def test_get_start_address(): stdout, stderr = '', '' tmp_dir = mkdtemp() asm_fp = join(tmp_dir, 'shellcode.asm') exe_fp = join(tmp_dir, 'shellcode.exe') secret_fp = '/tmp/secret' os.system('echo "%s" > %s' % (SECRET_STR, secret_fp)) kernel = ShellNoob.get_kernel() if kernel == 'Linux': shutil.copyfile( join(dirname(__file__), 'samples/x86-linux/open-read-write.asm'), asm_fp) elif kernel == 'FreeBSD': shutil.copyfile( join(dirname(__file__), 'samples/x86-freebsd/open-read-write.asm'), asm_fp) else: raise Exception('testing on kernel %s not supported' % kernel) _out, _err, _val = run_with_args('%s --to-exe' % asm_fp) stdout += _out stderr += _err assert _val == 0 snoob = ShellNoob() start_addr = snoob.get_start_address(exe_fp) assert re.match('0x[0-9a-f]+', start_addr) shutil.rmtree(tmp_dir) os.unlink(secret_fp) return stdout, stderr, 0
def test_get_start_address(): stdout, stderr = '', '' tmp_dir = mkdtemp() asm_fp = join(tmp_dir, 'shellcode.asm') exe_fp = join(tmp_dir, 'shellcode.exe') os.system('echo "%s" > /tmp/secret' % SECRET_STR) kernel = ShellNoob.get_kernel() if kernel == 'Linux': shutil.copyfile(join(dirname(__file__), 'samples/x86-linux/open-read-write.asm'), asm_fp) elif kernel == 'FreeBSD': shutil.copyfile(join(dirname(__file__), 'samples/x86-freebsd/open-read-write.asm'), asm_fp) else: raise Exception('testing on kernel %s not supported' % kernel) _out, _err, _val = run_with_args('%s --to-exe' % asm_fp) stdout += _out; stderr += _err; assert _val == 0; snoob = ShellNoob() start_addr = snoob.get_start_address(exe_fp) assert re.match('0x[0-9a-f]+', start_addr) return stdout, stderr, 0
def run_all_tests(): kernel, hardware = ShellNoob.get_kernel(), ShellNoob.get_hardware() entry = '%s#%s' % (kernel, hardware) tot_test = 0 ok_test = 0 try: tests = supported_features[entry] except KeyError: print('ERROR: No tests for this setup "%s"' % entry) sys.exit(1) for test_name, entries in tests.items(): for e in entries: tot_test += 1 _input, expected = e print('Running test %s - %s - %s' % (test_name, _input, str(expected))) e_stdout, e_stderr, e_retval = expected try: stdout, stderr, retval = globals()[test_name](*_input) if not re.search(e_stdout, stdout): print(RED + 'ERROR STDOUT %s != %s (expected)' % (stdout, e_stdout) + ENDC) continue if not re.search(e_stderr, stderr): print(RED + 'ERROR STDERR?g %s != %s (expected)' % (stderr, e_stderr) + ENDC) continue if retval != e_retval: print(RED + 'ERROR RETVAL %s != %s (expected)' % (retval, e_retval) + ENDC) continue print(GREEN + 'OK' + ENDC) ok_test += 1 except Exception as e: print(RED + 'ERROR Exception while executing %s' % test_name + ENDC) print(traceback.format_exc()) print('---------------------------') if ok_test == tot_test: print(GREEN + '%s/%s OK' % (ok_test, tot_test) + ENDC) else: print(RED + '%s/%s ERROR' % (ok_test, tot_test) + ENDC)
def run_all_tests(): kernel, hardware = ShellNoob.get_kernel(), ShellNoob.get_hardware() entry = '%s#%s' % (kernel, hardware) tot_test = 0 ok_test = 0 try: tests = supported_features[entry] except KeyError: print 'ERROR: No tests for this setup "%s"' % entry sys.exit(1) for test_name, entries in tests.items(): for e in entries: tot_test += 1 _input, expected = e print 'Running test %s - %s - %s' % (test_name, _input, str(expected)) e_stdout, e_stderr, e_retval = expected try: stdout, stderr, retval = globals()[test_name](*_input) if not re.search(e_stdout, stdout): print RED + 'ERROR STDOUT %s != %s (expected)' % (stdout, e_stdout) + ENDC continue if not re.search(e_stderr, stderr): print RED + 'ERROR STDERR?g %s != %s (expected)' % (stderr, e_stderr) + ENDC continue if retval != e_retval: print RED + 'ERROR RETVAL %s != %s (expected)' % (retval, e_retval) + ENDC continue print GREEN + 'OK' + ENDC ok_test += 1 except Exception as e: print RED + 'ERROR Exception while executing %s' % test_name + ENDC print traceback.format_exc() print '---------------------------' if ok_test == tot_test: print GREEN + '%s/%s OK' % (ok_test, tot_test) + ENDC else: print RED + '%s/%s ERROR' % (ok_test, tot_test) + ENDC
def test_conversion(with_breakpoint=False): stdout, stderr = '', '' tmp_dir = mkdtemp() asm_fp = join(tmp_dir, 'shellcode.asm') asm2_fp = join(tmp_dir, 'shellcode2.asm') obj_fp = join(tmp_dir, 'shellcode.obj') exe_fp = join(tmp_dir, 'shellcode.exe') bin_fp = join(tmp_dir, 'shellcode.bin') bin2_fp = join(tmp_dir, 'shellcode2.bin') hex_fp = join(tmp_dir, 'shellcode.hex') c_fp = join(tmp_dir, 'shellcode.c') python_fp = join(tmp_dir, 'shellcode.py') bash_fp = join(tmp_dir, 'shellcode.sh') pretty_fp = join(tmp_dir, 'shellcode.pretty') safeasm_fp = join(tmp_dir, 'shellcode.safeasm') secret_fp = '/tmp/secret' os.system('echo "%s" > %s' % (SECRET_STR, secret_fp)) kernel = ShellNoob.get_kernel() if kernel == 'Linux': shutil.copyfile( join(dirname(__file__), 'samples/x86-linux/open-read-write.asm'), asm_fp) elif kernel == 'FreeBSD': shutil.copyfile( join(dirname(__file__), 'samples/x86-freebsd/open-read-write.asm'), asm_fp) else: raise Exception('testing on kernel %s not supported' % kernel) _out, _err, _val = run_with_args('%s --to-bin' % asm_fp) stdout += _out stderr += _err assert _val == 0 _out, _err, _val = run_with_args('%s --to-hex' % bin_fp) stdout += _out stderr += _err assert _val == 0 _out, _err, _val = run_with_args('%s --to-obj' % hex_fp) stdout += _out stderr += _err assert _val == 0 _out, _err, _val = run_with_args('%s --to-hex' % obj_fp) stdout += _out stderr += _err assert _val == 0 _out, _err, _val = run_with_args('%s --to-bin %s' % (hex_fp, bin2_fp)) stdout += _out stderr += _err assert _val == 0 assert (md5(open(bin_fp, 'rb').read()).hexdigest() == md5( open(bin2_fp, 'rb').read()).hexdigest()) _out, _err, _val = run_with_args('%s --to-obj' % asm_fp) stdout += _out stderr += _err assert _val == 0 _out, _err, _val = run_with_args('%s --to-exe' % asm_fp) stdout += _out stderr += _err assert _val == 0 _out, _err, _val = run_with_args('%s --to-bin' % asm_fp) stdout += _out stderr += _err assert _val == 0 _out, _err, _val = run_with_args('%s --to-hex' % asm_fp) stdout += _out stderr += _err assert _val == 0 _out, _err, _val = run_with_args('%s --to-c' % asm_fp) stdout += _out stderr += _err assert _val == 0 _out, _err, _val = run_with_args('%s --to-python' % asm_fp) stdout += _out stderr += _err assert _val == 0 _out, _err, _val = run_with_args('%s --to-bash' % asm_fp) stdout += _out stderr += _err assert _val == 0 _out, _err, _val = run_with_args('%s --to-pretty' % asm_fp) stdout += _out stderr += _err assert _val == 0 _out, _err, _val = run_with_args('%s --to-safeasm' % asm_fp) stdout += _out stderr += _err assert _val == 0 _out, _err, _val = run_with_args('%s --to-asm %s' % (obj_fp, asm2_fp)) stdout += _out stderr += _err assert _val == 0 _out, _err, _val = run_with_args('%s --to-exe' % obj_fp) stdout += _out stderr += _err assert _val == 0 _out, _err, _val = run_with_args('%s --to-bin' % obj_fp) stdout += _out stderr += _err assert _val == 0 _out, _err, _val = run_with_args('%s --to-hex' % obj_fp) stdout += _out stderr += _err assert _val == 0 _out, _err, _val = run_with_args('%s --to-c' % obj_fp) stdout += _out stderr += _err assert _val == 0 _out, _err, _val = run_with_args('%s --to-python' % obj_fp) stdout += _out stderr += _err assert _val == 0 _out, _err, _val = run_with_args('%s --to-bash' % obj_fp) stdout += _out stderr += _err assert _val == 0 _out, _err, _val = run_with_args('%s --to-pretty' % obj_fp) stdout += _out stderr += _err assert _val == 0 _out, _err, _val = run_with_args('%s --to-safeasm' % obj_fp) stdout += _out stderr += _err assert _val == 0 _out, _err, _val = run_with_args('-c %s --to-obj' % asm_fp) stdout += _out stderr += _err assert _val == 0 _out, _err, _val = run_with_args('-c %s --to-exe' % asm_fp) stdout += _out stderr += _err assert _val == 0 _out, _err, _val = run_with_args('-c %s --to-bin' % asm_fp) stdout += _out stderr += _err assert _val == 0 _out, _err, _val = run_with_args('-c %s --to-hex' % asm_fp) stdout += _out stderr += _err assert _val == 0 _out, _err, _val = run_with_args('-c %s --to-c' % asm_fp) stdout += _out stderr += _err assert _val == 0 _out, _err, _val = run_with_args('-c %s --to-python' % asm_fp) stdout += _out stderr += _err assert _val == 0 _out, _err, _val = run_with_args('-c %s --to-bash' % asm_fp) stdout += _out stderr += _err assert _val == 0 _out, _err, _val = run_with_args('-c %s --to-pretty' % asm_fp) stdout += _out stderr += _err assert _val == 0 _out, _err, _val = run_with_args('-c %s --to-safeasm' % asm_fp) stdout += _out stderr += _err assert _val == 0 # TODO add "chain" tests _out, _err, _val = run_with_args('%s --to-exe' % asm_fp) assert os.popen(exe_fp).read().rstrip() == SECRET_STR print('Output of the shellcode matches!') shutil.rmtree(tmp_dir) os.unlink(secret_fp) return stdout.strip(), stderr, 0
def test_conversion(with_breakpoint=False): stdout, stderr = '', '' tmp_dir = mkdtemp() asm_fp = join(tmp_dir, 'shellcode.asm') asm2_fp = join(tmp_dir, 'shellcode2.asm') obj_fp = join(tmp_dir, 'shellcode.obj') exe_fp = join(tmp_dir, 'shellcode.exe') bin_fp = join(tmp_dir, 'shellcode.bin') bin2_fp = join(tmp_dir, 'shellcode2.bin') hex_fp = join(tmp_dir, 'shellcode.hex') c_fp = join(tmp_dir, 'shellcode.c') python_fp = join(tmp_dir, 'shellcode.py') bash_fp = join(tmp_dir, 'shellcode.sh') pretty_fp = join(tmp_dir, 'shellcode.pretty') safeasm_fp = join(tmp_dir, 'shellcode.safeasm') os.system('echo "%s" > /tmp/secret' % SECRET_STR) kernel = ShellNoob.get_kernel() if kernel == 'Linux': shutil.copyfile(join(dirname(__file__), 'samples/x86-linux/open-read-write.asm'), asm_fp) elif kernel == 'FreeBSD': shutil.copyfile(join(dirname(__file__), 'samples/x86-freebsd/open-read-write.asm'), asm_fp) else: raise Exception('testing on kernel %s not supported' % kernel) _out, _err, _val = run_with_args('%s --to-bin' % asm_fp) stdout += _out; stderr += _err; assert _val == 0; _out, _err, _val = run_with_args('%s --to-hex' % bin_fp) stdout += _out; stderr += _err; assert _val == 0; _out, _err, _val = run_with_args('%s --to-obj' % hex_fp) stdout += _out; stderr += _err; assert _val == 0; _out, _err, _val = run_with_args('%s --to-hex' % obj_fp) stdout += _out; stderr += _err; assert _val == 0; _out, _err, _val = run_with_args('%s --to-bin %s' % (hex_fp, bin2_fp)) stdout += _out; stderr += _err; assert _val == 0; assert (md5(open(bin_fp,'rb').read()).hexdigest() == md5(open(bin2_fp,'rb').read()).hexdigest()) _out, _err, _val = run_with_args('%s --to-obj' % asm_fp) stdout += _out; stderr += _err; assert _val == 0; _out, _err, _val = run_with_args('%s --to-exe' % asm_fp) stdout += _out; stderr += _err; assert _val == 0; _out, _err, _val = run_with_args('%s --to-bin' % asm_fp) stdout += _out; stderr += _err; assert _val == 0; _out, _err, _val = run_with_args('%s --to-hex' % asm_fp) stdout += _out; stderr += _err; assert _val == 0; _out, _err, _val = run_with_args('%s --to-c' % asm_fp) stdout += _out; stderr += _err; assert _val == 0; _out, _err, _val = run_with_args('%s --to-python' % asm_fp) stdout += _out; stderr += _err; assert _val == 0; _out, _err, _val = run_with_args('%s --to-bash' % asm_fp) stdout += _out; stderr += _err; assert _val == 0; _out, _err, _val = run_with_args('%s --to-pretty' % asm_fp) stdout += _out; stderr += _err; assert _val == 0; _out, _err, _val = run_with_args('%s --to-safeasm' % asm_fp) stdout += _out; stderr += _err; assert _val == 0; _out, _err, _val = run_with_args('%s --to-asm %s' % (obj_fp, asm2_fp)) stdout += _out; stderr += _err; assert _val == 0; _out, _err, _val = run_with_args('%s --to-exe' % obj_fp) stdout += _out; stderr += _err; assert _val == 0; _out, _err, _val = run_with_args('%s --to-bin' % obj_fp) stdout += _out; stderr += _err; assert _val == 0; _out, _err, _val = run_with_args('%s --to-hex' % obj_fp) stdout += _out; stderr += _err; assert _val == 0; _out, _err, _val = run_with_args('%s --to-c' % obj_fp) stdout += _out; stderr += _err; assert _val == 0; _out, _err, _val = run_with_args('%s --to-python' % obj_fp) stdout += _out; stderr += _err; assert _val == 0; _out, _err, _val = run_with_args('%s --to-bash' % obj_fp) stdout += _out; stderr += _err; assert _val == 0; _out, _err, _val = run_with_args('%s --to-pretty' % obj_fp) stdout += _out; stderr += _err; assert _val == 0; _out, _err, _val = run_with_args('%s --to-safeasm' % obj_fp) stdout += _out; stderr += _err; assert _val == 0; _out, _err, _val = run_with_args('-c %s --to-obj' % asm_fp) stdout += _out; stderr += _err; assert _val == 0; _out, _err, _val = run_with_args('-c %s --to-exe' % asm_fp) stdout += _out; stderr += _err; assert _val == 0; _out, _err, _val = run_with_args('-c %s --to-bin' % asm_fp) stdout += _out; stderr += _err; assert _val == 0; _out, _err, _val = run_with_args('-c %s --to-hex' % asm_fp) stdout += _out; stderr += _err; assert _val == 0; _out, _err, _val = run_with_args('-c %s --to-c' % asm_fp) stdout += _out; stderr += _err; assert _val == 0; _out, _err, _val = run_with_args('-c %s --to-python' % asm_fp) stdout += _out; stderr += _err; assert _val == 0; _out, _err, _val = run_with_args('-c %s --to-bash' % asm_fp) stdout += _out; stderr += _err; assert _val == 0; _out, _err, _val = run_with_args('-c %s --to-pretty' % asm_fp) stdout += _out; stderr += _err; assert _val == 0; _out, _err, _val = run_with_args('-c %s --to-safeasm' % asm_fp) stdout += _out; stderr += _err; assert _val == 0; # TODO add "chain" tests _out, _err, _val = run_with_args('%s --to-exe' % asm_fp) assert os.popen(exe_fp).read().rstrip() == SECRET_STR print 'Output of the shellcode matches!' shutil.rmtree(tmp_dir) return stdout, stderr, 0