mykola/blackjack
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
70 commits 1 branch 0 tags 282 KiB
Commit graph

70 commits

This branch
This branch
All branches
Author SHA1 Message Date
mykola2312
db6a7cdde8 split process into procstat and process source files, since other OSes like BSD demand different procfs treatment, and process hijacking is not part of parsing it 2024-08-28 13:43:03 +03:00
mykola2312
226d306bfa implement relf file check function to get ELF type 2024-08-28 10:17:41 +03:00
mykola2312
3ce2738715 get rid of composite error type nonsense 2024-08-28 09:41:22 +03:00
mykola2312
bd4ea8f2e6 implement symbol parsing 2024-08-25 20:49:17 +03:00
mykola2312
5d9e756153 add dlsym to actually check if my shit works 2024-08-25 20:31:36 +03:00
mykola2312
1abe051db0 remove redundant code and prepare sections for symbol parsing 2024-08-25 20:23:11 +03:00
mykola2312
fe31879dd6 rename strtab to shstrtab since it makes more sense now 2024-08-25 20:09:22 +03:00
mykola2312
8f7a832961 so, "string table index" is just an offset. implemented string resolving 2024-08-25 19:58:19 +03:00
mykola2312
14b9562fb0 working on string table parsing 2024-08-25 15:39:34 +03:00
mykola2312
44112dc4a7 implement program and section header parsing 2024-08-25 13:10:11 +03:00
mykola2312
caf85718e7 define structures to abstract 32 and 64 bit differences in parsing 2024-08-25 09:18:35 +03:00
mykola2312
9e80bee9aa file mapping works 2024-08-25 08:30:21 +03:00
mykola2312
bc2f89b039 working on ELF identification 2024-08-25 08:08:52 +03:00
mykola2312
8a3ea5b2b2 add 32-bit dummy shared object target 2024-08-25 06:16:31 +03:00
mykola2312
b2015a0d8a begin working on relf component 2024-08-24 14:32:50 +03:00
mykola2312
a39999e134 OVERHAUL: migrate to recursive make, because such way I can establish proper project structure for future make install AND have unclogged makefiles 2024-08-24 11:19:59 +03:00
mykola2312
9bc3007a7f add dlsym print to dummy 2024-08-24 01:25:29 +03:00
mykola2312
635cf023c7 turns out you have to offset the syscall instruction to rip, because PTRACE_CONT continue process by "returning" from syscall 2024-08-22 16:26:22 +03:00
mykola2312
0ae068762f function names refactor 2024-08-22 12:08:21 +03:00
mykola2312
f21453236f implement function to calculate proper patch size for future jmp hooks 2024-08-22 07:59:08 +03:00
mykola2312
f312bc09e9 test VEX decoding, rename "size" to "limit" 2024-08-22 07:26:33 +03:00
mykola2312
74e6ce1322 update readme 2024-08-19 12:04:38 +03:00
mykola2312
ae99c186e4 update readme and add endbr32 2024-08-19 12:03:49 +03:00
mykola2312
261961999c add separate group for custom instructions like endbr64 to be able to implement their logic separate. also bug fixes 2024-08-19 11:47:03 +03:00
mykola2312
c612e66833 well yea first major bug - we didnt parsed AMD specs so no endbr64 in LUT table is present. gonna fix that 2024-08-19 09:27:34 +03:00
mykola2312
9de814e66a rtdisasm_find_target works very well 2024-08-19 09:12:55 +03:00
mykola2312
bd6682a61d fix bug when 1-byte opcode will trigger size-limit because of unnecessary bounds check 2024-08-19 08:48:30 +03:00
mykola2312
97c8476d2a better instruction trace 2024-08-19 08:35:53 +03:00
mykola2312
b5dd5c455a begin working on rt_target search - we need that for syscall trampolines 2024-08-19 07:49:30 +03:00
mykola2312
60ded0d85b encorporate rt_target - unique identifier for instructions we will be looking for 2024-08-19 07:11:45 +03:00
mykola2312
4ae333513e fix typo which led to bug with opreg decoding 2024-08-19 01:32:50 +03:00
mykola2312
eb4b5767ee move process specific debug definitions to its own header file, thus fixing compiler warnings 2024-08-19 00:59:26 +03:00
mykola2312
ce5b3ee705 add debug traces to rtdisasm 2024-08-19 00:55:53 +03:00
mykola2312
89e6057fe4 add shared objs and deps 2024-08-19 00:06:46 +03:00
mykola2312
a4593e8564 move test data code to .text section for ease of objdump use 2024-08-16 14:43:04 +03:00
mykola2312
b4b468ec51 fix makefile to actually link static library 2024-08-16 14:41:38 +03:00
mykola2312
8181aa5623 fix warnings, add test code 2024-08-16 14:34:09 +03:00
mykola2312
5d23c4e695 implement instruction analyze 2024-08-16 14:25:15 +03:00
mykola2312
35e6628ec7 implement analyze of ModRM 2024-08-16 13:31:58 +03:00
mykola2312
64f44d9a44 implement opcode matching as well as opreg 2024-08-16 12:21:58 +03:00
mykola2312
b636bc8891 begin working on instruction matching 2024-08-16 09:41:41 +03:00
mykola2312
4bfa581481 begin working on rex prefix testing 2024-08-16 09:10:28 +03:00
mykola2312
c7735c0ddc begin working on prefixes 2024-08-16 06:26:37 +03:00
mykola2312
da43f4d8bf add test code for rtdisasm 2024-08-16 06:16:24 +03:00
mykola2312
d13505b2f9 encode VEX and EVEX params 2024-08-14 19:24:54 +03:00
mykola2312
3443dbccc7 encode std instructions parameters, fix another intel L regarding incosistent ib/imm8 notation 2024-08-14 19:11:15 +03:00
mykola2312
9f90139d05 fix instruction struct so it now has place for actual values from parsed documentation 2024-08-14 17:57:21 +03:00
mykola2312
b0e89a263c merge Parsable-Instructions into this project for integrity. rtdisasm needs lookup tables of instruction opcodes 2024-08-14 17:24:34 +03:00
mykola2312
585d940ece add x86 instruction set lookup table, compressed in gzip to avoid diff clogging 2024-08-14 01:27:40 +03:00
mykola2312
3965e0b773 add rtdisasm test target 2024-07-25 02:48:44 +03:00