Пример #1
0
    def LoadMetersTab(self, ValidPIDs):
        try:
            if os.path.isfile("config/meters.cfg"):
                File = open("config/meters.cfg", 'r')
                xPos = 0
                Name = ""
                TextLine = "."
                while TextLine != "":
                    TextLine = File.readline()
                    TextLine = TextLine.replace("\n", "")
                    TextElements = TextLine.split('|')
                    for ThisElement in TextElements:
                        if ThisElement[:5] == "Name=":
                            Name = str(ThisElement[5:])
                            self.Meters[Name] = Gadget.Gadget(
                                self.ThisSurface, Name, Visual.PRESS_NONE, 0,
                                2 * Visual.BUTTON_HEIGHT, self.GadgetWidth,
                                self.GadgetHeight, "NEW")
                        elif ThisElement[:5] == "xPos=":
                            xPos = float(ThisElement[5:])
                        elif ThisElement[:5] == "yPos=":
                            self.Meters[Name].SetPos(xPos,
                                                     float(ThisElement[5:]))
                        elif ThisElement[:6] == "Style=":
                            self.Meters[Name].SetStyle(float(ThisElement[6:]))
                        elif ThisElement[:4] == "PID=":
                            ThisPID = str(ThisElement[4:])
                            ThisPidDescription = ""
                            if ThisPID in ValidPIDs:
                                ThisPidDescription = ValidPIDs[ThisPID]
                            self.Meters[Name].SetPID(ThisPID,
                                                     ThisPidDescription)
                File.close()

                # Hide buttons on meteres, default locked.
                self.Meters["LOCK"].SetDown(True)
                self.Meters["ADD"].SetVisible(False)
                for ThisGadget in self.Meters:
                    if type(self.Meters[ThisGadget]) is not str and type(
                            self.Meters[ThisGadget]) is not Button.Button:
                        for ThisButton in self.Meters[ThisGadget].Buttons:
                            self.Meters[ThisGadget].Buttons[
                                ThisButton].SetVisible(False)
        except:
            # On fail remove all loaded gadgets.
            for ThisGadget in self.Meters:
                if type(self.Meters[ThisGadget]) is not str and type(
                        self.Meters[ThisGadget]) is not Button.Button:
                    self.Meters.pop([ThisGadget], None)
Пример #2
0
def reading_snap(_path,_snap,_parttype):
    ids_  = G.read_block(_path+_snap,"ID  ",parttype=_parttype)
    pos_  = G.read_block(_path+_snap,"POS ",parttype=_parttype)
    mass_ = G.read_block(_path+_snap,"MASS",parttype=_parttype)
    rho_  = G.read_block(_path+_snap,"RHO ",parttype=_parttype)
    vel_  = G.read_block(_path+_snap,"VEL ",parttype=_parttype)
    vrms_ = G.read_block(_path+_snap,"VRMS",parttype=_parttype)
    hsml_ = G.read_block(_path+_snap,"HSML",parttype=_parttype)
    inte_ = G.read_block(_path+_snap,"U   ",parttype=_parttype)
    
    x_     =[row[0] for row in pos_]
    y_     =[row[1] for row in pos_]
    z_     =[row[2] for row in pos_]
    vx_    =[row[0] for row in vel_]
    vy_    =[row[1] for row in vel_]
    vz_    =[row[2] for row in vel_]
 
    return ids_,x_,y_,z_,mass_,rho_,vx_,vy_,vz_,vrms_,hsml_,inte_
Пример #3
0
def getRopGadgetAndIATAndWriteAddress(dbg, ModulesList):
    # Get all usable gadgets.
    collect_gadgets = {}
    IAT = {}
    wriatableAddress = {}

    for module in ModulesList:
        pe = PE(module)
        image_top = pe.Base + pe.BaseSize
        if pe.Base > 0:
            peOffset = struct.unpack("<L", dbg.read(pe.Base + 0x3c, 4))[0]
            base = pe.Base + peOffset
            safeseh_offset = [0x5f, 0x5f, 0x5e]
            safeseh_flag = [0x4, 0x4, 0x400]
            os_index = 2 if win7After else 0
            module_flag = struct.unpack(
                "<H", dbg.read(base + safeseh_offset[os_index], 2))[0]
            # check safeSEH
            safeSEH = True if module_flag & safeseh_flag[os_index] else False
            # check ASLR
            ASLR = True if module_flag & 0x0040 else False
            # check NX
            NX = True if module_flag & 0x0100 else False

        if (not safeSEH) and (not ASLR):
            module_name = module.lower()
            Rebase = True
            # Check whether module Rebase is open.
            for mod in dbg.enumerate_modules():
                if module_name.endswith(mod[0].lower()) and mod[1] == pe.Base:
                    Rebase = False
                    break
            if not Rebase:
                print "[+] Module %s add." % module
                module_gadget = Gadget(pe)
                classify_gadget(module_gadget.retGadgets,
                                module_gadget.jmpGadgets, collect_gadgets)
                IAT.update({module: pe.IAT})
                for section in pe.DataSections:
                    for test in xrange(5):
                        vaddr = section["vaddr"] + random.randint(
                            0, section["size"])
                        if gadget_filter(vaddr):
                            wriatableAddress.update({vaddr: module})
                            break
    return collect_gadgets, IAT, wriatableAddress
Пример #4
0
    def __init__(self, exe_path):
        self.exe_path = exe_path
        self.pid = None
        self.dbg = None
        self.running = True
        self.pe = PE(exe_path)
        self.gadgets = Gadget(self.pe)

        self.dbgThread = threading.Thread(target=self.start_debugger)
        self.dbgThread.setDaemon(False)
        self.dbgThread.start()

        # Wait debugger start process
        while self.pid is None:
            time.sleep(1)

        self.monitorThread = threading.Thread(target=self.monitor_debugger)
        self.monitorThread.setDaemon(False)
        self.monitorThread.start()
Пример #5
0
#!/usr/bin/env python
import argparse
import sys
from Gadget import *
from RopChainer import *
from ScriptMaker import *

parser = argparse.ArgumentParser(
    description="RopTool is use to find rop gadgets and make rop chain")

parser.add_argument("target", nargs="?", type=str, help="Target file")

args = parser.parse_args()
target = args.target

if target is None:
    parser.print_help()
    sys.exit(0)

gadget = Gadget(target)
s = ScriptMaker(gadget, 99, 1)
s.make_script()
Пример #6
0
def index(request):
    print(request.META['REMOTE_ADDR'])
    g = gadget.Gadget()
    print('success request')
    # resp=request.GET['x']+'success request'
    return HttpResponse("iccafe" + request.GET['x'])
Пример #7
0
 def add_gadget_string(self, addr, gadget_string, gadget_opcode):
     gadget = Gadget(addr)
     gadget.loadFromString(gadget_string, gadget_opcode)
     self.add_gadget(gadget)
Пример #8
0
from PE import *
from util import *
from Gadget import *

exe_path = "D:\\testPoc\\Easy File Sharing Web Server\\fsws.exe"

module_list = getModuleList(exe_path)
module_list.append(exe_path)

# Get all usable gadgets.
collect_gadgets = {}
for module in module_list:
	pe = PE(module)
	if (not pe.ASLR) and (not pe.SafeSEH) and (not pe.Rebase):
		print "[+] Module %s add." % module
		module_gadget = Gadget(pe)
		classify_gadget(module_gadget.retGadgets, module_gadget.jmpGadgets, collect_gadgets)

print

for types in collect_gadgets.keys():
	print "+" + "-"*(len(types)+2) + "+"
	print "| " + types + " |"
	print "+" + "-"*(len(types)+2) + "+"
	print
	for addr, gadget in collect_gadgets[types].items():
		print "[*] 0x%08x : %s." % (addr, gadget)
	print
Пример #9
0
                                                         "CONFIRM_CLEAR_ECU",
                                                         "Clear all trouble codes\nand related data\non the ECU?")
 # If freeze button is pressed.
 elif ButtonGadget["BUTTON"] == "FREEZE" or ButtonGadget["BUTTON"] == "RELOAD_FREEZE":
     if LockELM327.acquire(0):
         _thread.start_new_thread(FreezeFrameData, (ThisDisplay,))
 # If frame button is pressed, get a frame of data from the ECU.
 elif ButtonGadget["BUTTON"] == "FRAME" or ButtonGadget["BUTTON"] == "RELOAD":
     if LockELM327.acquire(0):
         _thread.start_new_thread(FrameData, (ThisDisplay,))
 # If add button is pressed, add a new gadget to the meters tab.
 elif ButtonGadget["BUTTON"] == "ADD":
     if ThisDisplay.CurrentTab == ThisDisplay.Meters:
         NewName = "{:X}".format(random.getrandbits(128))
         ThisDisplay.Meters[NewName] = Gadget.Gadget(ThisDisplay.ThisSurface, NewName,
                                                     Visual.PRESS_NONE, 0, 2 * Visual.BUTTON_HEIGHT,
                                                     ThisDisplay.GadgetWidth,
                                                     ThisDisplay.GadgetHeight, "NEW")
 # If GO/STOP button is pressed, start data aquisition.
 elif ButtonGadget["BUTTON"] == "GO_STOP":
     if ThisDisplay.CurrentTab == ThisDisplay.Meters or ThisDisplay.CurrentTab == ThisDisplay.Plots:
         if LockAquisition.acquire(0):
             _thread.start_new_thread(AquisitionLoop, (ThisDisplay,))
 # If add button is pressed, add a new gadget to the meters tab.
 elif ButtonGadget["BUTTON"] == "LOCK":
     if ThisDisplay.Meters["LOCK"].GetDown() == False:
         ThisDisplay.Meters["ADD"].SetVisible(True)
     else:
         ThisDisplay.Meters["ADD"].SetVisible(False)
     for ThisGadget in ThisDisplay.Meters:
         if type(ThisDisplay.Meters[ThisGadget]) is not str and type(
                 ThisDisplay.Meters[ThisGadget]) is not Button.Button: