def getSectionList(self): nullSh = Sh() nullSh.retrieve([0x00 for i in range(56)]) nullSection = Section([], '', nullSh) strSection = self.makeShStrSection() return (nullSection, self.sectionList, strSection)
def extract(self): shSize = self.eh.get('sh_size') shNum = self.eh.get('sh_num') shOff = self.eh.get('sh_offset') strTab = self.retrieveStringTable() result = [] for idx in range(1, shNum): if idx == self.eh.get('shstrndx'): continue shStart = shOff + shSize * idx sh = Sh() sh.retrieve(self.byteList[shStart:shStart+shSize]) name = retrieveStr(strTab, sh.get('name_index')) body = self.byteList[sh.get('offset'):sh.get('offset')+sh.get('size')] if name == '.symtab' or name == '.strtab': continue result.append((name, body, sh)) return result
def makeShStrSection(self, offset): shStr = "\0" for h in self.sectionList: h['sh'].set('name_index', len(shStr)) shStr += h['name'] + "\0" shStrIdx = len(shStr) shStr += ".shstrtab\0" shStrTab = map(ord, shStr) shList = [] shList += convLE(shStrIdx, 4) # name_index shList += convLE(3, 4) # type shList += [0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00] # flag shList += [0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00] # address shList += convLE(offset, 8) # offset(dummy) shList += convLE(len(shStr), 8) # size shList += [0x00, 0x00, 0x00, 0x00] # link shList += [0x00, 0x00, 0x00, 0x00] # info shList += convLE(1, 8) # address_align shList += [0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00] # entry_table_size sh = Sh().retrieve(shList) self.append('.shstrtab', shStrTab, sh) return shStrTab
def makeShStrSection(self): shStr = "\0" for s in self.sectionList: sh = s.getSh() sh.set('name_index', len(shStr)) shStr += s.getName() + "\0" shStrIdx = len(shStr) shStr += ".shstrtab\0" shStrTab = map(ord, shStr) shList = [] shList += convLE(shStrIdx, 4) # name_index shList += convLE(3, 4) # type shList += [0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00] # flag shList += [0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00] # address shList += [0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00] # offset shList += convLE(len(shStr), 8) # size shList += [0x00, 0x00, 0x00, 0x00] # link shList += [0x00, 0x00, 0x00, 0x00] # info shList += convLE(1, 0) # address_align shList += [0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00] # entry_table_size sh = Sh().retrieve(shList) return Section(shStrTab, '.shstrtab', sh)
def setShStrTab(self, shStr): shStrTab = map(ord, shStr) for (i, s) in enumerate(self.sectionList): if s.getName() == '.shstrtab': s.setBodyList(shStrTab) return True # if .shstrtab isn't exits then make it shStrList = shStr.split("\0") shList = [] shList += convLE(shStrList.index('.shstrtab'), 4) # name_index shList += convLE(3, 4) # type shList += [0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00] # flag shList += [0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00] # address shList += [0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00] # offset shList += convLE(len(shStr), 8) # size shList += [0x00, 0x00, 0x00, 0x00] # link shList += [0x00, 0x00, 0x00, 0x00] # info shList += convLE(1, 0) # address_align shList += [0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00] # entry_table_size sh = Sh().retrieve(shList) self.sectionList.append(Section(shStrTab, '.shstrtab', sh))
def retrieveStringTable(self): shSize = self.eh.get('sh_size') shNum = self.eh.get('sh_num') shOff = self.eh.get('sh_offset') # get string table section header start position shStrStart = shOff + shSize * self.eh.get('shstrndx') strSh = Sh() strSh.retrieve(self.byteList[shStrStart:shStrStart+shSize]) strOff = strSh.get('offset') strSize = strSh.get('size') strTab = ''.join(map(chr, self.byteList[strOff:strOff+strSize])) return strTab
# teardown ELF file f = open('test.out') byteList = map(lambda x: int(ord(x)), f.read()) # get ELF header eh = Eh() eh.retrieve(byteList[0:64]) shSize = eh.get('sh_size') shNum = eh.get('sh_num') shOff = eh.get('sh_offset') # get sh string table shStrStart = shOff + shSize * eh.get('shstrndx') strSh = Sh() strSh.retrieve(byteList[shStrStart:shStrStart+shSize]) strOff = strSh.get('offset') strSize= strSh.get('size') strTab = ''.join(map(chr, byteList[strOff:strOff+strSize])) # get sections secAggr = SectionAggregator() for idx in range(1, shNum): if idx == eh.get('shstrndx'): continue shStart = shOff + shSize * idx
import sys
from elf.components.headers.Sh import Sh from elf.components.SectionController import SectionController from elf.components.SegmentController import SegmentController from elf.components.Section import Section from elf.WriteElf import WriteElf from elf.Utils import * sctCtrl = SectionController() #.text header name = '.text' byteList = [0xb8, 0x3c, 0x00, 0x00, 0x00] byteList += [0xbf, 0x2a, 0x00, 0x00, 0x00] byteList += [0x0f, 0x05] sh = Sh() sh.set('type', 1) sh.set('flag', 6) sh.set('size', len(byteList)) sh.set('address_align', 1) sh.set('entry_table_size', 0) sctCtrl.append(Section(byteList, name, sh)) # dummy for test #name = '.interp' #byteList = [0xb8, 0x3c, 0x00, 0x00, 0x00] #byteList += [0xbf, 0x2a, 0x00, 0x00, 0x00] #byteList += [0x0f, 0x05] #sh = Sh() #sh.set('type', 3) #sh.set('flag', 6)