mykola/blackjack
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
72 commits 1 branch 0 tags 282 KiB
Commit graph

72 commits

This branch
This branch
All branches
Author SHA1 Message Date
mykola2312
4118ea7292 implement procfs file mappings parsing 2024-08-28 16:29:17 +03:00
mykola2312
774a555175 begin working on file mapping parsing 2024-08-28 14:50:57 +03:00
mykola2312
db6a7cdde8 split process into procstat and process source files, since other OSes like BSD demand different procfs treatment, and process hijacking is not part of parsing it 2024-08-28 13:43:03 +03:00
mykola2312
226d306bfa implement relf file check function to get ELF type 2024-08-28 10:17:41 +03:00
mykola2312
3ce2738715 get rid of composite error type nonsense 2024-08-28 09:41:22 +03:00
mykola2312
bd4ea8f2e6 implement symbol parsing 2024-08-25 20:49:17 +03:00
mykola2312
5d9e756153 add dlsym to actually check if my shit works 2024-08-25 20:31:36 +03:00
mykola2312
1abe051db0 remove redundant code and prepare sections for symbol parsing 2024-08-25 20:23:11 +03:00
mykola2312
fe31879dd6 rename strtab to shstrtab since it makes more sense now 2024-08-25 20:09:22 +03:00
mykola2312
8f7a832961 so, "string table index" is just an offset. implemented string resolving 2024-08-25 19:58:19 +03:00
mykola2312
14b9562fb0 working on string table parsing 2024-08-25 15:39:34 +03:00
mykola2312
44112dc4a7 implement program and section header parsing 2024-08-25 13:10:11 +03:00
mykola2312
caf85718e7 define structures to abstract 32 and 64 bit differences in parsing 2024-08-25 09:18:35 +03:00
mykola2312
9e80bee9aa file mapping works 2024-08-25 08:30:21 +03:00
mykola2312
bc2f89b039 working on ELF identification 2024-08-25 08:08:52 +03:00
mykola2312
8a3ea5b2b2 add 32-bit dummy shared object target 2024-08-25 06:16:31 +03:00
mykola2312
b2015a0d8a begin working on relf component 2024-08-24 14:32:50 +03:00
mykola2312
a39999e134 OVERHAUL: migrate to recursive make, because such way I can establish proper project structure for future make install AND have unclogged makefiles 2024-08-24 11:19:59 +03:00
mykola2312
9bc3007a7f add dlsym print to dummy 2024-08-24 01:25:29 +03:00
mykola2312
635cf023c7 turns out you have to offset the syscall instruction to rip, because PTRACE_CONT continue process by "returning" from syscall 2024-08-22 16:26:22 +03:00
mykola2312
0ae068762f function names refactor 2024-08-22 12:08:21 +03:00
mykola2312
f21453236f implement function to calculate proper patch size for future jmp hooks 2024-08-22 07:59:08 +03:00
mykola2312
f312bc09e9 test VEX decoding, rename "size" to "limit" 2024-08-22 07:26:33 +03:00
mykola2312
74e6ce1322 update readme 2024-08-19 12:04:38 +03:00
mykola2312
ae99c186e4 update readme and add endbr32 2024-08-19 12:03:49 +03:00
mykola2312
261961999c add separate group for custom instructions like endbr64 to be able to implement their logic separate. also bug fixes 2024-08-19 11:47:03 +03:00
mykola2312
c612e66833 well yea first major bug - we didnt parsed AMD specs so no endbr64 in LUT table is present. gonna fix that 2024-08-19 09:27:34 +03:00
mykola2312
9de814e66a rtdisasm_find_target works very well 2024-08-19 09:12:55 +03:00
mykola2312
bd6682a61d fix bug when 1-byte opcode will trigger size-limit because of unnecessary bounds check 2024-08-19 08:48:30 +03:00
mykola2312
97c8476d2a better instruction trace 2024-08-19 08:35:53 +03:00
mykola2312
b5dd5c455a begin working on rt_target search - we need that for syscall trampolines 2024-08-19 07:49:30 +03:00
mykola2312
60ded0d85b encorporate rt_target - unique identifier for instructions we will be looking for 2024-08-19 07:11:45 +03:00
mykola2312
4ae333513e fix typo which led to bug with opreg decoding 2024-08-19 01:32:50 +03:00
mykola2312
eb4b5767ee move process specific debug definitions to its own header file, thus fixing compiler warnings 2024-08-19 00:59:26 +03:00
mykola2312
ce5b3ee705 add debug traces to rtdisasm 2024-08-19 00:55:53 +03:00
mykola2312
89e6057fe4 add shared objs and deps 2024-08-19 00:06:46 +03:00
mykola2312
a4593e8564 move test data code to .text section for ease of objdump use 2024-08-16 14:43:04 +03:00
mykola2312
b4b468ec51 fix makefile to actually link static library 2024-08-16 14:41:38 +03:00
mykola2312
8181aa5623 fix warnings, add test code 2024-08-16 14:34:09 +03:00
mykola2312
5d23c4e695 implement instruction analyze 2024-08-16 14:25:15 +03:00
mykola2312
35e6628ec7 implement analyze of ModRM 2024-08-16 13:31:58 +03:00
mykola2312
64f44d9a44 implement opcode matching as well as opreg 2024-08-16 12:21:58 +03:00
mykola2312
b636bc8891 begin working on instruction matching 2024-08-16 09:41:41 +03:00
mykola2312
4bfa581481 begin working on rex prefix testing 2024-08-16 09:10:28 +03:00
mykola2312
c7735c0ddc begin working on prefixes 2024-08-16 06:26:37 +03:00
mykola2312
da43f4d8bf add test code for rtdisasm 2024-08-16 06:16:24 +03:00
mykola2312
d13505b2f9 encode VEX and EVEX params 2024-08-14 19:24:54 +03:00
mykola2312
3443dbccc7 encode std instructions parameters, fix another intel L regarding incosistent ib/imm8 notation 2024-08-14 19:11:15 +03:00
mykola2312
9f90139d05 fix instruction struct so it now has place for actual values from parsed documentation 2024-08-14 17:57:21 +03:00
mykola2312
b0e89a263c merge Parsable-Instructions into this project for integrity. rtdisasm needs lookup tables of instruction opcodes 2024-08-14 17:24:34 +03:00