diff --git a/notes/todo.md b/notes/todo.md new file mode 100644 index 0000000..013aa18 --- /dev/null +++ b/notes/todo.md @@ -0,0 +1,9 @@ +To Do + +Code injection + - Have a script with 3 functions, (main, funcA, funcB), and replace refs to funcA with funcB + - Trampoline definitions of a function to a new modified function that gets places in memory + - + +Injected code: 0x680 +Call: 0x1160 \ No newline at end of file diff --git a/src/patcher.rs b/src/patcher.rs index 2b9aa42..dd30245 100644 --- a/src/patcher.rs +++ b/src/patcher.rs @@ -37,8 +37,7 @@ pub fn patch_binary(binary_contents: Vec, binary_name: String, patch_file_pa file.write_all(&bytes) .expect("[Error] Could not write to patched binary file"); - - file.flush(); + } @@ -57,11 +56,11 @@ fn parse_patch_file(patch_path: &String) -> HashMap>{ for line in contents { let unwrapped = line.unwrap(); - if unwrapped.trim().starts_with("#") { - + if unwrapped.trim().starts_with("#") || unwrapped.is_empty() { + //Skip } else { let mut statement = unwrapped.split(":"); - let address: usize = statement.next().unwrap().trim().parse::().unwrap(); + let address: usize = util::hex_to_int(statement.next().unwrap().trim()).unwrap(); let data: &str = statement.next().unwrap().trim(); if !data.is_empty() { @@ -85,7 +84,7 @@ fn parse_patch_file(patch_path: &String) -> HashMap>{ } else { // Data is comma seperated list or a single value let byte_str: String = data.replace(",", ""); - let bytes: Vec = util::decode_hex(&byte_str).unwrap(); + let bytes: Vec = util::hex_to_buff(&byte_str).unwrap(); print!("{}: ", address); diff --git a/src/util.rs b/src/util.rs index 93fb05f..cf47695 100644 --- a/src/util.rs +++ b/src/util.rs @@ -348,9 +348,14 @@ pub fn read_lines(filename: String) -> io::Lines> { // Borrowed from the following Stack Overflow post // https://stackoverflow.com/questions/52987181/how-can-i-convert-a-hex-string-to-a-u8-slice -pub fn decode_hex(s: &str) -> Result, ParseIntError> { +pub fn hex_to_buff(s: &str) -> Result, ParseIntError> { (0..s.len()) .step_by(2) .map(|i| u8::from_str_radix(&s[i..i + 2], 16)) .collect() +} + + +pub fn hex_to_int(s: &str) -> Result { + return usize::from_str_radix(s, 16) } \ No newline at end of file diff --git a/testing/hello_patched b/testing/hello_patched index 7cf478a..899b49d 100755 Binary files a/testing/hello_patched and b/testing/hello_patched differ diff --git a/testing/patches/hello.patch b/testing/patches/hello.patch index 04a869b..9334b7d 100644 --- a/testing/patches/hello.patch +++ b/testing/patches/hello.patch @@ -1,3 +1,14 @@ -8196 : "Hello, Patch!" -#20041 : DE,AD,BE,EF -#45620 : 00,01,02,03 \ No newline at end of file +# Trampoline segment +# Pushes and returns to 0x116b +#3f80 : 48C7C00100000048C7C70100000048C7C68007000048C7C20D0000000F05686B110000C3 +# No syscall +1190 : 48C7C00100000048C7C70100000048C7C6C011000048C7C20D000000686B110000C3 + +# String data to print from trampoline instruction +11C0 : "Hello, World!" + +# Initial jump to trampoline +#1160 : 6880060000C3 +#1160 : 6890110000C3 + +2004 : "Hello, Patch!" \ No newline at end of file diff --git a/testing/src/functions.c b/testing/src/functions.c new file mode 100644 index 0000000..ecd0424 --- /dev/null +++ b/testing/src/functions.c @@ -0,0 +1,12 @@ +int main() { + + return 0; +} + +int my_function() { + return 0; +} + +int another_function() { + return 0; +} \ No newline at end of file