diff options
Diffstat (limited to 'frida_mode/src/persistent/persistent_x86.c')
| -rw-r--r-- | frida_mode/src/persistent/persistent_x86.c | 114 |
1 files changed, 57 insertions, 57 deletions
diff --git a/frida_mode/src/persistent/persistent_x86.c b/frida_mode/src/persistent/persistent_x86.c index 76c25334..e9bde3d2 100644 --- a/frida_mode/src/persistent/persistent_x86.c +++ b/frida_mode/src/persistent/persistent_x86.c @@ -25,105 +25,105 @@ gboolean persistent_is_supported(void) { } -static void instrument_persitent_save_regs(GumX86Writer * cw, +static void instrument_persitent_save_regs(GumX86Writer *cw, persistent_ctx_t *regs) { GumAddress regs_address = GUM_ADDRESS(regs); /* Should be pushing FPU here, but meh */ gum_x86_writer_put_pushfx(cw); - gum_x86_writer_put_push_reg(cw, GUM_REG_EAX); + gum_x86_writer_put_push_reg(cw, GUM_X86_EAX); - gum_x86_writer_put_mov_reg_address(cw, GUM_REG_EAX, regs_address); + gum_x86_writer_put_mov_reg_address(cw, GUM_X86_EAX, regs_address); gum_x86_writer_put_mov_reg_offset_ptr_reg( - cw, GUM_REG_EAX, offsetof(GumCpuContext, ebx), GUM_REG_EBX); + cw, GUM_X86_EAX, offsetof(GumCpuContext, ebx), GUM_X86_EBX); gum_x86_writer_put_mov_reg_offset_ptr_reg( - cw, GUM_REG_EAX, offsetof(GumCpuContext, ecx), GUM_REG_ECX); + cw, GUM_X86_EAX, offsetof(GumCpuContext, ecx), GUM_X86_ECX); gum_x86_writer_put_mov_reg_offset_ptr_reg( - cw, GUM_REG_EAX, offsetof(GumCpuContext, edx), GUM_REG_EDX); + cw, GUM_X86_EAX, offsetof(GumCpuContext, edx), GUM_X86_EDX); gum_x86_writer_put_mov_reg_offset_ptr_reg( - cw, GUM_REG_EAX, offsetof(GumCpuContext, edi), GUM_REG_EDI); + cw, GUM_X86_EAX, offsetof(GumCpuContext, edi), GUM_X86_EDI); gum_x86_writer_put_mov_reg_offset_ptr_reg( - cw, GUM_REG_EAX, offsetof(GumCpuContext, esi), GUM_REG_ESI); + cw, GUM_X86_EAX, offsetof(GumCpuContext, esi), GUM_X86_ESI); gum_x86_writer_put_mov_reg_offset_ptr_reg( - cw, GUM_REG_EAX, offsetof(GumCpuContext, ebp), GUM_REG_EBP); + cw, GUM_X86_EAX, offsetof(GumCpuContext, ebp), GUM_X86_EBP); /* Store RIP */ - gum_x86_writer_put_mov_reg_address(cw, GUM_REG_EBX, + gum_x86_writer_put_mov_reg_address(cw, GUM_X86_EBX, GUM_ADDRESS(persistent_start)); gum_x86_writer_put_mov_reg_offset_ptr_reg( - cw, GUM_REG_EAX, offsetof(GumCpuContext, eip), GUM_REG_EBX); + cw, GUM_X86_EAX, offsetof(GumCpuContext, eip), GUM_X86_EBX); /* Store adjusted RSP */ - gum_x86_writer_put_mov_reg_reg(cw, GUM_REG_EBX, GUM_REG_ESP); + gum_x86_writer_put_mov_reg_reg(cw, GUM_X86_EBX, GUM_X86_ESP); /* RED_ZONE + Saved flags, RAX */ - gum_x86_writer_put_add_reg_imm(cw, GUM_REG_EBX, (0x4 * 2)); + gum_x86_writer_put_add_reg_imm(cw, GUM_X86_EBX, (0x4 * 2)); gum_x86_writer_put_mov_reg_offset_ptr_reg( - cw, GUM_REG_EAX, offsetof(GumCpuContext, esp), GUM_REG_EBX); + cw, GUM_X86_EAX, offsetof(GumCpuContext, esp), GUM_X86_EBX); /* Save the flags */ - gum_x86_writer_put_mov_reg_reg_offset_ptr(cw, GUM_REG_EBX, GUM_REG_ESP, 0x4); + gum_x86_writer_put_mov_reg_reg_offset_ptr(cw, GUM_X86_EBX, GUM_X86_ESP, 0x4); gum_x86_writer_put_mov_reg_offset_ptr_reg( - cw, GUM_REG_EAX, offsetof(persistent_ctx_t, eflags), GUM_REG_EBX); + cw, GUM_X86_EAX, offsetof(persistent_ctx_t, eflags), GUM_X86_EBX); /* Save the RAX */ - gum_x86_writer_put_mov_reg_reg_offset_ptr(cw, GUM_REG_EBX, GUM_REG_ESP, 0x0); + gum_x86_writer_put_mov_reg_reg_offset_ptr(cw, GUM_X86_EBX, GUM_X86_ESP, 0x0); gum_x86_writer_put_mov_reg_offset_ptr_reg( - cw, GUM_REG_EAX, offsetof(GumCpuContext, eax), GUM_REG_EBX); + cw, GUM_X86_EAX, offsetof(GumCpuContext, eax), GUM_X86_EBX); /* Pop the saved values */ - gum_x86_writer_put_lea_reg_reg_offset(cw, GUM_REG_ESP, GUM_REG_ESP, 0x8); + gum_x86_writer_put_lea_reg_reg_offset(cw, GUM_X86_ESP, GUM_X86_ESP, 0x8); } -static void instrument_persitent_restore_regs(GumX86Writer * cw, +static void instrument_persitent_restore_regs(GumX86Writer *cw, persistent_ctx_t *regs) { GumAddress regs_address = GUM_ADDRESS(regs); - gum_x86_writer_put_mov_reg_address(cw, GUM_REG_EAX, regs_address); + gum_x86_writer_put_mov_reg_address(cw, GUM_X86_EAX, regs_address); - gum_x86_writer_put_mov_reg_reg_offset_ptr(cw, GUM_REG_ECX, GUM_REG_EAX, + gum_x86_writer_put_mov_reg_reg_offset_ptr(cw, GUM_X86_ECX, GUM_X86_EAX, offsetof(GumCpuContext, ecx)); - gum_x86_writer_put_mov_reg_reg_offset_ptr(cw, GUM_REG_EDX, GUM_REG_EAX, + gum_x86_writer_put_mov_reg_reg_offset_ptr(cw, GUM_X86_EDX, GUM_X86_EAX, offsetof(GumCpuContext, edx)); - gum_x86_writer_put_mov_reg_reg_offset_ptr(cw, GUM_REG_EDI, GUM_REG_EAX, + gum_x86_writer_put_mov_reg_reg_offset_ptr(cw, GUM_X86_EDI, GUM_X86_EAX, offsetof(GumCpuContext, edi)); - gum_x86_writer_put_mov_reg_reg_offset_ptr(cw, GUM_REG_ESI, GUM_REG_EAX, + gum_x86_writer_put_mov_reg_reg_offset_ptr(cw, GUM_X86_ESI, GUM_X86_EAX, offsetof(GumCpuContext, esi)); - gum_x86_writer_put_mov_reg_reg_offset_ptr(cw, GUM_REG_EBP, GUM_REG_EAX, + gum_x86_writer_put_mov_reg_reg_offset_ptr(cw, GUM_X86_EBP, GUM_X86_EAX, offsetof(GumCpuContext, ebp)); /* Don't restore RIP */ - gum_x86_writer_put_mov_reg_reg_offset_ptr(cw, GUM_REG_ESP, GUM_REG_EAX, + gum_x86_writer_put_mov_reg_reg_offset_ptr(cw, GUM_X86_ESP, GUM_X86_EAX, offsetof(GumCpuContext, esp)); /* Restore RBX, RAX & Flags */ - gum_x86_writer_put_mov_reg_reg_offset_ptr(cw, GUM_REG_EBX, GUM_REG_EAX, + gum_x86_writer_put_mov_reg_reg_offset_ptr(cw, GUM_X86_EBX, GUM_X86_EAX, offsetof(GumCpuContext, ebx)); - gum_x86_writer_put_push_reg(cw, GUM_REG_EBX); + gum_x86_writer_put_push_reg(cw, GUM_X86_EBX); - gum_x86_writer_put_mov_reg_reg_offset_ptr(cw, GUM_REG_EBX, GUM_REG_EAX, + gum_x86_writer_put_mov_reg_reg_offset_ptr(cw, GUM_X86_EBX, GUM_X86_EAX, offsetof(GumCpuContext, eax)); - gum_x86_writer_put_push_reg(cw, GUM_REG_EBX); - gum_x86_writer_put_mov_reg_reg_offset_ptr(cw, GUM_REG_EBX, GUM_REG_EAX, + gum_x86_writer_put_push_reg(cw, GUM_X86_EBX); + gum_x86_writer_put_mov_reg_reg_offset_ptr(cw, GUM_X86_EBX, GUM_X86_EAX, offsetof(persistent_ctx_t, eflags)); - gum_x86_writer_put_push_reg(cw, GUM_REG_EBX); + gum_x86_writer_put_push_reg(cw, GUM_X86_EBX); gum_x86_writer_put_popfx(cw); - gum_x86_writer_put_pop_reg(cw, GUM_REG_EAX); - gum_x86_writer_put_pop_reg(cw, GUM_REG_EBX); + gum_x86_writer_put_pop_reg(cw, GUM_X86_EAX); + gum_x86_writer_put_pop_reg(cw, GUM_X86_EBX); } static void instrument_exit(GumX86Writer *cw) { - gum_x86_writer_put_mov_reg_address(cw, GUM_REG_EAX, GUM_ADDRESS(_exit)); - gum_x86_writer_put_mov_reg_u32(cw, GUM_REG_EDI, 0); - gum_x86_writer_put_push_reg(cw, GUM_REG_EDI); - gum_x86_writer_put_call_reg(cw, GUM_REG_EAX); + gum_x86_writer_put_mov_reg_address(cw, GUM_X86_EAX, GUM_ADDRESS(_exit)); + gum_x86_writer_put_mov_reg_u32(cw, GUM_X86_EDI, 0); + gum_x86_writer_put_push_reg(cw, GUM_X86_EDI); + gum_x86_writer_put_call_reg(cw, GUM_X86_EAX); } @@ -145,7 +145,7 @@ static void instrument_afl_persistent_loop(GumX86Writer *cw) { gum_x86_writer_put_call_address_with_arguments( cw, GUM_CALL_CAPI, GUM_ADDRESS(instrument_afl_persistent_loop_func), 0); - gum_x86_writer_put_test_reg_reg(cw, GUM_REG_EAX, GUM_REG_EAX); + gum_x86_writer_put_test_reg_reg(cw, GUM_X86_EAX, GUM_X86_EAX); } @@ -153,20 +153,20 @@ static void persistent_prologue_hook(GumX86Writer *cw, persistent_ctx_t *regs) { if (persistent_hook == NULL) return; - gum_x86_writer_put_mov_reg_address(cw, GUM_REG_ECX, + gum_x86_writer_put_mov_reg_address(cw, GUM_X86_ECX, GUM_ADDRESS(&__afl_fuzz_len)); - gum_x86_writer_put_mov_reg_reg_offset_ptr(cw, GUM_REG_ECX, GUM_REG_ECX, 0); - gum_x86_writer_put_mov_reg_reg_offset_ptr(cw, GUM_REG_ECX, GUM_REG_ECX, 0); + gum_x86_writer_put_mov_reg_reg_offset_ptr(cw, GUM_X86_ECX, GUM_X86_ECX, 0); + gum_x86_writer_put_mov_reg_reg_offset_ptr(cw, GUM_X86_ECX, GUM_X86_ECX, 0); - gum_x86_writer_put_mov_reg_address(cw, GUM_REG_EDX, + gum_x86_writer_put_mov_reg_address(cw, GUM_X86_EDX, GUM_ADDRESS(&__afl_fuzz_ptr)); - gum_x86_writer_put_mov_reg_reg_offset_ptr(cw, GUM_REG_EDX, GUM_REG_EDX, 0); + gum_x86_writer_put_mov_reg_reg_offset_ptr(cw, GUM_X86_EDX, GUM_X86_EDX, 0); /* Base address is 64-bits (hence two zero arguments) */ gum_x86_writer_put_call_address_with_arguments( cw, GUM_CALL_CAPI, GUM_ADDRESS(persistent_hook), 3, GUM_ARG_ADDRESS, - GUM_ADDRESS(®s->ctx), GUM_ARG_REGISTER, GUM_REG_EDX, GUM_ARG_REGISTER, - GUM_REG_ECX); + GUM_ADDRESS(®s->ctx), GUM_ARG_REGISTER, GUM_X86_EDX, GUM_ARG_REGISTER, + GUM_X86_ECX); } @@ -176,16 +176,16 @@ static void instrument_persitent_save_ret(GumX86Writer *cw) { gssize offset = (3 * 4); gum_x86_writer_put_pushfx(cw); - gum_x86_writer_put_push_reg(cw, GUM_REG_EAX); - gum_x86_writer_put_push_reg(cw, GUM_REG_EBX); + gum_x86_writer_put_push_reg(cw, GUM_X86_EAX); + gum_x86_writer_put_push_reg(cw, GUM_X86_EBX); - gum_x86_writer_put_mov_reg_address(cw, GUM_REG_EAX, GUM_ADDRESS(&saved_ret)); - gum_x86_writer_put_mov_reg_reg_offset_ptr(cw, GUM_REG_EBX, GUM_REG_ESP, + gum_x86_writer_put_mov_reg_address(cw, GUM_X86_EAX, GUM_ADDRESS(&saved_ret)); + gum_x86_writer_put_mov_reg_reg_offset_ptr(cw, GUM_X86_EBX, GUM_X86_ESP, offset); - gum_x86_writer_put_mov_reg_ptr_reg(cw, GUM_REG_EAX, GUM_REG_EBX); + gum_x86_writer_put_mov_reg_ptr_reg(cw, GUM_X86_EAX, GUM_X86_EBX); - gum_x86_writer_put_pop_reg(cw, GUM_REG_EBX); - gum_x86_writer_put_pop_reg(cw, GUM_REG_EAX); + gum_x86_writer_put_pop_reg(cw, GUM_X86_EBX); + gum_x86_writer_put_pop_reg(cw, GUM_X86_EAX); gum_x86_writer_put_popfx(cw); } @@ -219,7 +219,7 @@ void persistent_prologue_arch(GumStalkerOutput *output) { FVERBOSE("Persistent loop reached"); /* Pop the return value */ - gum_x86_writer_put_lea_reg_reg_offset(cw, GUM_REG_ESP, GUM_REG_ESP, 4); + gum_x86_writer_put_lea_reg_reg_offset(cw, GUM_X86_ESP, GUM_X86_ESP, 4); instrument_persitent_save_regs(cw, &saved_regs); @@ -263,8 +263,8 @@ void persistent_epilogue_arch(GumStalkerOutput *output) { if (persistent_debug) { gum_x86_writer_put_breakpoint(cw); } - gum_x86_writer_put_mov_reg_address(cw, GUM_REG_EAX, GUM_ADDRESS(&saved_ret)); - gum_x86_writer_put_jmp_reg_ptr(cw, GUM_REG_EAX); + gum_x86_writer_put_mov_reg_address(cw, GUM_X86_EAX, GUM_ADDRESS(&saved_ret)); + gum_x86_writer_put_jmp_reg_ptr(cw, GUM_X86_EAX); } |