def LoadMetersTab(self, ValidPIDs): try: if os.path.isfile("config/meters.cfg"): File = open("config/meters.cfg", 'r') xPos = 0 Name = "" TextLine = "." while TextLine != "": TextLine = File.readline() TextLine = TextLine.replace("\n", "") TextElements = TextLine.split('|') for ThisElement in TextElements: if ThisElement[:5] == "Name=": Name = str(ThisElement[5:]) self.Meters[Name] = Gadget.Gadget( self.ThisSurface, Name, Visual.PRESS_NONE, 0, 2 * Visual.BUTTON_HEIGHT, self.GadgetWidth, self.GadgetHeight, "NEW") elif ThisElement[:5] == "xPos=": xPos = float(ThisElement[5:]) elif ThisElement[:5] == "yPos=": self.Meters[Name].SetPos(xPos, float(ThisElement[5:])) elif ThisElement[:6] == "Style=": self.Meters[Name].SetStyle(float(ThisElement[6:])) elif ThisElement[:4] == "PID=": ThisPID = str(ThisElement[4:]) ThisPidDescription = "" if ThisPID in ValidPIDs: ThisPidDescription = ValidPIDs[ThisPID] self.Meters[Name].SetPID(ThisPID, ThisPidDescription) File.close() # Hide buttons on meteres, default locked. self.Meters["LOCK"].SetDown(True) self.Meters["ADD"].SetVisible(False) for ThisGadget in self.Meters: if type(self.Meters[ThisGadget]) is not str and type( self.Meters[ThisGadget]) is not Button.Button: for ThisButton in self.Meters[ThisGadget].Buttons: self.Meters[ThisGadget].Buttons[ ThisButton].SetVisible(False) except: # On fail remove all loaded gadgets. for ThisGadget in self.Meters: if type(self.Meters[ThisGadget]) is not str and type( self.Meters[ThisGadget]) is not Button.Button: self.Meters.pop([ThisGadget], None)
def reading_snap(_path,_snap,_parttype): ids_ = G.read_block(_path+_snap,"ID ",parttype=_parttype) pos_ = G.read_block(_path+_snap,"POS ",parttype=_parttype) mass_ = G.read_block(_path+_snap,"MASS",parttype=_parttype) rho_ = G.read_block(_path+_snap,"RHO ",parttype=_parttype) vel_ = G.read_block(_path+_snap,"VEL ",parttype=_parttype) vrms_ = G.read_block(_path+_snap,"VRMS",parttype=_parttype) hsml_ = G.read_block(_path+_snap,"HSML",parttype=_parttype) inte_ = G.read_block(_path+_snap,"U ",parttype=_parttype) x_ =[row[0] for row in pos_] y_ =[row[1] for row in pos_] z_ =[row[2] for row in pos_] vx_ =[row[0] for row in vel_] vy_ =[row[1] for row in vel_] vz_ =[row[2] for row in vel_] return ids_,x_,y_,z_,mass_,rho_,vx_,vy_,vz_,vrms_,hsml_,inte_
def getRopGadgetAndIATAndWriteAddress(dbg, ModulesList): # Get all usable gadgets. collect_gadgets = {} IAT = {} wriatableAddress = {} for module in ModulesList: pe = PE(module) image_top = pe.Base + pe.BaseSize if pe.Base > 0: peOffset = struct.unpack("<L", dbg.read(pe.Base + 0x3c, 4))[0] base = pe.Base + peOffset safeseh_offset = [0x5f, 0x5f, 0x5e] safeseh_flag = [0x4, 0x4, 0x400] os_index = 2 if win7After else 0 module_flag = struct.unpack( "<H", dbg.read(base + safeseh_offset[os_index], 2))[0] # check safeSEH safeSEH = True if module_flag & safeseh_flag[os_index] else False # check ASLR ASLR = True if module_flag & 0x0040 else False # check NX NX = True if module_flag & 0x0100 else False if (not safeSEH) and (not ASLR): module_name = module.lower() Rebase = True # Check whether module Rebase is open. for mod in dbg.enumerate_modules(): if module_name.endswith(mod[0].lower()) and mod[1] == pe.Base: Rebase = False break if not Rebase: print "[+] Module %s add." % module module_gadget = Gadget(pe) classify_gadget(module_gadget.retGadgets, module_gadget.jmpGadgets, collect_gadgets) IAT.update({module: pe.IAT}) for section in pe.DataSections: for test in xrange(5): vaddr = section["vaddr"] + random.randint( 0, section["size"]) if gadget_filter(vaddr): wriatableAddress.update({vaddr: module}) break return collect_gadgets, IAT, wriatableAddress
def __init__(self, exe_path): self.exe_path = exe_path self.pid = None self.dbg = None self.running = True self.pe = PE(exe_path) self.gadgets = Gadget(self.pe) self.dbgThread = threading.Thread(target=self.start_debugger) self.dbgThread.setDaemon(False) self.dbgThread.start() # Wait debugger start process while self.pid is None: time.sleep(1) self.monitorThread = threading.Thread(target=self.monitor_debugger) self.monitorThread.setDaemon(False) self.monitorThread.start()
#!/usr/bin/env python import argparse import sys from Gadget import * from RopChainer import * from ScriptMaker import * parser = argparse.ArgumentParser( description="RopTool is use to find rop gadgets and make rop chain") parser.add_argument("target", nargs="?", type=str, help="Target file") args = parser.parse_args() target = args.target if target is None: parser.print_help() sys.exit(0) gadget = Gadget(target) s = ScriptMaker(gadget, 99, 1) s.make_script()
def index(request): print(request.META['REMOTE_ADDR']) g = gadget.Gadget() print('success request') # resp=request.GET['x']+'success request' return HttpResponse("iccafe" + request.GET['x'])
def add_gadget_string(self, addr, gadget_string, gadget_opcode): gadget = Gadget(addr) gadget.loadFromString(gadget_string, gadget_opcode) self.add_gadget(gadget)
from PE import * from util import * from Gadget import * exe_path = "D:\\testPoc\\Easy File Sharing Web Server\\fsws.exe" module_list = getModuleList(exe_path) module_list.append(exe_path) # Get all usable gadgets. collect_gadgets = {} for module in module_list: pe = PE(module) if (not pe.ASLR) and (not pe.SafeSEH) and (not pe.Rebase): print "[+] Module %s add." % module module_gadget = Gadget(pe) classify_gadget(module_gadget.retGadgets, module_gadget.jmpGadgets, collect_gadgets) print for types in collect_gadgets.keys(): print "+" + "-"*(len(types)+2) + "+" print "| " + types + " |" print "+" + "-"*(len(types)+2) + "+" print for addr, gadget in collect_gadgets[types].items(): print "[*] 0x%08x : %s." % (addr, gadget) print
"CONFIRM_CLEAR_ECU", "Clear all trouble codes\nand related data\non the ECU?") # If freeze button is pressed. elif ButtonGadget["BUTTON"] == "FREEZE" or ButtonGadget["BUTTON"] == "RELOAD_FREEZE": if LockELM327.acquire(0): _thread.start_new_thread(FreezeFrameData, (ThisDisplay,)) # If frame button is pressed, get a frame of data from the ECU. elif ButtonGadget["BUTTON"] == "FRAME" or ButtonGadget["BUTTON"] == "RELOAD": if LockELM327.acquire(0): _thread.start_new_thread(FrameData, (ThisDisplay,)) # If add button is pressed, add a new gadget to the meters tab. elif ButtonGadget["BUTTON"] == "ADD": if ThisDisplay.CurrentTab == ThisDisplay.Meters: NewName = "{:X}".format(random.getrandbits(128)) ThisDisplay.Meters[NewName] = Gadget.Gadget(ThisDisplay.ThisSurface, NewName, Visual.PRESS_NONE, 0, 2 * Visual.BUTTON_HEIGHT, ThisDisplay.GadgetWidth, ThisDisplay.GadgetHeight, "NEW") # If GO/STOP button is pressed, start data aquisition. elif ButtonGadget["BUTTON"] == "GO_STOP": if ThisDisplay.CurrentTab == ThisDisplay.Meters or ThisDisplay.CurrentTab == ThisDisplay.Plots: if LockAquisition.acquire(0): _thread.start_new_thread(AquisitionLoop, (ThisDisplay,)) # If add button is pressed, add a new gadget to the meters tab. elif ButtonGadget["BUTTON"] == "LOCK": if ThisDisplay.Meters["LOCK"].GetDown() == False: ThisDisplay.Meters["ADD"].SetVisible(True) else: ThisDisplay.Meters["ADD"].SetVisible(False) for ThisGadget in ThisDisplay.Meters: if type(ThisDisplay.Meters[ThisGadget]) is not str and type( ThisDisplay.Meters[ThisGadget]) is not Button.Button: