gradetwo/kmem_reader.c

## kmem_reader.c
#include <stdio.h>
#include <stdlib.h>
#include <string.h>
#include <mach/mach_traps.h>
#include <mach/mach_init.h>
#include <mach/mach_error.h>

void hexToBytes(const char* hex, uint8_t** buffer, size_t* bytes) {
    *bytes = strlen(hex) / 2;
    *buffer = (uint8_t*) malloc(*bytes);
    size_t i;
    for(i = 0; i < *bytes; i++) {
        uint32_t byte;
        sscanf(hex, "%02x", &byte);
        (*buffer)[i] = byte;
        hex += 2;
    }
}

void bytesToHex(const uint8_t* buffer, size_t bytes, int base_addr) {
    size_t i;
    char *p_text;
    p_text = malloc(17);
    while(bytes > 0) {
        memset(p_text, 0, 17);
        printf("0x%x: ", base_addr);
        for(i=0;i<16 && bytes>0;i++)
        {
            if(isalnum(*buffer))
                p_text[i] = *buffer;
            else
                p_text[i]='.';
            printf("%02x ", *buffer);
            buffer++;
            bytes--;
        }
        printf("\t%s", p_text);
        printf("\n");
        base_addr+=16;
    }
}
int main(int argc, char* argv[])
{
    FILE *fp;
    pointer_t buf;
    unsigned int sz, bytes, i;
    static mach_port_t kernel_task;

    vm_address_t addr = 0x80002000;
    bytes = 2048;

    if(argc<2)
    {
        fprintf(stderr, "usage: %s addr [bytes]\n", argv[0]);
        return 0;
    }
    else if(argc==3)
        sscanf(argv[2], "%d", &bytes);
    sscanf(argv[1], "%x", &addr);

    printf("addr:%x bytes:%d\n", (uint32_t) addr, bytes);

    kern_return_t error = task_for_pid(mach_task_self(), 0, &kernel_task);
    printf("-> %x [%d - %s]\n",  kernel_task, error, mach_error_string(error));

    fp= fopen("/tmp/gotu", "w");
    for(i=0;i<bytes;i+=16)
    {
        vm_read(kernel_task, addr+i, 16, &buf, &sz);
        bytesToHex(buf, sz, addr+i);
        fwrite((void *)buf, 1, sz, fp);
    }
    fclose(fp);
}
	#include <stdio.h>
	#include <stdlib.h>
	#include <string.h>
	#include <mach/mach_traps.h>
	#include <mach/mach_init.h>
	#include <mach/mach_error.h>

	void hexToBytes(const char* hex, uint8_t** buffer, size_t* bytes) {
	*bytes = strlen(hex) / 2;
	buffer = (uint8_t) malloc(*bytes);
	size_t i;
	for(i = 0; i < *bytes; i++) {
	uint32_t byte;
	sscanf(hex, "%02x", &byte);
	(*buffer)[i] = byte;
	hex += 2;
	}
	}

	void bytesToHex(const uint8_t* buffer, size_t bytes, int base_addr) {
	size_t i;
	char *p_text;
	p_text = malloc(17);
	while(bytes > 0) {
	memset(p_text, 0, 17);
	printf("0x%x: ", base_addr);
	for(i=0;i<16 && bytes>0;i++)
	{
	if(isalnum(*buffer))
	p_text[i] = *buffer;
	else
	p_text[i]='.';
	printf("%02x ", *buffer);
	buffer++;
	bytes--;
	}
	printf("\t%s", p_text);
	printf("\n");
	base_addr+=16;
	}
	}
	int main(int argc, char* argv[])
	{
	FILE *fp;
	pointer_t buf;
	unsigned int sz, bytes, i;
	static mach_port_t kernel_task;

	vm_address_t addr = 0x80002000;
	bytes = 2048;

	if(argc<2)
	{
	fprintf(stderr, "usage: %s addr [bytes]\n", argv[0]);
	return 0;
	}
	else if(argc==3)
	sscanf(argv[2], "%d", &bytes);
	sscanf(argv[1], "%x", &addr);

	printf("addr:%x bytes:%d\n", (uint32_t) addr, bytes);

	kern_return_t error = task_for_pid(mach_task_self(), 0, &kernel_task);
	printf("-> %x [%d - %s]\n", kernel_task, error, mach_error_string(error));

	fp= fopen("/tmp/gotu", "w");
	for(i=0;i<bytes;i+=16)
	{
	vm_read(kernel_task, addr+i, 16, &buf, &sz);
	bytesToHex(buf, sz, addr+i);
	fwrite((void *)buf, 1, sz, fp);
	}
	fclose(fp);
	}