hardening-check with custon objdump for disassembling binaries compiled for different architectures

hardening-check-with-objdump.sh

#!/bin/bash

# Define color codes
RED='\033[0;31m'
GREEN='\033[0;32m'
YELLOW='\033[1;33m'
NC='\033[0m' # No Color

# Default objdump path
OBJDUMP_TARGET="/usr/bin/arm-linux-gnueabihf-objdump"

# Path variables
OBJDUMP_ORIGINAL="/usr/bin/objdump"
OBJDUMP_BACKUP="/usr/bin/objdump.bak"


# Variable to store the target binary path
TARGET_BINARY=""

# Function to replace the original objdump with the specified one
replace_objdump() {
    # Check if the original objdump exists
    if [ ! -f "$OBJDUMP_ORIGINAL" ]; then
        echo -e "${RED}Error: ${OBJDUMP_ORIGINAL} does not exist.${NC}"
        exit 1
    fi

    # Check if the custom objdump exists
    if [ ! -f "$OBJDUMP_TARGET" ]; then
        echo -e "${RED}Error: ${OBJDUMP_TARGET} does not exist.${NC}"
        exit 1
    fi

    # Back up the original objdump
    sudo mv "$OBJDUMP_ORIGINAL" "$OBJDUMP_BACKUP"

    # Check if backup was successful
    if [ ! -f "$OBJDUMP_BACKUP" ]; then
        echo -e "${RED}Error: Failed to back up ${OBJDUMP_ORIGINAL}.${NC}"
        exit 1
    fi

    # Create a symlink to the custom objdump
    sudo ln -s "$OBJDUMP_TARGET" "$OBJDUMP_ORIGINAL"
}

# Function to restore the original objdump
restore_objdump() {
    # Remove the symlink
    sudo rm -f "$OBJDUMP_ORIGINAL"

    # Restore the original objdump
    sudo mv "$OBJDUMP_BACKUP" "$OBJDUMP_ORIGINAL"

    # Check if restoration was successful
    if [ ! -f "$OBJDUMP_ORIGINAL" ]; then
        echo -e "${RED}Error: Failed to restore ${OBJDUMP_ORIGINAL}.${NC}"
        exit 1
    fi
}

# Usage information
usage() {
    echo -e "${YELLOW}Usage: $0 -t TARGET_BINARY [--objdump OBJDUMP_PATH] [-h | --help]${NC}"
    echo
    echo "This script is designed to temporarily replace the system's default 'objdump' binary"
    echo "with a custom one specified by the user, typically for compatibility or testing purposes."
    echo "It is particularly useful when working with binaries compiled for different architectures,"
    echo "such as ARM, and you need to run tools like 'hardening-check' against these binaries."
    echo
    echo "The script performs the following actions:"
    echo "  1. Backs up the current 'objdump' binary."
    echo "  2. Creates a symlink to the specified 'objdump' binary."
    echo "  3. Runs 'hardening-check' on a specified application."
    echo "  4. Restores the original 'objdump' binary."
    echo
    echo "Options:"
    echo "  --objdump OBJDUMP_PATH  Specify a custom 'objdump' binary. Default is '/usr/bin/arm-linux-gnueabihf-objdump'."
    echo "  -t, --target TARGET_BINARY  Specify the target binary for hardening-check."
    echo "  -h, --help             Display this help message and exit."
    echo
    exit 1
}


while [[ "$#" -gt 0 ]]; do
    case $1 in
        --objdump) OBJDUMP_TARGET="$2"; shift ;;
        -t|--target) TARGET_BINARY="$2"; shift ;;
        -h|--help) usage ;;
        *) echo -e "${RED}Error: Invalid argument.$NC"; usage ;;
    esac
    shift
done

# Check if the target binary has been specified
if [ -z "$TARGET_BINARY" ]; then
    echo -e "${RED}Error: Target binary not specified.${NC}"
    usage
fi

# Replace the original objdump
replace_objdump

# Run hardening check on the app
echo -e "${YELLOW}Running hardening-check on ${TARGET_BINARY} with ${OBJDUMP_TARGET}...${NC}"
hardening-check "$TARGET_BINARY"

# Restore the original objdump
restore_objdump

echo -e "${GREEN}Process completed.${NC}"