Created
February 19, 2014 03:13
-
-
Save deeso/9085409 to your computer and use it in GitHub Desktop.
Python script that demonstrates loading a Java class file from a string, performing analysis of the class file, and then printing the _init_ function. Finally, this script will print the address and instruction bytes from the basic blocks in the function.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
def flush(c): | |
k = c.cons | |
k.flush() | |
def exec_(c, cmd): | |
c.cmd0(cmd) | |
k = c.cons | |
k.flush() | |
import ctypes | |
from r2.r_core import RCore | |
core = RCore() | |
data = '''cafebabe0000003300160700020100227261646172655f746573745f63617365732f62617369635f61726974686d657469630700040100106a6176612f6c616e672f4f626a6563740100063c696e69743e010003282956010004436f64650a000300090c0005000601000f4c696e654e756d6265725461626c650100124c6f63616c5661726961626c655461626c65010004746869730100244c7261646172655f746573745f63617365732f62617369635f61726974686d657469633b010018706572666f726d5f62617369635f61726974686d6574696301000328294901000565696768740100014901000374656e0100017001000a536f7572636546696c6501001562617369635f61726974686d657469632e6a617661002100010003000000000002000100050006000100070000002f00010001000000052ab70008b100000002000a00000006000100000003000b0000000c000100000005000c000d00000008000e000f0001000700000052000200030000000c10083b100a3c1a1b603d1cac00000002000a0000000e00030000000600060007000a0008000b0000002000030003000900100011000000060006001200110001000a000200130011000200010014000000020015''' | |
f = core.file_open("malloc://1024", False, 0) | |
core.cmd0('wx %s'%data) | |
core.cmd0('ib') | |
core.cmd0('af') | |
fcns = core.anal.get_fcns() | |
fcn = fcns[1] | |
head = fcn.get_bbs()[0] | |
bbs = [bb for bb in fcn.get_bbs()] | |
# print all basic blocks | |
# addr and bytes | |
for bb in bbs: | |
pBytes = ctypes.cast( bb.op_bytes.__long__(), ctypes.POINTER( ctypes.c_uint8 ) ) | |
bytes = [pBytes[j] for j in xrange(0, bb.op_sz)] | |
print ("0x%04x %s"%(bb.addr, "".join(["%02x"%j for j in bytes]) )) | |
core.cmd0('pdf') | |
flush (core) |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment