def print_dst(args):
socket_handle = k.z.handles.get(args.sockfd)
if socket_handle is None:
return "{0}=0x{1:x}".format("dest_addr", args.dest_addr)
sock = socket_handle.socket
sockaddr = bytes(p.memory.read(args.dest_addr, args.addrlen))
(host, port) = get_host_and_port(sock.domain, sockaddr)
return f"dest_addr=0x{args.dest_addr:x} ({host}:{port})"
def print_addr(args):
socket_handle = k.z.handles.get(args.sockfd)
if not isinstance(socket_handle, SocketHandle):
return "{0}=0x{1:x}".format("addr", args.addr)
sock = socket_handle.socket
sockaddr = bytes(p.memory.read(args.addr, args.addrlen))
(host, port) = get_host_and_port(sock.domain, sockaddr)
return f"dest_addr=0x{args.addr:x} ({host}:{port})"
def sendto(k, p, args_addr):
def print_buf(args):
s = repr(bytes(p.memory.read(args.buf, size=args.len)))[2:-1]
return f'buf=0x{args.buf:x} ("{s}")'
def print_dst(args):
socket_handle = k.z.handles.get(args.sockfd)
if socket_handle is None:
return "{0}=0x{1:x}".format("dest_addr", args.dest_addr)
sock = socket_handle.socket
sockaddr = bytes(p.memory.read(args.dest_addr, args.addrlen))
(host, port) = get_host_and_port(sock.domain, sockaddr)
return f"dest_addr=0x{args.dest_addr:x} ({host}:{port})"
args = k._get_socketcall_args(
p,
"sendto",
args_addr,
[
("int", "sockfd"),
("const void*", "buf"),
("size_t", "len"),
("int", "flags"),
("const struct sockaddr*", "dest_addr"),
("socklen_t", "addrlen"),
],
arg_string_overrides={
"buf": print_buf,
"dest_addr": print_dst
},
)
socket_handle = k.z.handles.get(args.sockfd)
if socket_handle is None:
k.logger.notice(f"Could not find socket {args.sockfd}")
return -1
sock = socket_handle.socket
sockaddr = bytes(p.memory.read(args.dest_addr, args.addrlen))
(host, port) = get_host_and_port(sock.domain, sockaddr)
payload = p.memory.read(args.buf, args.len)
if socket_handle.data.get("port", 0) == 53:
target = dns.parse_dns_request(payload)
if target is not None:
k.print_info(f"DNS Request: {target}")
k.z.network.add_attempted_connection(target, "sendto")
return sock.sendto(payload, (host, port), args.flags)
def bind(k, p, args_addr):
args = k._get_socketcall_args(
p,
"bind",
args_addr,
[
("int", "sockfd"),
("const struct sockaddr*", "addr"),
("socklen_t", "addrlen"),
],
)
_parse_sockaddr(p, args.addr, args.addrlen)
socket_handle = k.z.handles.get(args.sockfd)
sock = socket_handle.socket
addr = bytes(p.memory.read(args.addr, args.addrlen))
(host, port) = get_host_and_port(sock.domain, addr)
k.print(f"binding socket 0x{args.sockfd:x} to ({host}, {port})")
return sock.bind((host, port))
def connect(k, p, args_addr):
def print_addr(args):
socket_handle = k.z.handles.get(args.sockfd)
if socket_handle is None:
return "{0}=0x{1:x}".format("addr", args.addr)
sock = socket_handle.socket
sockaddr = bytes(p.memory.read(args.addr, args.addrlen))
(host, port) = get_host_and_port(sock.domain, sockaddr)
return f"dest_addr=0x{args.addr:x} ({host}:{port})"
args = k._get_socketcall_args(
p,
"connect",
args_addr,
[
("int", "sockfd"),
("const struct sockaddr*", "addr"),
("socklen_t", "addrlen"),
],
arg_string_overrides={"addr": print_addr},
)
# _parse_sockaddr(p, args.addr, args.addrlen)
socket_handle = k.z.handles.get(args.sockfd)
if socket_handle is None:
k.logger.error("Invalid socket handle")
return -1
socket = socket_handle.socket
addr = p.memory.read(args.addr, args.addrlen)
host, port = get_host_and_port(socket.domain, bytes(addr))
socket_handle.data["dst_name"] = f"{host}:{port}"
socket_handle.data["host"] = host
socket_handle.data["port"] = port
status = socket.connect((host, port))
return status
