def load_pe_binary(self, pe):
"load the program into virtual memory (populate the mmap dict)"
p = Task(pe, cpu)
p.OS = self
# create text and data segments according to elf header:
for s in pe.sections:
ms = pe.loadsegment(s, pe.Opt.SectionAlignment)
if ms != None:
vaddr, data = ms.popitem()
p.state.mmap.write(vaddr, data)
# init task state:
p.state[cpu.eip] = cpu.cst(p.bin.entrypoints[0], 32)
p.state[cpu.ebp] = cpu.cst(0, 32)
p.state[cpu.eax] = cpu.cst(0, 32)
p.state[cpu.ebx] = cpu.cst(0, 32)
p.state[cpu.ecx] = cpu.cst(0, 32)
p.state[cpu.edx] = cpu.cst(0, 32)
p.state[cpu.esi] = cpu.cst(0, 32)
p.state[cpu.edi] = cpu.cst(0, 32)
# create the stack space:
if self.ASLR:
p.state.mmap.newzone(p.cpu.esp)
else:
ssz = pe.Opt.SizeOfStackReserve
stack_base = 0x7FFFFFFF & ~(self.PAGESIZE - 1)
p.state.mmap.write(stack_base - ssz, b"\0" * ssz)
p.state[cpu.esp] = cpu.cst(stack_base, 32)
# create the dynamic segments:
if len(pe.functions) > 0:
self.load_pe_iat(p)
# start task:
self.tasks.append(p)
return p
def initenv(self):
from amoco.cas.mapper import mapper
m = mapper()
for k, v in ((cpu.eip, cpu.cst(self.bin.entrypoints[0],
32)), (cpu.ebp, cpu.cst(0, 32)),
(cpu.eax, cpu.cst(0, 32)), (cpu.ebx, cpu.cst(0, 32)),
(cpu.ecx, cpu.cst(0, 32)), (cpu.edx, cpu.cst(0, 32)),
(cpu.esi, cpu.cst(0, 32)), (cpu.edi, cpu.cst(0, 32))):
m[k] = v
return m
def initenv(self):
from amoco.cas.mapper import mapper
m = mapper()
for k,v in ((cpu.eip, cpu.cst(self.bin.entrypoints[0],32)),
(cpu.ebp, cpu.cst(0,32)),
(cpu.eax, cpu.cst(0,32)),
(cpu.ebx, cpu.cst(0,32)),
(cpu.ecx, cpu.cst(0,32)),
(cpu.edx, cpu.cst(0,32)),
(cpu.esi, cpu.cst(0,32)),
(cpu.edi, cpu.cst(0,32))):
m[k] = v
return m
def load_elf_binary(self, bprm):
"load the program into virtual memory (populate the mmap dict)"
p = Task(bprm, cpu)
p.OS = self
# create text and data segments according to elf header:
for s in bprm.Phdr:
if s.p_type == PT_INTERP:
interp = bprm.readsegment(s).strip(b"\0")
elif s.p_type == PT_LOAD:
ms = bprm.loadsegment(s, self.PAGESIZE)
if ms != None:
vaddr, data = ms.popitem()
p.state.mmap.write(vaddr, data)
elif s.p_type == PT_GNU_STACK:
# executable_stack = s.p_flags & PF_X
pass
# init task state registers:
p.state[cpu.eip] = cpu.cst(p.bin.entrypoints[0], 32)
p.state[cpu.ebp] = cpu.cst(0, 32)
p.state[cpu.eax] = cpu.cst(0, 32)
p.state[cpu.ebx] = cpu.cst(0, 32)
p.state[cpu.ecx] = cpu.cst(0, 32)
p.state[cpu.edx] = cpu.cst(0, 32)
p.state[cpu.esi] = cpu.cst(0, 32)
p.state[cpu.edi] = cpu.cst(0, 32)
# create the stack space:
if self.ASLR:
p.state.mmap.newzone(p.cpu.esp)
else:
stack_base = 0x7FFFFFFF & ~(self.PAGESIZE - 1)
stack_size = 2 * self.PAGESIZE
p.state.mmap.write(stack_base - stack_size, b"\0" * stack_size)
p.state[cpu.esp] = cpu.cst(stack_base, 32)
# create the dynamic segments:
if bprm.dynamic and interp:
self.load_elf_interp(p, interp)
# start task:
self.tasks.append(p)
return p
def use_x86(self):
from amoco.arch.x86 import cpu_x86
self.cpu = cpu_x86
self.state[cpu_x86.eip] = cpu_x86.cst(0,32)
