-
Notifications
You must be signed in to change notification settings - Fork 6
/
Copy pathgolang_helper.py
96 lines (77 loc) · 2.95 KB
/
golang_helper.py
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
import r2pipe
class GoLangHelper:
def __init__(self,r2):
self.r2 = r2
self.PTR_SIZE = self.r2.cmdj('ij')['bin']['bits'] // 8
self.gop = None
def is_gopclntab_defined(self, sections):
for section in sections:
if section['name'] == '.gopclntab':
return section
return False
def get_gopclntab(self):
sections = self.r2.cmdj('iSj')
has_gop = self.is_gopclntab_defined(sections)
if has_gop:
print("gopclntab is defined")
self.gop = has_gop['vaddr']
return self.gop
else:
print("gopclntab not defined, searching...")
self.gop = self.find_gopclntab()
return self.gop
def find_gopclntab(self):
magic = 'fbffffff'
results = self.r2.cmdj('/xj {}'.format(magic))
for r in results:
is_gop = self.is_gopclntab(r['offset'])
if is_gop:
print('found gopclntab')
return r['offset']
print('gopclntab not found')
return None
def get_pointer(self, addr, size=None):
if size:
return int(self.r2.cmd('pv{} @ {}'.format(size, addr)),16)
else:
return int(self.r2.cmd('pv @ {}'.format(addr)),16)
def is_gopclntab(self, offset):
entry = self.get_pointer(offset+8+self.PTR_SIZE)
entry_offset = self.get_pointer(offset+8+self.PTR_SIZE*2)
entry_loc = self.get_pointer(offset+entry_offset)
if entry == entry_loc:
return True
return False
def rename_functions(self):
base = self.gop
size_addr = base + 8
size = self.get_pointer(size_addr)
start = size_addr + self.PTR_SIZE
end = base + (size * self.PTR_SIZE * 2)
for addr in range(start, end, (2*self.PTR_SIZE)):
func_addr = self.get_pointer(addr)
offset = self.get_pointer(addr + self.PTR_SIZE)
name_str_off = self.get_pointer(base + offset + self.PTR_SIZE)
name_addr = base + name_str_off
name = self.r2.cmd('psz @ {}'.format(name_addr))
name = self.format_name(name)
if name and len(name) > 2:
print('Found name {} at 0x{:x}'.format(name, func_addr))
funcinfo = self.r2.cmdj('afij {}'.format(func_addr))
self.r2.cmd('af{} {} {}'.format('n' if funcinfo else '',
name, func_addr))
def format_name(self, name):
name = name.replace('(', '')
name = name.replace(')', '')
name = name.replace('*', '')
name = name.replace('/', '.')
name = name.replace(' ', '.')
name = name.replace(';', '.')
name = name.replace(',', '.')
return name.strip()
if __name__ == '__main__':
r2 = r2pipe.open()
helper = GoLangHelper(r2)
gopclntab = helper.get_gopclntab()
print(gopclntab)
helper.rename_functions()