Added plt and gotplt commands to print the .plt and .got.plt sections…

…, and cleaned up elfheader command (pwndbg#43)

* Added plt and gotplt commands to print the .plt and .got.plt sections, and cleaned up elfheader command

* Use pwndbg.proc.exe and sort sections

* Removed checksec file

* Handle the case where the file is on a remote system

pwndbg/__init__.py

@@ -61,7 +61,7 @@
 import pwndbg.commands.peda
 import pwndbg.commands.gdbinit
 import pwndbg.commands.defcon
-import pwndbg.commands.elfheader
+import pwndbg.commands.elf
 
 
 

pwndbg/commands/elf.py

@@ -0,0 +1,76 @@
+#!/usr/bin/env python
+# -*- coding: utf-8 -*-
+import gdb
+import pwndbg.commands
+from elftools.elf.elffile import ELFFile
+
+@pwndbg.commands.Command
+def elfheader():
+    """
+    Prints the section mappings contained in the ELF header.
+    """
+    local_path = pwndbg.file.get_file(pwndbg.proc.exe)
+    with open(local_path, 'rb') as f:
+        elffile = ELFFile(f)
+        load_segment = elffile.get_segment(3)
+        segment_base = load_segment['p_vaddr']
+        sections = []
+        for section in elffile.iter_sections():
+            start = section['sh_addr']
+
+            # Don't print sections that aren't mapped into memory
+            if start == 0:
+                continue
+
+            size = section['sh_size']
+            sections.append((start, start + size, section.name.decode('ascii')))
+
+        sections.sort()
+        for start, end, name in sections:
+            print('%#x - %#x %s' % (start, end, name))
+
+@pwndbg.commands.Command
+def gotplt():
+    """
+    Prints any symbols found in the .got.plt section if it exists.
+    """
+    print_symbols_in_section('.got.plt', '@got.plt')
+
+@pwndbg.commands.Command
+def plt():
+    """
+    Prints any symbols found in the .plt section if it exists.
+    """
+    print_symbols_in_section('.plt', '@plt')
+
+def get_section_bounds(section_name):
+    section_name = section_name.encode('ascii')
+    with open(pwndbg.proc.exe, 'rb') as f:
+        elffile = ELFFile(f)
+
+        section = elffile.get_section_by_name(section_name)
+        start = section['sh_addr']
+        size = section['sh_size']
+        return (start, start + size)
+
+def print_symbols_in_section(section_name, filter_text=''):
+    start, end = get_section_bounds(section_name)
+    if start == None:
+        print(pwndbg.color.red('Could not find section'))
+        return
+
+    symbols = get_symbols_in_region(start, end, filter_text)
+    for symbol, addr in symbols:
+        print(hex(addr) + ': ' + symbol)
+
+def get_symbols_in_region(start, end, filter_text=''):
+    symbols = []
+    ptr_size = pwndbg.typeinfo.pvoid.sizeof
+    addr = start
+    while addr < end:
+        name = pwndbg.symbol.get(addr)
+        if name != '' and '+' not in name and filter_text in name:
+            symbols.append((name, addr))
+        addr += ptr_size
+
+    return symbols

pwndbg/file.py

@@ -16,13 +16,13 @@
 import pwndbg.remote
 
 
-def get(path, recurse=1):
+def get_file(path, recurse=1):
     """
-    Retrieves the contents of the specified file on the system
-    where the current process is being debugged.
+    Downloads the specified file from the system where the current process is
+    being debugged.
 
     Returns:
-        A byte array, or None.
+        The local path to the file
     """
     local_path = path
 
@@ -41,6 +41,18 @@ def get(path, recurse=1):
             raise OSError("Could not download remote file %r:\n" \
                             "Error: %s" % (path, error))
 
+    return local_path
+
+def get(path, recurse=1):
+    """
+    Retrieves the contents of the specified file on the system
+    where the current process is being debugged.
+
+    Returns:
+        A byte array, or None.
+    """
+    local_path = get_file(path, recurse)
+
     try:
         with open(local_path,'rb') as f:
             return f.read()