本文整理汇总了Golang中github.com/lunixbochs/usercorn/go/models.Usercorn类的典型用法代码示例。如果您正苦于以下问题:Golang Usercorn类的具体用法?Golang Usercorn怎么用?Golang Usercorn使用的例子?那么恭喜您, 这里精选的类代码示例或许可以为您提供帮助。
在下文中一共展示了Usercorn类的20个代码示例,这些例子默认根据受欢迎程度排序。您可以为喜欢或者感觉有用的代码点赞,您的评价将有助于我们的系统推荐出更棒的Golang代码示例。
示例1: StackArgs
func StackArgs(u models.Usercorn) func(n int) ([]uint64, error) {
return func(n int) ([]uint64, error) {
sp, _ := u.RegRead(u.Arch().SP)
// starts with an empty slot
s := u.StrucAt(sp + uint64(u.Bits()/8))
ret := make([]uint64, n)
for i := 0; i < n; i++ {
var arg uint64
var err error
// TODO: simplify this when struc issue #47 is fixed
if u.Bits() == 64 {
err = s.Unpack(&arg)
} else {
var arg32 uint32
err = s.Unpack(&arg32)
arg = uint64(arg32)
}
if err != nil {
return nil, err
}
ret[i] = arg
}
return ret, nil
}
}
开发者ID:lunixbochs,项目名称:usercorn,代码行数:26,代码来源:args.go
示例2: DarwinInit
func DarwinInit(u models.Usercorn, args, env []string) error {
if err := darwin.StackInit(u, args, env); err != nil {
return err
}
// FIXME: lib43 crashes if 32-bit darwin gets mach header. maybe I need to align the stack.
u.Pop()
return nil
}
开发者ID:lunixbochs,项目名称:usercorn,代码行数:8,代码来源:darwin.go
示例3: LinuxInterrupt
func LinuxInterrupt(u models.Usercorn, intno uint32) {
if intno == 2 {
num, _ := u.RegRead(uc.ARM64_REG_X8)
LinuxSyscall(u, int(num))
return
}
panic(fmt.Sprintf("unhandled ARM interrupt: %d", intno))
}
开发者ID:lunixbochs,项目名称:usercorn,代码行数:8,代码来源:linux.go
示例4: LinuxSyscall
func LinuxSyscall(u models.Usercorn, num int) {
// TODO: EABI has a different syscall base (OABI is 0x900000)
// TODO: does the generator handle this? it needs to.
if num > 0x900000 {
num -= 0x900000
}
name, _ := sysnum.Linux_arm[int(num)]
ret, _ := u.Syscall(int(num), name, common.RegArgs(u, LinuxRegs))
u.RegWrite(uc.ARM_REG_R0, ret)
}
开发者ID:lunixbochs,项目名称:usercorn,代码行数:10,代码来源:linux.go
示例5: pushAddrs
func pushAddrs(u models.Usercorn, addrs []uint64) error {
if _, err := u.Push(0); err != nil {
return err
}
for i, _ := range addrs {
if _, err := u.Push(addrs[len(addrs)-i-1]); err != nil {
return err
}
}
return nil
}
开发者ID:practicalswift,项目名称:usercorn,代码行数:11,代码来源:kernel.go
示例6: pushStrings
func pushStrings(u models.Usercorn, args ...string) ([]uint64, error) {
addrs := make([]uint64, 0, len(args)+1)
for _, arg := range args {
if addr, err := u.PushBytes([]byte(arg + "\x00")); err != nil {
return nil, err
} else {
addrs = append(addrs, addr)
}
}
return addrs, nil
}
开发者ID:practicalswift,项目名称:usercorn,代码行数:11,代码来源:kernel.go
示例7: Wrmsr
func Wrmsr(u models.Usercorn, msr, value uint64) {
wrmsr := []byte{0x0F, 0x30}
u.RunShellcode(
0, wrmsr,
map[int]uint64{
uc.X86_REG_RAX: value & 0xFFFFFFFF,
uc.X86_REG_RDX: value >> 32 & 0xFFFFFFFF,
uc.X86_REG_RCX: msr & 0xFFFFFFFF,
}, nil,
)
}
开发者ID:lunixbochs,项目名称:usercorn,代码行数:11,代码来源:arch.go
示例8: AbiInit
func AbiInit(u models.Usercorn, syscall func(models.Usercorn)) error {
_, err := u.HookAdd(uc.HOOK_INSN, func(_ uc.Unicorn) {
syscall(u)
}, 1, 0, uc.X86_INS_SYSCALL)
if err == nil {
_, err = u.HookAdd(uc.HOOK_INSN, func(_ uc.Unicorn) {
syscall(u)
}, 1, 0, uc.X86_INS_SYSENTER)
}
return err
}
开发者ID:lunixbochs,项目名称:usercorn,代码行数:11,代码来源:abi.go
示例9: traceMem
func (p *memImage) traceMem(u models.Usercorn, addr uint64, data []byte) {
if len(data) > p.blockSize {
firstLen := (addr+uint64(p.blockSize)-1) & ^uint64(p.blockSize-1) - addr
if firstLen > 0 {
p.traceMem(u, addr, data[:firstLen])
}
for i := firstLen; i < uint64(len(data)); i += uint64(p.blockSize) {
p.traceMem(u, addr+uint64(i), data[i:i+uint64(p.blockSize)])
}
return
}
i, m, had := p.find(addr)
if !had {
aligned := addr & ^uint64(p.blockSize-1)
r := ®ion{
Addr: aligned,
Size: uint64(p.blockSize),
Data: make([]byte, p.blockSize),
}
for _, v := range u.Mappings() {
if v.Contains(addr) {
r.Desc = v.Desc
r.Prot = v.Prot
if v.File != nil {
r.Filename = v.File.Name
}
break
}
}
p.maps = append(p.maps, r)
sort.Sort(RegionAddrSort(p.maps))
i, m, _ = p.find(addr)
p.resize()
}
off := (addr - m.Addr)
dst := m.Data[off:]
for i, v := range data {
if (dst[i] == 0) != (v == 0) {
if v != 0 {
m.ByteCount++
} else {
m.ByteCount--
}
}
dst[i] = v
}
if m.ByteCount == 0 {
p.maps = append(p.maps[:i], p.maps[i+1:]...)
p.resize()
}
}
开发者ID:lunixbochs,项目名称:usercorn,代码行数:53,代码来源:mem_image.go
示例10: packAddrs
func packAddrs(u models.Usercorn, addrs []uint64) ([]byte, error) {
buf := make([]byte, int(u.Bits())/8*(len(addrs)+1))
pos := buf
for _, v := range addrs {
x, err := u.PackAddr(pos, v)
if err != nil {
return nil, err
}
pos = pos[len(x):]
}
return buf, nil
}
开发者ID:lunixbochs,项目名称:usercorn,代码行数:12,代码来源:kernel.go
示例11: SetupElfAuxv
func SetupElfAuxv(u models.Usercorn) ([]byte, error) {
var buf bytes.Buffer
auxv, err := setupElfAuxv(u)
if err != nil {
return nil, err
}
options := &struc.Options{
PtrSize: int(u.Bits()),
Order: u.ByteOrder(),
}
for _, a := range auxv {
if err := struc.PackWithOptions(&buf, &a, options); err != nil {
return nil, err
}
}
return buf.Bytes(), err
}
开发者ID:lunixbochs,项目名称:usercorn,代码行数:17,代码来源:elf_auxv.go
示例12: StackArgs
func StackArgs(u models.Usercorn) func(n int) ([]uint64, error) {
return func(n int) ([]uint64, error) {
_, err := u.Pop()
if err != nil {
return nil, err
}
ret := make([]uint64, n)
for i := 0; i < n; i++ {
v, err := u.Pop()
if err != nil {
return nil, err
}
ret[i] = v
}
return ret, nil
}
}
开发者ID:practicalswift,项目名称:usercorn,代码行数:17,代码来源:args.go
示例13: DarwinSyscall
func DarwinSyscall(u models.Usercorn, class int) {
// TODO: read args from stack without modifying reg so we don't need to restore esp
esp, _ := u.RegRead(uc.X86_REG_ESP)
getArgs := common.StackArgs(u)
eax, _ := u.RegRead(uc.X86_REG_EAX)
nr := class<<24 | int(eax)
name, _ := num.Darwin_x86_mach[nr]
ret, _ := u.Syscall(nr, name, getArgs)
u.RegWrite(uc.X86_REG_EAX, ret)
u.RegWrite(uc.X86_REG_ESP, esp)
}
开发者ID:practicalswift,项目名称:usercorn,代码行数:13,代码来源:darwin.go
示例14: Rdmsr
func Rdmsr(u models.Usercorn, msr uint64) uint64 {
rcx, _ := u.RegRead(uc.X86_REG_RCX)
rdx, _ := u.RegRead(uc.X86_REG_RDX)
rdmsr := []byte{0x0F, 0x30}
regs := map[int]uint64{uc.X86_REG_RAX: msr}
u.RunShellcode(0, rdmsr, regs, nil)
ecx, _ := u.RegRead(uc.X86_REG_ECX)
edx, _ := u.RegRead(uc.X86_REG_EDX)
u.RegWrite(uc.X86_REG_RCX, rcx)
u.RegWrite(uc.X86_REG_RDX, rdx)
return (edx << 32) | (ecx & 0xFFFFFFFF)
}
开发者ID:lunixbochs,项目名称:usercorn,代码行数:14,代码来源:arch.go
示例15: DarwinSyscall
func DarwinSyscall(u models.Usercorn, class int) {
getArgs := common.StackArgs(u)
eax, _ := u.RegRead(uc.X86_REG_EAX)
nr := class<<24 | int(eax)
name, _ := num.Darwin_x86_mach[nr]
ret, _ := u.Syscall(nr, name, getArgs)
u.RegWrite(uc.X86_REG_EAX, ret)
}
开发者ID:lunixbochs,项目名称:usercorn,代码行数:10,代码来源:darwin.go
示例16: enterUsermode
func enterUsermode(u models.Usercorn) error {
// move CPU from System to User mode
modeSwitch := []byte{
0x00, 0x00, 0x0f, 0xe1, // mrs r0, cpsr
0x1f, 0x00, 0xc0, 0xe3, // bic r0, r0, $0x1f
0x10, 0x00, 0x80, 0xe3, // orr r0, r0, $0x10
0x00, 0xf0, 0x21, 0xe1, // msr cpsr_c, r0
}
mmap, err := u.Mmap(0, uint64(len(modeSwitch)))
if err != nil {
return err
}
defer u.MemUnmap(mmap.Addr, mmap.Size)
end := mmap.Addr + uint64(len(modeSwitch))
err = u.RunShellcodeMapped(mmap, modeSwitch,
map[int]uint64{uc.ARM_REG_LR: end},
[]int{uc.ARM_REG_R0, uc.ARM_REG_LR, uc.ARM_REG_SP},
)
return err
}
开发者ID:lunixbochs,项目名称:usercorn,代码行数:20,代码来源:arm.go
示例17: SetupElfAuxv
func SetupElfAuxv(u models.Usercorn) ([]byte, error) {
var buf bytes.Buffer
auxv, err := setupElfAuxv(u)
if err != nil {
return nil, err
}
if u.Bits() == 32 {
var auxv32 Elf32Auxv
for _, a := range auxv {
auxv32.Type = uint32(a.Type)
auxv32.Val = uint32(a.Val)
if err := struc.PackWithOrder(&buf, &auxv32, u.ByteOrder()); err != nil {
return nil, err
}
}
} else {
for _, a := range auxv {
if err := struc.PackWithOrder(&buf, &a, u.ByteOrder()); err != nil {
return nil, err
}
}
}
return buf.Bytes(), err
}
开发者ID:x56,项目名称:usercorn,代码行数:24,代码来源:elf_auxv.go
示例18: setupElfAuxv
func setupElfAuxv(u models.Usercorn) ([]Elf64Auxv, error) {
// set up AT_RANDOM
var tmp [16]byte
if _, err := rand.Read(tmp[:]); err != nil {
return nil, err
}
randAddr, err := u.PushBytes(tmp[:])
if err != nil {
return nil, err
}
// insert platform string
platformAddr, err := u.PushBytes([]byte(u.Loader().Arch() + "\x00"))
if err != nil {
return nil, err
}
// main auxv table
auxv := []Elf64Auxv{
// TODO: set/track a page size somewhere - on Arch.OS?
{ELF_AT_PAGESZ, 4096},
{ELF_AT_BASE, u.InterpBase()},
{ELF_AT_FLAGS, 0},
{ELF_AT_ENTRY, uint64(u.BinEntry())},
{ELF_AT_UID, uint64(os.Getuid())},
{ELF_AT_EUID, uint64(os.Geteuid())},
{ELF_AT_GID, uint64(os.Getgid())},
{ELF_AT_EGID, uint64(os.Getegid())},
{ELF_AT_PLATFORM, platformAddr},
{ELF_AT_CLKTCK, 100}, // 100hz, totally fake
{ELF_AT_RANDOM, randAddr},
{ELF_AT_NULL, 0},
}
// add phdr information if present in binary
phdrOff, _, phdrCount := u.Loader().Header()
segments, _ := u.Loader().Segments()
for _, s := range segments {
if s.ContainsPhys(phdrOff) {
phdrOff += s.Addr
break
}
}
phdrEnt := 56
if u.Bits() == 32 {
phdrEnt = 56 // FIXME
}
if phdrOff > 0 {
auxv = append(auxv, []Elf64Auxv{
{ELF_AT_PHDR, phdrOff},
{ELF_AT_PHENT, uint64(phdrEnt)},
{ELF_AT_PHNUM, uint64(phdrCount)},
}...)
}
return auxv, nil
}
开发者ID:x56,项目名称:usercorn,代码行数:53,代码来源:elf_auxv.go
示例19: StackInit
func StackInit(u models.Usercorn, args, env []string) error {
exe := u.Exe()
addr, err := u.PushBytes([]byte(exe + "\x00"))
if err != nil {
return err
}
var tmp [8]byte
auxv, err := u.PackAddr(tmp[:], addr)
if err != nil {
return err
}
err = posix.StackInit(u, args, env, auxv)
if err != nil {
return err
}
// offset to mach_header at exe[0:] in guest memory
textOffset, _, _ := u.Loader().Header()
offset := u.Base() + textOffset
_, err = u.Push(offset)
return err
}
开发者ID:lunixbochs,项目名称:usercorn,代码行数:21,代码来源:kernel.go
示例20: AbiInit
func AbiInit(u models.Usercorn, args, env []string, auxv []byte, syscall func(models.Usercorn)) error {
u.HookAdd(uc.HOOK_INSN, func(_ uc.Unicorn) {
syscall(u)
}, uc.X86_INS_SYSCALL)
return u.PosixInit(args, env, auxv)
}
开发者ID:SBkiller,项目名称:usercorn,代码行数:6,代码来源:abi.go
注:本文中的github.com/lunixbochs/usercorn/go/models.Usercorn类示例整理自Github/MSDocs等源码及文档管理平台,相关代码片段筛选自各路编程大神贡献的开源项目,源码版权归原作者所有,传播和使用请参考对应项目的License;未经允许,请勿转载。 |
客服电话
APP下载
官方微信
请发表评论