Rizin
unix-like reverse engineering framework and cli tools
Macros | Functions
rz-gg.c File Reference
#include <rz_egg.h>
#include <rz_bin.h>
#include <rz_main.h>
#include <rz_util/rz_print.h>
#include <rz_util.h>

Go to the source code of this file.

Macros

#define ISEXEC   (fmt != 'r')
 

Functions

static int usage (int v)
 
static void list (RzEgg *egg)
 
static int create (const char *format, const char *arch, int bits, const ut8 *code, int codelen)
 
static int openfile (const char *f, int x)
 
RZ_API int rz_main_rz_gg (int argc, const char **argv)
 

Macro Definition Documentation

◆ ISEXEC

#define ISEXEC   (fmt != 'r')

Definition at line 114 of file rz-gg.c.

Function Documentation

◆ create()

static int create ( const char *  format,
const char *  arch,
int  bits,
const ut8 code,
int  codelen 
)
static

Definition at line 69 of file rz-gg.c.

69  {
70  RzBin *bin = rz_bin_new();
71  RzBinArchOptions opts;
72  RzBuffer *b;
73  rz_bin_arch_options_init(&opts, arch, bits);
74  b = rz_bin_create(bin, format, code, codelen, NULL, 0, &opts);
75  if (b) {
76  ut64 blen;
77  const ut8 *tmp = rz_buf_data(b, &blen);
78  if (write(1, tmp, blen) != blen) {
79  eprintf("Failed to write buffer\n");
80  }
81  rz_buf_free(b);
82  } else {
83  eprintf("Cannot create binary for this format '%s'.\n", format);
84  }
85  rz_bin_free(bin);
86  return 0;
87 }
rz_bin_new
RZ_API RzBin * rz_bin_new(void)
Definition: bin.c:716
rz_bin_arch_options_init
RZ_API void rz_bin_arch_options_init(RzBinArchOptions *opt, const char *arch, int bits)
Definition: bin.c:84
rz_bin_create
RZ_API RzBuffer * rz_bin_create(RzBin *bin, const char *p, const ut8 *code, int codelen, const ut8 *data, int datalen, RzBinArchOptions *opt)
Definition: bin.c:862
rz_bin_free
RZ_API void rz_bin_free(RzBin *bin)
Definition: bin.c:440
bits
int bits(struct state *s, int need)
Definition: blast.c:72
NULL
#define NULL
Definition: cris-opc.c:27
arch
cs_arch arch
Definition: cstool.c:13
write
static static fork write
Definition: sflib.h:33
ut8
uint8_t ut8
Definition: lh5801.h:11
autogen_x86imm.tmp
tmp
Definition: autogen_x86imm.py:12
eprintf
#define eprintf(x, y...)
Definition: rlcc.c:7
rz_buf_free
RZ_API void rz_buf_free(RzBuffer *b)
Free all internal data hold by the buffer and the buffer.
Definition: buf.c:1253
rz_buf_data
RZ_DEPRECATE RZ_API RZ_BORROW ut8 * rz_buf_data(RZ_NONNULL RzBuffer *b, RZ_NONNULL RZ_OUT ut64 *size)
Return a borrowed array of bytes representing the buffer data.
Definition: buf.c:1287
b
#define b(i)
Definition: sha256.c:42
bin
Definition: malloc.c:26
code
Definition: inftree9.h:24
rz_bin_arch_options_t
Definition: rz_bin.h:413
rz_bin_t
Definition: rz_bin.h:328
rz_buf_t
Definition: rz_buf.h:43
ut64
ut64(WINAPI *w32_GetEnabledXStateFeatures)()

References arch, b, bits(), eprintf, NULL, rz_bin_arch_options_init(), rz_bin_create(), rz_bin_free(), rz_bin_new(), rz_buf_data(), rz_buf_free(), autogen_x86imm::tmp, ut64(), and write.

Referenced by rz_main_rz_gg().

◆ list()

static void list ( RzEgg egg)
static

Definition at line 52 of file rz-gg.c.

52  {
53  RzListIter *iter;
54  RzEggPlugin *p;
55  printf("shellcodes:\n");
56  rz_list_foreach (egg->plugins, iter, p) {
57  if (p->type == RZ_EGG_PLUGIN_SHELLCODE) {
58  printf("%10s : %s\n", p->name, p->desc);
59  }
60  }
61  printf("encoders:\n");
62  rz_list_foreach (egg->plugins, iter, p) {
63  if (p->type == RZ_EGG_PLUGIN_ENCODER) {
64  printf("%10s : %s\n", p->name, p->desc);
65  }
66  }
67 }
printf
_Use_decl_annotations_ int __cdecl printf(const char *const _Format,...)
Definition: cs_driver.c:93
p
void * p
Definition: libc.cpp:67
RZ_EGG_PLUGIN_SHELLCODE
#define RZ_EGG_PLUGIN_SHELLCODE
Definition: rz_egg.h:19
RZ_EGG_PLUGIN_ENCODER
#define RZ_EGG_PLUGIN_ENCODER
Definition: rz_egg.h:20
rz_egg_plugin_t
Definition: rz_egg.h:22
rz_egg_t::plugins
RzList * plugins
Definition: rz_egg.h:103
rz_list_iter_t
Definition: rz_list.h:13

References p, rz_egg_t::plugins, printf(), RZ_EGG_PLUGIN_ENCODER, and RZ_EGG_PLUGIN_SHELLCODE.

Referenced by __childrenFlagsOf(), __fix_layout_h(), __fix_layout_w(), __init_menu_color_settings_layout(), __init_menu_disasm_asm_settings_layout(), __init_menu_disasm_settings_layout(), __init_panels_menu(), __io_maps(), __op_refs(), __sort(), __sorted_list(), _cs_disasm(), add_file_hash(), add_map(), add_map_reg(), add_refline(), add_single_addr_xrefs(), add_tls_callbacks(), addroflib(), agraph_follow_innodes(), analysis_function_vars_accesses(), analysis_get_function_in(), analysis_graph_to(), append_bound(), appendRef(), ar_parse_header(), Array(), autocmplt_cmd_arg_alias_type(), autocmplt_cmd_arg_any_type(), autocmplt_cmd_arg_enum_type(), autocmplt_cmd_arg_flag(), autocmplt_cmd_arg_global_var(), autocmplt_cmd_arg_struct_type(), autocmplt_cmd_arg_union_type(), autocomplete_process_path(), backtrace_fuzzy(), backtrace_windows(), backtrace_x86_32(), backtrace_x86_32_analysis(), backtrace_x86_64(), backtrace_x86_64_analysis(), blacklisted_word(), block_list_cb(), bsd_native_sysctl_map(), bsd_pid_list(), bsd_thread_list(), callback_list(), capture_list_pool_acquire(), capture_list_pool_get_mut(), clusterNodeAddFailureReport(), clusterNodeCleanupFailureReports(), clusterNodeDelFailureReport(), cmd_debug_current_modules(), cmd_debug_modules(), cmd_print_bars(), cmd_print_blocks(), collect_changes(), compare_list(), contains(), core_analysis_var_list_show(), count_positive(), count_positive8(), create_loc_list(), d_exprlist(), d_print_comp_inner(), DEFINE_HANDLE_TS_FCN_AND_SYMBOL(), delete_element(), dem_list_append(), dem_list_delete(), dem_list_free(), dem_list_get_n(), dem_list_length(), dem_list_purge(), dem_list_split_iter(), dict2keylist(), do_analysis_search(), do_ref_search(), ds_build_op_str(), ds_print_esil_analysis(), ds_print_ptr(), ds_show_refs(), entries(), fcn_get_refs(), fcnjoin(), fill_exports_list(), filter_classes(), find_insertpoint(), find_longest_match(), free_lua_opnames(), function_list_print(), function_list_print_as_cmd(), function_list_print_quiet(), function_list_print_to_json(), function_list_print_to_table(), gdbr_parse_processes_xml(), gdbr_pids_list(), gdbr_read_processes_xml(), gdbr_threads_list(), get_calls(), get_closest_map(), get_constants(), get_functions_block_cb(), get_lua53_opnames(), get_lua54_opnames(), get_operand_possible_qualifiers(), get_pid_thread_list(), get_segments(), get_symbols_list(), get_xrefs(), getref(), hud_filter(), hudstuff_append(), imports(), in_list(), indx(), iter_dbt_commands(), linux_pid_list(), linux_thread_list(), list_count(), list_keys_cb(), list_vars(), listxrefs(), ls_append(), ls_clone(), ls_del_n(), ls_delete(), ls_delete_data(), ls_destroy(), ls_free(), ls_insert(), ls_insertion_sort(), ls_merge_sort(), ls_new(), ls_newf(), ls_pop(), ls_pop_head(), ls_prepend(), ls_sort(), ls_split_iter(), moduleAt(), mpc_cleanup(), mylistrefs_cb(), ns_free_exc_list(), ns_sync(), objc_find_refs(), ocaml_open(), parse_hash_algorithms(), parse_list(), pidlist_cb(), prepend_current_pc(), print_stats(), printVarSummary(), clang-format::process(), push_attr(), rd_0_2(), rd_a(), rd_a_hl(), rd_af_(), rd_c(), rd_cc(), rd_ex1(), rd_hl(), rd_hlx(), rd_in(), rd_jp(), rd_jr(), rd_ld(), rd_ld_hl(), rd_ld_nn(), rd_lda(), rd_ldbcdehla(), rd_nn_nn(), rd_nnc(), rd_out(), rd_r(), rd_r_(), rd_r_add(), rd_r_rr(), rd_rr_(), rd_rrxx(), rd_sp(), rd_stack(), recurse_list_cb(), recursive_search_glob(), relocs(), restore_attr(), rotate(), run_basic_block_analysis(), rz_analysis_function_describe_offset_handler(), rz_analysis_function_get_var_fields(), rz_analysis_function_info_handler(), rz_analysis_function_list_calls_handler(), rz_analysis_function_list_handler(), rz_analysis_function_list_in_handler(), rz_analysis_function_vars_dis_refs_handler(), rz_analysis_function_vars_handler(), rz_analysis_function_vars_stackframe_handler(), rz_analysis_get_blocks_in(), rz_analysis_get_blocks_intersect(), rz_analysis_get_fcn_in(), rz_analysis_get_functions_in(), rz_analysis_op_list_new(), rz_analysis_reflines_get(), rz_analysis_reflines_middle(), rz_analysis_syscall_print_handler(), rz_analysis_types_from_fcn(), rz_analysis_var_all_list(), rz_analysis_var_count(), rz_analysis_xrefs_copy_handler(), rz_analysis_xrefs_del_handler(), rz_analysis_xrefs_from_list_handler(), rz_analysis_xrefs_get_from(), rz_analysis_xrefs_get_to(), rz_analysis_xrefs_list(), rz_analysis_xrefs_list_handler(), rz_analysis_xrefs_to_graph_cmd_handler(), rz_analysis_xrefs_to_list_handler(), rz_analyze_all_consecutive_functions_in_section_handler(), rz_analyze_all_data_references_to_code_handler(), rz_bin_dex_entrypoints(), rz_bin_filter_sections(), rz_bin_filter_symbols(), rz_bin_java_class_as_libraries(), rz_bin_java_class_as_source_code(), rz_bin_java_class_const_pool_as_symbols(), rz_bin_java_class_entrypoints(), rz_bin_java_class_fields_as_binfields(), rz_bin_java_class_fields_as_symbols(), rz_bin_java_class_methods_as_symbols(), rz_bin_java_class_strings(), rz_bin_object_sections_mapping_list(), rz_bin_omf_send_sections(), rz_bin_string_database_new(), rz_bp_traptrace_new(), rz_cmd_debug_display_bt_ascii_handler(), rz_cmd_debug_display_bt_handler(), rz_cmd_debug_display_bt_local_vars_handler(), rz_cmd_debug_display_bt_oneline_handler(), rz_cmd_debug_dmS_handler(), rz_cmd_debug_process_profile_handler(), rz_cmd_help(), rz_cmd_info_section_bars_handler(), rz_cons_hud(), rz_core_analysis_all(), rz_core_analysis_all_vars_display(), rz_core_analysis_esil(), rz_core_analysis_esil_default(), rz_core_analysis_everything(), rz_core_analysis_function_signature(), rz_core_analysis_refs(), rz_core_analysis_value_pointers(), rz_core_asm_hit_list_new(), rz_core_bin_strings_print(), rz_core_cmd_foreach(), rz_core_cmd_foreach3(), rz_core_config_in_space(), rz_core_debug_backtraces(), rz_core_debug_process_close(), rz_core_debug_ri(), rz_core_get_boundaries_prot(), rz_core_get_func_args(), rz_core_print_func_args(), rz_core_rtr_gdb_cb(), rz_core_search_preludes(), rz_core_theme_list(), rz_core_types_calling_conventions_print(), rz_core_visual_analysis_classes(), rz_core_visual_classes(), rz_core_visual_config_hud(), rz_core_visual_hudclasses(), rz_core_visual_hudstuff(), rz_debug_bochs_map_get(), rz_debug_bp_add(), rz_debug_desc_list(), rz_debug_gdb_modules_get(), rz_debug_gdb_pids(), rz_debug_gdb_threads(), rz_debug_map_list_new(), rz_debug_native_frames(), rz_debug_native_map_get(), rz_debug_pid_list(), rz_debug_qnx_pids(), rz_debug_thread_list(), rz_eval_spaces_handler(), rz_flag_exist_at(), rz_flag_get_by_spaces(), rz_flag_get_i(), rz_flag_get_liststr(), rz_flag_tag_list_handler(), rz_flag_tags_get(), rz_flag_zone_barlist(), rz_id_storage_list(), rz_list_add_sorted(), rz_list_append(), rz_list_clone(), rz_list_contains(), rz_list_del_n(), rz_list_delete(), rz_list_delete_data(), rz_list_find(), rz_list_find_ptr(), rz_list_first(), rz_list_free(), rz_list_get_bottom(), rz_list_get_n(), rz_list_get_next(), rz_list_get_top(), rz_list_init(), rz_list_insert(), rz_list_insertion_sort(), rz_list_iter_get_data(), rz_list_iter_get_next(), rz_list_iter_get_next_data(), rz_list_iterator(), rz_list_last(), rz_list_length(), rz_list_merge_sort(), rz_list_new(), rz_list_pop(), rz_list_pop_head(), rz_list_prepend(), rz_list_purge(), rz_list_push(), rz_list_reverse(), rz_list_set_n(), rz_list_sort(), rz_list_split(), rz_list_split_iter(), rz_list_to_str(), rz_list_uniq(), rz_main_rz_bin(), rz_main_rz_gg(), rz_num_str_split_list(), rz_open_binary_list_ascii_handler(), rz_open_maps_list_ascii_handler(), rz_pkcs7_parse_signeddata(), rz_pkcs7_parse_signerinfo(), rz_reg_get_at(), rz_reg_next_diff(), rz_regex_get_match_list(), rz_regs_show_valgroup(), rz_regs_valgroup_handler(), rz_scan_strings(), rz_scan_strings_raw(), rz_seek_history_list_handler(), rz_skiplist_delete(), rz_skiplist_delete_node(), rz_skiplist_empty(), rz_skiplist_find(), rz_skiplist_find_geq(), rz_skiplist_find_leq(), rz_skiplist_free(), rz_skiplist_get_first(), rz_skiplist_get_geq(), rz_skiplist_get_leq(), rz_skiplist_get_n(), rz_skiplist_insert(), rz_skiplist_new(), rz_skiplist_node_free(), rz_skiplist_purge(), rz_skiplist_to_list(), rz_str_cmp_list(), rz_str_trim_lines(), rz_str_widget_list(), rz_sys_dir(), rz_syscall_list(), rz_syscmd_join(), rz_syscmd_sort(), rz_syscmd_uniq(), rz_table_filter_columns(), rz_table_query(), rz_table_visual_list(), rz_type_db_get_by_offset(), rz_type_path_by_offset(), rz_utf_block_list(), rz_w32_dbg_modules(), rz_x509_parse_tbscertificate(), rzfind_open_file(), sdb_fmt_array(), sdb_fmt_array_num(), sdb_foreach_list(), sdb_foreach_list_cb(), sdb_foreach_list_filter_cb(), sdb_foreach_list_filter_user(), sdb_foreach_match(), sdb_ns_free_all(), sdb_ns_sync(), sdb_querys(), search_string_thread_runner(), set_b(), show_analysis_classes(), show_class(), showmem(), showmem_json(), showregs(), showregs_json(), sortxrefs(), step_until_flag(), str_callback(), strings_print(), structured_member_walker(), symbols(), syscalls_dump(), disasm_mc::test_file(), test_mc::test_file(), regress::test_regression(), thumb_assemble(), try_free_empty_list(), ts_query_cursor__prepare_to_capture(), type_paths_collect_by_address_cb(), type_paths_collect_by_offset_cb(), ut64join(), var_add_structure_fields_to_list(), var_generate_list(), var_variables_show(), variable_rename(), variable_set_type(), w32_pid_list(), w32_thread_list(), windbg_pids(), windbg_threads(), xnu_dbg_maps(), xnu_dbg_modules(), xnu_thread_list(), xref_list_print_as_cmd(), xref_list_print_to_json(), xrefs_list_print(), and zone_load_cb().

◆ openfile()

static int openfile ( const char *  f,
int  x 
)
static

Definition at line 89 of file rz-gg.c.

89  {
90  int fd = open(f, O_RDWR | O_CREAT, 0644);
91  if (fd == -1) {
92  fd = open(f, O_RDWR);
93  if (fd == -1) {
94  return -1;
95  }
96  }
97 #if __UNIX__
98  if (x) {
99  fchmod(fd, 0755);
100  }
101 #endif
102 #if _MSC_VER
103  int r = _chsize(fd, 0);
104 #else
105  int r = ftruncate(fd, 0);
106 #endif
107  if (r != 0) {
108  eprintf("Could not resize\n");
109  }
110  close(1);
111  dup2(fd, 1);
112  return fd;
113 }
r
#define r
Definition: crypto_rc6.c:12
ftruncate
static static sync static getppid static getegid const char static filename char static len const char char static bufsiz static mask static vfork const void static prot static getpgrp const char static swapflags static arg static fd static protocol static who struct sockaddr static addrlen static backlog struct timeval struct timezone static tz const struct iovec static count static mode const void const struct sockaddr static tolen const char static pathname void static offset struct stat static buf void long static basep static whence ftruncate
Definition: sflib.h:113
fchmod
static static sync static getppid static getegid const char static filename char static len const char char static bufsiz static mask static vfork const void static prot static getpgrp const char static swapflags static arg static fd static protocol static who struct sockaddr static addrlen static backlog struct timeval struct timezone static tz const struct iovec static count fchmod
Definition: sflib.h:84
close
static static fork const void static count close
Definition: sflib.h:33
dup2
static static fork const void static count static fd const char static mode const char static pathname const char static path const char static dev const char static group static getpid static getuid void void static data static pause const char static mode static sync const char const char static newpath const char static pathname unsigned long static filedes void static end_data_segment static handler static getegid char static len static pgid const char static path dup2
Definition: sflib.h:94
x
int x
Definition: mipsasm.c:20
O_CREAT
#define O_CREAT
Definition: sftypes.h:489
O_RDWR
#define O_RDWR
Definition: sftypes.h:488
f
#define f(i)
Definition: sha256.c:46
fd
static const z80_opcode fd[]
Definition: z80_tab.h:997

References close, dup2, eprintf, f, fchmod, fd, ftruncate, O_CREAT, O_RDWR, r, and x.

Referenced by rz_main_rz_gg().

◆ rz_main_rz_gg()

RZ_API int rz_main_rz_gg ( int  argc,
const char **  argv 
)

Definition at line 116 of file rz-gg.c.

116  {
117  const char *file = NULL;
118  const char *padding = NULL;
119  const char *pattern = NULL;
120  const char *str = NULL;
121  char *bytes = NULL;
122  const char *contents = NULL;
123  const char *arch = RZ_SYS_ARCH;
124  const char *os = RZ_EGG_OS_NAME;
125  const char *format = "raw";
126  bool show_execute = false;
127  bool show_execute_rop = false;
128  int show_hex = 1;
129  int show_asm = 0;
130  int show_raw = 0;
131  int append = 0;
132  int show_str = 0;
133  ut64 get_offset = 0;
134  const char *shellcode = NULL;
135  const char *encoder = NULL;
136  char *sequence = NULL;
137  int bits = (RZ_SYS_BITS & RZ_SYS_BITS_64) ? 64 : 32;
138  int fmt = 0;
139  const char *ofile = NULL;
140  int ofileauto = 0;
141  RzBuffer *b;
142  int c, i, fd = -1;
143  RzEgg *egg = rz_egg_new();
144 
145  RzGetopt opt;
146  rz_getopt_init(&opt, argc, argv, "n:N:he:a:b:f:o:sxXrk:FOI:Li:c:p:P:B:C:vd:D:w:zq:S:");
147  while ((c = rz_getopt_next(&opt)) != -1) {
148  switch (c) {
149  case 'a':
150  arch = opt.arg;
151  if (!strcmp(arch, "trace")) {
152  show_asm = 1;
153  show_hex = 0;
154  }
155  break;
156  case 'e':
157  encoder = opt.arg;
158  break;
159  case 'b':
160  bits = atoi(opt.arg);
161  break;
162  case 'B':
163  bytes = rz_str_append(bytes, opt.arg);
164  break;
165  case 'C':
166  if (RZ_STR_ISEMPTY(opt.arg)) {
167  eprintf("Cannot open empty contents path\n");
168  free(sequence);
169  rz_egg_free(egg);
170  return 1;
171  }
172  contents = opt.arg;
173  break;
174  case 'w': {
175  char *arg = strdup(opt.arg);
176  char *p = strchr(arg, ':');
177  if (p) {
178  int len, off;
179  ut8 *b;
180  *p++ = 0;
181  off = rz_num_math(NULL, arg);
182  b = malloc(strlen(opt.arg) + 1);
183  len = rz_hex_str2bin(p, b);
184  if (len > 0) {
185  rz_egg_patch(egg, off, (const ut8 *)b, len);
186  } else {
187  eprintf("Invalid hexstr for -w\n");
188  }
189  free(b);
190  } else {
191  eprintf("Missing colon in -w\n");
192  }
193  free(arg);
194  } break;
195  case 'n':
196  case 'N': {
197  ut64 n = rz_num_math(NULL, opt.arg);
198  // TODO: support big endian too
199  // (this is always little because rz_egg_setup is further below)
200  rz_egg_patch_num(egg, -1, n, c == 'N' ? 64 : 32);
201  append = 1;
202  } break;
203  case 'd':
204  case 'D': {
205  char *p = strchr(opt.arg, ':');
206  if (p) {
207  *p = '\0';
208  ut64 n, off = rz_num_math(NULL, opt.arg);
209  *p = ':';
210  n = rz_num_math(NULL, p + 1);
211  // TODO: support big endian too
212  // (this is always little because rz_egg_setup is further below)
213  rz_egg_patch_num(egg, off, n, c == 'D' ? 64 : 32);
214  } else {
215  eprintf("Missing colon in -%c\n", c);
216  }
217  } break;
218  case 'S':
219  str = opt.arg;
220  break;
221  case 'o':
222  ofile = opt.arg;
223  break;
224  case 'O':
225  ofileauto = 1;
226  break;
227  case 'I':
228  if (RZ_STR_ISEMPTY(opt.arg)) {
229  eprintf("Cannot open empty include path\n");
230  free(sequence);
231  rz_egg_free(egg);
232  return 1;
233  }
234  rz_egg_lang_include_path(egg, opt.arg);
235  break;
236  case 'i':
237  shellcode = opt.arg;
238  break;
239  case 'p':
240  padding = opt.arg;
241  break;
242  case 'P':
243  pattern = opt.arg;
244  break;
245  case 'c': {
246  char *p = strchr(opt.arg, '=');
247  if (p) {
248  *p++ = 0;
249  rz_egg_option_set(egg, opt.arg, p);
250  } else {
251  rz_egg_option_set(egg, opt.arg, "true");
252  }
253  } break;
254  case 'F':
255 #if __APPLE__
256  format = "mach0";
257 #elif __WINDOWS__
258  format = "pe";
259 #else
260  format = "elf";
261 #endif
262  show_asm = 0;
263  break;
264  case 'f':
265  format = opt.arg;
266  show_asm = 0;
267  break;
268  case 's':
269  show_asm = 1;
270  show_hex = 0;
271  break;
272  case 'k':
273  os = opt.arg;
274  break;
275  case 'r':
276  show_raw = 1;
277  break;
278  case 'x':
279  // execute
280  show_execute = true;
281  break;
282  case 'X':
283  // execute rop chain
284  show_execute = 1;
285  show_execute_rop = 1;
286  break;
287  case 'L':
288  list(egg);
289  rz_egg_free(egg);
290  free(sequence);
291  return 0;
292  case 'h':
293  rz_egg_free(egg);
294  free(sequence);
295  return usage(1);
296  case 'v':
297  free(sequence);
298  rz_egg_free(egg);
299  return rz_main_version_print("rz-gg");
300  case 'z':
301  show_str = 1;
302  break;
303  case 'q':
304  get_offset = 1;
305  sequence = strdup(opt.arg);
306  break;
307  default:
308  free(sequence);
309  rz_egg_free(egg);
310  return 1;
311  }
312  }
313 
314  if (opt.ind == argc && !shellcode && !bytes && !contents && !encoder && !padding && !pattern && !append && !get_offset && !str) {
315  free(sequence);
316  rz_egg_free(egg);
317  return usage(0);
318  } else {
319  file = argv[opt.ind];
320  }
321 
322  if (bits == 64) {
323  if (!strcmp(format, "mach0")) {
324  format = "mach064";
325  } else if (!strcmp(format, "elf")) {
326  format = "elf64";
327  }
328  }
329 
330  // catch this first
331  if (get_offset) {
332  if (strncmp(sequence, "0x", 2)) {
333  eprintf("Need hex value with `0x' prefix e.g. 0x41414142\n");
334  free(sequence);
335  rz_egg_free(egg);
336  return 1;
337  }
338 
339  get_offset = rz_num_math(0, sequence);
340  printf("Little endian: %d\n", rz_debruijn_offset(0, NULL, get_offset, false));
341  printf("Big endian: %d\n", rz_debruijn_offset(0, NULL, get_offset, true));
342  free(sequence);
343  rz_egg_free(egg);
344  return 0;
345  }
346 
347  // initialize egg
348  rz_egg_setup(egg, arch, bits, 0, os);
349  if (file) {
350  if (RZ_STR_ISEMPTY(file)) {
351  eprintf("Cannot open empty path\n");
352  goto fail;
353  }
354  if (!strcmp(file, "-")) {
355  char buf[1024];
356  for (;;) {
357  if (!fgets(buf, sizeof(buf), stdin)) {
358  break;
359  }
360  if (feof(stdin)) {
361  break;
362  }
363  rz_egg_load(egg, buf, 0);
364  }
365  } else {
366  if (!rz_egg_load_file(egg, file)) {
367  eprintf("Cannot load file \"%s\"\n", file);
368  }
369  }
370  }
371 
372  // compile source code to assembly
373  if (!rz_egg_compile(egg)) {
374  if (!fmt) {
375  eprintf("rz_egg_compile: fail\n");
376  free(sequence);
377  rz_egg_free(egg);
378  return 1;
379  }
380  }
381 
382  // append the provided string
383  if (str) {
384  int l = strlen(str);
385  if (l > 0) {
386  rz_egg_raw(egg, (const ut8 *)str, l);
387  }
388  }
389 
390  // add raw file
391  if (contents) {
392  size_t l;
393  char *buf = rz_file_slurp(contents, &l);
394  if (buf && l > 0) {
395  rz_egg_raw(egg, (const ut8 *)buf, (int)l);
396  } else {
397  eprintf("Error loading '%s'\n", contents);
398  }
399  free(buf);
400  }
401 
402  // add shellcode
403  if (shellcode) {
404  if (!rz_egg_shellcode(egg, shellcode)) {
405  eprintf("Unknown shellcode '%s'\n", shellcode);
406  goto fail;
407  }
408  }
409 
410  // add raw bytes
411  if (bytes) {
412  ut8 *b = malloc(strlen(bytes) + 1);
413  int len = rz_hex_str2bin(bytes, b);
414  if (len > 0) {
415  if (!rz_egg_raw(egg, b, len)) {
416  eprintf("Unknown '%s'\n", shellcode);
417  free(b);
418  goto fail;
419  }
420  } else {
421  eprintf("Invalid hexpair string for -B\n");
422  }
423  free(b);
424  free(bytes);
425  bytes = NULL;
426  }
427 
428  /* set output (create output file if needed) */
429  if (ofileauto) {
430  if (file) {
431  char *o, *q, *p = strdup(file);
432  if ((o = strchr(p, '.'))) {
433  while ((q = strchr(o + 1, '.'))) {
434  o = q;
435  }
436  *o = 0;
437  fd = openfile(p, ISEXEC);
438  } else {
439  fd = openfile("a.out", ISEXEC);
440  }
441  free(p);
442  } else {
443  fd = openfile("a.out", ISEXEC);
444  }
445  if (fd == -1) {
446  eprintf("cannot open file '%s'\n", opt.arg);
447  goto fail;
448  }
449  close(fd);
450  }
451  if (ofile) {
452  fd = openfile(ofile, ISEXEC);
453  if (fd == -1) {
454  eprintf("cannot open file '%s'\n", ofile);
455  goto fail;
456  }
457  }
458 
459  // assemble to binary
460  if (!rz_egg_assemble(egg)) {
461  eprintf("rz_egg_assemble: invalid assembly\n");
462  goto fail;
463  }
464  if (encoder) {
465  if (!rz_egg_encode(egg, encoder)) {
466  eprintf("Invalid encoder '%s'\n", encoder);
467  goto fail;
468  }
469  }
470 
471  // add padding
472  if (padding) {
473  rz_egg_padding(egg, padding);
474  }
475 
476  // add pattern
477  if (pattern) {
478  rz_egg_pattern(egg, rz_num_math(NULL, pattern));
479  }
480 
481  // apply patches
482  if (!egg->bin) {
483  egg->bin = rz_buf_new_with_bytes(NULL, 0);
484  }
485  if (!rz_egg_get_bin(egg)) {
486  eprintf("rz_egg_get_bin: invalid egg :(\n");
487  goto fail;
488  }
489  rz_egg_finalize(egg);
490 
491  if (show_asm) {
492  printf("%s\n", rz_egg_get_assembly(egg));
493  }
494 
495  if (show_raw || show_hex || show_execute) {
496  if (show_execute) {
497  int r;
498  if (show_execute_rop) {
499  r = rz_egg_run_rop(egg);
500  } else {
501  r = rz_egg_run(egg);
502  }
503  rz_egg_free(egg);
504  return r;
505  }
506  b = rz_egg_get_bin(egg);
507  if (show_raw) {
508  ut64 blen;
509  const ut8 *tmp = rz_buf_data(b, &blen);
510  if (write(1, tmp, blen) != blen) {
511  eprintf("Failed to write buffer\n");
512  goto fail;
513  }
514  } else {
515  if (!format) {
516  eprintf("No format specified\n");
517  goto fail;
518  }
519  char *code = NULL;
520  ut64 tmpsz;
521  const ut8 *tmp = rz_buf_data(b, &tmpsz);
522  switch (*format) {
523  case 'c':
524  code = rz_lang_byte_array(tmp, tmpsz, RZ_LANG_BYTE_ARRAY_C_CPP_BYTES);
525  printf("%s\n", code);
526  free(code);
527  break;
528  case 'j': // json
529  code = rz_lang_byte_array(tmp, tmpsz, RZ_LANG_BYTE_ARRAY_JSON);
530  printf("%s\n", code);
531  free(code);
532  break;
533  case 'r':
534  if (show_str) {
535  printf("\"");
536  for (i = 0; i < tmpsz; i++) {
537  printf("\\x%02x", tmp[i]);
538  }
539  printf("\"\n");
540  } else if (show_hex) {
541  rz_buf_seek(b, 0, RZ_BUF_SET);
542  for (i = 0; i < tmpsz; i++) {
543  printf("%02x", tmp[i]);
544  }
545  printf("\n");
546  } // else show_raw is_above()
547  break;
548  case 'p': // PE
549  if (strlen(format) >= 2 && format[1] == 'y') { // Python
550  code = rz_lang_byte_array(tmp, tmpsz, RZ_LANG_BYTE_ARRAY_PYTHON);
551  printf("%s\n", code);
552  free(code);
553  }
554  break;
555  case 'e': // ELF
556  case 'm': // MACH0
557  create(format, arch, bits, tmp, tmpsz);
558  break;
559  default:
560  eprintf("unknown executable format (%s)\n", format);
561  goto fail;
562  }
563  }
564  }
565  if (fd != -1) {
566  close(fd);
567  }
568  free(sequence);
569  rz_egg_free(egg);
570  return 0;
571 fail:
572  if (fd != -1) {
573  close(fd);
574  }
575  free(sequence);
576  rz_egg_free(egg);
577  return 1;
578 }
len
size_t len
Definition: 6502dis.c:15
i
lzma_index ** i
Definition: index.h:629
bytes
static ut8 bytes[32]
Definition: asm_arc.c:23
get_offset
static ut64 get_offset(RzBinFile *bf, int type, int index)
Definition: bin_dex.c:206
ofile
static char * ofile
Definition: cmd_magic.c:9
append
#define append(x, y)
Definition: cmd_print.c:1740
rz_egg_shellcode
RZ_API int rz_egg_shellcode(RzEgg *egg, const char *name)
Definition: egg.c:538
rz_egg_run_rop
RZ_API int rz_egg_run_rop(RzEgg *egg)
Definition: egg.c:450
rz_egg_free
RZ_API void rz_egg_free(RzEgg *egg)
Definition: egg.c:111
rz_egg_finalize
RZ_API void rz_egg_finalize(RzEgg *egg)
Definition: egg.c:598
rz_egg_new
RZ_API RzEgg * rz_egg_new(void)
Definition: egg.c:44
rz_egg_patch_num
RZ_API bool rz_egg_patch_num(RzEgg *egg, int off, ut64 num, ut32 bits)
Definition: egg.c:591
rz_egg_load_file
RZ_API bool rz_egg_load_file(RzEgg *egg, const char *file)
Definition: egg.c:214
rz_egg_padding
RZ_API int rz_egg_padding(RzEgg *egg, const char *pad)
Definition: egg.c:472
rz_egg_run
RZ_API int rz_egg_run(RzEgg *egg)
Definition: egg.c:443
rz_egg_patch
RZ_API int rz_egg_patch(RzEgg *egg, int off, const ut8 *buf, int len)
Definition: egg.c:576
rz_egg_pattern
RZ_API void rz_egg_pattern(RzEgg *egg, int size)
Definition: egg.c:625
rz_egg_get_assembly
RZ_API char * rz_egg_get_assembly(RzEgg *egg)
Definition: egg.c:434
rz_egg_encode
RZ_API int rz_egg_encode(RzEgg *egg, const char *name)
Definition: egg.c:558
rz_egg_compile
RZ_API int rz_egg_compile(RzEgg *egg)
Definition: egg.c:394
rz_egg_get_bin
RZ_API RzBuffer * rz_egg_get_bin(RzEgg *egg)
Definition: egg.c:423
rz_egg_option_set
RZ_API void rz_egg_option_set(RzEgg *egg, const char *key, const char *val)
Definition: egg.c:530
rz_egg_load
RZ_API void rz_egg_load(RzEgg *egg, const char *code, int format)
Definition: egg.c:202
rz_egg_assemble
RZ_API bool rz_egg_assemble(RzEgg *egg)
Definition: egg.c:390
rz_egg_setup
RZ_API bool rz_egg_setup(RzEgg *egg, const char *arch, int bits, int endian, const char *os)
Definition: egg.c:139
rz_egg_raw
RZ_API int rz_egg_raw(RzEgg *egg, const ut8 *b, int len)
Definition: egg.c:281
rz_egg_lang_include_path
RZ_API void rz_egg_lang_include_path(RzEgg *egg, const char *path)
Definition: egg_lang.c:149
free
RZ_API void Ht_() free(HtName_(Ht) *ht)
Definition: ht_inc.c:130
buf
voidpf void * buf
Definition: ioapi.h:138
openfile
static int openfile(const char *f, int x)
Definition: rz-gg.c:89
usage
static int usage(int v)
Definition: rz-gg.c:10
ISEXEC
#define ISEXEC
Definition: rz-gg.c:114
create
static int create(const char *format, const char *arch, int bits, const ut8 *code, int codelen)
Definition: rz-gg.c:69
list
static void list(RzEgg *egg)
Definition: rz-gg.c:52
malloc
void * malloc(size_t size)
Definition: malloc.c:123
argv
static static fork const void static count static fd const char const char static newpath char char argv
Definition: sflib.h:40
strdup
return strdup("=SP r13\n" "=LR r14\n" "=PC r15\n" "=A0 r0\n" "=A1 r1\n" "=A2 r2\n" "=A3 r3\n" "=ZF zf\n" "=SF nf\n" "=OF vf\n" "=CF cf\n" "=SN or0\n" "gpr lr .32 56 0\n" "gpr pc .32 60 0\n" "gpr cpsr .32 64 0 ____tfiae_________________qvczn\n" "gpr or0 .32 68 0\n" "gpr tf .1 64.5 0 thumb\n" "gpr ef .1 64.9 0 endian\n" "gpr jf .1 64.24 0 java\n" "gpr qf .1 64.27 0 sticky_overflow\n" "gpr vf .1 64.28 0 overflow\n" "gpr cf .1 64.29 0 carry\n" "gpr zf .1 64.30 0 zero\n" "gpr nf .1 64.31 0 negative\n" "gpr itc .4 64.10 0 if_then_count\n" "gpr gef .4 64.16 0 great_or_equal\n" "gpr r0 .32 0 0\n" "gpr r1 .32 4 0\n" "gpr r2 .32 8 0\n" "gpr r3 .32 12 0\n" "gpr r4 .32 16 0\n" "gpr r5 .32 20 0\n" "gpr r6 .32 24 0\n" "gpr r7 .32 28 0\n" "gpr r8 .32 32 0\n" "gpr r9 .32 36 0\n" "gpr r10 .32 40 0\n" "gpr r11 .32 44 0\n" "gpr r12 .32 48 0\n" "gpr r13 .32 52 0\n" "gpr r14 .32 56 0\n" "gpr r15 .32 60 0\n" "gpr r16 .32 64 0\n" "gpr r17 .32 68 0\n")
n
int n
Definition: mipsasm.c:19
cmd_descs_generate.str
str
Definition: cmd_descs_generate.py:785
off
int off
Definition: pal.c:13
rz_buf_seek
RZ_API st64 rz_buf_seek(RZ_NONNULL RzBuffer *b, st64 addr, int whence)
Modify the current cursor position in the buffer.
Definition: buf.c:1166
RZ_BUF_SET
#define RZ_BUF_SET
Definition: rz_buf.h:14
rz_buf_new_with_bytes
RZ_API RZ_OWN RzBuffer * rz_buf_new_with_bytes(RZ_NULLABLE RZ_BORROW const ut8 *bytes, ut64 len)
Creates a new buffer with a bytes array.
Definition: buf.c:465
rz_debruijn_offset
RZ_API int rz_debruijn_offset(int start, const char *charset, ut64 value, bool is_big_endian)
Finds the offset of a given value in a debrujn sequence.
Definition: debruijn.c:112
RZ_EGG_OS_NAME
#define RZ_EGG_OS_NAME
Definition: rz_egg.h:148
rz_file_slurp
RZ_API RZ_OWN char * rz_file_slurp(const char *str, RZ_NULLABLE size_t *usz)
Definition: file.c:454
rz_getopt_init
RZ_API void rz_getopt_init(RzGetopt *go, int argc, const char **argv, const char *ostr)
Definition: getopt.c:17
rz_getopt_next
RZ_API int rz_getopt_next(RzGetopt *opt)
Definition: getopt.c:29
rz_hex_str2bin
RZ_API int rz_hex_str2bin(const char *in, ut8 *out)
Convert an input string in into the binary form in out.
Definition: hex.c:444
rz_lang_byte_array
RZ_API RZ_OWN char * rz_lang_byte_array(RZ_NONNULL const ut8 *buffer, size_t size, RzLangByteArrayType type)
RZ_LANG_BYTE_ARRAY_C_CPP_BYTES
@ RZ_LANG_BYTE_ARRAY_C_CPP_BYTES
Definition: rz_lang_byte_array.h:14
RZ_LANG_BYTE_ARRAY_PYTHON
@ RZ_LANG_BYTE_ARRAY_PYTHON
Definition: rz_lang_byte_array.h:27
RZ_LANG_BYTE_ARRAY_JSON
@ RZ_LANG_BYTE_ARRAY_JSON
Definition: rz_lang_byte_array.h:23
rz_main_version_print
RZ_API int rz_main_version_print(const char *program)
Definition: main.c:49
rz_num_math
RZ_API ut64 rz_num_math(RzNum *num, const char *str)
Definition: unum.c:456
rz_str_append
RZ_API char * rz_str_append(char *ptr, const char *string)
Definition: str.c:1063
RZ_STR_ISEMPTY
#define RZ_STR_ISEMPTY(x)
Definition: rz_str.h:67
RZ_SYS_BITS_64
@ RZ_SYS_BITS_64
Definition: rz_sys.h:21
RZ_SYS_BITS
#define RZ_SYS_BITS
Definition: rz_types.h:520
RZ_SYS_ARCH
#define RZ_SYS_ARCH
Definition: rz_types.h:519
c
#define c(i)
Definition: sha256.c:43
file
Definition: gzappend.c:170
rz_egg_t
Definition: rz_egg.h:93
rz_egg_t::bin
RzBuffer * bin
Definition: rz_egg.h:96
rz_getopt_t
Definition: rz_getopt.h:10
rz_getopt_t::ind
int ind
Definition: rz_getopt.h:12
rz_getopt_t::arg
const char * arg
Definition: rz_getopt.h:15
fail
#define fail(test)
Definition: tests.h:29

References append, arch, rz_getopt_t::arg, argv, b, rz_egg_t::bin, bits(), bytes, c, close, create(), eprintf, fail, fd, free(), get_offset(), i, rz_getopt_t::ind, ISEXEC, len, list(), malloc(), n, NULL, off, ofile, openfile(), p, printf(), r, rz_buf_data(), rz_buf_new_with_bytes(), rz_buf_seek(), RZ_BUF_SET, rz_debruijn_offset(), rz_egg_assemble(), rz_egg_compile(), rz_egg_encode(), rz_egg_finalize(), rz_egg_free(), rz_egg_get_assembly(), rz_egg_get_bin(), rz_egg_lang_include_path(), rz_egg_load(), rz_egg_load_file(), rz_egg_new(), rz_egg_option_set(), RZ_EGG_OS_NAME, rz_egg_padding(), rz_egg_patch(), rz_egg_patch_num(), rz_egg_pattern(), rz_egg_raw(), rz_egg_run(), rz_egg_run_rop(), rz_egg_setup(), rz_egg_shellcode(), rz_file_slurp(), rz_getopt_init(), rz_getopt_next(), rz_hex_str2bin(), rz_lang_byte_array(), RZ_LANG_BYTE_ARRAY_C_CPP_BYTES, RZ_LANG_BYTE_ARRAY_JSON, RZ_LANG_BYTE_ARRAY_PYTHON, rz_main_version_print(), rz_num_math(), rz_str_append(), RZ_STR_ISEMPTY, RZ_SYS_ARCH, RZ_SYS_BITS, RZ_SYS_BITS_64, cmd_descs_generate::str, strdup(), autogen_x86imm::tmp, usage(), ut64(), and write.

Referenced by MAIN_NAME(), and rz_main_rizin().

◆ usage()

static int usage ( int  v)
static

Definition at line 10 of file rz-gg.c.

10  {
11  printf("Usage: rz-gg [-FOLsrxhvz] [-a arch] [-b bits] [-k os] [-o file] [-I path]\n"
12  " [-i sc] [-e enc] [-B hex] [-c k=v] [-C file] [-p pad] [-q off]\n"
13  " [-S string] [-f fmt] [-nN dword] [-dDw off:hex] file|f.asm|-\n");
14  if (v) {
15  printf(
16  " -a [arch] select architecture (x86, mips, arm)\n"
17  " -b [bits] register size (32, 64, ..)\n"
18  " -B [hexpairs] append some hexpair bytes\n"
19  " -c [k=v] set configuration options\n"
20  " -C [file] append contents of file\n"
21  " -d [off:dword] patch dword (4 bytes) at given offset\n"
22  " -D [off:qword] patch qword (8 bytes) at given offset\n"
23  " -e [encoder] use specific encoder. see -L\n"
24  " -f [format] output format (raw, c, pe, elf, mach0, python, javascript)\n"
25  " -F output native format (osx=mach0, linux=elf, ..)\n"
26  " -h show this help\n"
27  " -i [shellcode] include shellcode plugin, uses options. see -L\n"
28  " -I [path] add include path\n"
29  " -k [os] operating system's kernel (linux,bsd,osx,w32)\n"
30  " -L list all plugins (shellcodes and encoders)\n"
31  " -n [dword] append 32bit number (4 bytes)\n"
32  " -N [dword] append 64bit number (8 bytes)\n"
33  " -o [file] output file\n"
34  " -O use default output file (filename without extension or a.out)\n"
35  " -p [padding] add padding after compilation (padding=n10s32)\n"
36  " ntas : begin nop, trap, 'a', sequence\n"
37  " NTAS : same as above, but at the end\n"
38  " -P [size] prepend debruijn pattern\n"
39  " -q [fragment] debruijn pattern offset\n"
40  " -r show raw bytes instead of hexpairs\n"
41  " -s show assembler\n"
42  " -S [string] append a string\n"
43  " -v show version\n"
44  " -w [off:hex] patch hexpairs at given offset\n"
45  " -x execute\n"
46  " -X [hexpairs] execute rop chain, using the stack provided\n"
47  " -z output in C string syntax\n");
48  }
49  return 1;
50 }
v
const char * v
Definition: dsignal.c:12

References printf(), and v.

Referenced by rz_main_rz_gg().