本文整理汇总了Golang中github.com/lunixbochs/usercorn/go/models.Usercorn类的典型用法代码示例。如果您正苦于以下问题:Golang Usercorn类的具体用法?Golang Usercorn怎么用?Golang Usercorn使用的例子?那么恭喜您, 这里精选的类代码示例或许可以为您提供帮助。
在下文中一共展示了Usercorn类的15个代码示例,这些例子默认根据受欢迎程度排序。您可以为喜欢或者感觉有用的代码点赞,您的评价将有助于系统推荐出更棒的Golang代码示例。
示例1: StackArgs
func StackArgs(u models.Usercorn) func(n int) ([]uint64, error) {
return func(n int) ([]uint64, error) {
sp, _ := u.RegRead(u.Arch().SP)
// starts with an empty slot
s := u.StrucAt(sp + uint64(u.Bits()/8))
ret := make([]uint64, n)
for i := 0; i < n; i++ {
var arg uint64
var err error
// TODO: simplify this when struc issue #47 is fixed
if u.Bits() == 64 {
err = s.Unpack(&arg)
} else {
var arg32 uint32
err = s.Unpack(&arg32)
arg = uint64(arg32)
}
if err != nil {
return nil, err
}
ret[i] = arg
}
return ret, nil
}
}示例2: DarwinInit
func DarwinInit(u models.Usercorn, args, env []string) error {
if err := darwin.StackInit(u, args, env); err != nil {
return err
}
// FIXME: lib43 crashes if 32-bit darwin gets mach header. maybe I need to align the stack.
u.Pop()
return nil
}示例3: LinuxInterrupt
func LinuxInterrupt(u models.Usercorn, intno uint32) {
if intno == 2 {
num, _ := u.RegRead(uc.ARM64_REG_X8)
LinuxSyscall(u, int(num))
return
}
panic(fmt.Sprintf("unhandled ARM interrupt: %d", intno))
}示例4: LinuxSyscall
func LinuxSyscall(u models.Usercorn, num int) {
// TODO: EABI has a different syscall base (OABI is 0x900000)
// TODO: does the generator handle this? it needs to.
if num > 0x900000 {
num -= 0x900000
}
name, _ := sysnum.Linux_arm[int(num)]
ret, _ := u.Syscall(int(num), name, common.RegArgs(u, LinuxRegs))
u.RegWrite(uc.ARM_REG_R0, ret)
}示例5: pushAddrs
func pushAddrs(u models.Usercorn, addrs []uint64) error {
if _, err := u.Push(0); err != nil {
return err
}
for i, _ := range addrs {
if _, err := u.Push(addrs[len(addrs)-i-1]); err != nil {
return err
}
}
return nil
}示例6: pushStrings
func pushStrings(u models.Usercorn, args ...string) ([]uint64, error) {
addrs := make([]uint64, 0, len(args)+1)
for _, arg := range args {
if addr, err := u.PushBytes([]byte(arg + "\x00")); err != nil {
return nil, err
} else {
addrs = append(addrs, addr)
}
}
return addrs, nil
}示例7: Wrmsr
func Wrmsr(u models.Usercorn, msr, value uint64) {
wrmsr := []byte{0x0F, 0x30}
u.RunShellcode(
0, wrmsr,
map[int]uint64{
uc.X86_REG_RAX: value & 0xFFFFFFFF,
uc.X86_REG_RDX: value >> 32 & 0xFFFFFFFF,
uc.X86_REG_RCX: msr & 0xFFFFFFFF,
}, nil,
)
}示例8: AbiInit
func AbiInit(u models.Usercorn, syscall func(models.Usercorn)) error {
_, err := u.HookAdd(uc.HOOK_INSN, func(_ uc.Unicorn) {
syscall(u)
}, 1, 0, uc.X86_INS_SYSCALL)
if err == nil {
_, err = u.HookAdd(uc.HOOK_INSN, func(_ uc.Unicorn) {
syscall(u)
}, 1, 0, uc.X86_INS_SYSENTER)
}
return err
}示例9: traceMem
func (p *memImage) traceMem(u models.Usercorn, addr uint64, data []byte) {
if len(data) > p.blockSize {
firstLen := (addr+uint64(p.blockSize)-1) & ^uint64(p.blockSize-1) - addr
if firstLen > 0 {
p.traceMem(u, addr, data[:firstLen])
}
for i := firstLen; i < uint64(len(data)); i += uint64(p.blockSize) {
p.traceMem(u, addr+uint64(i), data[i:i+uint64(p.blockSize)])
}
return
}
i, m, had := p.find(addr)
if !had {
aligned := addr & ^uint64(p.blockSize-1)
r := ®ion{
Addr: aligned,
Size: uint64(p.blockSize),
Data: make([]byte, p.blockSize),
}
for _, v := range u.Mappings() {
if v.Contains(addr) {
r.Desc = v.Desc
r.Prot = v.Prot
if v.File != nil {
r.Filename = v.File.Name
}
break
}
}
p.maps = append(p.maps, r)
sort.Sort(RegionAddrSort(p.maps))
i, m, _ = p.find(addr)
p.resize()
}
off := (addr - m.Addr)
dst := m.Data[off:]
for i, v := range data {
if (dst[i] == 0) != (v == 0) {
if v != 0 {
m.ByteCount++
} else {
m.ByteCount--
}
}
dst[i] = v
}
if m.ByteCount == 0 {
p.maps = append(p.maps[:i], p.maps[i+1:]...)
p.resize()
}
}示例10: packAddrs
func packAddrs(u models.Usercorn, addrs []uint64) ([]byte, error) {
buf := make([]byte, int(u.Bits())/8*(len(addrs)+1))
pos := buf
for _, v := range addrs {
x, err := u.PackAddr(pos, v)
if err != nil {
return nil, err
}
pos = pos[len(x):]
}
return buf, nil
}示例11: SetupElfAuxv
func SetupElfAuxv(u models.Usercorn) ([]byte, error) {
var buf bytes.Buffer
auxv, err := setupElfAuxv(u)
if err != nil {
return nil, err
}
options := &struc.Options{
PtrSize: int(u.Bits()),
Order: u.ByteOrder(),
}
for _, a := range auxv {
if err := struc.PackWithOptions(&buf, &a, options); err != nil {
return nil, err
}
}
return buf.Bytes(), err
}示例12: StackArgs
func StackArgs(u models.Usercorn) func(n int) ([]uint64, error) {
return func(n int) ([]uint64, error) {
_, err := u.Pop()
if err != nil {
return nil, err
}
ret := make([]uint64, n)
for i := 0; i < n; i++ {
v, err := u.Pop()
if err != nil {
return nil, err
}
ret[i] = v
}
return ret, nil
}
}示例13: DarwinSyscall
func DarwinSyscall(u models.Usercorn, class int) {
// TODO: read args from stack without modifying reg so we don't need to restore esp
esp, _ := u.RegRead(uc.X86_REG_ESP)
getArgs := common.StackArgs(u)
eax, _ := u.RegRead(uc.X86_REG_EAX)
nr := class<<24 | int(eax)
name, _ := num.Darwin_x86_mach[nr]
ret, _ := u.Syscall(nr, name, getArgs)
u.RegWrite(uc.X86_REG_EAX, ret)
u.RegWrite(uc.X86_REG_ESP, esp)
}示例14: Rdmsr
func Rdmsr(u models.Usercorn, msr uint64) uint64 {
rcx, _ := u.RegRead(uc.X86_REG_RCX)
rdx, _ := u.RegRead(uc.X86_REG_RDX)
rdmsr := []byte{0x0F, 0x30}
regs := map[int]uint64{uc.X86_REG_RAX: msr}
u.RunShellcode(0, rdmsr, regs, nil)
ecx, _ := u.RegRead(uc.X86_REG_ECX)
edx, _ := u.RegRead(uc.X86_REG_EDX)
u.RegWrite(uc.X86_REG_RCX, rcx)
u.RegWrite(uc.X86_REG_RDX, rdx)
return (edx << 32) | (ecx & 0xFFFFFFFF)
}示例15: DarwinSyscall
func DarwinSyscall(u models.Usercorn, class int) {
getArgs := common.StackArgs(u)
eax, _ := u.RegRead(uc.X86_REG_EAX)
nr := class<<24 | int(eax)
name, _ := num.Darwin_x86_mach[nr]
ret, _ := u.Syscall(nr, name, getArgs)
u.RegWrite(uc.X86_REG_EAX, ret)
}