blackjack

mykola/blackjack

Fork 0

Commit graph

aa9c426f66 begin porting all lists to mlist master mykola2312 2024-09-03 02:52:48 +03:00
27fc37d6cf implement a C++'ish destructor - free callback for each item in array mykola2312 2024-09-01 18:38:37 +03:00
3f4745d440 after days of intense thought process came up with working and well-rounded concept of header-only list structure management mykola2312 2024-09-01 15:38:22 +03:00
a78393ad70 begin working on module parsing. major list rework ahead mykola2312 2024-08-30 15:57:20 +03:00
e14b420b1f fixed bug related to f_offset: parse hexadecimal mykola2312 2024-08-29 21:16:14 +03:00
1606be8556 changes to procstat malloc behavior mykola2312 2024-08-28 16:36:01 +03:00
4118ea7292 implement procfs file mappings parsing mykola2312 2024-08-28 16:29:17 +03:00
774a555175 begin working on file mapping parsing mykola2312 2024-08-28 14:50:57 +03:00
db6a7cdde8 split process into procstat and process source files, since other OSes like BSD demand different procfs treatment, and process hijacking is not part of parsing it mykola2312 2024-08-28 13:43:03 +03:00
226d306bfa implement relf file check function to get ELF type mykola2312 2024-08-28 10:17:41 +03:00
3ce2738715 get rid of composite error type nonsense mykola2312 2024-08-28 09:41:22 +03:00
bd4ea8f2e6 implement symbol parsing mykola2312 2024-08-25 20:49:17 +03:00
5d9e756153 add dlsym to actually check if my shit works mykola2312 2024-08-25 20:31:36 +03:00
1abe051db0 remove redundant code and prepare sections for symbol parsing mykola2312 2024-08-25 20:23:11 +03:00
fe31879dd6 rename strtab to shstrtab since it makes more sense now mykola2312 2024-08-25 20:09:22 +03:00
8f7a832961 so, "string table index" is just an offset. implemented string resolving mykola2312 2024-08-25 19:58:19 +03:00
14b9562fb0 working on string table parsing mykola2312 2024-08-25 15:39:34 +03:00
44112dc4a7 implement program and section header parsing mykola2312 2024-08-25 13:10:11 +03:00
caf85718e7 define structures to abstract 32 and 64 bit differences in parsing mykola2312 2024-08-25 09:18:35 +03:00
9e80bee9aa file mapping works mykola2312 2024-08-25 08:30:21 +03:00
bc2f89b039 working on ELF identification mykola2312 2024-08-25 08:08:52 +03:00
8a3ea5b2b2 add 32-bit dummy shared object target mykola2312 2024-08-25 06:16:31 +03:00
b2015a0d8a begin working on relf component mykola2312 2024-08-24 14:32:50 +03:00
a39999e134 OVERHAUL: migrate to recursive make, because such way I can establish proper project structure for future make install AND have unclogged makefiles mykola2312 2024-08-24 11:19:59 +03:00
9bc3007a7f add dlsym print to dummy mykola2312 2024-08-24 01:25:29 +03:00
635cf023c7 turns out you have to offset the syscall instruction to rip, because PTRACE_CONT continue process by "returning" from syscall mykola2312 2024-08-22 16:26:22 +03:00
0ae068762f function names refactor mykola2312 2024-08-22 12:08:21 +03:00
f21453236f implement function to calculate proper patch size for future jmp hooks mykola2312 2024-08-22 07:59:08 +03:00
f312bc09e9 test VEX decoding, rename "size" to "limit" mykola2312 2024-08-22 07:26:33 +03:00
74e6ce1322 update readme mykola2312 2024-08-19 12:04:38 +03:00
ae99c186e4 update readme and add endbr32 mykola2312 2024-08-19 12:03:49 +03:00
261961999c add separate group for custom instructions like endbr64 to be able to implement their logic separate. also bug fixes mykola2312 2024-08-19 11:47:03 +03:00
c612e66833 well yea first major bug - we didnt parsed AMD specs so no endbr64 in LUT table is present. gonna fix that mykola2312 2024-08-19 09:27:34 +03:00
9de814e66a rtdisasm_find_target works very well mykola2312 2024-08-19 09:12:55 +03:00
bd6682a61d fix bug when 1-byte opcode will trigger size-limit because of unnecessary bounds check mykola2312 2024-08-19 08:48:30 +03:00
97c8476d2a better instruction trace mykola2312 2024-08-19 08:35:53 +03:00
b5dd5c455a begin working on rt_target search - we need that for syscall trampolines mykola2312 2024-08-19 07:49:30 +03:00
60ded0d85b encorporate rt_target - unique identifier for instructions we will be looking for mykola2312 2024-08-19 07:11:45 +03:00
4ae333513e fix typo which led to bug with opreg decoding mykola2312 2024-08-19 01:32:50 +03:00
eb4b5767ee move process specific debug definitions to its own header file, thus fixing compiler warnings mykola2312 2024-08-19 00:59:26 +03:00
ce5b3ee705 add debug traces to rtdisasm mykola2312 2024-08-19 00:55:53 +03:00
89e6057fe4 add shared objs and deps mykola2312 2024-08-19 00:06:46 +03:00
a4593e8564 move test data code to .text section for ease of objdump use mykola2312 2024-08-16 14:43:04 +03:00
b4b468ec51 fix makefile to actually link static library mykola2312 2024-08-16 14:41:38 +03:00
8181aa5623 fix warnings, add test code mykola2312 2024-08-16 14:34:09 +03:00
5d23c4e695 implement instruction analyze mykola2312 2024-08-16 14:25:15 +03:00
35e6628ec7 implement analyze of ModRM mykola2312 2024-08-16 13:31:58 +03:00
64f44d9a44 implement opcode matching as well as opreg mykola2312 2024-08-16 12:21:58 +03:00
b636bc8891 begin working on instruction matching mykola2312 2024-08-16 09:41:41 +03:00
4bfa581481 begin working on rex prefix testing mykola2312 2024-08-16 09:10:28 +03:00
c7735c0ddc begin working on prefixes mykola2312 2024-08-16 06:26:37 +03:00
da43f4d8bf add test code for rtdisasm mykola2312 2024-08-16 06:16:24 +03:00
d13505b2f9 encode VEX and EVEX params mykola2312 2024-08-14 19:24:54 +03:00
3443dbccc7 encode std instructions parameters, fix another intel L regarding incosistent ib/imm8 notation mykola2312 2024-08-14 19:11:15 +03:00
9f90139d05 fix instruction struct so it now has place for actual values from parsed documentation mykola2312 2024-08-14 17:57:21 +03:00
b0e89a263c merge Parsable-Instructions into this project for integrity. rtdisasm needs lookup tables of instruction opcodes mykola2312 2024-08-14 17:24:34 +03:00
585d940ece add x86 instruction set lookup table, compressed in gzip to avoid diff clogging mykola2312 2024-08-14 01:27:40 +03:00
3965e0b773 add rtdisasm test target mykola2312 2024-07-25 02:48:44 +03:00
359e745370 add rtdisasm target to makefile since I'm gonna implement runtime disassembler mykola2312 2024-07-25 02:18:56 +03:00
a1b815415e add assembly targets and rules mykola2312 2024-07-23 04:51:04 +03:00
654f083f60 add debug function to print all registers mykola2312 2024-07-23 03:34:31 +03:00
a7fc495381 implement thread register read and write. needs more testing mykola2312 2024-07-23 03:07:45 +03:00
0196d39a4b implement attaching and detaching to process threads mykola2312 2024-07-23 02:28:48 +03:00
57c74b1abb add hijack destination function to dummy for thread hijacking testing mykola2312 2024-07-23 01:58:30 +03:00
0d57997a19 implement caps check for ptrace mykola2312 2024-07-21 00:20:37 +03:00
abe4af91e4 implement function to obtain active thread of a process mykola2312 2024-07-20 23:53:50 +03:00
0e018fc6c8 implement thread enumeration mykola2312 2024-07-20 22:56:45 +03:00
1f8d733548 make function to determine parent process, since that process should contain all juicy threads mykola2312 2024-07-20 22:28:48 +03:00
8650359177 implement process enumeration by executable name mykola2312 2024-07-20 22:05:29 +03:00
924a3fafe5 ignore vscode nonsense mykola2312 2024-07-20 21:57:54 +03:00
61cee89bbe fix debug builds mykola2312 2024-07-20 21:57:25 +03:00
e0640a7878 implement proc status parsing mykola2312 2024-07-20 17:42:06 +03:00
bf3a0ece78 switch project from cpp to c language since cpp has no benefits what so ever and only confuses everything mykola2312 2024-07-20 16:59:04 +03:00
c6be556d3e make dummy target children and siblings (threads) mykola2312 2024-07-20 12:47:48 +03:00
d512bb4dd2 begin working on process enumeration, add dummy target and adjust makefile for multiple targets mykola2312 2024-07-19 19:31:51 +03:00
cd739c74e2 add debug profile mykola2312 2024-07-18 17:43:21 +03:00
1137a14eda makefile setup mykola2312 2024-07-18 17:26:33 +03:00
40123c6c67 initial commit mykola2312 2024-07-18 12:47:35 +03:00