle = k.z.handles.get(args.sockfd) if socket_handle is None: k.logger.notice(f"Could not find socket {args.sockfd}") return -1 sock = socket_handle.socket sockaddr = bytes(p.memory.read(args.dest_addr, args.addrlen)) (host, port) = get_host_and_port(sock.domain, sockaddr) payload = p.memory.read(args.buf, args.len) if socket_handle.data.get("port", 0) == 53: target = dns.parse_dns_request(payload) if target is not None: k.print_info(f"DNS Request: {target}") k.z.network.add_attempted_connection(target, "sendto") return sock.sendto(payload, (host, port), args.flags)
def bind(k, p, args_addr): args = k._get_socketcall_args( p, "bind", args_addr, [ ("int", "sockfd"), ("const struct sockaddr*", "addr"), ("socklen_t", "addrlen"), ], ) _parse_sockaddr(p, args.addr, args.addrlen) socket_handle = k.z.handles.get(args.sockfd) sock = socket_handle.socket addr = bytes(p.memory.read(args.addr, args.addrlen)) (host, port) = get_host_and_port(sock.domain, addr) k.print(f"binding socket 0x{args.sockfd:x} to ({host}, {port})") return sock.bind((host, port))
def connect(k, p, args_addr): def print_addr(args): socket_handle = k.z.handles.get(args.sockfd) if socket_handle is None: return "{0}=0x{1:x}".format("addr", args.addr) sock = socket_handle.socket sockaddr = bytes(p.memory.read(args.addr, args.addrlen)) (host, port) = get_host_and_port(sock.domain, sockaddr) return f"dest_addr=0x{args.addr:x} ({host}:{port})" args = k._get_socketcall_args( p, "connect", args_addr, [ ("int", "sockfd"), ("const struct sockaddr*", "addr"), ("socklen_t", "addrlen"), ], arg_string_overrides={"addr": print_addr}, ) # _parse_sockaddr(p, args.addr, args.addrlen) socket_handle = k.z.handles.get(args.sockfd) if socket_handle is None: k.logger.error("Invalid socket handle") return -1 socket = socket_handle.socket addr = p.memory.read(args.addr, args.addrlen) host, port = get_host_and_port(socket.domain, bytes(addr)) socket_handle.data["dst_name"] = f"{host}:{port}" socket_handle.data["host"] = host socket_handle.data["port"] = port status = socket.connect((host, port)) return status