forked from aroulin/binary-analysis
-
Notifications
You must be signed in to change notification settings - Fork 0
Expand file tree
/
Copy pathloader_demo.cc
More file actions
117 lines (94 loc) · 3.34 KB
/
loader_demo.cc
File metadata and controls
117 lines (94 loc) · 3.34 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
#include <stdio.h>
#include <stdint.h>
#include <string>
#include "loader.h"
int dump_sections_and_symbols(Binary &bin)
{
Section *sec;
Symbol *sym;
size_t i;
printf("%19s %-8s %-20s %s\n",
"virtual_address", "size", "name", "type");
for(i = 0; i < bin.sections.size(); i++) {sec = &bin.sections[i];
printf(" 0x%016jx %-8ju %-20s %s\n",
sec->vma, sec->size, sec->name.c_str(),
sec->type == Section::SEC_TYPE_CODE ? "CODE" : "DATA");
}
if(bin.symbols.size() > 0) {
printf("\n scanned symbol tables: \n");
printf(" %-42s %16s %-8s %-8s %-8s %-8s\n",
"name", "virtual_address", "type", "link", "scope", "weak");
for(i = 0; i < bin.symbols.size(); i++) {
sym = &bin.symbols[i];
printf(" %-40s 0x%016jx %-8s %-8s %-8s %-8s\n", sym->name.c_str(), sym->addr,
(sym->type & Symbol::SYM_TYPE_FUN) ? "FUNC" : (sym->type && Symbol::SYM_TYPE_OBJ ? "OBJECT" : "UNK"),
(sym->linkType & Symbol::SYM_LINK_DYNAMIC) ? "DYNAMIC" : (sym->type && Symbol::SYM_LINK_STATIC) ?
"LOCAL" : "UNK",
(sym->bindType & Symbol::SYM_BIND_GLOBAL) ? "GLOBAL" : (sym->bindType & Symbol::SYM_BIND_LOCAL) ?
"LOCAL" : "UNK",
(sym->weak) ? "WEAK" : "");
}
}
return 0;
}
int dump_section(Binary &bin, std::string section_name)
{
Section *section = NULL;
for (auto &sec: bin.sections)
if (sec.name == section_name)
section = &sec;
if (!section) {
fprintf(stderr, "Section %s does not exist\n", section_name.c_str());
return -1;
}
printf("Section %s, start 0x%016jx, size %ju, type %s\n\n",
section->name.c_str(), section->vma, section->size,
section->type == Section::SEC_TYPE_CODE ? "CODE" : "DATA");
std::string ascii_string{};
uint64_t off;
for (off = 0; off < section->size; off++) {
if (off % 0x10 == 0)
printf("0x%08jx:\t", section->vma + off);
uint8_t byte = section->bytes[off];
printf("%02jx", byte);
if (isprint(byte))
ascii_string.push_back(byte);
else
ascii_string.push_back('.');
if ((off+1) % 16 == 0) {
printf(" %s\n", ascii_string.c_str());
ascii_string.clear();
}
else if ((off + 1) % 4 == 0)
printf(" ");
}
if ((off + 1) % 16)
printf(" %s\n", ascii_string.c_str());
return 0;
}
int main(int argc, char *argv[])
{
Binary bin;
int ret = 0;
std::string fname;
if(argc < 2 || argc > 3) {
printf("Usage:\n"
"%s <binary>\n"
"\tList sections and symbols from <binary>\n"
"%s <binary> <section>\n"
"\tHexdump of <section> from <binary>\n", argv[0], argv[0]);
return 1;
}
fname.assign(argv[1]);
if(load_binary(fname, &bin, Binary::BIN_TYPE_AUTO) < 0) {
return 1;
}
printf("loaded binary '%s'\n%s/%s (%u bits)\nentry@0x%016jx\n\n",
bin.filename.c_str(), bin.type_str.c_str(), bin.arch_str.c_str(),
bin.bits, bin.entry);
if (argc == 2)
ret = dump_sections_and_symbols(bin);
else if (argc == 3)
ret = dump_section(bin, argv[2]);
return ret;
}