From 512a88887ea7f09f5b1e73e5a5803584ba74cef7 Mon Sep 17 00:00:00 2001 From: DARK_LBP Date: Tue, 29 Oct 2019 21:33:00 +0800 Subject: [PATCH] Sync VxHunter core. --- firmware_tools/vxhunter_ida.py | 18 ++++++++++++++++-- firmware_tools/vxhunter_r2_py2.py | 14 ++++++++++++-- firmware_tools/vxhunter_r2_py3.py | 18 ++++++++++++++---- 3 files changed, 42 insertions(+), 8 deletions(-) diff --git a/firmware_tools/vxhunter_ida.py b/firmware_tools/vxhunter_ida.py index b551998..51992ea 100644 --- a/firmware_tools/vxhunter_ida.py +++ b/firmware_tools/vxhunter_ida.py @@ -16,7 +16,7 @@ # 0x00, # Undefined Symbol # 0x01, # Global (external) # 0x02, # Local Absolute - # 0x03, # Global Absolute + 0x03, # Global Absolute 0x04, # Local .text 0x05, # Global .text 0x06, # Local Data @@ -36,7 +36,7 @@ # 0x00, # Undefined Symbol # 0x01, # Global (external) # 0x02, # Local Absolute - # 0x03, # Global Absolute + 0x03, # Global Absolute 0x04, # Local .text 0x05, # Global .text 0x08, # Local Data @@ -129,6 +129,10 @@ def _check_symbol_format(self, offset): # check symbol data match struct for i in range(default_check_count): check_data_1 = check_data[i * self._symbol_interval:(i + 1) * self._symbol_interval] + if len(check_data_1) < self._symbol_interval: + self.logger.debug("check_data_1 length is too small") + break + if self._check_symbol_format_simple(check_data_1) is False: return False @@ -230,8 +234,18 @@ def find_symbol_table(self): if self.symbol_table_start: for i in range(self.symbol_table_start, len(self._firmware), self._symbol_interval): check_data = self._firmware[i:i + self._symbol_interval] + if len(check_data) < self._symbol_interval: + self.logger.debug("Check_data length is too small") + break + + if len(check_data) < self._symbol_interval: + self.logger.debug("Check_data length is too small") + break + if self._check_symbol_format_simple(check_data): self.symbol_table_end = i + self._symbol_interval + self.logger.debug("self.symbol_table_end: {:010x}".format(self.symbol_table_end)) + else: self.logger.info("symbol table end offset: %s" % hex(self.symbol_table_end)) break diff --git a/firmware_tools/vxhunter_r2_py2.py b/firmware_tools/vxhunter_r2_py2.py index 945a664..dd88636 100644 --- a/firmware_tools/vxhunter_r2_py2.py +++ b/firmware_tools/vxhunter_r2_py2.py @@ -16,7 +16,7 @@ # 0x00, # Undefined Symbol # 0x01, # Global (external) # 0x02, # Local Absolute - # 0x03, # Global Absolute + 0x03, # Global Absolute 0x04, # Local .text 0x05, # Global .text 0x06, # Local Data @@ -36,7 +36,7 @@ # 0x00, # Undefined Symbol # 0x01, # Global (external) # 0x02, # Local Absolute - # 0x03, # Global Absolute + 0x03, # Global Absolute 0x04, # Local .text 0x05, # Global .text 0x08, # Local Data @@ -129,6 +129,10 @@ def _check_symbol_format(self, offset): # check symbol data match struct for i in range(default_check_count): check_data_1 = check_data[i * self._symbol_interval:(i + 1) * self._symbol_interval] + if len(check_data_1) < self._symbol_interval: + self.logger.debug("check_data_1 length is too small") + break + if self._check_symbol_format_simple(check_data_1) is False: return False @@ -230,8 +234,14 @@ def find_symbol_table(self): if self.symbol_table_start: for i in range(self.symbol_table_start, len(self._firmware), self._symbol_interval): check_data = self._firmware[i:i + self._symbol_interval] + if len(check_data) < self._symbol_interval: + self.logger.debug("Check_data length is too small") + break + if self._check_symbol_format_simple(check_data): self.symbol_table_end = i + self._symbol_interval + self.logger.debug("self.symbol_table_end: {:010x}".format(self.symbol_table_end)) + else: self.logger.info("symbol table end offset: %s" % hex(self.symbol_table_end)) break diff --git a/firmware_tools/vxhunter_r2_py3.py b/firmware_tools/vxhunter_r2_py3.py index 771755e..16977b9 100755 --- a/firmware_tools/vxhunter_r2_py3.py +++ b/firmware_tools/vxhunter_r2_py3.py @@ -16,7 +16,7 @@ # 0x00, # Undefined Symbol # 0x01, # Global (external) # 0x02, # Local Absolute - # 0x03, # Global Absolute + 0x03, # Global Absolute 0x04, # Local .text 0x05, # Global .text 0x06, # Local Data @@ -36,7 +36,7 @@ # 0x00, # Undefined Symbol # 0x01, # Global (external) # 0x02, # Local Absolute - # 0x03, # Global Absolute + 0x03, # Global Absolute 0x04, # Local .text 0x05, # Global .text 0x08, # Local Data @@ -129,6 +129,10 @@ def _check_symbol_format(self, offset): # check symbol data match struct for i in range(default_check_count): check_data_1 = check_data[i * self._symbol_interval:(i + 1) * self._symbol_interval] + if len(check_data_1) < self._symbol_interval: + self.logger.debug("check_data_1 length is too small") + break + if self._check_symbol_format_simple(check_data_1) is False: return False @@ -189,11 +193,12 @@ def _check_symbol_format_simple(self, data): elif self._vx_version == 6: # Check symbol type is valid sym_type = data[18] + # print(data) if sym_type not in vx_6_sym_types: return False # symbol should end with '\x00' - if data[19] != b'\x00': + if data[19] != 0: return False # Check symbol group is '\x00\x00' @@ -230,8 +235,14 @@ def find_symbol_table(self): if self.symbol_table_start: for i in range(self.symbol_table_start, len(self._firmware), self._symbol_interval): check_data = self._firmware[i:i + self._symbol_interval] + if len(check_data) < self._symbol_interval: + self.logger.debug("Check_data length is too small") + break + if self._check_symbol_format_simple(check_data): self.symbol_table_end = i + self._symbol_interval + self.logger.debug("self.symbol_table_end: {:010x}".format(self.symbol_table_end)) + else: self.logger.info("symbol table end offset: %s" % hex(self.symbol_table_end)) break @@ -741,7 +752,6 @@ def manual_vxworks_version(): # backup current asm bits current_conf = r2p.cmdj("ej") current_asm_bits = current_conf['asm.bits'] - print('Current asm.bits={}'.format(current_asm_bits)) # map image to correct load address r2_command = "o {} {} r-x".format(firmware_path, hex(image_load_address)) print("Rebase with r2 command: {}".format(r2_command))