diff options
Diffstat (limited to 'frida_mode/src')
| -rw-r--r-- | frida_mode/src/complog/complog.c | 5 | ||||
| -rw-r--r-- | frida_mode/src/complog/complog_arm.c | 6 | ||||
| -rw-r--r-- | frida_mode/src/complog/complog_arm64.c | 6 | ||||
| -rw-r--r-- | frida_mode/src/complog/complog_x86.c | 6 | ||||
| -rwxr-xr-x | frida_mode/src/lib/lib | bin | 0 -> 4144 bytes | |||
| -rw-r--r-- | frida_mode/src/lib/lib.c (renamed from frida_mode/src/lib.c) | 79 | ||||
| -rw-r--r-- | frida_mode/src/lib/lib_apple.c | 82 | ||||
| -rw-r--r-- | frida_mode/src/main.c | 4 | ||||
| -rw-r--r-- | frida_mode/src/persistent/persistent.c | 4 | ||||
| -rw-r--r-- | frida_mode/src/persistent/persistent_arm32.c | 2 | ||||
| -rw-r--r-- | frida_mode/src/persistent/persistent_arm64.c | 2 | ||||
| -rw-r--r-- | frida_mode/src/persistent/persistent_x86.c | 2 |
12 files changed, 155 insertions, 43 deletions
diff --git a/frida_mode/src/complog/complog.c b/frida_mode/src/complog/complog.c index 1857ea3b..ce8a3f62 100644 --- a/frida_mode/src/complog/complog.c +++ b/frida_mode/src/complog/complog.c @@ -36,8 +36,9 @@ void complog_init(void) { for (guint i = 0; i < complog_ranges->len; i++) { GumMemoryRange *range = &g_array_index(complog_ranges, GumMemoryRange, i); - OKF("CompLog Range - 0x%016lX - 0x%016lX", range->base_address, - range->base_address + range->size); + OKF("CompLog Range - 0x%016" G_GINT64_MODIFIER + "X - 0x%016" G_GINT64_MODIFIER "X", + range->base_address, range->base_address + range->size); } diff --git a/frida_mode/src/complog/complog_arm.c b/frida_mode/src/complog/complog_arm.c index 82cc2557..1b8eb8f1 100644 --- a/frida_mode/src/complog/complog_arm.c +++ b/frida_mode/src/complog/complog_arm.c @@ -3,10 +3,14 @@ #include "debug.h" #include "complog.h" +#include "util.h" -#if defined(__arm64__) +#if defined(__arm__) void complog_instrument(const cs_insn *instr, GumStalkerIterator *iterator) { + UNUSED_PARAMETER(instr); + UNUSED_PARAMETER(iterator); + if (__afl_cmp_map == NULL) { return; } FATAL("Complog mode not supported on this architecture"); } diff --git a/frida_mode/src/complog/complog_arm64.c b/frida_mode/src/complog/complog_arm64.c index e4dbf322..ce62f6fd 100644 --- a/frida_mode/src/complog/complog_arm64.c +++ b/frida_mode/src/complog/complog_arm64.c @@ -3,10 +3,14 @@ #include "debug.h" #include "complog.h" +#include "util.h" -#if defined(__i386__) +#if defined(__aarch64__) void complog_instrument(const cs_insn *instr, GumStalkerIterator *iterator) { + UNUSED_PARAMETER(instr); + UNUSED_PARAMETER(iterator); + if (__afl_cmp_map == NULL) { return; } FATAL("Complog mode not supported on this architecture"); } diff --git a/frida_mode/src/complog/complog_x86.c b/frida_mode/src/complog/complog_x86.c index df7b7cc1..b2e5ddcf 100644 --- a/frida_mode/src/complog/complog_x86.c +++ b/frida_mode/src/complog/complog_x86.c @@ -3,10 +3,14 @@ #include "debug.h" #include "complog.h" +#include "util.h" -#if defined(__arm__) +#if defined(__i386__) void complog_instrument(const cs_insn *instr, GumStalkerIterator *iterator) { + UNUSED_PARAMETER(instr); + UNUSED_PARAMETER(iterator); + if (__afl_cmp_map == NULL) { return; } FATAL("Complog mode not supported on this architecture"); } diff --git a/frida_mode/src/lib/lib b/frida_mode/src/lib/lib new file mode 100755 index 00000000..8f09a3b1 --- /dev/null +++ b/frida_mode/src/lib/lib Binary files differdiff --git a/frida_mode/src/lib.c b/frida_mode/src/lib/lib.c index e50163ac..c5045533 100644 --- a/frida_mode/src/lib.c +++ b/frida_mode/src/lib/lib.c @@ -1,29 +1,32 @@ -#include <elf.h> -#include <fcntl.h> -#include <limits.h> -#include <stdio.h> -#include <sys/mman.h> -#include <unistd.h> +#ifndef __APPLE__ + #include <elf.h> + #include <fcntl.h> + #include <limits.h> + #include <stdio.h> + #include <sys/mman.h> + #include <unistd.h> -#include "frida-gum.h" + #include "frida-gum.h" -#include "debug.h" + #include "debug.h" -#include "lib.h" + #include "lib.h" -#if defined(__arm__) || defined(__i386__) - #define ELFCLASS ELFCLASS32 + #if defined(__arm__) || defined(__i386__) + #define ELFCLASS ELFCLASS32 typedef Elf32_Ehdr Elf_Ehdr; typedef Elf32_Phdr Elf_Phdr; typedef Elf32_Shdr Elf_Shdr; -#elif defined(__aarch64__) || defined(__x86_64__) - #define ELFCLASS ELFCLASS64 +typedef Elf32_Addr Elf_Addr; + #elif defined(__aarch64__) || defined(__x86_64__) + #define ELFCLASS ELFCLASS64 typedef Elf64_Ehdr Elf_Ehdr; typedef Elf64_Phdr Elf_Phdr; typedef Elf64_Shdr Elf_Shdr; -#else - #error "Unsupported platform" -#endif +typedef Elf64_Addr Elf_Addr; + #else + #error "Unsupported platform" + #endif typedef struct { @@ -50,13 +53,6 @@ static gboolean lib_find_exe(const GumModuleDetails *details, } -static gboolean lib_is_little_endian(void) { - - int probe = 1; - return *(char *)&probe; - -} - static void lib_validate_hdr(Elf_Ehdr *hdr) { if (hdr->e_ident[0] != ELFMAG0) FATAL("Invalid e_ident[0]"); @@ -64,22 +60,14 @@ static void lib_validate_hdr(Elf_Ehdr *hdr) { if (hdr->e_ident[2] != ELFMAG2) FATAL("Invalid e_ident[2]"); if (hdr->e_ident[3] != ELFMAG3) FATAL("Invalid e_ident[3]"); if (hdr->e_ident[4] != ELFCLASS) FATAL("Invalid class"); -/* - if (hdr->e_ident[5] != (lib_is_little_endian() ? ELFDATA2LSB : ELFDATA2MSB)) - FATAL("Invalid endian"); - if (hdr->e_ident[6] != EV_CURRENT) FATAL("Invalid version"); - if (hdr->e_type != ET_DYN) FATAL("Invalid type"); - if (hdr->e_version != EV_CURRENT) FATAL("Invalid e_version"); - if (hdr->e_phoff != sizeof(Elf_Ehdr)) FATAL("Invalid e_phoff"); - if (hdr->e_ehsize != sizeof(Elf_Ehdr)) FATAL("Invalid e_ehsize"); - if (hdr->e_phentsize != sizeof(Elf_Phdr)) FATAL("Invalid e_phentsize"); - if (hdr->e_shentsize != sizeof(Elf_Shdr)) FATAL("Invalid e_shentsize"); -*/ } static void lib_read_text_section(lib_details_t *lib_details, Elf_Ehdr *hdr) { + Elf_Phdr *phdr; + gboolean found_preferred_base = FALSE; + Elf_Addr preferred_base; Elf_Shdr *shdr; Elf_Shdr *shstrtab; char * shstr; @@ -87,6 +75,23 @@ static void lib_read_text_section(lib_details_t *lib_details, Elf_Ehdr *hdr) { Elf_Shdr *curr; char text_name[] = ".text"; + phdr = (Elf_Phdr *)((char *)hdr + hdr->e_phoff); + for (size_t i = 0; i < hdr->e_phnum; i++) { + + if (phdr[i].p_type == PT_LOAD) { + + preferred_base = phdr[i].p_vaddr; + found_preferred_base = TRUE; + break; + + } + + } + + if (!found_preferred_base) { FATAL("Failed to find preferred load address"); } + + OKF("Image preferred load address 0x%016lx", preferred_base); + shdr = (Elf_Shdr *)((char *)hdr + hdr->e_shoff); shstrtab = &shdr[hdr->e_shstrndx]; shstr = (char *)hdr + shstrtab->sh_offset; @@ -107,8 +112,8 @@ static void lib_read_text_section(lib_details_t *lib_details, Elf_Ehdr *hdr) { if (memcmp(section_name, text_name, sizeof(text_name)) == 0 && text_base == 0) { - text_base = lib_details->base_address + curr->sh_addr; - text_limit = lib_details->base_address + curr->sh_addr + curr->sh_size; + text_base = lib_details->base_address + curr->sh_addr - preferred_base; + text_limit = text_base + curr->sh_size; OKF("> text_addr: 0x%016lX", text_base); OKF("> text_limit: 0x%016lX", text_limit); @@ -167,3 +172,5 @@ guint64 lib_get_text_limit(void) { } +#endif + diff --git a/frida_mode/src/lib/lib_apple.c b/frida_mode/src/lib/lib_apple.c new file mode 100644 index 00000000..8f863861 --- /dev/null +++ b/frida_mode/src/lib/lib_apple.c @@ -0,0 +1,82 @@ +#ifdef __APPLE__ + #include "frida-gum.h" + + #include "debug.h" + + #include "lib.h" + #include "util.h" + +extern mach_port_t mach_task_self(); +extern void gum_darwin_enumerate_modules(mach_port_t task, + GumFoundModuleFunc func, + gpointer user_data); + +static guint64 text_base = 0; +static guint64 text_limit = 0; + +static gboolean lib_get_main_module(const GumModuleDetails *details, + gpointer user_data) { + + GumDarwinModule **ret = (GumDarwinModule **)user_data; + GumDarwinModule * module = gum_darwin_module_new_from_memory( + details->path, mach_task_self(), details->range->base_address, + GUM_DARWIN_MODULE_FLAGS_NONE, NULL); + + OKF("Found main module: %s", module->name); + + *ret = module; + + return FALSE; + +} + +gboolean lib_get_text_section(const GumDarwinSectionDetails *details, + gpointer user_data) { + + UNUSED_PARAMETER(user_data); + static size_t idx = 0; + char text_name[] = "__text"; + + OKF("Section: %2lu - base: 0x%016" G_GINT64_MODIFIER + "X size: 0x%016" G_GINT64_MODIFIER "X %s", + idx++, details->vm_address, details->vm_address + details->size, + details->section_name); + + if (memcmp(details->section_name, text_name, sizeof(text_name)) == 0 && + text_base == 0) { + + text_base = details->vm_address; + text_limit = details->vm_address + details->size; + OKF("> text_addr: 0x%016" G_GINT64_MODIFIER "X", text_base); + OKF("> text_limit: 0x%016" G_GINT64_MODIFIER "X", text_limit); + + } + + return TRUE; + +} + +void lib_init(void) { + + GumDarwinModule *module = NULL; + gum_darwin_enumerate_modules(mach_task_self(), lib_get_main_module, &module); + gum_darwin_module_enumerate_sections(module, lib_get_text_section, NULL); + +} + +guint64 lib_get_text_base(void) { + + if (text_base == 0) FATAL("Lib not initialized"); + return text_base; + +} + +guint64 lib_get_text_limit(void) { + + if (text_limit == 0) FATAL("Lib not initialized"); + return text_limit; + +} + +#endif + diff --git a/frida_mode/src/main.c b/frida_mode/src/main.c index 11cf041c..5c64d192 100644 --- a/frida_mode/src/main.c +++ b/frida_mode/src/main.c @@ -49,6 +49,10 @@ static int on_fork(void) { #ifdef __APPLE__ static void on_main_os(int argc, char **argv, char **envp) { + UNUSED_PARAMETER(argc); + UNUSED_PARAMETER(argv); + UNUSED_PARAMETER(envp); + } #else diff --git a/frida_mode/src/persistent/persistent.c b/frida_mode/src/persistent/persistent.c index 5aad3724..918ff153 100644 --- a/frida_mode/src/persistent/persistent.c +++ b/frida_mode/src/persistent/persistent.c @@ -33,9 +33,9 @@ void persistent_init(void) { if (persistent_start != 0 && !persistent_is_supported()) FATAL("Persistent mode not supported on this architecture"); - OKF("Instrumentation - persistent mode [%c] (0x%016lX)", + OKF("Instrumentation - persistent mode [%c] (0x%016" G_GINT64_MODIFIER "X)", persistent_start == 0 ? ' ' : 'X', persistent_start); - OKF("Instrumentation - persistent count [%c] (%ld)", + OKF("Instrumentation - persistent count [%c] (%" G_GINT64_MODIFIER "d)", persistent_start == 0 ? ' ' : 'X', persistent_count); OKF("Instrumentation - hook [%s]", hook_name); diff --git a/frida_mode/src/persistent/persistent_arm32.c b/frida_mode/src/persistent/persistent_arm32.c index 10dab3b2..bc021ff3 100644 --- a/frida_mode/src/persistent/persistent_arm32.c +++ b/frida_mode/src/persistent/persistent_arm32.c @@ -3,6 +3,7 @@ #include "debug.h" #include "persistent.h" +#include "util.h" #if defined(__arm__) @@ -62,6 +63,7 @@ gboolean persistent_is_supported(void) { void persistent_prologue(GumStalkerOutput *output) { + UNUSED_PARAMETER(output); FATAL("Persistent mode not supported on this architecture"); } diff --git a/frida_mode/src/persistent/persistent_arm64.c b/frida_mode/src/persistent/persistent_arm64.c index 5a18ac2c..c198da69 100644 --- a/frida_mode/src/persistent/persistent_arm64.c +++ b/frida_mode/src/persistent/persistent_arm64.c @@ -4,6 +4,7 @@ #include "debug.h" #include "instrument.h" +#include "util.h" #if defined(__aarch64__) @@ -105,6 +106,7 @@ gboolean persistent_is_supported(void) { void persistent_prologue(GumStalkerOutput *output) { + UNUSED_PARAMETER(output); FATAL("Persistent mode not supported on this architecture"); } diff --git a/frida_mode/src/persistent/persistent_x86.c b/frida_mode/src/persistent/persistent_x86.c index 4daa61a9..9d39c4e9 100644 --- a/frida_mode/src/persistent/persistent_x86.c +++ b/frida_mode/src/persistent/persistent_x86.c @@ -3,6 +3,7 @@ #include "debug.h" #include "persistent.h" +#include "util.h" #if defined(__i386__) @@ -45,6 +46,7 @@ gboolean persistent_is_supported(void) { void persistent_prologue(GumStalkerOutput *output) { + UNUSED_PARAMETER(output); FATAL("Persistent mode not supported on this architecture"); } |